Weekly Intelligence Snapshot – Week 40

This week, we analyze new espionage-driven campaigns related to the Lazarus/ZINC activity cluster.
Weekly Intelligence Summary from QuoIntelligence

QuoIntelligence’s Weekly Intelligence Snapshot for the week of 29 Sep – 05 Oct is now available! Find a summary here and subscribe to our mailing list below if you want to receive regular updates from us!

Want to read the full story? Subscribe to our newsletter to access the complete Weekly Intelligence Snapshot. Don’t miss out on more intelligence!

Cyber Highlights

Current Threat

Lazarus: Researchers Reveal Open-Source Software Exploitation

Industries impacted: Communication Services, Government, Information Technology

Recent reporting from ESET and Microsoft revealed campaigns related to the Lazarus/ZINC activity cluster, where open source software is trojanized to serve as a loader for custom implants. According to the researchers, the campaign targets defense, media, aerospace, and IT industries in Europe, US, India, and Russia. The attackers’ goal is espionage through the exfiltration of data.

Rollups:

Industry impacted: Industrials

  • VirtualPITA And VirtualPIE Malware Discovered Impacting VMWare Hypervisors
  • Microsoft Exchange Server Zero-Day Vulnerability Exploited In The Wild
  • REvil: Account Of The Arrests And Recent Reemergence Of The Cybercriminal Empire
  • Bumblebee: Continued Improvements In Capacity And Techniques Emperor Dragonfly: Night Sky And Cheerscrypt As Single Ransomware Group
  • BlackByte Ransomware Disables EDR Solutions Via Driver Vulnerabily
  • Former Uber CISO Convicted Of Covering Up 2016 Data Breach

Geo Highlights

The EU Struggles to Achieve Digital Sovereignty

Industry impacted: Information Technology

As the importance of digital technologies and services, including cloud computing, grows, European governments, companies, and citizens face limited choice when it comes to European providers. QuoIntelligence analyzes the risks related to the EU’s struggle to achieve digital sovereignty and assert a strategy regarding internet governance.

Rollups 

Industries impacted: Energy, Financials, Government, Information Technology

  • North Korea Conducts Longest-range Missile Test Yet Over Japan
  • The UK Payment System Regulator Sets Out Proposals To Give Greater Protection Against APP Scams
  • White House Proposes Non-binding AI Guidelines to Mitigate Risks, Limits Chinese Access to its AI, Semiconductor Market
  • Iran Faces Most Important Civil Unrest in Years, Blames Unrest on US, Israel
  • Data Access Agreement Begins Between The US And The UK On New Data Sharing Rules For Investigations
  • In Spite Of Legal Challenges, The UK Continues To Support Deportation Of Asylum Seekers To Rwanda
  • Germany Says Nord Stream Pipelines Leaks Were Possibly State Actors’ Targeted Acts of Sabotage, Warns of Further Sabotage

 

Community Area

Outlook

  • 7 October – Informal meeting of EU heads of state
  • 10 October – ISC2 Security Congress 2022

New PREMIUM Product

  • 30 September – Mustang Panda Procedure for Delivery of PLUGX Malware

Latest Reports (only available to Premium Customers):

  • 19 September – BERSERK BEAR Activity Cluster
  • 28 September – China Continues to Resort to Espionage Amid Tense Geopolitical Landscape

Interested in becoming a premium customer? Let’s talk

 

Interested in becoming a premium customer?

Unlock exclusive benefits by becoming a premium customer

Share this article:

Weekly Intelligence Snapshot – Week 40

Share this article:

Related Posts

Subscribe To Our
Weekly Newsletter

Subscribe to our newsletter to receive Weekly Intelligence Summaries, cyber news, and exciting updates.