Resources

This week, we report on an old acquaintance striking with a new Unified Extensible Firmware Interface (UEFI) rootkit dubbed MoonBounce. Attributed to China-linked cyber espionage group APT41 (also known as Winnti), the campaign’s objective, amongst other things, is to steal sensitive intellectual property and personally identifiable information. Besides, we give an update on the ongoing diplomatic efforts to help de-escalation between Ukraine and Russia

This week, we look at the recent attack on Ukrainian government websites, which further stoked already escalating tensions between Ukraine and Russia. Russia’s use of hybrid tactics has played a large part in the current conflict with Ukraine and is likely to continue. Besides, read about read about the Lazarus subgroup dubbed BlueNoroff, which targets small and medium-sized companies to steal crypto assets.

This week, we cover Patch Tuesday. Microsoft addresses six zero-days and a wormable vulnerability, and Adobe and SAP address critical security flaws in multiple products. Additionally, read about the protests in Kazakhstan and their implications for organizations.

The first edition of our Weekly Intelligence Summary of 2022 is here. It highlights Konni, a new variant of malware used in spear-phishing campaigns attributed to the North Korea-linked APT targeting Russian diplomats.

For this year’s last edition of the Weekly Intelligence Summary, we prepared an outlook for 2022 looking at ransomware trends, the cybercrime threat to digital assets and geopolitical tensions reflected in cyberspace.

This week, we continue reporting on Log4j with an update on the critical vulnerabilities and exploitation activity from various threat actors, including the infamous Conti ransomware group. Besides, China reportedly threatens to restrict access to its market to multinationals producing in Lithuania like the German manufacturer Continental.

This week, read about Microsoft Patch Tuesday incl. an actively exploiting “spoofing” vulnerability and Log4Shells, a remote code execution Zero Day vulnerability in Apache. Besides, governments push for more green policies amid a widespread energy crisis.

This week, we observed various ransomware activities, e.g., affiliate programs targeting critical infrastructure, ransomware campaigns, and more law enforcement disruption. Also, read about diplomatic tensions between France and the UK over migration, trade fishing, and Northern Ireland.