Weekly Intelligence Bulletin – Week 5

1. February 19

QuoScient’s Weekly Intelligence Bulletin for the week of 24 January – 31 January 2019 is now available for download in the Media Center!

Find a summary below.

CYBER
Reported Incidents
Industry Impacted: Energy, Financials, Industrial, Telecommunication Services
French Technology firm Altran confirmed it suffered a cyber attack on 24 January that affected operations in some European countries. The firm has not confirmed technical details, however, researchers allege the attack was the result of a ransomware.

Vulnerabilities
Industry Impacted: ANY
Cisco released patch updates for two vulnerabilities rated as high, impacting select Cisco Routers. Since the release, a PoC became available and, as a result, researchers observed an increase in
opportunistic scanning activity for vulnerable devices.
A researcher discovered an attack scenario against Microsoft Exchange 2013 and later versions that could allow an attacker to escalate privileges to Domain Administrator. Proof of concept tools are publicly available. No patch currently exists, but several mitigations provided by the researcher are available.

Threat Actor Activity Industry
Impacted: Financials
On 30 January, QuoINT detected a new Cobalt attack wave ultimately dropping the CobInt malware. The malware was delivered via a spearphishing email using a likely compromised email address of a financial institution located in the United Arab Emirates.

CRYPTOCURRENCY
The total market capitalization did not recover from last week’s fall reaching a total value of EUR 98 billion on 31 January.

GEOPOLITICS
The U.S. Justice Department filed 23 criminal charges against the Chinese telecommunications company Huawei and its Chief Financial Officer Meng Wanzhou, including on bank fraud,  obstruction of justice and theft of technology.

OUTLOOK
07 February- Technology Race „Measuring IT Security“ at Goethe University, Frankfurt