Weekly Intelligence Snapshot – Week 28, 2023

Intelligence Cables,Weekly Intelligence Snapshot

QuoIntelligence’s Weekly Intelligence Snapshot for the week of 6 – 12 July 2023 is now available! Find a summary here and subscribe to our mailing list below if you want to receive regular updates from us!

Want to read the full story? Subscribe to our newsletter to access the complete Weekly Intelligence Snapshot. Don’t miss out on more intelligence!

Cyber Highlights

Current threat

Microsoft July Patch Tuesday Addresses 132 Flaws, 6 Zero-Day Vulnerabilities

Microsoft released its monthly Patch Tuesday security update, which includes fixes for 132 flaws, six of which are zero-days. Impacted products include Microsoft Windows, Microsoft Outlook, and Microsoft Office. Other vendors who have also released important security updates this Patch Tuesday include Apple, Google, Adobe, and MOVEit.

Threat Actor

RomCom Threat Actor Uses Zero-Day to Target Europe and North America

Researchers from Microsoft discovered a phishing campaign by the eCrime actor Storm-0978/RomCom targeting defense and government entities in Europe and North America. The threat actors abused a vulnerability in Microsoft Word to achieve remote code execution and used lures related to the Ukrainian World Congress. This campaign, observed in June 2023, delivered a backdoor with similarities to RomCom, a backdoor that has given the group their name. Storm-0978 has been linked to several other attacks in the past, including ransomware deployment, and uniquely also apparently conducts operations in support of intelligence efforts.

Rollups

Industries impacted: Consumer Discretionary, Financials, Government, Health Care, Industrials, Information Technology

  • Operation Brainleeches Campaign Employs Malicious NPM Packages for Both Phishing and Software Supply Chain Compromises
  • Kimsuky Threat Group Now Using Chrome Remote Desktop To Gain Control Over Infected Systems
  • WISE REMOTE Stealer Functioning as Both Stealer and RAT Targeting Windows Operating System, Financials, and Critical Infrastructure
  • Major North American Insurance Firms Confirm Latest MOVEit Breaches
  • New Mustang Panda Cyber Espionage Campaign Leveraging SOGU Malware Using Infected USB Flash Drives to Target Industries Worldwide

Geo Highlights

The EU Adopts New EU-US Data Transfer Framework, Likely To Be Challenged In The Short Term

QuoIntelligence analyzes the key insights from the new EU-US Data Transfer Framework and anticipates the potential challenges it may encounter.

Industry impacted: Government

QuoIntelligence analyzes the impact of Beijing’s New Foreign Relations Law and Chinese export controls on two strategic metals in the framework of increasingly tense economic relations between China and the US.

Rollups

Industries impacted: Energy, Government, Industrials, Information Technology

  • NATO Summit: Countries Condemn China, Sweden Expected to Entry NATO
  • New Reporting Rules for Foreign Financial Contributions to EU Businesses

Community Area

Upcoming Webinars

Outlook

  • 17 July – 18th Annual EnergySec Security & Compliance Summit

Latest Reports

(Sent to PREMIUM Customers only)

  • 4 July – Intel Assessment 
    IT and OT Based Threats to ICS Operations
    We analyze the current capabilities used to disrupt Industrial Control Systems (ICS) operations in the critical infrastructure sector and assess how they will evolve.
  • 27 June – Intel Assessment 
    Exploring the Dynamic Landscape of Hacktivism in 2023
    A risk assessment of hacktivism and an overview of the current landscape of this form of cyber criminality, with a specific focus on pro-Russia hacktivist groups
  • 21 June – Intel Briefing
    Vice Society Operational Profile
    We look into the second most successful ransomware group of Q1 this year, known for its targeting of the education, healthcare, manufacturing, financial, energy, transportation, and retail sectors, as well as NGOs.

Interested in becoming a premium customer? Let’s talk

Subscribe To Our
Weekly Newsletter

Subscribe to our newsletter to receive Weekly Intelligence Summaries, cyber news, and exciting updates.