QuoScient’s Weekly Intelligence Bulletin for the week of 28 June – 5 July 2018 is now available for download in the Media Center! Find below a summary.
CYBER
Reported Incidents Barcelona-based software as a service company Typeform notified customers of a data breach after an unknown threat actor downloaded an unencrypted backup file containing sensitive information relating to various customers.
Current Threats A newly discovered attack vector is exploited in the wild by an unknown threat actor. In this attack, the adversary is embedding a specially crafted settings file into a Microsoft Office document, which tricks a user into executing malicious code without alerting or warning the user.
Necurs is a botnet malware known since around 2012 and continues to evolve its methods for tricking victims and circumventing defence countermeasures.
Cyber Threat Actor Activity QuoINT has detected a new Cobalt attack wave spoofing the European Banking Federation. This is the third attack wave executed by Cobalt observed in the last 30 days, following the spear-phishing campaigns that spoofed the European Central Bank, and Diebold Nixdorf. These attacks targeted multiple institutions mainly located in Russia and Europe.
CRYPTOCURRENCY
Switzerland and Bermuda are changing legislation to become an attractive destination for cryptocurrency companies by providing these companies with easier access to conventional banking services.
A group of European banks completed the first live international financial trades using the we.trade blockchain. Although this can make transactions faster and cheaper, blockchains are attractive targets for cyberattackers.
Trezor, a multi-cryptocurrency wallet services, confirmed phishing attempts against its users, likely through DNS poisoning or BGP hijacking.
GEOPOLITICS
China’s stock market fell ahead of the U.S.’ implementation of tariffs on Chinese imports, expected on July 6. European stock markets however recovered after last week’s decline, as the German government stabilized after a disagreement over migration policy.
The U.S. House Foreign Affairs Committee approved the Cyber Deterrence and Response Act of 2018 which will enable the U.S. government to sanction foreign individuals and their governments if they are involved in state-sponsored cyberattacks against the U.S.
OUTLOOK
Microsoft and third party security patches are released on patch Tuesday, the second Tuesday of each month.
The 2018 NATO summit will take place in Brussels. Tensions between member states have worsened ahead of the summit, as President Trump urged other states to increase their spending on defense.
President Trump will visit the U.K. to meet Prime Minister May and Queen Elizabeth.