Weekly Intelligence Summaries

We report on SentinelOne’s findings on LockBit’s latest method which employs the MpCmdRun.exe executable, which is extremely difficult to detect.

This week we cover a spearphishing campaign attributed to Evilnum, which is targeting DeFi platforms in Europe.

QuoIntelligence analyzes the consequences of China’s strategy for critical industries particularly exposed to cyber espionage as well as its effects on geopolitical relations in Asia and Europe’s supply chain security.

QuoIntelligence is tracking activity related to the use of fake job offers and job applications to compromise companies for monetary gain.

QuoIntelligence gathered and processed the different Microsoft product updates in order to provide a clear overview of the different topics with relevant information for corporate environments. Additionally, our weekly provides the context and possible outlook of Russia importing goods, such as semiconductor and other IT products, without Right Holder Permissions.

After Kaspersky ICS CERT published their findings of an active shadowPad infection, QuoIntelligence analyzed the activity further in our report. Additionally, we assess the importance of the latest 2022 NATO summit in times of war.

Quointelligence is analyzing the use of Follina vulnerability in the campaign targeting entities in Ukraine reported by the CERT-UA, allegedly associated with the APT28 cluster

We analyzed the encryption software samples used in HelloXD’s Ransomware operation and provide an update of the latest legislation regarding US and EU cybersecurity controls.

This week we provide analysis into IndustrialSpy and their encryption software, which they recently leveraged in cyber operations.