QuoIntelligence’s Weekly Intelligence Snapshot for the week of 25 – 31 May 2023 is now available! Find a summary here and subscribe to our mailing list below if you want to receive regular updates from us!

Want to read the full story? Subscribe to our newsletter to access the complete Weekly Intelligence Snapshot. Don’t miss out on more intelligence!

Cyber Highlights

Current threat

Spyboy Anti-EDR Solution Shows Increasing Popularity Of Bring-Your-Own-Vulnerable-Driver Attacks

Industry impacted: Communication Services

A threat actor using the handle “Spyboy” advertised on 21 May a supposed software capable of terminating processes of AV and EDR solutions on the Russian language forum RAMP. Allegedly able to terminate most major EDRs such as Sophos, SentinelOne, CrowdStrike, ESET, etc., Spyboy is selling this tool to interested parties. Research by the supposedly affected security vendors revealed that the tool is another case of the Bring-Your-Own-Vulnerable-Driver (BYOVD) tactic, already observed recently in different attack chains to bypass Endpoint Security. This particular tactic has been rising in popularity recently, with open-source resources dedicated to the subject and major eCrime actors integrating the method into their toolset.


Industries impacted: Energy, Industrials, Utilities

  • New Buhti Ransomware Operation Uses Rebranded Variants of Leaked LockBit and Babuk Payloads to Target Windows and Linux Systems
  • CosmicEnergy, a New Russia-Linked Malware Designed to Disrupt Industrial Control Systems
  • Bandit Stealer: Researchers Find New Go-based Info Stealer Targeting Multiple Browsers
  • AceCryptor Used As CaaS In Popular Malware Variants

Geo Highlights

Threats Facing Undersea Internet Cables Amid Increased Geopolitical Polarization

Industry impacted: Communication Services

QuoIntelligence analyzes the threats facing undersea internet cables which are central to the global communication system and global economy.


Industries impacted: Financials, Government, Information Technology

  • President Recep Tayyip Erdogan Wins Turkey’s Presidential Elections
  • Dutch Government Introduces Investment Screening’ for Sensitive Tech Like Semiconductors, as Fears over Cyberattacks on the Tech Industry Grow
  • EU to Increase Oversight on Banks, Seeks to Boost Transparency

Community Area


  • 5 JuneGartner Security & Risk Management Summit
  • 7 JuneENISA AI Cybersecurity Conference
  • 9 JuneHackInBo Business Edition

Upcoming Webinars

Latest Reports

(Sent to PREMIUM Customers only)

  • 22 May – Intel Assessment: AI: Risks and Challenges in Cyberspace and the Geopolitical Landscape 
    An in-depth evaluation of the reality of the threats the use of generative AI tools by threat actors pose. It also seeks to identify privacy and regulatory risks for businesses using such tools.
  • 22 May – Intel Assessment: DACH Threat Landscape Q1
    An overview of the threat landscape relevant to the DACH countries – Germany, Austria, and Switzerland – in Q1 2023 and an assessment regarding further developments.
  • 18 May – Intel Brief: Use of exploitation frameworks alternative to cobalt strike by threat actors
    We analyze why advancements in Cobalt Strike Beacon detection have made it harder for criminal and state-affiliated threat actors to use Cobalt Strike successfully.

Latest Blog

Interested in becoming a premium customer? Let’s talk