QuoIntelligence’s Weekly Intelligence Snapshot for the week of 1 – 7 February 2024 is now available! Find a summary here and subscribe to our mailing list below if you want to receive regular updates from us!
Want to read the full story? Subscribe to our newsletter to access the complete Weekly Intelligence Snapshot. Don’t miss out on more intelligence!
Cyber Highlights
Current Threat
AnyDesk Cyberattack Forced the Company to Revoke Security-Related Certificates and Reset Customer Portal Passwords
During a security audit, AnyDesk discovered a breach in its production systems. Although AnyDesk has not provided details on the potential data theft or the initial attack vector, reports indicate that threat actors managed to steal source code and code signing certificates. Further analysis of previous software versions showed significant alterations in the code signing certificates. In response, AnyDesk revoked the compromised certificates, repaired or replaced affected systems, and assured the platform’s security. The company also confirmed that the incident did not impact end-user devices.
Rollups
Industry impacted: Communication Services, Energy, Government, Industrials, Information Technology
- Novel Variant of the FritzFrog Botnet Exploits Log4Shell and PwnKit Vulnerabilities
- Unknown Nation-State Actor Compromises Cloudflare With Stolen Credentials From Previous Okta Breach
- Researchers Find New Variant Of Mispadu Banking Trojan Exploiting Windows SmartScreen Flaw
- Alleged Chinese-Sponsored Spionage Campaing Using COATHANGER Malware on Dutch Military
- CISA Warns Chinese State-Sponsored Actors Compromise And Maintain Persistent Access To US Critical Infrastructure
Geopolitical Highlights
Governments Take Measures Against Commercial Spyware While New Report Reveals They Are Behind Half of Zero-Day in Google and Android Products
QuoIntelligence analyzes the latest initiative against commercial spyware as researchers reveals they account for half of the zero-day exploits for Google and Android products.
Rollups
Industry impacted: Energy
- Hong Kong-Based Company Falls Victim of a EUR 24 Million Deepfake-Enabled Fraud
- EU Reaches Agreement on ESG Rating Proposal Amid Rising Scrutiny Over Corporate Sustainability
- EU Council and Parliament Reach Agreement on the Net-Zero Industry Act
- Iran Expands Cyber Offensive to Undermine Israeli Security
Outlook
- 13 February – Silicon Valley Cyber Security Summit
- 15 February – FutureCon Detroit Cybersecurity Conference
- 16 February – Munich Security Conference
Interested in becoming a premium customer? Let’s talk
