Weekly Intelligence Bulletin – Week 30

26. July 19

QuoScient’s Weekly Intelligence Bulletin for the week of 18 July – 25 July 2019 is now available! Please contact our sales team at sales@quoscient.io to subscribe today.

Find a summary below.




Threat Actor Activity


Industry Impacted: Financials, Health Care, Industrial, Information Technology, Materials, Telecommunication Services


A joint investigation between German public broadcasters highlights how the China-linked threat actor group known as Winnti operates and their victim targeting. Further, the report heavily focuses on the cyber-espionage group’s threat activity against German companies and the investigative procedures used to track and identify the group’s malicious artifacts.

Researchers at Gigamon discovered a previously unreported malware dubbed “BADHATCH” while analyzing recent FIN8 attacks targeting the point-of-sale (POS) networks of the hospitality industry.




After tensions between Iran and several western states escalated over the previous weeks, Iran’s reported willingness to negotiate with at least the US administration could potentially deescalate the situation. However, until tensions between Iran, the US and its allies are considerably improved, we are likely to continue observing cyberattacks as well as kinetic agressions that fall under the threshold of armed attacks.