Threat Intelligence Blog

Posted June 15, 2016

This weekly brief highlights the latest threat intelligence news to provide insight into the latest threats to various industries.


“Public and private cloud solutions are gaining popularity in the healthcare industry, especially for data storage and network usage, despite issues surrounding healthcare cloud security and PHI data breaches.

Researchers at HyTrust recently published a study that revealed 77 percent of healthcare organizations plan to move more workloads onto a public cloud service even though healthcare data security was a major concern with cloud usage.

HealthIT Security

Financial Services

If it’s not already painfully obvious, people’s passwords are being sold in the murky corners of the web en masse. This week, as many as 32 million Twitter TWTR +5.79% passwords were reportedly on sale for 10 Bitcoin ($5,775), as Leaked Source, a search engine for stolen data, claimed it had been passed a humongous dataset by an anonymous party.

Twitter doesn’t believe it was hacked. Leaked Source thinks usernames and passwords were pilfered via malware infections, though it couldn’t specify how any Twitter credential-theft virus might have spread. But the data, as far as Leaked Source is aware, is real.


Legal and Regulations

“The Commodity Futures Trading Commission Fined Bitfinex $75,000 today for “offering illegal off-exchange financed retail commodity transactions in bitcoin and other cryptocurrencies,” citing the Commodity Exchange Act and Dodd-Frank for the action. This development may be the first of many to come if similar services, that host proxy wallets for the user, are found to be in violation of the same regulations.

As it stands, it is illegal to sell Bitcoin or make any other ‘financed commodity transaction’ without guaranteeing delivery within 28 days. By hosting coins on their service in their system’s wallets, and making trades and transactions within it off-chain, as well as failure to register as a Futures Commission Merchant before conducting this kind of business,  they violated […] regulations”



Fast food restaurant chain Wendy’s informed customers on Thursday that the number of locations where cybercriminals compromised point-of-sale (PoS) systems is much higher than initially estimated.

Wendy’s launched an investigation in late January after fraud patterns were discovered on cards used at some restaurants. The presence of malware was confirmed in February and, in mid-May, the company said hackers had compromised PoS systems at less than 300 of its 5,500 franchised restaurants in North America.

The investigation conducted up until May revealed that unrelated cybersecurity issues had been identified at roughly 50 other franchise restaurants. As the investigation continued, experts discovered another variant of the malware that was similar to the threat discovered initially, but which had a different execution method.

– Security Week


“TeslaCrypt has reached the end of the road, and other ransomware is ready to fill the vacuum left behind it. A relative newcomer to the market, Crysis ransomware is already laying claim to parts of TeslaCrypt’s territory.

The Crysis ransomware family – not to be confused with the Crisis backdoor/spyware Trojan that targeted both Windows and Mac users some four years ago – is currently in its second iteration, and doesn’t differ much from other similar malware.

It’s first version dates back to February 2016, and according to ESET researchers, victims hit with it have a decent chance of getting their files back without paying the attackers (the company offered their help).”

Help Net Security

Law Enforcement

“The Obama administration is seeking to amend surveillance law to give the FBI explicit authority to access a person’s Internet browser history and other electronic data without a warrant in terrorism and spy cases.

The administration made a similar effort six years ago but dropped it after concerns were raised by privacy advocates and the tech industry.

FBI Director James B. Comey has characterized the legislation as a fix to “a typo” in the Electronic Communications Privacy Act, which he says has led some tech firms to refuse to provide data that Congress intended them to provide.”

The Washington Post

Additional Posts

“Privacy Shield” Facing Same Obstacles as Safe Harbor

By Emilio Iasiello and Tobias Losch The European Union (EU) and the United States (U.S.) are ...

Weekly Phishing Report: June 14, 2016

PHISHING REPORT: TOP TARGETS Week of June 5 – June 11, 2016 Being the top industry that is ...