Threat Intelligence Blog

Posted October 13, 2015

weekly_1

We publish this weekly threat intelligence brief keep you informed on the latest security incidents and threats. For security news throughout the day, follow us on Twitter. Subscribe to our blog to stay up-to-date on findings from our analyst research reports!

 

Insurance/Healthcare

“The cyber risk insurance market is experiencing rapid development, with the size of global gross written premiums growing from US$850 million in 2012 to an estimated US$2.5 billion in 2014, according to a new report by London-based business intelligence company, Timetric. While the cyber risk insurance market is gaining traction due to a growing number of cyber attacks and the increasing reliance of businesses upon technology for operational capabilities and storing data, insurance firms are responding slowly to this rising demand, said the Timetric insight report, titled “The Future of Cyber Risk Insurance.””

Insurance Journal

Financial Services

An influential American publishing and financial information firm “disclosed that hackers had gained unauthorized entry to its systems, accessing contact information for current and former subscribers in order to send fraudulent solicitations. The data breach potentially accessed payment card information for fewer than 3,500 individuals […] The goal of the broader hack seems to have been to obtain contact information[…]”

Wall Street Journal

Legal and Regulations

Europe’s highest court, the Court of Justice of the European Union (CJEU), ruled that the European Union (EU)-United States (U.S.) Safe Harbor framework enabling data transfers of personal data between the EU and U.S. is invalid. Thousands of American companies that handle the personal data of European citizens may no longer rely on Safe Harbor certification to legitimize data transfers from the EU to the U.S. in the wake of this decision. These companies – and EU-based businesses and their affiliates that transfer personal data to the U.S. in the course of doing business – must no implement other mechanisms for data transfers (e.g.binding corporate rules or new legal agreements between the parties involved), or risk claims that these transfers are unlawful.

Politico

Retail

“Months before its technology became the centerpiece of Samsung’s new mobile payment system, LoopPay, a small Massachusetts subsidiary of the South Korean electronics giant, was the target of a sophisticated attack by a group of government-affiliated Chinese hackers. As early as March, the hackers — alternatively known as the Codoso Group or Sunshock Group by those who track them — had breached the computer network of LoopPay […]”

NY Times

Defense

“Iran-based hackers are building a network of fake LinkedIn user profiles with the aim of entering business circles for telecommunications and defense contractors.”

Softpedia

Additional Posts

When Good Sites Go Bad: Malvertising and Watering Holes [Infographic]

By Michael Perry and Val Vask With more than three billion people using the Internet every day, ...

One Phish, Two Phish, Bad Phish: Don’t Click!

This post was written by our Director of Cyber Security Operations Greg Ogorek, and appears as a ...