QuoScient’s Weekly Intelligence Bulletin for the week of 06 December – 13 December 2018 is now available for download in the Media Center!
Find below a summary.
CYBER
Industry Impacted: Energy, Financials, Government, Information Technology, Telecommunication Services, Utilities
Researchers discovered a global attack campaign dubbed Operation Sharpshooter with targets including nuclear, defense, energy and financial companies. The reconnaissance campaign uses a job recruitment theme to deliver weaponized macro Microsoft Word documents that download and install a new second stage implant known as Rising Sun.
Reported Incidents Industry Impacted: Consumer Discretionary
On 21 November, the German mechanical engineering company KraussMaffei was targeted by a ransomware, which encrypted computer files rendering them useless. This is the latest of multiple incidents targeting critical German infrastructure in the last month.
Vulnerabilities Industry Impacted: ANY
A security advisory released by Bosch details a vulnerability that affects several Bosch IP cameras using firmware version 6.32 and later. Successful exploitation could allow an unauthenticated, remote attacker to execute arbitrary code on the affected device.
Microsoft’s monthly patch release includes fixes for 39 vulnerabilities across multiple products, of which 17 are remotely exploitable, nine received a Critical rating, and one is actively being exploited in the wild. Adobe’s monthly patch release includes 87 vulnerabilities for Acrobat and Reader, with 38 vulnerabilities rated Critical by the vendor.
CRYPTOCURRENCY
The total market capitalization reached a low of EUR 98 billion on 13 December, a decline of 7.6 percent from the end of last week.
GEOPOLITICS
On 10 December, the E.U. Commission, Parliament, and Council agreed on the Cybersecurity Act to give the European Union Agency for Network and Information Security (ENISA) a permanent
mandate and become the E.U. Agency for Cybersecurity.
Tensions between China and the U.S. will likely continue worsening as the U.S. blamed the Chinese government for the Marriott breach and said China presents the greatest counterintelligence
threat.
OUTLOOK
14 December – E.U. Council Holds Euro Summit