Weekly Intelligence Bulletin – Week 18

3. May 19

QuoScient’s Weekly Intelligence Bulletin for the week of 25 April – 2 May 2019 is now available! Please contact our sales team at sales@quoscient.io to subscribe today.

Find a summary below.

CYBER

Current Threat Industry Impacted: ANY, Information Technology

Oracle released an out-of-band patch to address the remote code execution vulnerability in Oracle WebLogic server, currently being exploited in the wild.

Reported Incidents Industry Impacted: Information Technology

Germany-based internet infrastructure firm CITYCOMP confirmed they were victims of a targeted cyberattack in April which evolved into a failed extortion attempt. As a result of not receiving payment, attackers publicized stolen CITYCOMP client documents.

On 30 April, DFN-CERT alerted of a new phishing domain targeting a German university, Goethe University Frankfurt am Main, potentially attributed to the suspected Iran-linked Silent Librarian threat actor. Further analysis of the attack IOCs indicates a potential upcoming or ongoing phishing attack against the University of Cambridge.

 

GEOPOLITICS

The Chinese and US governments are reportedly nearing a trade deal to end the trade war and the related increase in tariffs. However, President Trump is reportedly willing to desist from demanding that China combats commercial cyber theft and that Beijing loosens its ban on foreign companies from moving Chinese customer data abroad.

 

OUTLOOK

03 May – Meet QuoScient’s CEO Fabien Dombard at THOTCON in Chicago, USA

06 May – Meet QuoScient’s Lamin Ceesay and Gerhard Beeker at ISH Conference in Munich

06 May – Beginning of Ramadan 2019

08 May – South Africa General Elections

09 May – QuoScient’s Head of Intelligence to attend EU ATT&CK Community’s workshop in Brussels, Belgium