Welcome to the Cyveillance Weekly Cyber Security Trends Report
Since threat intelligence is constantly evolving, we publish this weekly cyber security trends report to keep our customers updated on the latest threats across a variety of industries. You can read an abridged version below. Follow us on Twitter and subscribe to our blog to make sure you don’t miss any of the latest security articles from Cyveillance experts.
- “A deliveryman who French security officials say once had links to radical Islamist groups drove his truck into an American-owned chemical plant near Lyon on Friday, set off an explosion and, in a macabre twist, mounted his boss’s severed head on the plant’s gate.”
– NY Times
- States with high car insurance rates often have problems with fraudulent insurance policies when crooks, impersonating insurance agents, offer less expensive insurance auto policies. Consumers typically don’t realize these policies are invalid until they get into a traffic accident while driving with this fake insurance policy. Michigan has been a state suffering from this problem, and earlier this year it was revealed that 16 percent of drivers in the state had invalid or fake insurance. New Jersey is projected to be the next victim of these insurance schemes.
- “U.S. securities regulators are investigating a group of hackers suspected of breaking into corporate email accounts to steal information to trade on, such as confidential details about mergers, according to people familiar with the matter. The Securities and Exchange Commission has asked at least eight listed companies to provide details of their data breaches, one of the people said. The unusual move by the agency reflects increasing concerns about cyber attacks on U.S. companies and government agencies.”
Legal and Regulations
- “House Republicans are asking President Obama to fire Office of Personnel Management Director Katherine Archuleta following a massive data breach that exposed the personal information of millions of federal employees.”
- “The FBI’s Internet Crime Complaint Center (IC3) has issued an alert warning businesses and individuals about the continued spread of cryptographic Ransomware: A type of malware that serves as a form of extortion by one party on a group of persons or organizations. Oftentimes takes the form of encrypting a victim’s hard drive denying them access to files or other information with demands taking the form of a ransom before access is restored. LookingGlass Cyber (n) - when an organization, group, or hacker takes control of your system to extort a user or organization for money. Ch-ching!. This Malware: A generic term for a software that is designed to disable or otherwise damage computers, networks and computer systems LookingGlass Cyber (n) - another type of cold that can destroy a computer by latching on to destroy other programs. encrypts a victim’s files with a key held by criminals on a remote server, and it then extorts money from the victim to recover those files. The biggest threat among these continues to be CryptoWall, the ransomware family that first emerged last April. So far, the FBI’s IC3 has been contacted by 992 victims of CryptoWall, and their combined losses total over $18 million (~£11.4 million).”
- “The French government has ordered police to crack down on Uber in Paris after violence erupted at demonstrations by taxi drivers against the online ride service. Interior Minister Bernard Cazeneuve said Thursday that he asked the Paris police authority to issue a decree forbidding activity by UberPOP drivers. Similar decrees have already been issued in other major French cities. Cazeneuve said vehicles using UberPOP will now “be systematically seized” by police when caught operating.”
- “Login credentials belonging to 47 United States government agencies have been discovered on the public Web, intelligence firm Recorded Future said Wednesday. In an analysis of 660,000 pieces of information collected from 17 different paste sites, including the popular Pastebin site, Recorded Future found login credentials for 89 unique domains possibly belonging to government agencies that had been posted over a one-year period ending Nov. 3 2014.”
– Security Week