Threat Intelligence Blog

Posted June 2, 2016

This weekly brief highlights the latest threat intelligence news to provide insight into the latest threats to various industries.


“Many healthcare organizations and business associates are constantly working to prevent phishing attacks from compromising healthcare data security. Yet, cyberattacks were still the top cause of healthcare data breaches in 2015 and recent studies have indicated that patient information may be just as vulnerable to phishing attacks in 2016.

A recent cross-industry study from the Anti-Phishing Working Group (APWG) found that the number of unique phishing websites has increased by 250 percent from October 2015 to March 2016. In total, researchers discovered 289,371 unique phishing websites in the first quarter of 2016.”

HealthIT Security

Financial Services

“Criminals who stole millions of dollars from automatic teller machines across Japan in a three-hour spree probably chose the country because banks consider it a low fraud risk, security experts say.

The gang used counterfeit Standard Bank credit cards to withdraw 1.4 billion yen (RM52.2mil) in 14,000 transactions from ATMs at 7-Eleven convenience stores over three hours on a Sunday morning, according to a source familiar with the matter.”

The Star Online


Recent local news stories about credit card skimmers found in self-checkout lanes at some Walmart locations reminds me of a criminal sales pitch I saw recently for overlay skimmers made specifically for the very same card terminals.

Much like the skimmers found at some Safeway locations earlier this year, the skimming device pictured below was designed to be installed in the blink of an eye at self-checkout lanes — as in recent incidents at Walmart stores in Fredericksburg, Va. and Fort Wright, Ky. In these attacks, the skimmers were made to piggyback on card readers sold by payment solutions company Ingenico.”

Krebs on Security


The remote code execution flaw, tracked as CVE-2015-2545, had been exploited by an APT group dubbed Platinum and TwoForOne before Microsoft released a patch in September 2015 and a more comprehensive fix two months later. The actor, which has been known to target organizations in South and Southeast Asia, has been active since at least 2009.

CVE-2015-2545 can be exploited for arbitrary code execution via specially crafted Encapsulated PostScript (EPS) image files inserted into Office documents. The exploit for this flaw can evade Address Space Layout Randomization (ASLR) and Data Execution Prevention (DEP) mitigations.

– Security Week


The US Navy has put out an ad soliciting bids for an educational program to train sailors in ethical hacking techniques. The first round of this training program is scheduled to take place between June 6 and 10, in San Diego, California, and will include a class of 34 participants.

IT Security News

Additional Posts

Chinese Acquisition of U.S. Companies: Sometimes a Cigar May Just Be a Cigar

By Emilio Iasiello Since 2012, there has been increased interest in Chinese companies purchasing ...

Operationalizing Threat Intelligence

By: Chris Coleman, CEO, LookingGlass Cyber Solutions Quote: “In this global fight against cyber ...