Threat Intelligence Blog

Posted March 8, 2016

This weekly brief highlights the latest threat intelligence news to provide insight into the latest threats to various industries.


“Healthcare cybersecurity must improve, as organizations average about one healthcare cyber attack per month, according to a recent Ponemon survey.

In The State of Cybersecurity in Healthcare Organizations in 2016, Ponemon also found that 48 percent of those surveyed said their organizations have experienced an incident involving the loss or exposure of patient information during the last year. However, only half of respondents also said that their organization currently has an incident response plan in place.”

HealthIT Security

Financial Services

“Network traffic encrypted using an RSA-based SSL certificate may be decrypted if enough SSLv2 handshake data can be collected. This is known as the “DROWN” attack in the media.

According to the researcher, “DROWN” is a new form of cross-protocol Bleichenbacher padding oracle attack. An attacker using “DROWN” may obtain the session key from a vulnerable server supporting SSLv2 and use it to decrypt any traffic encrypted using the shared certificate.”

US Cert

Legal and Regulation

“The Internal Revenue Service today issued an alert to payroll and human resources professionals to beware of an emerging phishing email scheme that purports to be from company executives and requests personal information on employees.

The IRS has learned this scheme — part of the surge in phishing emails seen this year — already has claimed several victims as payroll and human resources offices mistakenly email payroll data including Forms W-2 that contain Social Security numbers and other personally identifiable information to cybercriminals posing as company executives.”



“A number of credit unions say they have experienced an unusually high level of debit card fraud from the breach at nationwide fast food chain Wendy’s, and that the losses so far eclipse those that came in the wake of huge card breaches at Target and Home Depot.

As first noted on this blog in January, Wendy’s is investigating a pattern of unusual card activity at some stores. In a preliminary 2015 annual report, Wendy’s confirmed that malware designed to steal card data was found on some systems. The company says it doesn’t yet know the extent of the breach or how many customers may have been impacted.”

Brian Krebs


“According to a series of chat messages posted in one of ISIS’ private Telegram group chats, Newsweek is reporting that ISIS’ cyber troops wanted to take down Google, defaced a website, and then bragged about it like they’ve really hacked the Mountain View company.

What the hackers didn’t know is that the Google website they hacked wasn’t one of the company’s smaller services, wasn’t even an official Google subdomain, but a puny Indian-based SEO company that just happened to use the word “Google” in their domain.”



“The Pentagon is looking for a few good computer hackers.

Screened high-tech specialists will be brought in to try to breach the Defense Department’s public Internet pages in a pilot program aimed at finding and fixing cybersecurity vulnerabilities.

According to the Pentagon, it is the first time the federal government has undertaken a program with outsiders attempting to breach the networks. Large companies have done similar things.”


Additional Posts

White Paper Sneak Peek: 2016 Mobile Security Predictions

Today’s post is an excerpt of findings from our new white paper “Mobile Security Threat ...

RSA 2016: Misconceptions and Myths Surrounding Threat Data and Threat Intelligence

By AJ Shipley, VP of Product Management Last week was the annual RSA security conference in San ...