QuoScient’s Weekly Intelligence Bulletin for the week of 01 July – 08 August 2019 is now available! Please contact our sales team at firstname.lastname@example.org to subscribe today.
Find a summary below.
Current Threat Industry Impacted: ANY, Utilities
Between 19 July and 25 July, researchers at ProofPoint identified spear phishing emails impersonating a US-based engineering licensing board targeting at least three organizations in the US utilities sector. The emails contained a Word document with malicious VBA macros, and when opened, the user ultimately downloads the LookBack malware.
CERT Bund highlighted a new spam campaign targeting Germany, which distributes the data-wiping ransomware dubbed GermanWiper. The email fakes as a job applicant submitting a resume, with an archive attachment containing two fake PDF files. Attempting to open either file will result in the download and execution of GermanWiper.
North Korea launched at least four short-range ballistic missiles over the previous weeks, which Leader Kim Jong Un said was a ”warning” to the US and South Korea ahead of their upcoming joint military exercises. To be able to fund their weapon program in spite of their dire economic situation, North Korea reportedly conducts cyberattacks to generate income.
Relations between the US and Venezuela further deteriorated after President Trump announced a freeze on all assets held by Venezuela in the US. Coinciding with these trade restrictions, an ongoing cyberespionage campaign is reportedly targeting Venezuela.
11 August – US and South Korea to Hold Joint Military Exercises