QuoIntelligence’s Weekly Intelligence Snapshot for the week of 6 – 12 July 2023 is now available! Find a summary here and subscribe to our mailing list below if you want to receive regular updates from us!
Want to read the full story? Subscribe to our newsletter to access the complete Weekly Intelligence Snapshot. Don’t miss out on more intelligence!
Cyber Highlights
Current threat
Microsoft July Patch Tuesday Addresses 132 Flaws, 6 Zero-Day Vulnerabilities
Microsoft released its monthly Patch Tuesday security update, which includes fixes for 132 flaws, six of which are zero-days. Impacted products include Microsoft Windows, Microsoft Outlook, and Microsoft Office. Other vendors who have also released important security updates this Patch Tuesday include Apple, Google, Adobe, and MOVEit.
Threat Actor
RomCom Threat Actor Uses Zero-Day to Target Europe and North America
Researchers from Microsoft discovered a phishing campaign by the eCrime actor Storm-0978/RomCom targeting defense and government entities in Europe and North America. The threat actors abused a vulnerability in Microsoft Word to achieve remote code execution and used lures related to the Ukrainian World Congress. This campaign, observed in June 2023, delivered a backdoor with similarities to RomCom, a backdoor that has given the group their name. Storm-0978 has been linked to several other attacks in the past, including ransomware deployment, and uniquely also apparently conducts operations in support of intelligence efforts.
Rollups
Industries impacted: Consumer Discretionary, Financials, Government, Health Care, Industrials, Information Technology
- Operation Brainleeches Campaign Employs Malicious NPM Packages for Both Phishing and Software Supply Chain Compromises
- Kimsuky Threat Group Now Using Chrome Remote Desktop To Gain Control Over Infected Systems
- WISE REMOTE Stealer Functioning as Both Stealer and RAT Targeting Windows Operating System, Financials, and Critical Infrastructure
- Major North American Insurance Firms Confirm Latest MOVEit Breaches
- New Mustang Panda Cyber Espionage Campaign Leveraging SOGU Malware Using Infected USB Flash Drives to Target Industries Worldwide
Geo Highlights
The EU Adopts New EU-US Data Transfer Framework, Likely To Be Challenged In The Short Term
QuoIntelligence analyzes the key insights from the new EU-US Data Transfer Framework and anticipates the potential challenges it may encounter.
Industry impacted: Government
QuoIntelligence analyzes the impact of Beijing’s New Foreign Relations Law and Chinese export controls on two strategic metals in the framework of increasingly tense economic relations between China and the US.
Rollups
Industries impacted: Energy, Government, Industrials, Information Technology
- NATO Summit: Countries Condemn China, Sweden Expected to Entry NATO
- New Reporting Rules for Foreign Financial Contributions to EU Businesses
Community Area
Upcoming Webinars
- 19 July – Guten Appetit! How to Stop Threat Actors Eating From Your Plate
Whether you do business in the DACH region, have providers there, or are looking to expand into the area, this webinar will provide you with the crucial threat intelligence information you need to know. Hosted by Jörg Schauff, VP Threat Advisory
- 20 Juli – Guten Appetit! Wie Sie ungebetene Gäste davon abhalten, Essen zu stehlen
Unabhängig davon, ob Sie in der DACH-Region geschäftlich tätig sind, dort Anbieter haben oder in die Region expandieren möchten, liefert Ihnen dieses Webinar die entscheidenden Threat Intelligence-Informationen, die Sie benötigen. Moderiert von Jörg Schauff, VP Threat Advisory
Outlook
- 17 July – 18th Annual EnergySec Security & Compliance Summit
Latest Reports
(Sent to PREMIUM Customers only)
- 4 July – Intel Assessment
IT and OT Based Threats to ICS Operations
We analyze the current capabilities used to disrupt Industrial Control Systems (ICS) operations in the critical infrastructure sector and assess how they will evolve. - 27 June – Intel Assessment
Exploring the Dynamic Landscape of Hacktivism in 2023
A risk assessment of hacktivism and an overview of the current landscape of this form of cyber criminality, with a specific focus on pro-Russia hacktivist groups - 21 June – Intel Briefing
Vice Society Operational Profile
We look into the second most successful ransomware group of Q1 this year, known for its targeting of the education, healthcare, manufacturing, financial, energy, transportation, and retail sectors, as well as NGOs.
Interested in becoming a premium customer? Let’s talk
