Weekly Intelligence Bulletin – Week 26

2. July 18

QuoScient Weekly Intelligence Bulletin summary for the week of 21 June – 28 June 2018 is now available for download in the Media Center! Find below a summary.

CYBER

Current Threats: A researcher published a successful modification of the previously leaked U.S. National Security Agency (NSA) exploit called DoublePulsar, which is now able to work on Windows Embedded systems.

Deutsche Telekom reported a large increase of attacks targeting its critical infrastructure. This comes after the German Information Security officer warned the energy sector about an increase in attacks.

An improved version of Ursnif banking Trojan that leverages the Necurs botnet infrastructure is targeting Italian companies.

Cyber Threat Actor Activity: RANCOR is a newly identified cyber espionage threat actor group, which is known to be active since at least 2017 and reportedly responsible for conducting a series of targeted attacks against political entities in Southeast Asia.

According to security researchers, the cyber espionage actor Tick group weaponized presumably secure USB drives with custom malware to target air gapped systems.

CRYPTOCURRENCY

Cryptocurrency prices continued falling in the previous week. Probable causes for this decline might be the insecurity among investors, Jack Ma of Alibaba calling Bitcoin a “bubble” and an investigation by the U.S. Department of Justice into the use of cryptocurrencies by darknet vendors.

Researchers revealed ICOs have an average of five vulnerabilities. Considering the increasing market for ICOs, as well as their susceptibility to attacks, ICO creators should view adequate security as a top priority.

GEOPOLITICS

Researchers warned of cyberattacks targeting the Mexican election taking place on July 1.

OUTLOOK

Mexico will hold presidential elections, with Obrador of the Moreno Party leading in recent polls.