Threat Intelligence Blog

This weekly brief highlights the latest threat intelligence news to provide insight into the latest threats to various industries.

 

Insurance/Healthcare

“”The Dark Overlord,” a hacker who has been attempting to sell batches of personal and medical records supposedly stolen from U.S. healthcare organizations, is claiming a new victim: a large healthcare software developer.

His latest advertisement went up on July 12 on The Real Deal, an online bazaar for stolen data, fake IDs and drugs. The hacker is offering for sale what he claims to be the source code, software signing keys and customer license database for a Health Level Seven interface engine, a type of middleware that enables different kinds of software applications to exchange information. HL7 is a set of standards describing how electronic health information should be formatted.

Healthcare Info Security

Legal and Regulations

“[On July 12, 2016] the European Commission adopted the EU-U.S. Privacy Shield.

This new framework protects the fundamental rights of anyone in the EU whose personal data is transferred to the United States as well as bringing legal clarity for businesses relying on transatlantic data transfers.

Andrus Ansip, Commission Vice-President for the Digital Single Market, said: “We have approved the new EU-U.S. Privacy Shield today. It will protect the personal data of our people and provide clarity for businesses. We have worked hard with all our partners in Europe and in the US to get this deal right and to have it done as soon as possible. Data flows between our two continents are essential to our society and economy – we now have a robust framework ensuring these transfers take place in the best and safest conditions”.”

European Commission

Retail

“New Omni Hotels & Resorts CIO Ken Barnes is mulling how to shore up corporate defense in the wake of a cybersecurity attack that impacted 48 of its 60 hotels in North America. Barnes, who started in May, of course says he plans to improve the protection for Omni’s payment processing systems. New defenses could include analytics that detect anomalous behavior suggesting that a hacker has entered or is trying to enter Omni’s computer network.

– CIO Online

Defense

A Chinese businessman who pleaded guilty to hacking sensitive military information has been sentenced to nearly four years in prison in the US.

Su Bin admitted collaborating with hackers in the Chinese military to steal data from US defence companies between 2008 and 2014.

He was arrested in Canada in 2014 and extradited to the US.

The Chinese government has repeatedly denied any involvement in hacking foreign companies or governments.

– BBC

Additional Posts

Protecting DNS Infrastructure and Minimizing DDoS Attacks

DNS Denial of Service attacks are popular because they are easy to perform. It doesn't take many ...

Library of Congress hit with a denial-of-service attack

DoS attacks are easy to perform, according to one security expert. Some of the U.S. Library of ...