QuoIntelligence’s Weekly Intelligence Snapshot for the week of 8 – 14 June 2023 is now available! Find a summary here and subscribe to our mailing list below if you want to receive regular updates from us!
Want to read the full story? Subscribe to our newsletter to access the complete Weekly Intelligence Snapshot. Don’t miss out on more intelligence!
Cyber Highlights
Current threat
UNC3886: The Chinese State-Sponsored Group Exploited VMware ESXi Zero-day to Backdoor Windows and Linux Systems
Industries impacted: Communication Services, Government, Information Technology
Chinese cyber espionage group, UNC3886, has been deploying a novel malware on systems that traditionally do not support Endpoint Detection and Response (EDR) solutions such as network appliances, SAN arrays, and VMware ESXi hosts. The group primarily targets defense, technology, and telecommunication organizations located in the US and APAC regions. The attack campaign has been ongoing since late 2022 and has shown the group’s extensive capabilities and understanding of the underlying technology of the targeted appliances. UNC3886 has been adept at avoiding detection by EDR solutions through various techniques, including credential harvesting, exploiting vulnerabilities, deploying backdoors, and tampering with logging services on the impacted systems.
Vulnerability
Microsoft June Patch Tuesday Addresses 78 Flaws, 0 Zero-Day Vulnerabilities
Microsoft released its monthly Patch Tuesday security update, which includes fixes for 78 flaws, none of which are zero-days. Impacted products include Microsoft Windows, Microsoft Exchange Server, and Microsoft SharePoint. Other vendors who have also released important security updates this Patch Tuesday include Google, Fortinet, VMware, and MOVEit.
Rollups
Industries impacted: Financials, Government, Information Technology
- New ENISA Supply Chain Cybersecurity Guidance Stresses Collaboration, Information Sharing, and Effective Policies
- Launch Of Google’s New „.Zip“ TLDs Leads to Possible Information Leaks
- A New Golang-Based InfoStealer Dubbed Skuld Exploiting Windows Systems Worldwide
- Cadet Blizzard: A Novel Russian State-Sponsored Threat Actor That Conducts Focused Destructive Attacks and Espionage Operations
- Newly Discovered Pikabot Distributed Through QakBot
- Pro-Russia Hacktivist Threatens Massive Attacks Against Global Banking System
Geo Highlights
Germany Releases Its First National Security Strategy
Industries impacted: Energy, Government, Information Technology
QuoIntelligence analyzes Germany’s first ever national security strategy, outlining its perception of the current threat landscape and the country’s posture to address security challenges.
Rollups
Industries impacted: Consumer Discretionary, Consumer Staples, Financials, Government
- US – China Tensions: Cuba to Reportedly Host Chinese Base
- Green Activist Increases: Deutsche Bank, JP Morgan Faces Pro-Climate Protests Against Investment Policies
- EU General Product Safety Regulation Enters into Force to Enhance Safety Regardless of Origin
- France Discovers Russian Disinformation Campaign Involving Russian Threat Actors
Community Area
Outlook
- 20 June – Planet Cyber Sec Conference
- 23 June – SANS Ransomware Summit 2023
Upcoming Webinars
- 20 Giugno – „Italia sotto attacco: come e perché usare la Threat Intelligence per distinguere le minacce reali dal clamore mediatico“ (Nota: questo webinar sarà condotto in italiano)
SAVE THE DATE! Partecipa a questa sessione dal vivo e alla discussione aperta con Marco Riccardi e Sharon De Cet. Vi aggiorneranno sull’attuale panorama delle minacce per le organizzazioni italiane per rimanere informati sugli ultimi trend della cybersecurity, risponderanno alle vostre domande, scambieranno punti di vista e molto altro ancora. Iscriviti qui.
Latest Reports
(Sent to PREMIUM Customers only)
- 26 May – Intel Assessment: AI: Risks and Challenges in Cyberspace and the Geopolitical Landscape
An in-depth evaluation of the reality of the threats the use of generative AI tools by threat actors pose. It also seeks to identify privacy and regulatory risks for businesses using such tools.
Interested in becoming a premium customer? Let’s talk