Weekly Report 6 January 2025

Meridian Group’s Cyber Intelligence Weekly Update

Our new Cyber Intelligence Weekly Report covers various highlights of the past week. The principal events:

  • Russia turns off the taps, end of gas exports via Ukraine: Russia has stopped gas exports via Ukraine, marking the end of an era for the European energy market. The EU, thanks to energy diversification, will not be seriously affected, but Ukraine and Gazprom face significant economic losses.
  • Iran and Europe seek nuclear deal: nuclear talks between Iran and European nations are expected to resume in Geneva on 13 January. Iran is accelerating uranium enrichment, increasing diplomatic tensions and endangering regional stability.
  • US government launches investigation into China’s impending dominance of the semiconductor market: The US investigates Chinese dominance in semiconductors, criticising subsidies that undermine global competition and create technological dependence. The investigation aims to protect national security and critical infrastructure.
  • US sanctions against Iranian and Russian entities for election interference with AI and cyber tactics: The US sanctioned Iranian and Russian entities for election interference in 2024 using disinformation and AI. Targeted actions have exacerbated socio-political tensions and undermined democratic processes.
  • New North Korean Ottercookie malware: North Korea uses the Ottercookie malware to target global companies through fake job offers. This tool steals sensitive data, including cryptocurrency keys, by exploiting social engineering techniques.
  • A new two-stage phishing strategy targets Microsoft Visio and SharePoint files: A sophisticated phishing campaign uses Visio and SharePoint files to steal credentials. The attacks trick victims by redirecting them to fake Microsoft 365 portals, bypassing traditional security controls.
  • DoubleClickjacking, the new threat that circumvents clickjacking defences: The DoubleClickjacking attack tricks users into clicking twice on legitimate sites, authorising sensitive actions. This technique circumvents existing defences against clickjacking, increasing the risk of online fraud.


To view the full report: CLICK HERE

(Report also available in ENGLISH)

Share this post to help spread computer security awareness!

Condividi il post su: