Weekly Intelligence Snapshot – Week 29, 2023

Intelligence Cables,Weekly Intelligence Snapshot

QuoIntelligence’s Weekly Intelligence Snapshot for the week of 13 – 19 July 2023 is now available! Find a summary here and subscribe to our mailing list below if you want to receive regular updates from us!

Want to read the full story? Subscribe to our newsletter to access the complete Weekly Intelligence Snapshot. Don’t miss out on more intelligence!

Cyber Highlights

Incident

New Ransomware Strain Abuses Sophos Branding During Execution

Security firm Sophos discovered a novel ransomware using Sopho’s name and logo in its UI. The malware also uses “.sophos” as the extension for encrypted files. The ransomware has a unique multi-functionality aspect, resembling a general-purpose remote access trojan (RAT) more than traditional ransomware. It communicates with a command-and-control server associated with Cobalt Strike C2 and cryptomining software attacks.

Current Threat

Chinese Cyber Espionage Employing Zero-Days and Botnets to Stay Undetected

Industries impacted: Communication Services, Government

Researchers from Mandiant have released a report detailing newly observed stealth techniques Chinese cyber espionage actors use to stay undetected and complicate attribution. These strategies are used both for initial infection as well as post-compromise and involve complex zero-day exploitation of different software and targeting of routers to hide attacker traffic. This constitutes a continuous evolution in the Chinese TTPs towards a stealthier approach to their operations, remaining under the radar for longer and avoiding leaving clear indicators of compromise.

Rollups

Industries impacted: Communication Services, Consumer Discretionary, Financials, Health Care, Information Technology

  • FIN8 Utilizes Sardonic Backdoor to Deliver Noberus Ransomware
  • New Critical Privilege Escalation Vulnerability in Google Cloud Build Could Enable Supply Chain Attacks
  • Adobe Releases Emergency ColdFusion Security Update to Address Critical Vulnerabilities
  • Threat Actor Targets Italian Organizations With Ursnif Malware

Geo Highlights

The US Releases Its National Cybersecurity Strategy Implementation Plan Foreseeing An Increase In Disruption Operations

QuoIntelligence analyzes the key points of the US’s National Cybersecurity Strategy Implementation Plan recently released by the Biden administration.

Rollups

Industries impacted: Government, Information Technology

  • Germany Adopts Its First Comprehensive Strategy On China
  • FTC Opens Investigation Into ChatGPT Maker Over Technology’s Potential Harms
  • EU Reaches Agreement on Cybersecurity Requirements for Digital Products

  

Outlook

  • 26 July – Annual Critical Infrastructure Security Summit 2023

Latest Reports

(Sent to PREMIUM Customers only)

  • 19 July – Intel Briefing 
    GDPR: Analysis of Five Years of Enforcement
    This report offers insights into the enforcement trends of the EU’s General Data Protection Regulation (GDPR) over the last five years.
  • 4 July – Intel Assessment 
    IT and OT Based Threats to ICS Operations
    We analyze the current capabilities used to disrupt Industrial Control Systems (ICS) operations in the critical infrastructure sector and assess how they will evolve.
  • 27 June – Intel Assessment 
    Exploring the Dynamic Landscape of Hacktivism in 2023
    A risk assessment of hacktivism and an overview of the current landscape of this form of cyber criminality, with a specific focus on pro-Russia hacktivist groups.

Interested in becoming a premium customer? Let’s talk

Subscribe To Our
Weekly Newsletter

Subscribe to our newsletter to receive Weekly Intelligence Summaries, cyber news, and exciting updates.