Weekly Intelligence Bulletin – Week 34

23. August 19

QuoINT Weekly Bulletin SOM W34

QuoScient’s Weekly Intelligence Bulletin for the week of 15 August- 22 August 2019 is now available! Please contact our sales team at sales@quoscient.io to subscribe today.

 

Find a summary below.

 

CYBER

 

 

Reported Incidents Industry Impacted: Financials

 

The European Central Bank announced that attackers breached its Banks’ Integrated Reporting Dictionary (BIRD) website, resulting in the Bank shutting it down. In addition to possibly accessing the contact information of 481 BIRD newsletter subscribers, including email addresses, names, and position titles, the attackers also injected malware onto the external server to ”aid phishing activities”.

 

 

Vulnerabilities Industry Impacted: Information Technology

 

The Webmin Team released a security advisory to address a zero-day remote code execution vulnerability introduced through the malicious modification of source code for multiple versions of Webmin, which effectively created a backdoor.

 

 

Threat Actor Activity Industry Impacted: Financials

 

On 15 August, QuoINT detected a malicious document dropping the CobInt malware, resulting in a Warning being distributed to clients.  At this time, we have intelligence indicating the campaign targeted individuals located in Moldova, however, it is possible the victimology is more widespread.