Weekly Intelligence Bulletin – Week 32

9. August 19

QuoINT Weekly Bulletin Week 32

QuoScient’s Weekly Intelligence Bulletin for the week of 01 July – 08 August 2019 is now available! Please contact our sales team at sales@quoscient.io to subscribe today.

 

Find a summary below.

 

CYBER

 

Current Threat Industry Impacted: ANY, Utilities

 

Between 19 July and 25 July, researchers at ProofPoint identified spear phishing emails impersonating a US-based engineering licensing board targeting at least three organizations in the US utilities sector. The emails contained a Word document with malicious  VBA macros, and when opened, the user ultimately downloads the LookBack malware.

CERT Bund highlighted a new spam campaign targeting Germany, which distributes the data-wiping ransomware dubbed GermanWiper. The email fakes as a job applicant submitting a resume, with an archive attachment containing two fake PDF files. Attempting to open either file will result in the download and execution of GermanWiper.

 

GEOPOLITICS

 

North Korea launched at least four short-range ballistic missiles over the previous weeks, which Leader Kim Jong Un said was a ”warning” to the US and South Korea ahead of their upcoming joint military exercises. To be able to fund their weapon program in spite of their dire economic situation, North Korea reportedly conducts cyberattacks to generate income.

Relations between the US and Venezuela further deteriorated after President Trump announced a freeze on all assets held by Venezuela in the US. Coinciding with these trade restrictions, an ongoing cyberespionage campaign is reportedly targeting Venezuela.

 

OUTLOOK

 

11 August – US and South Korea to Hold Joint Military Exercises