QuoIntelligence’s Weekly Intelligence Snapshot for the week of 13 – 19 July 2023 is now available! Find a summary here and subscribe to our mailing list below if you want to receive regular updates from us!
Want to read the full story? Subscribe to our newsletter to access the complete Weekly Intelligence Snapshot. Don’t miss out on more intelligence!
Cyber Highlights
Incident
New Ransomware Strain Abuses Sophos Branding During Execution
Security firm Sophos discovered a novel ransomware using Sopho’s name and logo in its UI. The malware also uses „.sophos“ as the extension for encrypted files. The ransomware has a unique multi-functionality aspect, resembling a general-purpose remote access trojan (RAT) more than traditional ransomware. It communicates with a command-and-control server associated with Cobalt Strike C2 and cryptomining software attacks.
Current Threat
Chinese Cyber Espionage Employing Zero-Days and Botnets to Stay Undetected
Industries impacted: Communication Services, Government
Researchers from Mandiant have released a report detailing newly observed stealth techniques Chinese cyber espionage actors use to stay undetected and complicate attribution. These strategies are used both for initial infection as well as post-compromise and involve complex zero-day exploitation of different software and targeting of routers to hide attacker traffic. This constitutes a continuous evolution in the Chinese TTPs towards a stealthier approach to their operations, remaining under the radar for longer and avoiding leaving clear indicators of compromise.
Rollups
Industries impacted: Communication Services, Consumer Discretionary, Financials, Health Care, Information Technology
- FIN8 Utilizes Sardonic Backdoor to Deliver Noberus Ransomware
- New Critical Privilege Escalation Vulnerability in Google Cloud Build Could Enable Supply Chain Attacks
- Adobe Releases Emergency ColdFusion Security Update to Address Critical Vulnerabilities
- Threat Actor Targets Italian Organizations With Ursnif Malware
Geo Highlights
The US Releases Its National Cybersecurity Strategy Implementation Plan Foreseeing An Increase In Disruption Operations
QuoIntelligence analyzes the key points of the US’s National Cybersecurity Strategy Implementation Plan recently released by the Biden administration.
Rollups
Industries impacted: Government, Information Technology
- Germany Adopts Its First Comprehensive Strategy On China
- FTC Opens Investigation Into ChatGPT Maker Over Technology’s Potential Harms
- EU Reaches Agreement on Cybersecurity Requirements for Digital Products
Outlook
- 26 July – Annual Critical Infrastructure Security Summit 2023
Latest Reports
(Sent to PREMIUM Customers only)
- 19 July – Intel Briefing
GDPR: Analysis of Five Years of Enforcement
This report offers insights into the enforcement trends of the EU’s General Data Protection Regulation (GDPR) over the last five years. - 4 July – Intel Assessment
IT and OT Based Threats to ICS Operations
We analyze the current capabilities used to disrupt Industrial Control Systems (ICS) operations in the critical infrastructure sector and assess how they will evolve. - 27 June – Intel Assessment
Exploring the Dynamic Landscape of Hacktivism in 2023
A risk assessment of hacktivism and an overview of the current landscape of this form of cyber criminality, with a specific focus on pro-Russia hacktivist groups.
Interested in becoming a premium customer? Let’s talk