QuoIntelligence’s Weekly Intelligence Snapshot for the week of 3 – 10 June 2020 is now available!
CYBER
Current Threat
Industries impacted: Consumer Discretionary, Energy, Financials, Health Care, Industrials, Information Technology
Researchers at IBM reported a highly targeted, ongoing phishing campaign conducted against a German multinational corporation associated with a German government-private sector task force to procure personal protective equipment (Task Force Schutzausrüstung) and at least its third-party supply chain organizations. Our further analysis determined the campaign phishing URLs largely included base64 encoded email addresses, and in several cases targeted email addresses were in plaintext. QuoINT notified affected customers with a Digital Risk Protection (DRP) alert.
Vulnerabilities
Industries impacted: ANY
In this month’s patch Tuesday, Microsoft released security patches for 129 vulnerabilities across multiple products including Internet Explorer, Edge, ChackraCore, Windows, Office, Web Apps, Azure, and Windows Defender. Of the vulnerabilities, 11 are critical in severity and remotely exploitable, while 118 are rated as important in severity. Additionally, researchers disclose a new vulnerability dubbed SMBleed, and proof-of-concept codes for SMBleed and previously disclosed and patched SMBGhost.
Rollups
- Adobe and SAP June Patch Releases
- Large-scale Hack-for-Hire Operation Dark Basin Uncovered
- Austrian Telecommunication Provider A1 Reportedly Breached, but Prevents Further Cyberattack
- New Malware Dubbed FlowCloud Discovered in Attack Campaigns Against US Utilities Sector
- Snake Ransomware Attack Suspected as Cause of Disruptions at Honda and Enel Argentina
GEOPOLITICS
Rollups
- North Korea Announces Intent to Sever Contact with South Korea