QuoScient’s Weekly Intelligence Bulletin for the week of 5 September – 12 September 2019 is now available! Please contact our sales team at firstname.lastname@example.org to subscribe today.
Find a summary below.
Current Threat Industry Impacted: ANY
In the last week, QuoINT became alerted to new activity involving the Emotet botnet and the public release of a exploit for a recently patched Microsoft vulnerability known as BlueKeep. While these are two separate happenings, BlueKeep could eventually be incorporated in malware such as Trickbot, which already leverages another exploit for conducting wormable attacks and is occasionally distributed by Emotet.
Vulnerabilities Industry Impacted: ANY
Microsoft addressed 79 security patches across 15 products and services in its September Patch Tuesday release. Two ‘important’ elevation of privilege (EoP) vulnerabilities have known exploits in the wild, however, the vendor did not disclose details of the attack activity.
Researchers disclosed a new critical remote code execution vulnerability affecting Exim server from version 4.80 through 4.92.1. Successful exploitation could allow an unauthenticated, remote attacker to execute arbitrary code with root privileges.
Germany’s Federal Ministry of Finance (BMF) and central bank (Bundesbank) announced the creation of TIBER-DE, the German implementation of the European framework for Threat-Intelligence Based Ethical Red Teaming (TIBER-EU). The TIBER framework outlines controlled cyberattacks to test the resilience of financial institutions.
The Chinese government reportedly infiltrated telecommunication providers across Central and Southeast Asia during a wide ranging cyber espionage campaign that targeted diplomats, foreign military personnel, as well as Uighur Muslims.
16 September – UK PM Johnson to meet President of EU Commission Juncker to discuss Brexit
16 September – Presidents of Russia, Iran, and Turkey to Meet in Ankara
17 September – Israel General Election
17 September – Opening of UN General Assembly