Posted October 13, 2015
We publish this weekly threat intelligence brief keep you informed on the latest security incidents and threats. For security news throughout the day, follow us on Twitter. Subscribe to our blog to stay up-to-date on findings from our analyst research reports!
“The cyber risk insurance market is experiencing rapid development, with the size of global gross written premiums growing from US$850 million in 2012 to an estimated US$2.5 billion in 2014, according to a new report by London-based business intelligence company, Timetric. While the cyber risk insurance market is gaining traction due to a growing number of cyber attacks and the increasing reliance of businesses upon technology for operational capabilities and storing data, insurance firms are responding slowly to this rising demand, said the Timetric insight report, titled “The Future of Cyber Risk Insurance.””
An influential American publishing and financial information firm “disclosed that hackers had gained unauthorized entry to its systems, accessing contact information for current and former subscribers in order to send fraudulent solicitations. The data breach potentially accessed payment card information for fewer than 3,500 individuals […] The goal of the broader hack seems to have been to obtain contact information[…]”
Legal and Regulations
Europe’s highest court, the Court of Justice of the European Union (CJEU), ruled that the European Union (EU)-United States (U.S.) Safe Harbor framework enabling data transfers of personal data between the EU and U.S. is invalid. Thousands of American companies that handle the personal data of European citizens may no longer rely on Safe Harbor certification to legitimize data transfers from the EU to the U.S. in the wake of this decision. These companies – and EU-based businesses and their affiliates that transfer personal data to the U.S. in the course of doing business – must no implement other mechanisms for data transfers (e.g.binding corporate rules or new legal agreements between the parties involved), or risk claims that these transfers are unlawful.
“Months before its technology became the centerpiece of Samsung’s new mobile payment system, LoopPay, a small Massachusetts subsidiary of the South Korean electronics giant, was the target of a sophisticated attack by a group of government-affiliated Chinese hackers. As early as March, the hackers — alternatively known as the Codoso Group or Sunshock Group by those who track them — had breached the computer network of LoopPay […]”
– NY Times
“Iran-based hackers are building a network of fake LinkedIn user profiles with the aim of entering business circles for telecommunications and defense contractors.”