Threat Intelligence Blog

This weekly brief highlights the latest threat intelligence news to provide insight into the latest threats to various industries.

Insurance/Healthcare

“The Department of Veterans Affairs (VA) reported that more veterans were potentially affected by health data breaches compared to the previous month, according to its February report to Congress. The report states that 817 veterans were affected by a reported data security incident. Of the 817 veterans, 707 veterans were affected by a health data breach involving PHI.”

HealthIT Security

Financial Services

“[…] a B2B unit of [a leading] telecommunications giant that gets called in to help Fortune 500’s respond to some of the world’s largest data breaches, is reeling from its own data breach involving the theft and resale of customer data, KrebsOnSecurity has learned. Earlier this week, a prominent member of a closely guarded underground cybercrime forum posted a new thread advertising the sale of a database containing the contact information on some 1.5 million customers […].”

Brian Krebs

Legal and Regulations

“On March 17, 2016, the Civil Liberties Committee convened to discuss whether the Privacy Shield framework that will replace Safe Harbor provides adequate protection to the data of EU citizens. A number of experts were questioned including: the US lead negotiator, the EU Data Protection Supervisor, members of the Article 29 Working Party and Max Schrems, whose court case against Facebook led to Safe Harbor’s downfall.”

– Global Privacy Blog

Retail

“Exposed consumer data—either hacked or openly displayed because of computer glitches, sloppy workflow and human error—remains a consistent problem with online pharmacies. This time the problem belongs to the online pharmacy on Walmart.com.”

Internet Retailer

Technology

“Google was fined 100,000 euros ($112,000) by France’s data-protection authority for failing to remove “right-to-be-forgotten” requests from global search results. The agency, CNIL, ordered Google to remove links after it got several complaints from people who wanted the search engine to delete search results that pointed to personal information about them. While Google removed links from its French “.fr” domain, it didn’t take them off the “.com” domain visible to European web users.”

Bloomberg

Law Enforcement

“Bangladesh on Sunday sought the assistance of the FBI in the hunt for the hackers that stole $81 million from its central bank last month, in a massive heist that has taken the South Asian nation by storm. An FBI official met with Bangladeshi police in the country’s capital Dhaka in order to trace the origin of a fraudulent transfer request for the amount, funneled to casinos in the Philippines from Bangladesh’s account in the Federal Reserve Bank of New York, Reuters reported.”

Time

Defense

“An aviation expert from China has pleaded guilty to funneling sensitive military information out of the US and back home to hackers who used it to infiltrate computer systems, including those of aviation giant Boeing Company. The US Department of Justice put out a statement on Wednesday about the plea agreement it struck with the 50-year-old Chinese national, Su Bin, also known as Stephen Su and Stephen Subin.”

Naked Security

Additional Posts

LookingGlass Unveils Next-Generation Threat Intelligence Management Platform

LookingGlass Cyber Solutions™, the leader in threat intelligence and dynamic threat defense, ...

Weekly Phishing Report: March 28, 2016

Phishing Report: Top Targets Week of March 20 – March 26, 2016 In this week’s phishing report, ...