<div><p>QuoIntelligence’s Weekly Intelligence Snapshot for the week of <strong>8 – 14 June 2023 </strong>is now available! Find a summary here and subscribe to our mailing list below if you want to receive regular updates from us!</p>
Want to read the full story? Subscribe to our newsletter to access the complete Weekly Intelligence Snapshot. Don’t miss out on more intelligence!
UNC3886: The Chinese State-Sponsored Group Exploited VMware ESXi Zero-day to Backdoor Windows and Linux Systems
Industries impacted: Communication Services, Government, Information Technology
Chinese cyber espionage group, UNC3886, has been deploying a novel malware on systems that traditionally do not support Endpoint Detection and Response (EDR) solutions such as network appliances, SAN arrays, and VMware ESXi hosts. The group primarily targets defense, technology, and telecommunication organizations located in the US and APAC regions. The attack campaign has been ongoing since late 2022 and has shown the group’s extensive capabilities and understanding of the underlying technology of the targeted appliances. UNC3886 has been adept at avoiding detection by EDR solutions through various techniques, including credential harvesting, exploiting vulnerabilities, deploying backdoors, and tampering with logging services on the impacted systems.
Microsoft June Patch Tuesday Addresses 78 Flaws, 0 Zero-Day Vulnerabilities
Microsoft released its monthly Patch Tuesday security update, which includes fixes for 78 flaws, none of which are zero-days. Impacted products include Microsoft Windows, Microsoft Exchange Server, and Microsoft SharePoint. Other vendors who have also released important security updates this Patch Tuesday include Google, Fortinet, VMware, and MOVEit.
Industries impacted: Financials, Government, Information Technology
New ENISA Supply Chain Cybersecurity Guidance Stresses Collaboration, Information Sharing, and Effective Policies
Launch Of Google’s New “.Zip” TLDs Leads to Possible Information Leaks
A New Golang-Based InfoStealer Dubbed Skuld Exploiting Windows Systems Worldwide
Cadet Blizzard: A Novel Russian State-Sponsored Threat Actor That Conducts Focused Destructive Attacks and Espionage Operations
Newly Discovered Pikabot Distributed Through QakBot
Pro-Russia Hacktivist Threatens Massive Attacks Against Global Banking System
Germany Releases Its First National Security Strategy
Industries impacted: Energy, Government, Information Technology
QuoIntelligence analyzes Germany’s first ever national security strategy, outlining its perception of the current threat landscape and the country’s posture to address security challenges.
Industries impacted: Consumer Discretionary, Consumer Staples, Financials, Government
US – China Tensions: Cuba to Reportedly Host Chinese Base
Green Activist Increases: Deutsche Bank, JP Morgan Faces Pro-Climate Protests Against Investment Policies
EU General Product Safety Regulation Enters into Force to Enhance Safety Regardless of Origin
France Discovers Russian Disinformation Campaign Involving Russian Threat Actors
20 June – Planet Cyber Sec Conference
23 June – SANS Ransomware Summit 2023
20 Giugno – “Italia sotto attacco: come e perché usare la Threat Intelligence per distinguere le minacce reali dal clamore mediatico” (Nota: questo webinar sarà condotto in italiano)
SAVE THE DATE! Partecipa a questa sessione dal vivo e alla discussione aperta con Marco Riccardi e Sharon De Cet. Vi aggiorneranno sull’attuale panorama delle minacce per le organizzazioni italiane per rimanere informati sugli ultimi trend della cybersecurity, risponderanno alle vostre domande, scambieranno punti di vista e molto altro ancora. Iscriviti qui.
(Sent to PREMIUM Customers only)
26 May – Intel Assessment: AI: Risks and Challenges in Cyberspace and the Geopolitical Landscape
An in-depth evaluation of the reality of the threats the use of generative AI tools by threat actors pose. It also seeks to identify privacy and regulatory risks for businesses using such tools.
1 post – 1 participant