QuoIntelligence’s Weekly Intelligence Snapshot for the week of 30 November – 6 December 2023 is now available! Find a summary here and subscribe to our mailing list below if you want to receive regular updates from us!
Want to read the full story? Subscribe to our newsletter to access the complete Weekly Intelligence Snapshot. Don’t miss out on more intelligence!
Cyber Highlights
Incident
Critical Sierra Router Vulnerabilities Pose Severe Risk for Critical Sectors and OT/IoT Devices
Industries impacted: Energy, Financials, Government, Health Care, Industrials, Materials, Utilities
Researchers at Forescout Vedere Labs identified 21 vulnerabilities impacting Sierra Wireless AirLink cellular routers, one of the most popular OT/IoT routers used to connect critical local networks to the Internet via cellular connections and a SIM card. Additional open-source dependencies used by Sierra’s router such as TinyXML and OpenDNS are impacted, posing serious threats to projects heavily relying on them for their functionalities.
Rollups
Industries impacted: Communication Services, Consumer Discretionary, Government, Industrials, Real Estate
- Threat Actors Use Novel Agent Racoon Backdoor To Target Organizations in the Middle East, Africa, and the US
- DanaBot Stealer: A Multistage MaaS Malware Re-emerges with Reduced Detectability
- AeroBlade on the Hunt Targeting the US Aerospace Industry
- Linux Version of Qilin Ransomware Targets VMware ESXi Servers
- Russia-backed APT Fancy Bear Exploiting Outlook Bug to Hijack Exchange Accounts
- TrickMo’s Banking Trojan Returns With New Features
Geopolitical Highlights
Supply Chain Risks Growing Amid Security Incidents In The Red Sea and Arabian Sea
Industry impacted: Industrials
QuoIntelligence analyzes the threat to global supply chains posed by Houthi rebels in the Red Sea and Arabia Sea.
Rollups
Industries impacted: Financials, Government, Information Technology
- European Semiconductor Initiative Launches Prototyping Facilities to Drive Innovation
- EU Parliament and Council Reach Political Agreement on Cyber Resilience Act
- Recent Clearview AI’s Settlement Highlights Legal Privacy Concerns in AI Models
- Bank of England Will Review the Risks That AI Poses to UK Financial Stability
Finished Intelligence
(Sent to PREMIUM Customers only)
Latest blogs
- Threat Actor Profile: Alpha Team
Is your CMS safe? Find out more about this Italian hacktivist group targeting small-medium Italian IT companies since mid-2023 using extortion schemes to pressure victims into paying and collaborating. The group exploits vulnerable Content Management Systems to exfiltrate data.
Interested in becoming a premium customer? Let’s talk