Meridian Group’s Cyber Intelligence Weekly Update
Our new Cyber Intelligence Weekly Report covers various highlights of the past week.
The principal events:
- Germany sets up task force to counter foreign election interference: Germany strengthens security against cyber attacks and disinformation ahead of early elections in February. The task force comprises local and international experts to monitor and prevent interference, especially from Russia. Threats include DDoS attacks and targeted propaganda campaigns.
- Phishing alert: Fake Carabinieri email to steal sensitive data: A fraudulent email exploits institutional logos to trick victims into revealing sensitive information. Phishing is based on bogus criminal charges and includes malicious attachments to steal personal data. This attack highlights the use of authority symbols to manipulate victims.
- SmokeLoader malware hits Taiwanese companies: A malware campaign targets Taiwanese companies in the manufacturing, healthcare and technology sectors. SmokeLoader exploits vulnerabilities in Microsoft Office to spread and steal sensitive data. The attack uses customised forms to access credentials and manipulate corporate systems.
- Biden administration restricts China’s access to HBM memory critical for artificial intelligence: The US imposes restrictions on HBM memory exports to China to block its technological advances. These memories are essential for AI accelerators and supercomputing, affecting projects such as Nvidia and AMD GPUs. China is developing local alternatives, but with still limited capacity.
- New phishing campaign uses corrupted Word files to steal credentials: Corrupted Word documents are used to bypass security checks and steal sensitive credentials. The emails, disguised as corporate communications, redirect to fake login pages via QR codes. The technique circumvents antivirus software by exploiting vulnerabilities in the handling of corrupted files.
- MATRIX encrypted platform dismantled: European authorities dismantled MATRIX, an encrypted platform used for global crimes. More than 2.3 million messages were decrypted, revealing drug trafficking, arms and money laundering activities. The operation led to seizures and arrests, reducing international criminal operations.
- Arrested Russian hacker linked to LockBit: a breakthrough in cybercrime: Mikhail Matveev, affiliated with the ransomware groups LockBit and Hive, was arrested in Russia. Accused of global attacks and links to organisations such as Evil Corp, he is the focus of international investigations. The US had offered a reward for information leading to his arrest.
To view the full report: CLICK HERE
(Report also available in ENGLISH)
Share this post to help spread computer security awareness!