QuoIntelligence’s Weekly Intelligence Snapshot for the week of 27 May – 3 June 2020 is now available!
Industries impacted: ANY
Researchers at Cybereason detailed a new variant of the Valak malware, discovered in April 2020 and observed in attack campaigns targeting Microsoft Exchange servers of enterprises in Germany and US. According to the researchers, the Valak malware evolved from a malware loader for other malwares such as Ursnif and IcedID to become a multi-stage modular malware.
- Cisco Confirms Attackers Exploited Vulnerabilities in SaltStack to Compromise its Backend Servers
- Kaspersky ICS CERT Discovered Targeted Spear Phishing Campaigns Targeting Industrial Enterprises in Europe and Asia
- Russian-Linked Sandworm Team APT Group Exploits Patched Vulnerability in Exim Mail Agent
Industries impacted: Government
As protests erupted across the US – with solidarity demonstrations occurring across Europe, Australia, and Latin America – in the wake of George Floyd’s killing by policemen in Minneapolis, Minnesota, sympathizers, potentially unrelated agitators, and opportunistic threat actors have exploited the extremely volatile situation to conduct cyberattacks and spread misinformation.
- France Releases COVID-19 Tracing App StopCovid
- Germany to Reportedly Impose Sanctions on Russia over 2015 Bundestag Cyberattack