Threat Intelligence Blog

This weekly brief highlights the latest threat intelligence news to provide insight into the latest threats to various industries.

Information Security Risk

“A breach of the Unique Identification Authority of India’s Aadhaar biometric system is putting personally identifiable information (PII) of more than 1 billion Indian residents at risk. Attackers created a gateway to the biometric database, in which any Aadhaar user’s ID number can be entered into a portal. Once the number is entered, it will pull up the resident’s name, address, postal code, photo, phone number, and email address. Cyberthieves are selling access to the portal for 500 rupees and are charging an additional 300 rupees for software that allows a victim’s Aadhaar card to be printed, according to the report.”

 –DarkReading

Insurance + Healthcare

“Healthcare ransomware attacks increased by 89 percent from 2016 to 2017, according to recent research from Cryptonite. Furthermore, one-quarter of all IT/hacking events reported to OCR in 2017 were attributed to ransomware incidents. Gathering data from OCR, Cryptonite also determined that there was an overall drop in compromised records. Researchers explained though that this was likely due to attackers going after a wider array of healthcare organizations.”

Health IT Security

Legal, Litigation, + Regulatory Risk

“Two Democratic senators introduced a bill that would provide the Federal Trade Commission (FTC) with punitive powers over the credit reporting industry for poor cybersecurity practices. The bill is in response to a huge breach disclosed in September 2017. If the bill succeeds, it will become the Data Breach Prevention and Compensation Act of 2018. It will create an Office of Cybersecurity at the FTC, “headed”, says the bill (PDF), “by a Director, who shall be a career appointee.” This Office would be responsible for ensuring that the CRAs conform to the requirements of the legislation, and would have the power to establish new security standards going forwards. The punitive power of the Act comes in the level of the potential fines, beginning with a base penalty of $100 for each consumer who had one piece of personal identifying information (PII) compromised and another $50 for each additional PII compromised per consumer.”

Security Week

Technology

“According to Coinhive, the BlackBerry Mobile website was hacked by exploiting a critical security vulnerability in the Magento e-commerce software. The spike in the value of some cryptocurrencies like Bitcoin is attracting the interest of cyber criminals. The numbers of incidents and cyber attacks involving miners and mining scripts continue to increase and the last in order of time seems to be the BlackBerry Mobile Site. On January 6, a Reddit user that handle the moniker “Rundvleeskroket” claims that the official website of BlackBerry Mobile was caught using Coinhive’s cryprocurrency code to mine Monero. Rundvleeskroket wrote that his friend pointed out that Blackberry Mobile domain (blackberrymobile.com) was using the Coinhive code. The Coinhive code was removed from the BlackBerry mobile site, unfortunately, such kind of incidents is becoming frequent. In many cases, website owners are using the CoinHive code to generate Monero exploiting computational resources of unaware visitors. In December experts discovered that nearly 5,500 WordPress websites were infected with a malicious script that logs keystrokes and in loads a cryptocurrency miner in the visitors’ browsers. In November, experts reported the same attackers were loading malicious scripts disguised as fake jQuery and Google Analytics JavaScript files that were actually a copy of the Coinhive in-browser cryptocurrency miner. By November 22, the experts observed 1,833 sites compromised by the attackers. According to a Coinhive’s comment on the Reddit post, the BlackBerry Mobile website was hacked by exploiting a critical security vulnerability in the Magento ecommerce software. According to Coinhive, the same Coinhive’s account was used in the hack of many other websites, for this reason, it was suspended.”

 


Additional Posts

Is Your Security Team Equipped to Make the Best Tactical Decisions?

Webinar on February 21, 2018 - Is Your Security Team Equipped to Make the Best Tactical Decisions? ...

On-Demand Investigation & Analysis

Leverage highly-skilled cyber intelligence analysts from LookingGlass for deep-dive reports, ...