Threat Intelligence Blog

Posted June 27, 2017

This weekly brief highlights the latest threat intelligence news to provide insight into the latest threats to various industries.


“Healthcare data breach costs are the highest among surveyed sectors for the seventh straight year, according to the 2017 Cost of a Data Breach Study: Global Overview.

The average cost of a data breach is $3.62 million globally, which is a 10 percent decline from the 2016 survey. However, healthcare data breaches cost organizations $380 per record. That is more than 2.5 times the global average across industries at $141 per record.

The survey was sponsored by IBM Security and conducted by Ponemon Institute. The US portion of the report reviewed incurred costs for 63 companies in 16 industry sectors. The examination took place after those organizations “experienced the loss or theft of protected personal data and the notification of breach victims as required by various laws.””

– HealthIT Security

Information Security

“In a batch of secret documents published online this week (22 June), whistleblowing website WikiLeaks detailed a complex maze of malware allegedly developed by the US Central Intelligence Agency (CIA) to help infiltrate “air-gapped” computers and networks.

Codenamed “BrutalKangaroo”, the malware exploits Microsoft Windows and can reportedly give tech-savvy spies access to closed networks (computers not connected to the internet) by “air-gap jumping” using booby-trapped USB sticks. According to WikiLeaks, it can then create covert networks, make commands and exfiltrate data.”

– IB Times


“The Buckle, Inc., a fashion retailer that operates more than 450 stores across the United States, informed customers on Friday that malware had been found on some of its point-of-sale (PoS) systems.

According to the retailer, malware was present on PoS systems at some of its stores between October 28, 2016, and April 14, 2017. The company has called in outside experts to investigate the incident and help secure its network.

The malware was designed to steal data from a card’s magnetic stripe, including cardholder name, account number and expiration date, but The Buckle believes the malware did not collect data from all transactions conducted via infected PoS systems.”

– SecurityWeek


“Recent terrorist attacks in the UK have added to a years-long war between Silicon Valley and multiple governments over fighting terrorism, including battles over encryption and proposed curbs on hate speech videos on social media.

Now, both Facebook and Google have announced new steps to fight the spread of extremist material. In both cases, the companies will be devoting machine learning and armies of human experts to the battle.

Facebook announced last week that it’s developing artificial intelligence (AI) and employing 150 experts to make the platform “a hostile place for terrorists.””

– Naked Security


“A British computer hacker has admitted breaking into a US military communications system and stealing the ranks, usernames, phone numbers, and email addresses of over 800 employees as well as IMEI data related to 30,000 satellite phones.

25-year-old Sean Caffrey, of Sutton Coldfield, West Midlands, pleaded guilty at Birmingham Crown Court yesterday to offences under the Computer Misuse Act that he stole data from the US Department of Defense (DOD).”

– We Live Security


Additional Posts

The CyberWire Daily Briefing – June 27, 2017

LookingGlass® Cyber Solutions, a leader in threat intelligence-driven security, today ...

Weekly Phishing Report: June 26, 2017

The following data offers a snapshot into the weekly trends of the top industries being targeted by ...