Weekly Intelligence Snapshot – Week 30, 2023

Mandiant has uncovered a supply chain compromise affecting US-based software solutions company JumpCloud. The intrusion — attributed to North Korean threat actor UNC4899 — targeted JumpCloud's zero-trust directory platform service.

QuoIntelligence’s Weekly Intelligence Snapshot for the week of 20 – 26 July 2023 is now available! Find a summary here and subscribe to our mailing list below if you want to receive regular updates from us!

Want to read the full story? Subscribe to our newsletter to access the complete Weekly Intelligence Snapshot. Don’t miss out on more intelligence!

Cyber Highlights

Incident

DPRK Linked Actor Conducts Targeted Supply Chain Attack

Industry impacted: Financials

In July 2023, Mandiant investigated a supply chain compromise affecting a US-based software solutions company JumpCloud. Researches attributed the intrusion to UNC4899, a threat actor associated with North Korea (DPRK), with a history of targeting cryptocurrency companies. The attack leveraged a zero-trust directory platform service compromised via a spear phishing campaign. Mandiant identified four OSX Ventura systems that were targeted and through forensics, collected data that outlined the malicious activities of the threat actors.

Rollups

Industries impacted: Communication Services, Financials, Information Technology

  • OSS Supply Chain Attacks Target Banking Sector
  • Threat Actors Leverage New Tool To Enhance Malware Defense Evasion Through Obfuscation
  • Lazarus Threat Group Exploits Windows IIS Servers To Distribute Malware
  • Vulnerabilities Found in TETRA’s Encrypted Radio Communications Poses Risk to Government, Law Enforcement, and Critical Infrastructure
  • New Report Analyses Millions Of Stealer Logs And Finds Over 400,000 Are Corporate Credentials For Popular Business Apps

Geo Highlights

The EU Approves Chips Act But Will Likely Face Challenges In Its Application Amid Global Chips Race

Industry impacted: Information Technology

QuoIntelligence analyze key challenges for the European Chips Act approved this week by the EU in a tense context for the semiconductor industry worldwide.

Rollups

Industries impacted: Communication Services, Energy, Financials, Government, Health Care, Industrials, Information Technology, Utilities

  • Enhancing EU Resilience: A step Forward to Identify Critical Entities for Key Sectors
  • Big Tech Form Body to Regulate AI Development, Highlight Safety, Security, and Trust as Key AI Principles
  • US Securities and Exchange Commission Set Four-Day Deadline for Companies to Report Cyberattacks

Outlook

  • 31 July – IEEE International Conference on Cyber Security and Resilience

Latest Reports

(Sent to PREMIUM Customers only)

  • 19 July – Intel Briefing 
    GDPR: Analysis of Five Years of Enforcement
    This report offers insights into the enforcement trends of the EU’s General Data Protection Regulation (GDPR) over the last five years.
  • 4 July – Intel Assessment 
    IT and OT Based Threats to ICS Operations
    We analyze the current capabilities used to disrupt Industrial Control Systems (ICS) operations in the critical infrastructure sector and assess how they will evolve.

    News

    • 27 July – QuoIntelligence Press Release 
      QuoIntelligence Secures EUR 5 Million Seed Financing
      The investment is based on our highly differentiated threat intelligence offering and will be used to expand the QuoIntelligence team and enhance products and services.

    Blog

    Interested in becoming a premium customer? Let’s talk

    Interested in becoming a premium customer?

    Unlock exclusive benefits by becoming a premium customer

    Share this article:

    Weekly Intelligence Snapshot – Week 30, 2023

    Share this article:

    Related Posts

    Subscribe To Our
    Weekly Newsletter

    Subscribe to our newsletter to receive Weekly Intelligence Summaries, cyber news, and exciting updates.