Weekly Intelligence Snapshot – Week 46
Pro-Russia hacktivist group From Russia With Love has been deploying Somnia Ransomware in Ukraine since spring 2022. But the #Malware
Beatriz Moya
November 17, 2022
Explore our comprehensive archive organized by taxonomy. Discover a wealth of information categorized by subject, theme, or type to enhance your research and understanding.
Pro-Russia hacktivist group From Russia With Love has been deploying Somnia Ransomware in Ukraine since spring 2022. But the #Malware
In our latest Weekly #Intelligence Summary: ASEC Analysis Team has seen LockBit 3.0 Ransomware deployed through Amadey Bot, an Infostealer
Microsoft reports the RaspberryRobin worm is now part of a malware ecosystem and one of the largest active malware distribution
The US publishes its new #NationalSecurity Strategy focussed on China and Russia and emphasizing the key role of the Indo-Pacific
This week the Microsoft Threat Intelligence Center reports on ransomware, “Prestige”, which targets transportation and logistics sectors in Poland and
A CISA advisory reveals vulnerabilities exploited by China-sponsored groups. PatchTuesday: Microsoft fixes 84 #vulnerabilities (inc two 0-day).
This week, we analyze new espionage-driven campaigns related to the Lazarus/ZINC activity cluster.
We are closely following increased geopolitical tensions after the potential sabotage attacks to Nordstream pipelines in the Baltic sea.
Malware analyst 3xp0rt has uploaded a Lockbit 3 ransomware builder, allowing anyone to build executables for their own operation.
This week we report Emotet is still active. The DFIR Report describes an incident in May 2022 which began with
Try searching our blog
The Gentlemen Accelerates Ransomware Operations Through Scalable Affiliate Model | Russia Threatens European Drone Producers, Publishes Addresses Online
Famous Chollima Abused npm Dependency Chaining to Deliver OtterCookie and Install SSH Backdoors | Italian National Cybersecurity Agency Publishes Resolution on NIS2 Directive Compliance
Anthropic’s Mythos Preview can reportedly discover and exploit software vulnerabilities autonomously. But the claims remain unverified, and the real challenge is operational: accelerating patch cycles, automating incident response, and preparing for disclosure volumes that manual processes cannot absorb. We assess what organizations need to do now.
Iranian-Linked Threat Actors Target Programmable Logic Controllers Across US Critical Infrastructure | US-Iran Ceasefire Falters Within Hours as Lebanon Death Toll Mounts and Gulf Strikes Continue