Threat Intelligence Blog

This weekly brief highlights the latest threat intelligenceThreat Intelligence: Evidence-based knowledge about an existing hazard designed to help organizations understand the risks common and severe external threats, used to inform decisions regarding the subject’s response. LookingGlass Cyber (n) - Actionable, relevant, and timely information that can help when assessing the security posture of an organization. A little more left. No no, that’s now too far... news to provide insight into the latest threats to various industries.


“The utility sector is generally ahead of other industries when it comes to cybersecurityCybersecurity: A set of security techniques that are designed to protect the integrity of computer systems, programs and data from theft and damage to their hardware, software or other information as well as the disruption and misappropriation of their services. LookingGlass Cyber (n) - Professional paid ninjas who protect the cyber world from cyber attacks. Everybody is doing it, but we have the double black belt with the Versace logo. So yeah, we’re really good. readiness. But what will it take to keep them ahead of cyber attackers?

Starting in July, U.S. utilities must comply with a new federal standard aimed at bolstering security — especially cybersecurity. Version 5/6 of the North American Reliability Corporation’s Critical Infrastructure Protection standard (NERC CIP) takes a new approach to mandating security for bulk power systems. Rather than telling utilities how they should address known risks, it requires utilities to assess and rate security risks for their assets and systems, and come up with their own programs.”

Greentech Media


“In a recent blog post, the Federal Bureau of Investigation (FBI) discussed the implications and potential dangers of ransomwareRansomware: A type of malware that serves as a form of extortion by one party on a group of persons or organizations. Oftentimes takes the form of encrypting a victim’s hard drive denying them access to files or other information with demands taking the form of a ransom before access is restored. LookingGlass Cyber (n) - when an organization, group, or hacker takes control of your system to extort a user or organization for money.  Ch-ching!, which has quickly become one of the larger threats to healthcare cybersecurity.

Along with hospitals, state and local governments, law enforcement agencies, and business of all sizes could find themselves victims of a ransomware attack, according to the FBI.

Ransomware is not a new threat, but the number of attacks increased in 2015, the agency explained, and the trend appears it will continue throughout 2016.”

HealthIT Security

Financial Services

“Qatar National Bank said that its systems were “fully secure” following a cybertattack which potentially exposed the names and passwords of tens of thousands of customers. In a statement released on its website, QNB also said that the hack would have “no financial impact” on its customers but admitted for the first time that clients in Qatar had been targeted. “QNB Group’s Risk Team monitored abnormal activity in our system environment, this was immediately communicated to relevant authorities,” read the statement.”

Gulf Base

Legal and Regulations

A recently leaked European Council proposal dated 13 April 2016, provides details on the EU’s plan to restrict the practice known as geo-blocking, the intentional blocking of a user from protected content due to his geographical location. According to the Council, geo-blocking is contrary to an internal digital market in which digital content such as music, games, films and sporting events should be accessible across borders. Back on 9 December 2015, the European Commission presented a first proposal for a regulation “on ensuring the cross-border portability of online content services in the internal market” which sought to partially prohibit geo-blocking.

European Union


“More than 270 million email accounts with major providers around the world have been compromised, a security expert has warned, with passwords being exchanged by criminals in Russia.

Alex Holden, the expert, says most users of, Russia’s most popular email service, have had their account details stolen.

Millions of users of the Google, Yahoo, and Microsoft email platforms have also had their data stored in one of the largest databases of stolen credentials ever discovered, Mr Holden told Reuters.”

The Telegraph

Law Enforcement

“The anonymous source responsible for leaking the vast document trove known as the Panama Papers said in a manifesto published on Friday that she or he “would be willing to cooperate with law enforcement” to ensure the prosecution of wrongdoing revealed by the paper trail — but only once “governments codify legal protections for whistleblowers into law.”

The source wrote that the leaked files on offshore business dealings and shell companies organized by Mossack Fonseca, a law firm based in Panama, revealed “the scandal of what is legal and allowed.” ”

The Intercept

Additional Posts

International Public-Private Cooperation on Cyber Security is Gaining Ground

By Emilio Iasiello, LookingGlass Cyber Threat Intelligence Group (CTIG) I recently attended ...

Weekly Phishing Report: May 9, 2016

PHISHING REPORT: TOP TARGETS Week of May 1 – May 7, 2016 In this week’s phishing report, we saw ...