QuoIntelligence’s Weekly Intelligence Snapshot for the week of 29 Sep – 05 Oct is now available! Find a summary here and subscribe to our mailing list below if you want to receive regular updates from us!
Want to read the full story? Subscribe to our newsletter to access the complete Weekly Intelligence Snapshot. Don’t miss out on more intelligence!
Cyber Highlights
Current Threat
Lazarus: Researchers Reveal Open-Source Software Exploitation
Industries impacted: Communication Services, Government, Information Technology
Recent reporting from ESET and Microsoft revealed campaigns related to the Lazarus/ZINC activity cluster, where open source software is trojanized to serve as a loader for custom implants. According to the researchers, the campaign targets defense, media, aerospace, and IT industries in Europe, US, India, and Russia. The attackers’ goal is espionage through the exfiltration of data.
Rollups:
Industry impacted: Industrials
- VirtualPITA And VirtualPIE Malware Discovered Impacting VMWare Hypervisors
- Microsoft Exchange Server Zero-Day Vulnerability Exploited In The Wild
- REvil: Account Of The Arrests And Recent Reemergence Of The Cybercriminal Empire
- Bumblebee: Continued Improvements In Capacity And Techniques Emperor Dragonfly: Night Sky And Cheerscrypt As Single Ransomware Group
- BlackByte Ransomware Disables EDR Solutions Via Driver Vulnerabily
- Former Uber CISO Convicted Of Covering Up 2016 Data Breach
Geo Highlights
The EU Struggles to Achieve Digital Sovereignty
Industry impacted: Information Technology
As the importance of digital technologies and services, including cloud computing, grows, European governments, companies, and citizens face limited choice when it comes to European providers. QuoIntelligence analyzes the risks related to the EU’s struggle to achieve digital sovereignty and assert a strategy regarding internet governance.
Rollups
Industries impacted: Energy, Financials, Government, Information Technology
- North Korea Conducts Longest-range Missile Test Yet Over Japan
- The UK Payment System Regulator Sets Out Proposals To Give Greater Protection Against APP Scams
- White House Proposes Non-binding AI Guidelines to Mitigate Risks, Limits Chinese Access to its AI, Semiconductor Market
- Iran Faces Most Important Civil Unrest in Years, Blames Unrest on US, Israel
- Data Access Agreement Begins Between The US And The UK On New Data Sharing Rules For Investigations
- In Spite Of Legal Challenges, The UK Continues To Support Deportation Of Asylum Seekers To Rwanda
- Germany Says Nord Stream Pipelines Leaks Were Possibly State Actors’ Targeted Acts of Sabotage, Warns of Further Sabotage
Community Area
Outlook
- 7 October – Informal meeting of EU heads of state
- 10 October – ISC2 Security Congress 2022
New PREMIUM Product
- 30 September – Mustang Panda Procedure for Delivery of PLUGX Malware
Latest Reports (only available to Premium Customers):
- 19 September – BERSERK BEAR Activity Cluster
- 28 September – China Continues to Resort to Espionage Amid Tense Geopolitical Landscape
Interested in becoming a premium customer? Let’s talk