Weekly Intelligence Bulletin – Week 47

26. November 18

QuoScient’s Weekly Intelligence Bulletin for the week of 15 November – 22 November 2018 is now available for download in the Media Center!

Find below a summary.

CYBER

Current Threat Industry Impacted: Government

Researchers identified a spearphishing campaign attributed to the APT28 threat actor group (also known publicly as Sofacy, Fancy Bear or Sednit) primarily targeting government entities in the
U.S., and Europe that uses a new second-stage malware payload dubbed Cannon.

Vulnerabilities Industry Impacted: ANY

Adobe released a security update for a critical remote code execution (RCE) vulnerability (CVE-2018-15981) impacting Adobe Flash Player on Windows, macOS, Linux, and Chrome OS.
Considering this RCE vulnerability targets a highly popular Adobe product, as well as the ease of exploitation, it is important for administrators to assess applying the recommended patch as
needed.

Threat Actor Activity Industry Impacted: Financials

We detected a new Cobalt spear phishing attack targeting Russian entities and impersonating Unistream, an international money transfer company and bank based in Russia. The TTPs and
targeting resemble the ones last observed in Cobalt’s campaigns executed in January (impersonating NSPK) and February 2018 (impersonating Western Union). The C2 infrastructure overlaps
with the one used in the latest Cobalt campaign.

CRYPTOCURRENCY
The European Commission launched a new blockchain organization at the recently concluded E.U. Blockchain Roundtable conference on the theme “Bringing industries together for Europe to
lead in Blockchain Technologies”.
Total market capitalization reached a 13 months low of EUR 129 billion on 22 November, a decline of 30 percent from the end of last week. On 15 November, the total market capitalization lost over EUR 26 billion in value, but slightly rose and maintained a steady trajectory until 19 November.

GEOPOLITICS
Germany’s Federal Office for Information Security (BSI) recently released technical guidelines for manufacturers of broadband routers to define minimum security measures for routers.
Germany’s financial regulator, BaFin, is considering the introduction of mandatory cyber stress tests for banks to improve their cyber security. This adds additional regulatory pressure on banks
to improve their cyber resilience.
Huawei Technologies, a Chinese telecommunications company, opened the Security Innovation Lab in Bonn on 16 November to address future challenges to cyber security.

OUTLOOK
25 November – E.U. Council holds summit to endorse Brexit Withdrawal Agreement
26 November – The Hamburg Summit: China Meets Europe
27 November – Cyber Investor Days
30 November – G20 Leader’s summit