Threat Intelligence Blog

Posted May 10, 2016

This weekly brief highlights the latest threat intelligence news to provide insight into the latest threats to various industries.


“The utility sector is generally ahead of other industries when it comes to cybersecurity readiness. But what will it take to keep them ahead of cyber attackers?

Starting in July, U.S. utilities must comply with a new federal standard aimed at bolstering security — especially cybersecurity. Version 5/6 of the North American Reliability Corporation’s Critical Infrastructure Protection standard (NERC CIP) takes a new approach to mandating security for bulk power systems. Rather than telling utilities how they should address known risks, it requires utilities to assess and rate security risks for their assets and systems, and come up with their own programs.”

Greentech Media


“In a recent blog post, the Federal Bureau of Investigation (FBI) discussed the implications and potential dangers of ransomware, which has quickly become one of the larger threats to healthcare cybersecurity.

Along with hospitals, state and local governments, law enforcement agencies, and business of all sizes could find themselves victims of a ransomware attack, according to the FBI.

Ransomware is not a new threat, but the number of attacks increased in 2015, the agency explained, and the trend appears it will continue throughout 2016.”

HealthIT Security

Financial Services

“Qatar National Bank said that its systems were “fully secure” following a cybertattack which potentially exposed the names and passwords of tens of thousands of customers. In a statement released on its website, QNB also said that the hack would have “no financial impact” on its customers but admitted for the first time that clients in Qatar had been targeted. “QNB Group’s Risk Team monitored abnormal activity in our system environment, this was immediately communicated to relevant authorities,” read the statement.”

Gulf Base

Legal and Regulations

A recently leaked European Council proposal dated 13 April 2016, provides details on the EU’s plan to restrict the practice known as geo-blocking, the intentional blocking of a user from protected content due to his geographical location. According to the Council, geo-blocking is contrary to an internal digital market in which digital content such as music, games, films and sporting events should be accessible across borders. Back on 9 December 2015, the European Commission presented a first proposal for a regulation “on ensuring the cross-border portability of online content services in the internal market” which sought to partially prohibit geo-blocking.

European Union


“More than 270 million email accounts with major providers around the world have been compromised, a security expert has warned, with passwords being exchanged by criminals in Russia.

Alex Holden, the expert, says most users of, Russia’s most popular email service, have had their account details stolen.

Millions of users of the Google, Yahoo, and Microsoft email platforms have also had their data stored in one of the largest databases of stolen credentials ever discovered, Mr Holden told Reuters.”

The Telegraph

Law Enforcement

“The anonymous source responsible for leaking the vast document trove known as the Panama Papers said in a manifesto published on Friday that she or he “would be willing to cooperate with law enforcement” to ensure the prosecution of wrongdoing revealed by the paper trail — but only once “governments codify legal protections for whistleblowers into law.”

The source wrote that the leaked files on offshore business dealings and shell companies organized by Mossack Fonseca, a law firm based in Panama, revealed “the scandal of what is legal and allowed.” ”

The Intercept

Additional Posts

International Public-Private Cooperation on Cyber Security is Gaining Ground

By Emilio Iasiello, LookingGlass Cyber Threat Intelligence Group (CTIG) I recently attended ...

Weekly Phishing Report: May 9, 2016

PHISHING REPORT: TOP TARGETS Week of May 1 – May 7, 2016 In this week’s phishing report, we saw ...