Intelligence summary
- In the spotlight this week is a newly identified threat group named Tortoiseshell, which has reportedly conducted supply-chain cyber attack campaigns against 11 IT providers in Saudi Arabia. The emergence of this previously unidentified group aligns with trends of supply-chain attacks in the past 12 months, carried out by threat groups with varying motives and capabilities.
- Weekly highlights include new malware variants attributed to the North Korea-associated “Lazarus Group”, the re-emergence of the “Emotet” botnet, and Microsoft patching two critical vulnerabilities in Internet Explorer and Windows Defender.