Weekly Intelligence Bulletin – Week 13

1. April 19

QuoScient’s Weekly Intelligence Bulletin for the week of 21 March – 28 March 2019 is now available! Please contact our sales team at sales@quoscient.io to subscribe today.

Find a summary below.


Current Threat Industry Impacted: ANY, Information Technology
Researchers discovered a recent supply chain attack that leveraged ASUS Live Update software to
compromise potentially well over the 70,000 confirmed affected ASUS users with a malicious backdoor.

Vulnerabilities Industry Impacted: ANY, Information Technology
Trustwave released a security advisory with details on Remote Code Execution (RCE) vulnerabilities
found in multiple Grandstream devices.
The Mozilla Foundation released a security update addressing two critical vulnerabilities in its
Thunderbird open-source email client.

Threat Actor Activity Industry Impacted: Financials
In the last seven days, QuoINT observed continued activity from the e-crime threat actor Empire-
Monkey. The latest spear phishing campaign impersonates Belize Bank, the largest bank in Belize, which suggests this campaign focuses on targeting different financial institutions primarily operating in Latin America. This new campaign varies from the earlier campaigns we have observed since October 2018, as the actor targeted the financial sector primarily operating in Europe.

President Xi, President Macron, Chancellor Merkel, and EU Commission President Juncker met to discuss multilateralism and cooperation between China and the EU. The European Commission released its recommendations on the security of 5G networks.
Special Counsel Mueller did not find that President Trump or any of his campaign associates
colluded with Russia to meddle in the 2016 US elections.