Weekly Intelligence Snapshot – Week 18

Apr 30, 2020 | Intelligence Cables, Weekly Intelligence Snapshot

QuoIntelligence’s Weekly Intelligence Snapshot for the week of 22 April – 29 April 2020 is now available!

Find the summary below and subscribe to our mailing list at the bottom if you want to receive Weekly summaries and other regular updates from us! Or inquire today to receive a free trial of our full Weekly Intelligence Product, which includes analyst comments, MITRE ATT&CK tags, IOCs, and more!

CYBER

Current Threat

Industries impacted: Information Technology, ANY

Researchers at Sophos discovered a new malware dubbed Asnarök, and observed it ultimately deployed in exploitation activity of a newly identified SQL injection zero-day vulnerability. Successful exploitation of the recently patched vulnerability could lead to remote code execution on physical and virtual versions of Sophos XG firewalls. On 26 April, QuoINT distributed a Warning to our customers on the public disclosure and exploitation of the vulnerability.

 Incident

Industries impacted: Financials

Check Point’s Incident Response (IR) team identified a new threat actor group dubbed Florentine Banker Group, that fraudulently transferred approximately EUR 691,188 (GBP 600,000) with three different transactions as a result of a successful Business Email Compromise (BEC) scam.

Rollups

  • FBI Warns of Threat Actors Sending Fraudulent SWIFT Messages via Third-Party Vendors Serving Small Businesses
  • Group Behind TrickBot Spreads New Backdoor dubbed BazarBackdoor targeting Corporate Networks

  • Payment Processor Company Paay Exposes Data of 2.5 Million Credit Card Transactions

  • Researchers Discovered iOS Zero-Day Vulnerabilities Exploited in Targeted Attacks

GEOPOLITICS

Industries impacted: Communication Services, Government, Health Care, Information Technology

On 3 April, QuoINT reported on data privacy and cybersecurity implications related to governments introducing apps to trace the spread of the COVID-19 pandemic. Since then, new discussions in Europe over transparency and data privacy has led governments to favor apps that are Bluetooth-based and use decentralized models to storing data. In addition to cybersecurity concerns, these apps also introduce other challenges and unknowns, such as data privacy issues, potential for fraudulent activity and data misuse, and an unknown success rate.

Rollups

  • Iran-US Tensions Rising After Iran Launches Satellite, Trump Threatens to ‘shoot down’ Iranian Ships

  • Several Governments Say China Attempted to Encourage Positive Coverage on China’s Management of COVID-19

OUTLOOK

5 May – G20 Workshop on the Measurement of the Digital Economy

Learn more about our Threat Intelligence service

Related posts:

Threat Intelligence Snapshot: Week 12, 2024 Threat Intelligence Snapshot: Week 11, 2024 Threat Intelligence Snapshot: Week 52, 2023