QuoIntelligence’s Weekly Intelligence Snapshot for the week of 2 – 8 November 2023 is now available! Find a summary here and subscribe to our mailing list below if you want to receive regular updates from us!
Want to read the full story? Subscribe to our newsletter to access the complete Weekly Intelligence Snapshot. Don’t miss out on more intelligence!
GootBot, a new post-exploitation tool delivered via SEO poisoning
IBM X-Force researchers discovered a new malware variant from the threat group known as Gootloader. This new addition bolsters their evasion techniques and leverages SEO poisoning, effectively promoting their malicious sites to the top of search engine results to distribute malicious documents and files. To enhance the visibility of the attack, we applied the Cyber Kill Chain to grasp the main key takeaways.
Industries impacted: Financials, Information Technology
- AsyncRAT Campaign Distributed Through a Malicious HTML File
- Exploitation of Atlassian Confluence CVE-2023-22518
- Jupyter Infostealer Variants Leveraging Modified PowerShell Commands and Fake Digital Signatures
- Identified New MacOS Malware Strain Attributed to BlueNoroff
- Threat Actor Farnetwork Linked to Five Different Ransomware-as-a-Service (RaaS) Programs
- New Infostealer Predator AI Leverages ChatGPT to Target Cloud Platforms
- LinkedIn Latest Dataset Leak on the Underground
Telecom and IT Companies Push to Decrease Cyber Security Controls Under EU’s Cyber Resilience Act
Industries impacted: Communication Services, Information Technology
EU policymakers are nearing a consensus on the Cyber Resilience Act, contemplating targeted obligations for open source software stewards and mandating a minimum five-year support period for manufacturers to provide security updates. Some EU-based Telecom and IT companies are advocating to decrease cyber security controls under this proposal as they say the Act could disrupt supply chains and harm competitiveness.
Industries impacted: Energy, Materials
- Germany Releases AI Action Plan to Bolster Made in Germany AI
- China Strengthens Regulation on Rare Earth Exports and Key Commodity Imports to Bolster Economic Security
Upcoming events where we will be in attendance:
- 14-16 November – cyberevolution, Frankfurt
CEO Marco Riccardi, VP Threat Advisory Jörg Schauff, and CRO Christof Jaritz will attend. If you are planning to go and would like to discuss your threat intelligence needs with them, please reach out to them via their LinkedIn accounts.
- 23 November – CISO:27001, Milano
If you are a Milan-based CISO, IT Security Manager, or Cybersecurity student don’t miss the year’s final CISO:27001 Panel interattivi. Organized by Digital Club / Cyber, AIPSA, and Leroy Merlin, with QuoIntelligence as an event partner, join us for an exciting day of interactive sessions, simulations and networking. Full details and registration here.
- Decoding Disinformation: The Spanish Election Information Operation Targeting Russian-Speakers
Disinformation campaigns to attempt to disrupt or influence European elections continue. A recent example in Spain shows how they can be structured to target niche groups.
- EU Digital Operational Resilience Act: Tougher Cybersecurity Requirements for Financial Institutions & Their Implications
Our latest blog provides a clear analysis of DORA and guides you on how to go about achieving compliance.
The EU Digital Operational Resilience Act (DORA) is a major piece of cybersecurity legislation for financial institutions. The act establishes a framework for every service provider and their suppliers to follow to maintain operational resilience.
Interested in becoming a premium customer? Let’s talk