Weekly Intelligence Bulletin – Week 30

26. July 19

QuoScient’s Weekly Intelligence Bulletin for the week of 18 July – 25 July 2019 is now available! Please contact our sales team at sales@quoscient.io to subscribe today.

Find a summary below.

 

CYBER

 

Threat Actor Activity

 

Industry Impacted: Financials, Health Care, Industrial, Information Technology, Materials, Telecommunication Services

 

A joint investigation between German public broadcasters highlights how the China-linked threat actor group known as Winnti operates and their victim targeting. Further, the report heavily focuses on the cyber-espionage group’s threat activity against German companies and the investigative procedures used to track and identify the group’s malicious artifacts.

Researchers at Gigamon discovered a previously unreported malware dubbed “BADHATCH” while analyzing recent FIN8 attacks targeting the point-of-sale (POS) networks of the hospitality industry.

 

GEOPOLITICS

 

After tensions between Iran and several western states escalated over the previous weeks, Iran’s reported willingness to negotiate with at least the US administration could potentially deescalate the situation. However, until tensions between Iran, the US and its allies are considerably improved, we are likely to continue observing cyberattacks as well as kinetic agressions that fall under the threshold of armed attacks.