QuoIntelligence’s Weekly Intelligence Snapshot for the week of 3 – 10 June 2020 is now available!

Find the summary below and subscribe to our mailing list at the bottom if you want to receive Weekly summaries and other regular updates from us! Or inquire today to receive a free trial of our full Weekly Intelligence Product, which includes analyst comments, MITRE ATT&CK tags, IOCs, and more!

CYBER

Current Threat

Industries impacted: Consumer Discretionary, Energy, Financials, Health Care, Industrials, Information Technology

Researchers at IBM reported a highly targeted, ongoing phishing campaign conducted against a German multinational corporation associated with a German government-private sector task force to procure personal protective equipment (Task Force Schutzausrüstung) and at least its third-party supply chain organizations. Our further analysis determined the campaign phishing URLs largely included base64 encoded email addresses, and in several cases targeted email addresses were in plaintext. QuoINT notified affected customers with a Digital Risk Protection (DRP) alert.

Vulnerabilities

Industries impacted: ANY 

In this month’s patch Tuesday, Microsoft released security patches for 129 vulnerabilities across multiple products including Internet Explorer, Edge, ChackraCore, Windows, Office, Web Apps, Azure, and Windows Defender. Of the vulnerabilities, 11 are critical in severity and remotely exploitable, while 118 are rated as important in severity. Additionally, researchers disclose a new vulnerability dubbed SMBleed, and proof-of-concept codes for SMBleed and previously disclosed and patched SMBGhost.

Rollups

  • Adobe and SAP June Patch Releases
  • Large-scale Hack-for-Hire Operation Dark Basin Uncovered
  • Austrian Telecommunication Provider A1 Reportedly Breached, but Prevents Further Cyberattack 
  • New Malware Dubbed FlowCloud Discovered in Attack Campaigns Against US Utilities Sector 
  • Snake Ransomware Attack Suspected as Cause of Disruptions at Honda and Enel Argentina

GEOPOLITICS

Rollups

  • North Korea Announces Intent to Sever Contact with South Korea