Threat Intelligence Blog

Posted August 22, 2017

This weekly brief highlights the latest threat intelligence news to provide insight into the latest threats to various industries.

Financial Services

“A stealthy group of hackers is using cloud infrastructure to attempt “low and slow” brute-force attacks on Microsoft Office 365 logins of senior executives at a broad swath of Fortune 2000 companies, according to recent research.

The cloud-on-cloud attacks, spotted earlier this year by Skyhigh Networks, appear to be an early example of a criminal or espionage group leveraging cloud infrastructure to hide not only their identity and the origins of their attack, but also the attack itself.

The research highlights the increased complexity of security issues companies face when they move to the cloud.”

Cyber Scoop


“An overhaul of UK data protection laws that will effectively implement the EU General Data Protection Regulation (GDPR) will have a significant effect on the insurance industry, according to one expert.

Among a number of changes that the new Data Protection Bill will bring in is a strengthening of the ‘right to be forgotten’ rules, which will give more power to consumers as to the use of their personal information.

While rules about the ‘right to be forgotten’ already exist, the GDPR brings “significant” changes, although many businesses still don’t know what this means for them, Guy Cohen, head of policy at privacy engineering firm Privitar, told Insurance Business.”

– Insurance Business

Information Security

“A new exploit kit (EK) has emerged recently on underground forums, where a malware developer is advertising it starting at just $80.

Called Disdain and discovered by malware analyst David Montenegro, the toolkit is available for rent on a daily, weekly, or monthly basis, priced at $80, $500, and $1,400, respectively. Security researchers have already managed to track the advert for the EK and learn more about its alleged capabilities.

According to Disdain’s author, the main features of the toolkit include domain rotator, RSA key exchange for exploits, panel server untraceable from payload server, geolocation, browser & IP tracking, and domain scanning capabilities.”

– Security Week


Additional Posts

Understanding the dark web and how it factors into cybersecurity

In this podcast recorded at Black Hat USA 2017, Eric Olson, VP of Intelligence Operations at ...

Weekly Phishing Activity: August 21, 2017

The following data offers a snapshot into the weekly trends of the top industries being targeted by ...