Threat Intelligence Blog


We publish this weekly threat intelligence brief keep you informed on the latest security incidents and threats. For security news throughout the day, follow us on Twitter. Subscribe to our blog to stay up-to-date on findings from our analyst research reports!


“The healthcare provider Centene Corporation recently announced that it’s searching for six unencrypted hard drives that were unaccounted for in an inventory of IT assets. The drives held the names, addresses, birthdates, Social Security numbers, member ID numbers and health information of approximately 950,000 people who received laboratory services between 2009 and 2015.”

– eSecurity Planet

Financial Services

“[One of the largest European banks] has been hit by a cyber attack causing its personal banking website and mobile application to shut down, only weeks after a systems failure that left thousands of its customers without access to digital services. The UK bank said it had suffered a “denial of service attack” on Friday morning, which prevented retail customers from accessing online and mobile banking for a number of hours.”



“Italian police said on Friday they had shut down a website selling fake products carrying the high-fashion Prada label. No figures on total sales were available, but police called the website “very sophisticated”. It ran worldwide, using 90 service providers and standard electronic payment systems, and carried pictures of actual Prada products sold at prices in line with Prada’s factory outlets, lending it credibility.”



“[A] Security researcher firm […] is reporting that a Chinese adversary group C0d0so0 or “Codoso” has reappeared. Signs of the group, which had been silent, appeared in test results while looking into unknown malware and attack campaigns.The group is known for the attack on, in which the site was used to compromise selected targets via a watering hole to a zero-day Adobe Flash exploit. It then went on to attack the payment processing systems behind Samsung Pay. Codoso has been known to use sophisticated tactics and tools and has been linked to leveraging zero-day exploits on numerous occasions in combination with watering hole and spear-phishing attacks.”

SC Magazine

Law Enforcement

“Private files belonging to America’s biggest police union, including the names and addresses of officers, forum posts critical of Barack Obama, and controversial contracts made with city authorities, were posted online on Thursday after a hacker breached its website. The Fraternal Order of Police (FOP), which says it represents about 330,000 law enforcement officers across the US, said the FBI was investigating after 2.5GB of data taken from its servers was dumped online and swiftly shared on social media. The union’s national site,, remained offline on Thursday evening.”

The Guardian


AMX, part of the HARMAN Professional Division, is a hardware and software manufacturer of conferencing equipment, with a long arm inside the government sector. Some of its products have been spotted at the White House during President Barack Obama’s meetings, inside the US Center for Strategic and International Studies (CSIS), and in various US military bases in Afghanistan. According to security researchers from SEC Consult, older versions of the AMX NX-1200, a central controller for conference room equipment, came equipped with a series of backdoors.”


Additional Posts

Physical Threat Assessment for Super Bowl 50

Super Bowl® 50 is scheduled to take place February 7, 2016 at Levi’s® Stadium in Santa Clara, ...

CTO Perspectives, Part I: Why do Security Professionals need Threat Intelligence

This is the first blog in a three-part series by our Chief Technology Officer, Allan Thomson. In ...