Threat Intelligence Snapshot: Week 38, 2023

Wiz Research detects exposure of Microsoft internal data from a SAS token misconfiguration.

QuoIntelligence’s Weekly Intelligence Snapshot for the week of 14 – 20 September 2023 is now available! Find a summary here and subscribe to our mailing list below if you want to receive regular updates from us!

Want to read the full story? Subscribe to our newsletter to access the complete Weekly Intelligence Snapshot. Don’t miss out on more intelligence!

Cyber Highlights

Vulnerability

Shared Access Signature Token Misuse Leads To Exposure Of Internal Microsoft Data

Industry impacted: Information Technology

On 18 September Wiz Research detected an exposure of Microsoft internal data resulting from a misconfiguration of a SAS (Shared Access Signature) token. While no customer data was exposed, Microsoft internal data included a disk backup of two employees’ workstations containing secrets, private keys, passwords, and 30,000 internal Microsoft Teams messages. QuoIntelligence analyzes Microsoft post-mortem analysis of the incident and provides recommendations given the potentially very severe implications of sharing a SAS token with misconfigured permissions.

Rollups

Industries impacted: Communication Services, Consumer Discretionary, Financials, Government, Health Care, Information Technology

  • APT33 Targets Multiple Sectors With Password Spray Attacks Across the Globe
  • UNC3944 Leverages SMS Phishing Campaigns To Obtain Credentials For Access To Victims’ Organizations
  • BlackCat Ransomware Group Targets Azure Storage With New Sphynx Encryptor
  • Bumblebee Loader Malware Resurfaces in New Campaign With Updated Loader
  • Novel Cloud-Native Cryptojacking Operation Dubbed AMBERSQUID Targets Uncommon AWS Services

Geo Highlights

Azerbaijan – Armenia Conflict: Implications for EU Ties with Azerbaijan Given Trade Relations for Energy Supply

Industries impacted: Energy, Government

Azerbaijan’s military campaign in Nagorno-Karabakh led to its declaration of victory and a ceasefire recognizing its control over the region, raising concerns about ethnic cleansing. This complicates the EU’s relationship with Azerbaijan given the EU’s efforts to strengthen ties with the country to ensure energy supply.

Rollups

Industries impacted: Communication Services, Government, Information Technology

  • China Confirms NSA Intrusions into Huawei Servers as Diplomatic Tensions Continue
  • EU Reaches Provisional Agreement Against Greenwashing and Boosts Consumer Information on Product Durability

Products & Services

Interested in becoming a premium customer? Let’s talk

Interested in becoming a premium customer?

Unlock exclusive benefits by becoming a premium customer
Picture of QuoINT
QuoIntelligence informs decision-makers of current and potential cyber and geopolitical threats by providing customized Finished Intelligence reports. Our team of experts provides full contextual analyses to produce top-quality Intelligence and to better enable organizations to mitigate risk.

Share this article:

Threat Intelligence Snapshot: Week 38, 2023

Share this article:

Related Posts

Subscribe To Our
Weekly Newsletter

Subscribe to our newsletter to receive Weekly Intelligence Summaries, cyber news, and exciting updates.