<div> <div> <div> <img alt="" src="https://quointelligence.eu/wp-content/uploads/2020/03/[email protected]" title="" /> </div><div> <div><p>QuoIntelligence’s Weekly Intelligence Snapshot for the week of<strong> 6 May – 13 May 2020</strong> is now available!</p>
Industries impacted: ANY
Researchers at ESET discovered a cyber espionage malware named Ramsay, existing from at least September 2019 to March 2020, designed to operate within air-gapped systems. Ramsay is designed to collect all Word, PDF, and ZIP documents on the victim’s machine and store them in a hidden folder. Additionally, the spreader – or propagation component – scans for network shares, removable drives, and appends a copy of the malware to all portable executable (PE) files.
Industries impacted: ANY, Information Technology
In its May Patch Tuesday, Microsoft released patches for 111 vulnerabilities across several products, including Microsoft Windows, Microsoft Edge, Internet Explorer, Microsoft Office, and SharePoint. None of the patched vulnerabilities were listed as previously publicly known or exploited in the wild.
Industries impacted: ANY
On 12 May, the Department of Homeland Security (DHS), the Federal Bureau of Investigation (FBI), and the Department of Defense (DoD) released multiple joint reports disclosing three new malware families that they link to the North Korea’s Lazarus (also known to them as Hidden Cobra). The three malware families are each described in separate Malware Analysis Reports (MARs), explaining their malicious functionality. In addition, on 6 May, researchers at Malwarebytes attributed a MacOS version of a Remote Access Trojan (RAT) known as Dacls to Lazarus.
- Adobe Fixed 36 Vulnerabilities including Critical Flaws in Adobe Acrobat and Reader
- US and UK Cyber Authorities Release Alert on APT Groups Targeting Health Care Providers
- ATM and Payment Technology Provider Diebold Nixdorf Suffered a ProLock (aka PwndLocker) Ransomware Attack
Ruhr University Bochum in Germany Recovers From A Ransomware Attack
- Rail Vehicle Company Stadler Suffered From A Data Breach
- Naikon APT: Cyberespionage Group Targets Government Entities in Asia Pacific (APAC) Region
- Global Financial Organizations Targeted in Spear Phishing Campaigns to Deliver The EVILNUM Malware
Germany’s Chancellor Merkel Says ‘Hard Evidence’ Exist For Russia’s Involvement in 2015 Bundestag Cyberattack
Iran Confirms Unsuccessful Cyberattack on Port in Strait of Hormuz
</div> <div> <div> <div> <a href="https://quointelligence.eu/#offering" rel="noreferrer" target="_blank">Learn more about our Threat Intelligence service</a> </div><div> <div><h2>Join our Newsletter!</h2><div><p>Subscribe to our newsletter <strong>with your business email</strong> to receive intelligence summaries, analytic product updates, and more!</p>
<div> <div></div> <div> <h2>Thanks! You will soon receive a confirmation email!</h2> </div> <div> <p> First Name </p> <p> Last Name </p> <p> Email </p> <p> <a href="https://quointelligence.eu" rel="noreferrer" target="_blank"> Subscribe </a> </p> </div> </div> </div> </div> </div> </div>
The post Weekly Intelligence Snapshot – Week 20 appeared first on QuoIntelligence - Our Finished Intelligence, Tailor-made for Your Organization.