Weekly Intelligence Bulletin – Week 25

21. June 19

QuoScient’s Weekly Intelligence Bulletin for the week of 13 June – 20 June 2019 is now available! Please contact our sales team at sales@quoscient.io to subscribe today.

Find a summary below.

 

CYBER

Current Threat

Industry Impacted: ANY

Since our initial discovery and supplemental reporting of the attack campaign leveraging the latest RCE vulnerability in Exim, we are continuing to observe server infections, but at a drastically reduced frequency. Our continued analysis into the infection activity provides a better picture into the victimology thus far, which we highlighted in an Intelligence Brief we distributed on 19 June to customers, partners, and national CERTs.

 

Vulnerabilities

Industry Impacted: ANY

Researchers at KnownSec 404 Team discovered a zero-day remote code execution vulnerability in WebLogic Server, which is also under active exploitation. Successful exploitation could allow an unauthenticated attacker with network access to compromise the Oracle WebLogic Server. Oracle released an out-of-band security fix to address the issue.

 

GEOPOLITICS

The New York Times, citing anonymous government officials, reported that the US is increasing cyberattacks on Russia’s electricity grid as both a warning to Russia and to showcase how the US is using newly granted authorities to engage in more aggressive cyberoperations.

 

OUTLOOK

24 June – SANS ICS Europe 2019 Summit in Munich

25 June – Meeting of the OPEC Conference in Vienna, Austria

26 June – NATO Meeting of Defence Ministers in Brussels, Belgium

28 June – G20 Summit in Japan