Weekly Intelligence Snapshot – Week 44

Microsoft reports the RaspberryRobin worm is now part of a malware ecosystem and one of the largest active malware distribution platforms (distributing Bumblebee, IceID, Truebot).
Weekly Intelligence Summary from QuoIntelligence

QuoIntelligence’s Weekly Intelligence Snapshot for the week of 27 Oct – 02 Nov is now available! Find a summary here and subscribe to our mailing list below if you want to receive regular updates from us!

Want to read the full story? Subscribe to our newsletter to access the complete Weekly Intelligence Snapshot. Don’t miss out on more intelligence!

Cyber Highlights:

Current threat

Raspberry Robin Potentially Operating as Initial Access Broker

Researchers from Microsoft recently reported about the Raspberry Robin worm being part of a wider malware ecosystem linked to other families. While the threat was already described as a cluster of activity in the original report of Raspberry Robin’s discovery, additional relations were discovered involving the threat actor known as TA505/FIN11, and malware families such as Bumblebee, IceID and Truebot.

Rollups:

Industries impacted: Financials, Materials

  • Over 130,000 Banking Trojans Found On Google Play Store
  • Cranefly Using Web Server Logs to Activate Malware Dropper
  • APT10: Evolved LODEINFO Backdoor
  • German Copper Producer Aurubis Announces Cyber Attack
  • Critical Code Injection Vulnerability in Azure CLI
  • OpenSSL Announces a Patch for an Undisclosed Critical Vulnerability

Geo Highlights

Increased Legal and Reputational Risks For Organizations Over the War in Ukraine

Industry impacted: Information Technology

Due to Western sanctions, Russia has to find alternative ways to covertly supply its military-industrial complex with a wide range of Western technologies as the war in Ukraine drags on. Therefore, Western companies are increasingly exposed to the legal risks of sanctions evasion as well as the reputational risks of being accused of participating in Russia’s war effort. QuoIntelligence analyzes the different tactics Russian intelligence services have been using to acquire Western dual use technologies since Russia’s invasion of Ukraine and the risks this poses for Western organizations.

Rollups 

Industries impacted: Energy, Government, Industrials, Information Technology

  • The US Encourages its Allies to Impose Export Restrictions on China to Increase National and Regional Security
  • UK’s Cybersecurity Annual Review Says Main Threat to UK Still E-Crime, Reveals Support to Ukraine
  • Germany Finalized Details of Gas Price Cap
  • Increased Oversight Over Chinese Investment Infrastructure in EU Countries
  • Twitter’s Policy Changes: Cybersecurity and Political Implications

 

Community Area

Outlook

  • 4 November – US Consulate General Frankfurt Cyber Security Conference
    Our new VP Threat Advisory Jörg Schauff is a contributor to the US Consulate’s Cyber Security Conference 2022 — Combatting Ransomware & The Cybercrime Supply Chain — in Frankfurt . Moderated by Grant Waterfall (PwC), his panel session focuses on Active Cyber Security Defense
  • 6 November – UN Climate Change Conference COP27
  • 8 November – Cyber Security Strategy Summit

Latest Mercury Newsletter

(Available to Customers only)

  • 2 November – New Mercury Milestone Reached!
    All the functionality of Mercury Legacy now available in the beta version of the new Mercury.
    New feature – Nested Comments in Alerts
    Maintain discussions with our analysts in the Brand Protection, Vulnerabilities Intelligence and Service Requests alerts.

 

Latest Blog

    Interested in becoming a premium customer? Let’s talk

     

    Interested in becoming a premium customer?

    Unlock exclusive benefits by becoming a premium customer

    Share this article:

    Weekly Intelligence Snapshot – Week 44

    Share this article:

    Related Posts

    Subscribe To Our
    Weekly Newsletter

    Subscribe to our newsletter to receive Weekly Intelligence Summaries, cyber news, and exciting updates.