Threat Intelligence Blog

Posted December 6, 2016

This weekly brief highlights the latest threat intelligence news to provide insight into the latest threats to various industries.


“The Department of Health and Human Services has issued a warning to healthcare sector organizations about a phishing email campaign that pretends to be HIPAA compliance audit communications from HHS’ Office for Civil Rights.

In a Nov. 28 email alert, OCR says that its officials have been made aware that a phishing email is being circulated on “mock” HHS departmental letterhead under the signature of OCR Director Jocelyn Samuels. The fake email appears to be an official government communication, and targets employees of HIPAA-covered entities and their business associates, Samuels says in the OCR alert.”

Healthcare Info Security

Financial Services

Russia said on Friday it had uncovered a plot by foreign spy agencies to sow chaos in Russia’s banking system via a coordinated wave of cyber attacks and fake social media reports about banks going bust.

Russia’s domestic intelligence agency, the Federal Security Service (FSB), said that the servers to be used in the alleged cyber attack were located in the Netherlands and registered to a Ukrainian web hosting company called BlazingFast.

The attack, which was to target major national and provincial banks in several Russian cities, was meant to start on Dec. 5, the FSB said in a statement.”



“A new variant of Shamoon, the malware that wiped hard drives at Saudi Aramco and other energy companies in 2012, has struck multiple organizations in Saudi Arabia in a new campaign that researchers call a “carefully planned operation.” The new variant, which is almost identical to the version used in the 2012 attacks, has replaced the message it previously displayed—which included an image of a burning American flag—with the photo of the body of Alan Kurdi, the 3-year-old Syrian refugee boy who drowned as his family tried to cross from Turkey to Greece.

Bloomberg reports that digital forensics by Saudi officials indicated that the attacks were launched from Iran. Several Saudi government agencies were among the organizations attacked.”

– Ars Technica

Law Enforcement

“Detectives have developed a new tactic to beat criminals using mobile phone encryption – legally “mug” them.

The tactic has emerged after Scotland Yard’s cybercrime unit smashed a fake credit card fraud racket.

Officers realised crucial evidence in the investigation was concealed on a suspect’s iPhone – but it would be unobtainable if the device was locked.”



The United States Navy got hacked, and the personal details of more than 134,000 sailors were accessed, according to a public statement released by US officials this morning.

The US Navy revealed that 134,386 current and former US sailors were exposed by the breach, and the organization is now working on notifying those affected via mail, phone calls, and letters.

HP notified the Navy of the attack on October 27 when the company discovered that one of the laptops used by an employee as part of the Enterprises Services agreement has been hacked. Navy laptops are operated by sailors based on a contract with HP.”


You May Also Be Interested In…

Additional Posts

Thotcon 2017: Chicago, IL

Thotcon 2017 Chicago, IL May 4-5, 2017 THOTCON (pronounced \ˈthȯt\ and taken from THree - One - ...

Weekly Phishing Activity: December 5, 2016

The following data offers a snapshot into the weekly trends of the top industries being targeted by ...