Weekly Intelligence Snapshot – Week 26
After Kaspersky ICS CERT published their findings of an active shadowPad infection, QuoIntelligence analyzed the activity further in our report. Additionally, we assess the importance of the latest 2022 NATO summit in times of war.
Weekly Intelligence Snapshot – Week 25
Quointelligence is analyzing the use of Follina vulnerability in the campaign targeting entities in Ukraine reported by the CERT-UA, allegedly associated with the APT28 cluster
Weekly Intelligence Snapshot – Week 24
We analyzed the encryption software samples used in HelloXD’s Ransomware operation and provide an update of the latest legislation regarding US and EU cybersecurity controls.
Weekly Intelligence Snapshot – Week 23
This week we provide analysis into IndustrialSpy and their encryption software, which they recently leveraged in cyber operations.
Weekly Intelligence Snapshot – Week 22
Quointelligence reported on the Gamaredon group activity characterized by the use of SFX archives to deliver #malware. In this weekly, we continue to cover developments of related activity, which enabled us to map the infrastructure used and establish a pattern of behavior.
Weekly Intelligence Snapshot – Week 21
Quointelligence reported on the Gamaredon group activity characterized by the use of SFX archives to deliver #malware. In this weekly, we continue to cover developments of related activity, which enabled us to map the infrastructure used and establish a pattern of behavior.
Weekly Intelligence Snapshot – Week 20
In this Weekly we report on how a threat actor, possibly Russian, is targeting users in Germany by using information on the war in Ukraine as a lure. We also look at how international co-operation on cybersecurity is increasing as a result of the Ukraine conflict. Meanwhile, the increasing isolation of Russia through international sanctions could impact the global IT threat landscape, with emphasis on semiconductors and products using them.
Weekly Intelligence Snapshot – Week 19
In this weekly we investigate the emerging threat of NodePacketManager (NPM) becoming an attack vector for supply chains and the rising trend of extortion groups targeting companies without using ransomware. In terms of the war in Ukraine, we have escalated our cyber threat level from MEDIUM to HIGH due to extremely targeted hacktivist activity against entities operating in NATO countries.
Weekly Intelligence Snapshot – Week 18
QuoIntelligence is tracking a campaign where the threat actors are using the remote template injection to deliver an espionage implant targeting Russian entities. Researchers allege that the campaign in question is attributed to Chinese nation-state actors. We continue our Ukraine war Geopolitics and Cyber coverage. Since organizations increased their monitoring of Russian APTs, other threat actors are likely to leverage the void and increase their activities, as we have observed with Chinese-sponsored threat actors over the last weeks.
Weekly Intelligence Snapshot – Week 17
This week we cover our observations of #Emotet development, including differences in #TTPs observed in recent samples. We also cover #Lazarus activity reported by AhnLab targeting the #defense and #chemical sectors. We are tracking this activity for awareness and early defense and prevention before proliferation of campaigns to European entities. Additionally, as the #war in #Ukraine continues into its third month, we cover the latest #geopolitical developments.
