QuoIntelligence’s Weekly Intelligence Snapshot for the week of 27 Oct – 02 Nov is now available! Find a summary here and subscribe to our mailing list below if you want to receive regular updates from us!
Want to read the full story? Subscribe to our newsletter to access the complete Weekly Intelligence Snapshot. Don’t miss out on more intelligence!
Cyber Highlights:
Current threat
Raspberry Robin Potentially Operating as Initial Access Broker
Researchers from Microsoft recently reported about the Raspberry Robin worm being part of a wider malware ecosystem linked to other families. While the threat was already described as a cluster of activity in the original report of Raspberry Robin’s discovery, additional relations were discovered involving the threat actor known as TA505/FIN11, and malware families such as Bumblebee, IceID and Truebot.
Rollups:
Industries impacted: Financials, Materials
- Over 130,000 Banking Trojans Found On Google Play Store
- Cranefly Using Web Server Logs to Activate Malware Dropper
- APT10: Evolved LODEINFO Backdoor
- German Copper Producer Aurubis Announces Cyber Attack
- Critical Code Injection Vulnerability in Azure CLI
- OpenSSL Announces a Patch for an Undisclosed Critical Vulnerability
Geo Highlights
Increased Legal and Reputational Risks For Organizations Over the War in Ukraine
Industry impacted: Information Technology
Due to Western sanctions, Russia has to find alternative ways to covertly supply its military-industrial complex with a wide range of Western technologies as the war in Ukraine drags on. Therefore, Western companies are increasingly exposed to the legal risks of sanctions evasion as well as the reputational risks of being accused of participating in Russia’s war effort. QuoIntelligence analyzes the different tactics Russian intelligence services have been using to acquire Western dual use technologies since Russia’s invasion of Ukraine and the risks this poses for Western organizations.
Rollups
Industries impacted: Energy, Government, Industrials, Information Technology
- The US Encourages its Allies to Impose Export Restrictions on China to Increase National and Regional Security
- UK’s Cybersecurity Annual Review Says Main Threat to UK Still E-Crime, Reveals Support to Ukraine
- Germany Finalized Details of Gas Price Cap
- Increased Oversight Over Chinese Investment Infrastructure in EU Countries
- Twitter’s Policy Changes: Cybersecurity and Political Implications
Community Area
Outlook
- 4 November – US Consulate General Frankfurt Cyber Security Conference
Our new VP Threat Advisory Jörg Schauff is a contributor to the US Consulate’s Cyber Security Conference 2022 — Combatting Ransomware & The Cybercrime Supply Chain — in Frankfurt . Moderated by Grant Waterfall (PwC), his panel session focuses on Active Cyber Security Defense - 6 November – UN Climate Change Conference COP27
- 8 November – Cyber Security Strategy Summit
Latest Mercury Newsletter
(Available to Customers only)
- 2 November – New Mercury Milestone Reached!
All the functionality of Mercury Legacy now available in the beta version of the new Mercury.
New feature – Nested Comments in Alerts
Maintain discussions with our analysts in the Brand Protection, Vulnerabilities Intelligence and Service Requests alerts.
Latest Blog
- 11 October – ERMAC 2.0 Evades MFA to Steal Banking Credentials of Over 400 Android Apps
ERMAC 2.0, one of the most active Trojans in 2022, captures credentials from over 400 android applications and circumvents MFA authentication.
Interested in becoming a premium customer? Let’s talk