Posted August 23, 2016
This weekly brief highlights the latest threat intelligence news to provide insight into the latest threats to various industries.
“South Carolina-based Bon Secours Health System, Inc. announced last week that it experienced a potential healthcare data breach that may affect 665,000 patients.
R-C Healthcare Management is a vendor that works with Bon Secours, and inadvertently made patient files available online as it attempted to adjust its computer network settings from April 18, 2016 to April 21, 2016, Bon Secours said in a statement.”
“Some of the most powerful espionage tools created by the National Security Agency’s elite group of hackers have been revealed in recent days, a development that could pose severe consequences for the spy agency’s operations and the security of government and corporate computers.
A cache of hacking tools with code names such as Epicbanana, Buzzdirection and Egregiousblunder appeared mysteriously online over the weekend, setting the security world abuzz with speculation over whether the material was legitimate.”
“The cybercrime gang that breached the systems of Oracle-owned point-of-sale vendor MICROS has reportedly also targeted several other similar companies.
Oracle admitted last week that it had detected malicious code on certain legacy MICROS systems and advised customers to change their passwords for support accounts and accounts used by MICROS representatives to remotely access their on-premise systems.
Oracle has assured customers that other services are not impacted and that payment card data is encrypted in customer environments hosted by MICROS.”
– Security Week
“A group calling itself the ShadowBrokers dumped data online last weekend that it claimed to have stolen from a hacking team widely believed to be linked to the NSA. The data contained vulnerabilities affecting major firewall products and ignited speculation that the NSA had been hacked.
Expert analysis of the data suggested that the NSA and the Equation Group are one and the same, but confirmation came today from The Intercept, which found references to the dumped malware in its trove of documents provided by whistleblower and former NSA contractor Edward Snowden.”
“Hackers targeted the computer systems of presidential candidate Donald Trump and Republican Party organizations as well as Democratic Party networks, sources familiar with investigations into the attacks said.
At least one Trump staff member’s email account was infected with malware in 2015 and sent malicious emails to colleagues, according to one insider for the Republican candidate’s campaign and an outside security expert. It was unclear whether or not the hackers actually gained access to campaign computers.”