QuoScient’s Weekly Intelligence Bulletin for the week of 30 August – 06 September 2018 is now available for download in the Media Center! Find below a summary.
Vulnerabilities Cisco released an advisory that addresses 32 vulnerabilities existing in multiple products including, Cisco Routers, Cisco Webex, and Cisco Umbrella. Of the vulnerabilities, three are rated Critical. Besides the exploitation activity of the recently patched Apache Struts, there is no known exploitation activity in the wild for the other vulnerabilities.
Current Threats A malicious email campaign delivering the GranCrab ransomware is being distributed to various companies as originating from a job seeker. According to further research, the ransomware campaign began on 24 August and is primarily targeting Germany.
Researchers discovered a new banking Trojan named CamuBot targeting major Brazilian banks. Attackers use social engineering techniques to contact customers via phone call and convince them in downloading and installing the malware. The malware can intercept one-time generated passwords used by the banks’ authentication system.
Cyber Threat Actor Activity On Tuesday, 4 September, QuoINT detected a new Cobalt spear-phishing attack imitating the Austria headquartered bank “Raiffeisen”. At this time, the malware delivered by the current campaign has a high detection rate among AV vendors.
The crypto asset’s Total Market Capitalization lost more than 9% of its value. The drop might be related to Goldman Sachs halting its plans to open a cryptocurrency trading desk, citing uncertain regulations.
The Venezuelan bolivar has begun rapidly depreciating in value since 2013, resulting in extreme hyperinflation. Due to this hyperinflation, as well as the Government established capital controls, many Venezuelans are converting their bolivares to cryptocurrency. In 2017, the Venezuelan government showed interest in becoming involved in the cryptocurrency market by announcing it would issue the Petro. However, economists do not believe the introduction of Petro will fully combat Venezuela’s economic crisis.
British authorities charged two Russian men with using a novichok nerve agent to poison former KGB spy Sergei Skripal and his daughter. The two men allegedly left the U.K. for Moscow shortly after Skripal fell ill. This new allegation will most likely continue to worsen relations between Russia and the U.K.
Social media platforms, such as Linkedin, are actively used by intelligence services and other organisations to acquire information. The use of social media platforms enable espionage and reconnaissance operations.
9 September – Swedish General Election
9 September – North Korea Day of the Foundation of the Republic
11 September – Patch Tuesday