Threat Intelligence Blog

Posted June 7, 2017

This weekly brief highlights the latest threat intelligence news to provide insight into the latest threats to various industries.


“The California-based Fortune 500 company Molina Healthcare has been exposing patients’ medical claims online without requiring authentication, according to investigative reporter Brian Krebs.

It’s not clear at this point how long the vulnerability may have been in place.

Last month, Krebs reports, he received an anonymous tip that any Molina customer could access other customers’ medical claims simply by changing a single number in the URL when accessing their own claims — and that no authentication was required to access customer claims online.”

– eSecurity Planet

Information Security

OneLogin, an online service that lets users manage logins to sites and apps from a single platform, says it has suffered a security breach in which customer data was compromised, including the ability to decrypt encrypted data.

Headquartered in San Francisco, OneLogin provides single sign-on and identity management for cloud-base applications. OneLogin counts among its customers some 2,000 companies in 44 countries, over 300 app vendors and more than 70 software-as-a-service providers.

A breach that allowed intruders to decrypt customer data could be extremely damaging for affected customers. After OneLogin customers sign into their account, the service takes care of remembering and supplying the customer’s usernames and passwords for all of their other applications.”

– Krebs on Security


“Researchers from the security research firm WhiteScope identified cyber vulnerabilities in file system encryption and in the storage of unencrypted patient data across major vendors of implantable cardiac devices, according to the team’s report.

“The findings reveal consistency across all vendors, highlighting the inherent weaknesses in the ecosystem architecture,” the firm wrote.

Previous research has revealed security flaws in cardiac devices, including pacemakers. The WhiteScope researchers bought and evaluated parts of implantable cardioverter defibrillators and pacemakers from 4 major vendors.”

Mass Device


“Russian search giant Yandex has had its Kiev and Odessa offices raided by Ukraine’s State Security Service (SBU).

The raids were part of a treason investigation seeking to discover whether Ukrainian users’ data had been illegally collected and distributed to Russian security agencies.

Yandex, which says it has 11 million users in Ukraine, denies doing so.

The Ukrainian President, Petro Poroshenko, announced sanctions against the firm earlier this month.

He said Ukrainian ISPs should stop providing access to Yandex and other Russian services.”



“NATO will not rule out invoking Article 5 of its charter should one or more member nations find themselves under a serious cyberattack that threatens critical military and civilian infrastructure.

NATO officials told delegates at the International Conference on Cyber Conflict, or CyCon, in Estonia that the Western alliance would deliver a robust response in the event of a serious and prolonged attack on a member state in cyberspace. Article 5 provides for a united response by NATO states should a member nation come under attack.
Estonia came under a series of coordinated denial-of-service attacks in 2007 that caused serious disruption to state IT infrastructure, including military networks. The cyberattack also targeted online platforms run by the country’s leading banks, denying customers access to their accounts and basic services. “

– Defense News

You May Also Be Interested In…

Additional Posts

NY InfoSec Meet-Up

Join us on June 22nd at Galvanize New York, to hear Paul Fulton, Managing Director, Head of ...

LookingGlass Weekly Phishing Activity: June 6, 2017

The following data offers a snapshot into the weekly trends of the top industries being targeted by ...