QuoIntelligence’s Weekly Intelligence Snapshot for the week of 14 – 20 September 2023 is now available! Find a summary here and subscribe to our mailing list below if you want to receive regular updates from us!
Want to read the full story? Subscribe to our newsletter to access the complete Weekly Intelligence Snapshot. Don’t miss out on more intelligence!
Cyber Highlights
Vulnerability
Shared Access Signature Token Misuse Leads To Exposure Of Internal Microsoft Data
Industry impacted: Information Technology
On 18 September Wiz Research detected an exposure of Microsoft internal data resulting from a misconfiguration of a SAS (Shared Access Signature) token. While no customer data was exposed, Microsoft internal data included a disk backup of two employees’ workstations containing secrets, private keys, passwords, and 30,000 internal Microsoft Teams messages. QuoIntelligence analyzes Microsoft post-mortem analysis of the incident and provides recommendations given the potentially very severe implications of sharing a SAS token with misconfigured permissions.
Rollups
Industries impacted: Communication Services, Consumer Discretionary, Financials, Government, Health Care, Information Technology
- APT33 Targets Multiple Sectors With Password Spray Attacks Across the Globe
- UNC3944 Leverages SMS Phishing Campaigns To Obtain Credentials For Access To Victims‘ Organizations
- BlackCat Ransomware Group Targets Azure Storage With New Sphynx Encryptor
- Bumblebee Loader Malware Resurfaces in New Campaign With Updated Loader
- Novel Cloud-Native Cryptojacking Operation Dubbed AMBERSQUID Targets Uncommon AWS Services
Geo Highlights
Azerbaijan – Armenia Conflict: Implications for EU Ties with Azerbaijan Given Trade Relations for Energy Supply
Industries impacted: Energy, Government
Azerbaijan’s military campaign in Nagorno-Karabakh led to its declaration of victory and a ceasefire recognizing its control over the region, raising concerns about ethnic cleansing. This complicates the EU’s relationship with Azerbaijan given the EU’s efforts to strengthen ties with the country to ensure energy supply.
Rollups
Industries impacted: Communication Services, Government, Information Technology
- China Confirms NSA Intrusions into Huawei Servers as Diplomatic Tensions Continue
- EU Reaches Provisional Agreement Against Greenwashing and Boosts Consumer Information on Product Durability
Products & Services
- 18 September – Report
Cyber Insurance: Increasingly Restrictive but Increasingly Necessary Amid Evolving Cyber Threat LandscapeInsights into the cyber insurance market, identifying new trends affecting policy holders and new exclusions to help organizations adapt their cybersecurity strategy accordingly.
- 18 September – Finished Intelligence
DarkGate Loader delivered via Teams
Interested in becoming a premium customer? Let’s talk