QuoIntelligence’s Weekly Intelligence Snapshot for the week of 20 – 26 July 2023 is now available! Find a summary here and subscribe to our mailing list below if you want to receive regular updates from us!
Want to read the full story? Subscribe to our newsletter to access the complete Weekly Intelligence Snapshot. Don’t miss out on more intelligence!
Cyber Highlights
Incident
DPRK Linked Actor Conducts Targeted Supply Chain Attack
Industry impacted: Financials
In July 2023, Mandiant investigated a supply chain compromise affecting a US-based software solutions company JumpCloud. Researches attributed the intrusion to UNC4899, a threat actor associated with North Korea (DPRK), with a history of targeting cryptocurrency companies. The attack leveraged a zero-trust directory platform service compromised via a spear phishing campaign. Mandiant identified four OSX Ventura systems that were targeted and through forensics, collected data that outlined the malicious activities of the threat actors.
Rollups
Industries impacted: Communication Services, Financials, Information Technology
- OSS Supply Chain Attacks Target Banking Sector
- Threat Actors Leverage New Tool To Enhance Malware Defense Evasion Through Obfuscation
- Lazarus Threat Group Exploits Windows IIS Servers To Distribute Malware
- Vulnerabilities Found in TETRA’s Encrypted Radio Communications Poses Risk to Government, Law Enforcement, and Critical Infrastructure
- New Report Analyses Millions Of Stealer Logs And Finds Over 400,000 Are Corporate Credentials For Popular Business Apps
Geo Highlights
The EU Approves Chips Act But Will Likely Face Challenges In Its Application Amid Global Chips Race
Industry impacted: Information Technology
QuoIntelligence analyze key challenges for the European Chips Act approved this week by the EU in a tense context for the semiconductor industry worldwide.
Rollups
Industries impacted: Communication Services, Energy, Financials, Government, Health Care, Industrials, Information Technology, Utilities
- Enhancing EU Resilience: A step Forward to Identify Critical Entities for Key Sectors
- Big Tech Form Body to Regulate AI Development, Highlight Safety, Security, and Trust as Key AI Principles
- US Securities and Exchange Commission Set Four-Day Deadline for Companies to Report Cyberattacks
Outlook
- 31 July – IEEE International Conference on Cyber Security and Resilience
Latest Reports
(Sent to PREMIUM Customers only)
- 19 July – Intel Briefing
GDPR: Analysis of Five Years of Enforcement
This report offers insights into the enforcement trends of the EU’s General Data Protection Regulation (GDPR) over the last five years. - 4 July – Intel Assessment
IT and OT Based Threats to ICS Operations
We analyze the current capabilities used to disrupt Industrial Control Systems (ICS) operations in the critical infrastructure sector and assess how they will evolve.
News
- 27 July – QuoIntelligence Press Release
QuoIntelligence Secures EUR 5 Million Seed Financing
The investment is based on our highly differentiated threat intelligence offering and will be used to expand the QuoIntelligence team and enhance products and services.
Blog
- 20 July – Research: Neo_Net
Fresh insights into Neo_Net’s cybercrime syndicate: The new threat actor in the financial sector
Research into an eCrime campaign — to Neo-Net — targetting prominent European banks, especially in Spain, with phishing and Android trojans.
Interested in becoming a premium customer? Let’s talk