QuoIntelligence’s Weekly Intelligence Snapshot for the week of 25 – 31 May 2023 is now available! Find a summary here and subscribe to our mailing list below if you want to receive regular updates from us!
Want to read the full story? Subscribe to our newsletter to access the complete Weekly Intelligence Snapshot. Don’t miss out on more intelligence!
Cyber Highlights
Current threat
Spyboy Anti-EDR Solution Shows Increasing Popularity Of Bring-Your-Own-Vulnerable-Driver Attacks
Industry impacted: Communication Services
A threat actor using the handle “Spyboy” advertised on 21 May a supposed software capable of terminating processes of AV and EDR solutions on the Russian language forum RAMP. Allegedly able to terminate most major EDRs such as Sophos, SentinelOne, CrowdStrike, ESET, etc., Spyboy is selling this tool to interested parties. Research by the supposedly affected security vendors revealed that the tool is another case of the Bring-Your-Own-Vulnerable-Driver (BYOVD) tactic, already observed recently in different attack chains to bypass Endpoint Security. This particular tactic has been rising in popularity recently, with open-source resources dedicated to the subject and major eCrime actors integrating the method into their toolset.
Rollups
Industries impacted: Energy, Industrials, Utilities
- New Buhti Ransomware Operation Uses Rebranded Variants of Leaked LockBit and Babuk Payloads to Target Windows and Linux Systems
- CosmicEnergy, a New Russia-Linked Malware Designed to Disrupt Industrial Control Systems
- Bandit Stealer: Researchers Find New Go-based Info Stealer Targeting Multiple Browsers
- AceCryptor Used As CaaS In Popular Malware Variants
Geo Highlights
Threats Facing Undersea Internet Cables Amid Increased Geopolitical Polarization
Industry impacted: Communication Services
QuoIntelligence analyzes the threats facing undersea internet cables which are central to the global communication system and global economy.
Rollups
Industries impacted: Financials, Government, Information Technology
- President Recep Tayyip Erdogan Wins Turkey’s Presidential Elections
- Dutch Government Introduces Investment Screening’ for Sensitive Tech Like Semiconductors, as Fears over Cyberattacks on the Tech Industry Grow
- EU to Increase Oversight on Banks, Seeks to Boost Transparency
Community Area
Outlook
- 5 June – Gartner Security & Risk Management Summit
- 7 June – ENISA AI Cybersecurity Conference
- 9 June – HackInBo Business Edition
Upcoming Webinars
- 20 Giugno – “Italia sotto attacco: come e perché usare la Threat Intelligence per distinguere le minacce reali dal clamore mediatico” (Nota: questo webinar sarà condotto in italiano)
SAVE THE DATE! Partecipa a questa sessione dal vivo e alla discussione aperta con Marco Riccardi e Sharon De Cet. Vi aggiorneranno sull’attuale panorama delle minacce per le organizzazioni italiane per rimanere informati sugli ultimi trend della cybersecurity, risponderanno alle vostre domande, scambieranno punti di vista e molto altro ancora. Iscriviti qui.
Latest Reports
(Sent to PREMIUM Customers only)
- 22 May – Intel Assessment: AI: Risks and Challenges in Cyberspace and the Geopolitical Landscape
An in-depth evaluation of the reality of the threats the use of generative AI tools by threat actors pose. It also seeks to identify privacy and regulatory risks for businesses using such tools. - 22 May – Intel Assessment: DACH Threat Landscape Q1
An overview of the threat landscape relevant to the DACH countries – Germany, Austria, and Switzerland – in Q1 2023 and an assessment regarding further developments. - 18 May – Intel Brief: Use of exploitation frameworks alternative to cobalt strike by threat actors
We analyze why advancements in Cobalt Strike Beacon detection have made it harder for criminal and state-affiliated threat actors to use Cobalt Strike successfully.
Latest Blog
- 3 May – Infostealer Malware: The Silent Threat Lurking in Your System
Infostealer malware attacks are designed to steal sensitive information such as login credentials, financial data, and personal information.
Interested in becoming a premium customer? Let’s talk
