Weekly Intelligence Summaries

This week we highlight Telecommunication and business process outsourcing companies hit by SIM swapping operations. In geopolitics, we look at the EU’s recent Cyber Defence Policy to boost its #Cyber defense capabilities and strengthen coordination between military and civilian cyber communities.

China-nexus group uses new Malware families to infect USBs for Espionage.

Our tracking of the Mustang Panda group reveals a different DLL sideloading technique from those seen this year.

Pro-Russia hacktivist group From Russia With Love has been deploying Somnia Ransomware in Ukraine since spring 2022. But the #Malware is actually a Wiper, with no offer to recover the data.

In our latest Weekly #Intelligence Summary: ASEC Analysis Team has seen LockBit 3.0 Ransomware deployed through Amadey Bot, an Infostealer Botnet on sale in underground forums.

Microsoft reports the RaspberryRobin worm is now part of a malware ecosystem and one of the largest active malware distribution platforms (distributing Bumblebee, IceID, Truebot).

The US publishes its new #NationalSecurity Strategy focussed on China and Russia and emphasizing the key role of the Indo-Pacific region.

This week the Microsoft Threat Intelligence Center reports on ransomware, “Prestige”, which targets transportation and logistics sectors in Poland and Ukraine.

A CISA advisory reveals vulnerabilities exploited by China-sponsored groups. PatchTuesday: Microsoft fixes 84 #vulnerabilities (inc two 0-day).