Threat Intelligence Blog

Posted February 16, 2016


We publish this weekly threat intelligence brief keep you informed on the latest security incidents and threats. For security news throughout the day, follow us on Twitter. Subscribe to our blog to stay up-to-date on findings from our analyst research reports!



“With the exploitation of new cost-effective operational concepts, use of digital technologies and increased dependence on cyber structures, the oil and gas industry is exposed to new sets of vulnerabilities and threats. Cyberattacks have grown in stature and sophistication, making them more difficult to detect and defend against, and costing companies increasing sums of money to recover from.”

Pipeline & Gas Journal


“It’s no secret that the healthcare industry is a hackers’ gold mine for valuable, sensitive data. Along with private information like patients’ names, mailing addresses, email aliases and dates of birth, healthcare firms also hold extremely personal health data, such as lab results, dictated reports, prescribed medications and medical conditions.

In 2015, we witnessed numerous hospital networks and health insurers fall victim to data breaches. Community Health Systems, Premera and Anthem were just some of the bigger names making regular headlines last year, but the attacks trickled down to even the smaller physicians’ offices.

But with the growing sophistication of hackers, and the amount of sensitive data stored, 2016 may be the year when EHR vendors become the next major target.”

Health IT Security

Legal and Regulation

“From the beginning of his Administration, the President has made it clear that cybersecurity is one of the most important challenges we face as a Nation, and for more than seven years he has acted comprehensively to confront that challenge.  Working together with Congress, we took another step forward in this effort in December with the passage of the Cybersecurity Act of 2015, which provides important tools necessary to strengthen the Nation’s cybersecurity, particularly by making it easier for private companies to share cyber threat information with each other and the Government.”

White House

Financial Services

“Researchers said hackers used malware to penetrate the defenses of a Russian regional bank and move the ruble-dollar rate more than 15 percent in minutes. Russian-language hackers deployed a virus known as the Corkow Trojan to infect a Kazan-based bank and place more than $500 million in orders at non-market rates in February 2015. The resulting rate swing prompted a Russian central bank investigation last year into potential market manipulation.”

Arkansas Online


“Scam artists have been using hacked accounts from retailer to order high-priced, bulky merchandise that is then shipped to the victim’s home. While the crooks don’t get the stolen merchandise, the unauthorized purchases rack up valuable credits called “Kohl’s cash” that the thieves quickly redeem at Kohl’s locations for items that can be resold for cash or returned for gift cards.”

Brian Krebs

Law Enforcement

“A 16-year-old has been arrested on suspicion of being “Cracka,” the hacker believed to have broken into the CIA Director’s email account and publicly releasing data belonging to FBI and Homeland Security agents.

In a statement released by the South East Regional Organised Crime Unit (SEROCU), the UK agency said a 16-year-old boy was arrested on February 9 in the East Midlands on suspicion of “conspiracy to commit unauthorised access to computer material contrary to Section 1 Computer Misuse Act 1990,” which can cover breaking into networks, as well as the theft of sensitive data belonging to the enterprise or government agencies, among others.”



“Since mid-2015, Twitter has suspended over 125,000 accounts “for threatening or promoting terrorist acts.” Most of these were related to ISIS.

“We condemn the use of Twitter to promote terrorism and the Twitter Rules make it clear that this type of behavior, or any violent threat, is not permitted on our service,” the popular social networking service explained.

The company has been cooperating with law enforcement around the world when it comes to discovering who is behind accounts publishing terrorist content and shutting them down. They have also partnered with organizations working to counter extremist content online.”

Help Net Security

Additional Posts

Weekly Phishing Report – February 17, 2016

Phishing Report: Top Targets Week of February 7 - 13, 2016 Author: Robert McDaniel   In this ...

CTO Perspectives, Part III: Leveraging Threat Indicator Confidence

This is the third blog in a three-part series (read parts one and two) by our Chief Technology ...