Prepare Today Against Tomorrow’s Cyber Threats
QuoIntelligence equips you against relevant threats and enables your organization to prepare and respond to them.
We have got you covered!
Book additional services or request ad-hoc support to fully cover all your cybersecurity needs at any time.
Intel Report on Demand
Request ad-hoc reports ranging from technical malware reversing and analysis to strategic intelligence forecasting.
Intel Analyst on Demand
Our Intelligence Analysts support your cyber defense center whenever special expertise or additional staff is needed.
We assess your Threat Intelligence maturity level and recommend a customized growth path forward.
We support the take-down process of unauthorized domain names, or removal of sensitive web content abusing your brand.
We execute intelligence-driven table-top exercises that simulate credible attacks from threat actors with you to ensure your readiness in case of emergency.
Custom Intel Reporting
Hyper-customize the weekly intelligence reports you receive from us to the needs and looks of your organization.
Mentoring & Coaching
From C-Level to Analysts, we mentor and coach your organization in running daily operations based on threat-driven methodology.
Tabletop exercises are roleplay activities that test the effectiveness of your Key Operational Processes against cyber threats your company can face. They help in exploring the answer to questions like What would we do if a ransomware attacks us? and highlight any gap in the Incident Response procedure.
Leaders in the payment industry in Europe
Members of the Central Banking system in Europe
Companies in the German DAX30
Government bodies working in National Security
National leader cross-sector information sharing community in Europe
Significant Banks in Europe supervised by the ECB and BAFIN
Main stakeholders in the international monetary policy-making
Most active Law Enforcement Agency on international e-crime cases
How our Clients use our Intelligence service on a daily basis
CISOs and CIOs work with our Intelligence Estimates to plan their yearly budget for security controls and services.
Risk Managers use our forecasts, likelihood scores, and assessments to better evaluate risks targeting their organization.
SOC teams and their SIEM/TIPs leverage our high-reliable indicators of compromise (IoCs) to detect new threats within their network.
Respond Regulatory Enquires
We provide our clients with Intelligence reports that support them to answer inquiries coming from industry regulators. Additionally, they suggest the best course of action.
Drive SIEM use-case definition
Our Intelligence catalogs contain detailed information on Threat Actors, Malware Kits, and e-Crime service providers each one mapped with MITRE ATT&CK Techniques. Therefore, we support the definition of SIEM use cases aiming at covering the most likely threats.
Threat Hunting Activities
The Techniques, Tactics, and Procedures (TTPs) documented in our Intelligence catalogs are used to drive Threat Hunting exercises. Our experienced analysts support the brain-storming activity preluding the Threat Hunting exercise, and more.
Red Team Exercises (TIBER)
We support your TIBER-Exercise. Our Threat Actor Assessments drive your Red Team exercises. No matter if TIBER-EU, TIBER-DE, TIBER-NL, TIBER-FI, or TIBER-BE.
Risk Reduction and Mitigation
The recommended course of actions described in our Threat Assessments and Estimates reduce the Residual Risk of public organizations and enterprises worldwide.
Our Intelligence Bulletins promptly warn you about current or imminent exploitation activity against 0-days/n-days vulnerabilities. Our clients use them to prioritize and expedite patching activities within their organization.
Threat Intelligence Analysis
Our Intelligence reports support the mission of Cyber Threat Intelligence and Physical Security teams while responding to Request For Information (RFI) calls. Additionally, they can access all our Intelligence catalogs and entire knowledge base within Mercury.
Our Country Risk Profiles support our clients’ employees when traveling in countries with a high risk of espionage and surveillance. Clients can apply our recommended Course of Action (CoA) to reduce the risk of their employees being surveilled or implanted while visiting such countries.
Policymakers working in national digitalization programs or regulatory institutions are using our Intelligence Estimates to define and sharpen policies. Our services support them to keep their citizens safe and have control over their entities.
This week we cover our observations of #Emotet development, including differences in #TTPs observed in recent samples. We also cover #Lazarus activity reported by AhnLab targeting the #defense and #chemical sectors. We are tracking this activity for awareness and early defense and prevention before proliferation of campaigns to European entities. Additionally, as the #war in #Ukraine continues into its third month, we cover the latest #geopolitical developments.
This week, the QuoIntelligence research team observed a campaign of the Gamaredon group, where SFX archives are used to deliver a VNC utility and decoy document. This new wave started around the second week of April and it is likely still ongoing. This activity of the Gamaredon group, which is a threat group extensively linked to operations of Russian intelligence and intrusions against targets in Ukraine, is in line with the ongoing invasion in Ukraine as well as the response from the EU and NATO countries.
This week, QuoIntelligence reveals our internal investigation findings about an ongoing phishing campaign delivering the banking trojan known as Gozi (aka Ursnif), which is targeting retail, telecom, and other organizations in Italy. We also continue our coverage on the war in Ukraine, including the discovery and disruption of Industroyer2.