Threat Intelligence Blog

Posted September 7, 2016

This weekly brief highlights the latest threat intelligenceThreat Intelligence: Evidence-based knowledge about an existing hazard designed to help organizations make inform decisions regarding their response to the threat. news to provide insight into the latest threats to various industries.

 

Financial Services

Dropbox hurriedly warned its users last week to change their passwords if their accounts dated back prior to mid-2012. We now know why: the cloud-based storage service suffered a data breach that’s said to have affected more than 68 million accounts compromised during a hack that took place roughly four years ago.

The company had previously admitted that it was hit by a hack attack, but it’s only now that the scale of the operation has seemingly come to light.

Tech site Motherboard reported—citing “sources in the database trading community”—that it had obtained four files, totalling 5GB in size, which apparently contained e-mail addresses and hashed passwords for 68,680,741 Dropbox users.”

– Ars Technica

Information Security

“As if stealing your personal data wasn’t bad enough, one form of Trojan malwareMalware: Software that is intended to damage or disable computers and computer systems. has now become the first of its kind by also infecting victims with ransomwareRansomware: A type of malicious software designed to block access to a computer system until a sum of money is paid., forcing targets to pay to regain access to their computer as well as compromising their credentials.

Betabot, which steals banking information and passwords, has been around since March 2013. It disables antivirus and malware-scanning software on infected Windows machines before modifying them to steal users login credentials and financial data.”

– ZDNet

Retail

Researchers have spotted a website setting EMV skimmers — at www.emvskimmer.com, if it hasn’t already been taken down — that claims to sell “the most advanced EMV chip data collector in the world.”

And it’s a scary piece of equipment.

According to the seller, it’s powered by the point of sale terminal, and can hold information on up to 5,000 credit cards in its memory. It can also be used on machines made by Ingenico and Verifone, as well as terminals on gas station pumps, ticket purchase stations, and on small ATMs, specifically those manufactured by Triton.”

– CSO Online

Defense

“Defense One, a news site dedicated to US military topics, reports that a Russian-linked cyber-espionage group known as APT29 has attempted to hack several Washington-based think tank organizations.

According to the Defense One report, the attacks took place last week and were successfully detected and stopped by CrowdStrike, the US security vendor that was called in to investigate the infamous DNC hack incident.

According to CrowdStrike founder Dmitri Alperovitch, the attacker fits the pattern found in attacks carried out by a cyber-espionage group called APT29, also known as COZY BEAR or CozyDuke.”

Softpedia


You May Also Be Interested In…

Additional Posts

LookingGlass Cyber Solutions Honored as Best Overall IT Company of the Year by Network Products Guide and the 2016 IT World Awards

LookingGlass also Received Bronze Distinction in the Best Products for Security Software Category ...

Weekly Phishing Activity: September 6, 2016

Phishing Activity: TOP TARGETS Week of August 28 – September 3, 2016 In this week’s phishing ...