Weekly Intelligence Bulletin – Week 44

5. November 18

QuoScient’s Weekly Intelligence Bulletin for the week of 25 October – 01 November 2018 is now available for download in the Media Center!

Find below a summary.

CYBER

Vulnerabilities Industry Impacted: ANY

Cisco identified a zero-day vulnerability affecting various versions of its Adaptive Security Appliance (ASA) Software and Firepower Threat Defense (FTD) Software. Successful exploitation
could allow an unauthenticated, remote attacker to cause a vulnerable device to trigger high CPU, resulting in a denial-of-service (DoS) condition.

Threat Actor Activity

Industry Impacted: Financials

On 30 October 2018, QuoINT detected and notified its clients about a new Cobalt spear phishing attack impersonating the European Central Bank. This is the second week in a row that Cobalt
spoofed the ECB for distributing malware, and the sixth time in the last two years.

Reported Incidents Industry Impacted: ANY, Financials

On 28 October, BankIslami claimed they experienced “abnormal transactions valuing Rs2.6 million” on its international payment card scheme on 27 October. Anonymous sources claim the
attackers gained access to customer account data after first breaching a data center belonging to the bank.
Researchers discovered a new platform offering a DDoS-for-hire service called 0x-booter with different price categories and attack durations. 0x-booter has advertised capabilities of over 500
gbps of power and 20,000 bots.

CRYPTOCURRENCY

The overall crypto asset market capitalization decreased by 1.9 percent over the previous week. On 29 October, the capitalization dipped significantly by 2.8 percent but rose again on 1 November. The Canadian crypto asset exchange MapleChange announced it “sustained a hack” in which attackers stole around EUR 5.3 million.

GEOPOLITICS

The U.S. Department of Justice (DoJ) unsealed a charge on ten Chinese intelligence officers for conspiring to steal sensitive commercial technology and intellectual property from U.S. and
European companies.
Following the reported foreign meddling in the 2016 U.S. presidential election, security experts warned of threats targeting the integrity of the upcoming mid-term congressional elections.

OUTLOOK
06 November – U.S. Midterm Elections
08 November – Black Alps 18