Home » Weekly Intelligence Summary » Weekly Intelligence Summary 13 Jun - 20 Jun 2019

× Share this Presentation

Facebook
Twitter
Email
LinkedIn

First Name

Last Name

Job Title

Company

Country

State

Thank you!

Error - something went wrong!

Weekly Intelligence Summary 13 Jun - 20 Jun 2019

June 21, 2019

Share this Report
Facebook
Twitter
Email
LinkedIn

In the spotlight this week is a cyber-threat campaign involving the abuse of legitimate features in Google Calendar. This activity demonstrated how threat actors continue to adapt by combining traditional tactics with novel techniques.
Highlights from the week: the expansion of sector targeting by destructive threat group “Xenotime”, exploitation of a vulnerability affecting Exim email servers, and continued targeting of the transportation sector by the Iran-associated threat group “APT39”.

Don't miss our podcast recap on ShadowTalk:

Previous Report

Weekly Intelligence Summary 20 Jun - 27 Jun 2019

A campaign dubbed Operation Soft Cell has been actively compromising telecommunications organizations since...

Next Report

Weekly Intelligence Summary 06 Jun - 13 Jun 2019

An indiscriminate malicious cryptocurrency campaign is targeting entities in China using fileless malware t...

Want these
Threat Intelligence reports sent straight to your inbox?

Subscribe below!

First Name

Last Name

Company

Country

State- optional

Job Title

Thank you!

Error - something went wrong!

Most Recent Flipbooks

Weekly Intelligence Summary 07 Nov - 14 Nov 2019

Multiple reports of successful ransomware attacks have highlighted the risk to organizations of all sizes but, despite the media attention, other extortion tactics are being overlooked.

Read Report

Weekly Intelligence Summary 31 Oct - 07 Nov 2019

A string of data breach incidents affecting perceptively smaller organizations this week has outlined the need for all companies, regardless of size, to take a proactive security stance in preference

Read Report

Weekly Intelligence Summary 24 Oct - 31 Oct 2019

In the spotlight this week: A card skimming operation targeted the online retailer First Aid Beauty and evaded notice for months.

Read Report

Weekly Intelligence Summary 17 Oct - 24 Oct 2019

In the spotlight this week: Russia-linked threat group “Turla” was reported to be using cyber-attack tools associated with Iran-linked threat group “APT34”, in conjunction with Turla’s own tools.

Read Report

Weekly Intelligence Summary 10 Oct - 17 Oct 2019

In the spotlight this week is the “Simjacker” exploit, publicly disclosed in September 2019 and now potentially affecting entities across 29 countries.

Read Report

Weekly Intelligence Summary 03 Oct - 10 Oct 2019

In the spotlight this week is the Iran-linked threat group “APT35”, which took aim at the email accounts of political entities in the United States and prominent Iranians living outside Iran.

Read Report

Weekly Intelligence Summary 26 Sep - 03 Oct 2019

In the spotlight this week is a variety of new attack methods demonstrated by “Magecart Five”. The threat group is probably testing them out, and will highly likely implement the most successful metho

Read Report

Weekly Intelligence Summary 19 Sep - 26 Sep 2019

In the spotlight this week is a newly identified threat group named Tortoiseshell, which has reportedly conducted supply-chain cyber attack campaigns against 11 IT providers in Saudi Arabia.

Read Report

Weekly Intelligence Summary 12 Sep - 19 Sep 2019

The Iran-linked cyber-threat group “Cobalt Dickens” targeted 60-plus universities worldwide with a phishing campaign designed to capture credentials. Higher-education institutions have been popular...

Read Report

Weekly Intelligence Summary 05 Sep - 12 Sep 2019

In the spotlight this week: Following reports that “APT3” used Equation Group tools prior to their public leak by the “Shadow Brokers” in 2016, cyber security researchers have provided additional ...

Read Report

Weekly Intelligence Summary 29 Aug - 05 Sep 2019

In the spotlight this week: A surge in financially motivated cyber-attack campaigns has been attributed to “Silence”, which is a probably Russian cybercriminal group.

Read Report

Weekly Intelligence Summary 22 Aug - 29 Aug 2019

Weekly highlights: A new campaign by the “Gamaredon” group may have targeted Ukrainian government bodies, a new ransomware variant dubbed Nemty was likely distributed through compromised remote desk

Read Report

Weekly Intelligence Summary 15 Aug - 22 Aug 2019

Weekly highlights include: An additional 30 organizations were reportedly compromised alongside Capital One in the July 2019 breach; the “Danabot” banking trojan has been targeting financial, retail,

Read Report

Weekly Intelligence Summary 08 Aug - 15 Aug 2019

In the spotlight this week are details of ongoing sextortion campaigns which consistently use unsophisticated tactics and techniques to target users indiscriminately.

Read Report

Weekly Intelligence Summary 01 Aug - 08 Aug 2019

Weekly highlights focus on: the Russia-associated “APT28” threat group targeting Internet of Things (IOT) devices to access corporate networks, ten new information-stealing trojans targeting financial

Read Report

Weekly Intelligence Summary 25 Jul - 01 Aug 2019

Weekly highlights include: Capital One reported a data breach after an individual accessed an Amazon Web Services (AWS) server used by the organization, cyber espionage operations associated with Ch..

Read Report

Weekly Intelligence Summary 18 Jul - 25 Jul 2019

Highlight: A cyber attack against a contractor of Russia’s national intelligence service, resulting in the theft and exposure of information about several surveillance and intelligence-gathering proj.

Read Report

Weekly Intelligence Summary 11 Jul - 18 Jul 2019

Entering the spotlight this week is the new “DoppelPaymer” ransomware, which bears resemblance to the “Indrik Spider”-associated “BitPaymer” ransomware.

Read Report

Weekly Intelligence Summary 04 Jul - 11 Jul 2019

Two previously unseen malware variants have been attributed to the financially motivated “TA505” in attacks on various organizations worldwide, even as the threat group continues to rely on commonly u

Read Report

Weekly Intelligence Summary 27 Jun - 04 Jul 2019

In the spotlight this week is the “Greenflash Sundown” exploit kit (EK), which has revived its distribution of ransomware and cryptocurrency mining malware, but switched focus from Southeast Asia to E

Read Report

Return to Home