Threat Intelligence Blog

Posted February 25, 2015

weeklytrends

Welcome to the Cyveillance Weekly Cyber Security Trends Report

Since threat intelligence is constantly evolving, we publish this weekly report to keep our customers updated on the latest threats across a variety of industries. You can read an abridged version below. Follow us on Twitter and subscribe to our blog to make sure you don’t miss any of the latest security articles from Cyveillance experts.

Top Incidents

Cyber Crime

  • A leading Russian cybersecurity firm estimates the Anunak – a.k.a. Carbanak – gang has now stolen up to $1 billion from banks all over the world, in part by using “jackpotting” malware that infects ATMs. The majority of the targets were in Russia, but many were also in Japan, the United States and Europe.
  • Domain name servers (DNS) are being used to exfiltrate information, by taking DNS requests to tunnel stolen data. The malwares identified were FeederBot, Morto, and FrameworkPOS were spotted using DNS.

Legal and Regulations

  • This month, bipartisan legislation was introduced in the California Senate that would require law enforcement to get a search warrant before accessing a person’s digital information. The proposed California Electronic Communications Privacy Act (S.B. 178) is broadly written to protect “any information about an electronic communication or the use of an electronic communication service”, including contents, location, metadata and other personally identifiable information. This bill has strong support from tech giants Google and Facebook, as well as the Electronic Frontier Foundation and the ACLU of California, among others.

Defense

  • The US State Department confirmed its non-confidential e-mail system suffered a security breach over the past three months, and is still unable to drive the hackers out of the network.

Insurance/Healthcare

  • Adults aren’t the only ones who can have their identity stolen.  Tens of millions of American children had their Social Security numbers, date of birth, and health care ID numbers stolen in the recent data breach at health insurance giant, Anthem Inc.

Technology

Defense

  • Google is fighting attempts by the Justice Department to get permission for the FBI to search and seize digital data in what the search engine giant said would make it possible for the “hacking of any facility” in the world. The Advisory Committee on Criminal Rules that is considering the proposal received a sharply worded letter from Google that warns the new FBI powers would raise “monumental and highly complex constitutional, legal and geopolitical concerns that should be left to Congress to decide.” The proposed changes would allow the FBI to remotely search computers from anywhere in the world, “giving the US government unfettered global access to vast amounts of private information,” The Guardian wrote.

 

Cyveillance clients get access to the entire Weekly Trends Report, covering all of the above topics and much more. Contact us to find out how we can help your organization.

Additional Posts

Why the Anthem Breach May Be a Catastrophic Event for US Children

Today's blog post comes to us courtesy of guest contributor Tim Rohrbaugh, VP of Information ...

Are Medical Mobile Apps Medical Devices? According to the FDA: Yes.

  Modern healthcare has changed dramatically over the past year. In particular, mobile health ...