QuoScient’s Weekly Intelligence Bulletin for the week of 04 October – 11 October 2018 is now available for download in the Media Center!
Find below a summary.
Current Threat Industry Impacted: Financials
QuoINT observed an uptick in the activity related to the latest variant of the Android mobile banking Trojan known as Bankbot Anubis 2.0, which primarily targets customers of European and
Western financial institutions.
Vulnerabilities Industry Impacted: ANY
Microsoft’s October Patch Tuesday release includes security patches for 49 vulnerabilities across multiple products. Of the reported vulnerabilities, 18 are remotely exploitable, 12 are rated
as Critical, three are publicly known with one having proof-of concept code and one zero-day vulnerability is reported as actively exploited in limited targeted attacks.
Reported Incidents Industry Impacted: ANY, Financials, Government, Information Technology
After almost one year and an half, WannaCry is still successfully forcing victims in paying USD 300 in ransom.
Bloomberg and Businessweek published reports this week outlining a supposed supply chain attack that affected almost 30 companies, to include a major bank, government contractors, Apple, Amazon, and a major U.S. telecommunications company. According to the authors, unnamed sources within the U.S. government confirm the ensuing investigation determined that subcontractors in China (allegedly operatives of the People’s Liberation Army of China) inserted the chips at factories located in China and Taiwan. Further the sources claim this attack is the work of the People’s Liberation Army of China. QuoINT analyzes the information in depth to understand the reported threat and realized risk to organizations.
The decentralized cryptoasset exchange Agora Trade announced its launch in Malta on 4 October. The total market capitalization for cryptocurrencies remained relatively stable around EUR 188
billion during the week, however it significantly dropped on 10 October by 6 percent to EUR 176 billion.
In a recent report, the U.S. Government Accountability Office highlights considerable cyber vulnerabilities in weapon systems under development. Germany and Latvia joined the U.K. and Netherlands in accusing the Russian government of carrying out cyber attacks targeting international organizations and institutions.
11 October – ICANN Root KSK Rollover
16 October – Conference hack.lu 2018
16 October – NATO Information Assurance Symposium (NIAS) 2018