Threat Intelligence Blog

Posted May 3, 2016

This weekly brief highlights the latest threat intelligence news to provide insight into the latest threats to various industries.



“In an age when farmers are becoming increasingly tech-savvy, the dangers of this digital age are becoming all too clear. A recent notice from the FBI, with input from the USDA, warns of those threats.

In part, the notification states that, “While precision agriculture technology reduces farming costs and increases crop yields, farmers need to be aware of and understand the associated cyber risks to their data and ensure that companies entrusted to manage their data, including digital management tool and application developers and cloud service providers, develop adequate cybersecurity and breach response plans.” ”


“Healthcare data breaches in 2015 were more likely to be caused by human error in the form of stolen or lost assets, insider and privilege misuse, and miscellaneous errors, such as improper device disposal or mishandling PHI, reported Verizon in its “2016 Breach Investigations Report.”

Researchers at Verizon set out to discover and understand the primary motivations behind data breaches across various industries, including healthcare.”

HealthIT Security

Financial Services

The attackers who stole $81 million from the Bangladesh central bank probably hacked into software from the SWIFT financial platform that is at the heart of the global financial system, said security researchers at British defense contractor BAE Systems.

SWIFT, a cooperative owned by 3,000 financial institutions, confirmed to Reuters that it was aware of malware targeting its client software. Its spokeswoman Natasha Deteran said SWIFT on Monday released a software update to thwart the malware, along with a special warning for financial institutions to scrutinize their security procedures.”



“A sophisticated malware, identified as “Multigrain,” has been found to steal payment card data from point-of-sale (POS) stations.

When a team of researchers at FireEye recently discovered this new type of POS malware, they found out that it had overlapping traits of a previously-known, notorious POS malware known as NewposThings. However, the new variant uses advanced techniques to steal card data; it employs digital signature to specifically target POS security terminals and exfiltrates the stolen information over Domain Name System (DNS).”



“Microsoft has been observing the activities of a cyber espionage group that has leveraged a Windows patching system in attacks aimed at organizations in South and Southeast Asia.

The APT actor, dubbed by Microsoft “Platinum,” has been active since at least 2009, primarily targeting victims via spear phishing attacks. Its activities have mainly focused on government organizations, intelligence agencies, defense institutes and ISPs, and the information stolen by the group has been used for indirect economic advantages, not for direct financial gain.”

– Security Week

Law Enforcement

“The Supreme Court on Thursday approved changes that would make it easier for the FBI to hack into computers, including those belonging to victims of cybercrime. The changes will take effect in December, unless Congress adopts competing legislation.

Previously, under the federal rules on criminal procedures, a magistrate judge couldn’t approve a warrant request to search a computer remotely if the investigator didn’t know where the computer was—because it might be outside his or her jurisdiction.”

The Intercept


“The US, for the first time, has declared cyber-war on the Islamic State. This is not only the first declaration against that particular target but the first public declaration of cyber-warfare against any target.

Ashton Carter, US Secretary of Defence told press in a speech earlier this month, “I have given Cyber Command really its first wartime assignment.”  The Cyber Command, created in 2009, oversees both defensive and now offensive operations for the US Department of Defence will now “bring the fight to ISIS (Islamic State) in Syria and Iraq.””

SC Magazine

Additional Posts

Introducing scoutPRIME®, Part 2 – Analysis & Enrichment

In this blog series by CTO Allan Thomson, we are exploring the three fundamental challenges that ...

CIOReview: CEO Perspectives Operationalizing Threat Intelligence

Businesses and governments continue to struggle with effectively and efficiently defending their ...