Weekly Intelligence Snapshot – Week 21

May 21, 2020 | Intelligence Cables, Weekly Intelligence Snapshot

QuoIntelligence’s Weekly Intelligence Snapshot for the week of 13 May – 20 May 2020 is now available!

Find the summary below and subscribe to our mailing list at the bottom if you want to receive Weekly summaries and other regular updates from us! Or inquire today to receive a free trial of our full Weekly Intelligence Product, which includes analyst comments, MITRE ATT&CK tags, IOCs, and more!

CYBER

Current Threat

Industries impacted: Communication Services, Energy, Government

Researchers at ESET and Avast released joint research on three previously unreported backdoors, collectively named Mikroceen, used for cyberespionage purposes targeting companies in government, telecommunications, and gas industries in Central Asia. Both researchers suspect a Chinese Advanced Persistent Threat (APT) group is behind this activity and responsible for the continuously developed backdoors.

Incident

Industries impacted: Energy, Information Technology

Taiwan’s Ministry of Justice Investigation Bureau (MJIB) reported a ransomware incident that affected the computer systems of important domestic energy and technology companies between 4 and 5 May. MJIB is attributed this targeted attack to the Winnti Group.

On 14 May, Heise Security alerted of security intrusions reported since 11 May by multiple high performance supercomputing academic centers, identified to at least affect organizations in the UK, Germany, Switzerland, Spain, US, and China. Reportedly, researchers at European Grid Infrastructure (EGI) Computer Security Incident Response Team (CSIRT) investigated and detailed two of the incidents, confirming an unknown threat actor group(s) targeted the high performance supercomputers to ultimately conduct a cryptomining operation.

Rollups

  • ISC Patches Two High Severity Vulnerabilities in BIND 9
  • Signal Messaging App Introduces New PIN Feature
  • Covve Data Breach Affects 90,000 Users
  • European Parliament Reportedly Suffered a Data Breach Exposing Sensitive Data of Officials
  • Turla Allegedly Targets Diplomats in Europe with COMPfun Malware

GEOPOLITICS

Rollups

  • Germany’s Federal Court Rules Surveillance in Current Form on Foreign Nationals Unconstitutional
  • EU Council Extends Cyber Sanctions Framework Until May 2021
  • US Amends Export Law to Restrict Foreign Companies Using US Equipment to Deliver Semiconductors to Huawei

Outlook

22 May – China to hold Annual ‘Two Sessions’ of National People’s Congress (NPC) and National Committee of the Chinese People’s Political Consultative Conference

Learn more about our Threat Intelligence service

Related posts:

Threat Intelligence Snapshot: Week 12, 2024 Threat Intelligence Snapshot: Week 11, 2024 Threat Intelligence Snapshot: Week 52, 2023