This weekly brief highlights the latest Threat Intelligence: Evidence-based knowledge about an existing hazard designed to help organizations understand the risks common and severe external threats, used to inform decisions regarding the subject’s response. LookingGlass Cyber (n) - Actionable, relevant, and timely information that can help when assessing the security posture of an organization. A little more left. No no, that’s now too far... news to provide insight into the latest threats to various industries.
“In United States ex rel. Sheldon v. Kettering Health Network, 816 F.3d 399 (6th Cir. 2016), the Sixth Circuit affirmed the lower court’s dismissal of a False Claims Act (“FCA”) suit based on a data breach involving electronic health records. The relator alleged that defendant Kettering Health Network (“Kettering”) violated the FCA by falsely certifying its compliance with the Health Information Technology for Economic and Clinical Health Act (the “HITECH Act” or the “Act”), under which it received incentive payments from the federal government. The Sixth Circuit held that the conduct the relator complained of in this case did not constitute a violation of the Act, particularly as the Defendant had policies and procedures in place to protect the information. As a result, the relator had not alleged facts that established a false statement or false attestation of compliance. The panel also held that dismissal of the complaint was independently warranted because the relator had failed to plead any false claims for payment by the government with the particularity required by Rule 9(b).“
The threat actor has compromised more than 100 online shops, including that of UK book publishing house Faber and Faber, clothing/fitness company Everlast, GUESS Australia, fashion brand Rebecca Minkoff, beauty products retailer The Beauty Place, and many, many more.”
“Yahoo Inc last year secretly built a custom software program to search all of its customers’ incoming emails for specific information provided by U.S. intelligence officials, according to people familiar with the matter.
The company complied with a classified U.S. government demand, scanning hundreds of millions of Yahoo Mail accounts at the behest of the National Security Agency or FBI, said three former employees and a fourth person apprised of the events.
Some surveillance experts said this represents the first case to surface of a U.S. Internet company agreeing to an intelligence agency’s request by searching all arriving messages, as opposed to examining stored messages or scanning a small number of accounts in real time.”
“The F.B.I. secretly arrested a former National Security Agency contractor in August and, according to law enforcement officials, is investigating whether he stole and disclosed highly classified computer code developed by the agency to hack into the networks of foreign governments.
The arrest raises the embarrassing prospect that for the second time in three years, a contractor for the consulting company Booz Allen Hamilton managed to steal highly damaging secret information while working for the N.S.A. In 2013, Edward J. Snowden, who was also a Booz Allen contractor, took a vast trove of documents from the agency that were later passed to journalists, exposing surveillance programs in the United States and abroad.”
– NY Times
You May Also Be Interested In…
- [WEBINAR] Operationalizing Threat Intelligence: ESG Analyst Research, Insight, Use Cases
- [Data Sheet] LookingGlass Cyber Threat Center
- [Data Sheet] Information Protection