QuoScient’s Weekly Intelligence Bulletin for the week of 13 June – 20 June 2019 is now available! Please contact our sales team at sales@quoscient.io to subscribe today.
Find a summary below.
CYBER
Current Threat
Industry Impacted: ANY
Since our initial discovery and supplemental reporting of the attack campaign leveraging the latest RCE vulnerability in Exim, we are continuing to observe server infections, but at a drastically reduced frequency. Our continued analysis into the infection activity provides a better picture into the victimology thus far, which we highlighted in an Intelligence Brief we distributed on 19 June to customers, partners, and national CERTs.
Vulnerabilities
Industry Impacted: ANY
Researchers at KnownSec 404 Team discovered a zero-day remote code execution vulnerability in WebLogic Server, which is also under active exploitation. Successful exploitation could allow an unauthenticated attacker with network access to compromise the Oracle WebLogic Server. Oracle released an out-of-band security fix to address the issue.
GEOPOLITICS
The New York Times, citing anonymous government officials, reported that the US is increasing cyberattacks on Russia’s electricity grid as both a warning to Russia and to showcase how the US is using newly granted authorities to engage in more aggressive cyberoperations.
OUTLOOK
24 June – SANS ICS Europe 2019 Summit in Munich
25 June – Meeting of the OPEC Conference in Vienna, Austria
26 June – NATO Meeting of Defence Ministers in Brussels, Belgium
28 June – G20 Summit in Japan