QuoIntelligence’s Weekly Intelligence Snapshot for the week of 03 – 09 Nov is now available! Find a summary here and subscribe to our mailing list below if you want to receive regular updates from us!

Want to read the full story? Subscribe to our newsletter to access the complete Weekly Intelligence Snapshot. Don’t miss out on more intelligence!

Cyber Highlights

Current threat

LockBit 3.0 Being Distributed via Amadey Bot

ASEC Analysis Team has observed LockBit 3.0 ransomware being deployed through Amadey Bot. Amadey is an infostealer botnet offered for sale on underground forums. It was first discovered by BlackBerry Research & Intelligence Team in 2018.


Microsoft November Patch Tuesday Addresses 64 Flaws, Including 6 Actively Exploited Zero-Days

Microsoft has released its monthly Patch Tuesday security update, which includes fixes for six actively exploited zero-day vulnerabilities. The patch remediates 68 flaws, with 11 being classified as critical. Impacted products include Microsoft Windows, Microsoft Office, Microsoft Exchange Server, and Microsoft Edge. Other vendors who have also released important security updates this Patch Tuesday include SAP, Citrix, and VMware. CISA has released three seperate advisories regarding flaws in industrial control systems.


Industries impacted: Communication Services, Financials, Government, Industrials

  • ENISA Releases Threat Landscape Trends Report
  • OPERA1ER Group Attacks Banks And Telecommunication Companies For Financial Gain
  • Crimson Kingsnake: BEC Group Impersonates International Law Firms
  • Robin Banks PhaaS Returns Online With New Russian-Based Infrastructure
  • Microsoft Reports Increase In Attacks In Critical Infrastructure and Zero-day Exploitation
  • SocGholish Expands Malware Staging Infrastructure
  • Increased Activity Of Emotet Spam Campaigns

Geo Highlights

Rising Tensions in the Korean Peninsula Risks Escalation in the Region and Increased North Korean APT Cyberactivity

Industry impacted: Government

Tensions in the Korean Peninsula are rising, as North Korea continues to launch new missiles tests reaching a record number of missiles fired in 2022. QuoIntelligence analyzes the risk that escalating tensions with North Korea poses for global security, and how increased North Korean military activity is also likely to reflect in the cyberspace, as North Korean-sponsored Advanced Persistent Threats (APTs) continue to be active, including Lazarus, APT38, and Cerium APTs.


Industries impacted: Consumer Discretionary, Financials, Government, Industrials, Information Technology, Materials

  • COP27: Climate Activism Putting Increased Pressure On Companies To Tackle Climate Issues
  • Further Increase In Tensions Between Serbia and Kosovo
  • US-China Tensions are Inciting Large Companies to Consider Other Countries Because of the Uncertain Geopolitical Landscape
  • US And Taiwan Hold Trade Talks Amid Tensions With China
  • European Commission Proposes Longer Individually Negotiated Debt Reduction Paths For EU Member States


Community Area


  • 10-13 November – East Asia Summit
  • 15-16 November – G20 Bali Summit

Latest Mercury Newsletter

(Available to Customers only)

  • 2 November – New Mercury Milestone Reached!
    All the functionality of Mercury Legacy now available in the beta version of the new Mercury.
    New feature – Nested Comments in Alerts
    Maintain discussions with our analysts in the Brand Protection, Vulnerabilities Intelligence and Service Requests alerts.

Industry Report

  • 3 November – ENISA Threat Landscape 2022
    The European Union Agency for Cyber Security, ENISA, released its annual Threat Landscape Report detailing the top threats and trends in the cybersecurity threat landscape for the year to July 2022. Notably, QuoIntelligence research is cited as evidence supporting ENISA’s trend analysis into ransomware and the Russia-Ukraine threat landscape.

    Interested in becoming a premium customer? Let’s talk