Threat Intelligence Blog

This weekly brief highlights the latest threat intelligenceThreat Intelligence: Evidence-based knowledge about an existing hazard designed to help organizations understand the risks common and severe external threats, used to inform decisions regarding the subject’s response. LookingGlass Cyber (n) - Actionable, relevant, and timely information that can help when assessing the security posture of an organization. A little more left. No no, that’s now too far... news to provide insight into the latest threats to various industries.


“The Food and Drug Administration’s recently issued final guidance on the post-market cybersecurityCybersecurity: A set of security techniques that are designed to protect the integrity of computer systems, programs and data from theft and damage to their hardware, software or other information as well as the disruption and misappropriation of their services. LookingGlass Cyber (n) - Professional paid ninjas who protect the cyber world from cyber attacks. Everybody is doing it, but we have the double black belt with the Versace logo. So yeah, we’re really good. of medical devices outlines important steps that hospitals, clinics and others must take to better protect patient data and keep patients safe, say Karl West, CISO at Intermountain Healthcare, and Mike Nelson of DigiCert.

“An overarching theme of the guidance is to make sure a risk assessment is done, and for healthcare organizations … that’s a very important step in understanding the vulnerabilities and risks that are present in those devices,” Nelson points out in an interview with Information Security Media Group.”

Healthcare Infosecurity

Financial Services

“A researcher has discovered an SSL bug affecting Big-IP appliances from F5 Networks and dubbed it “Ticketbleed” for its similarities to the 2014 Heartbleed bug.

According to Cloudflare’s Filippo Valsorda, the bug strikes when virtual servers running on Big-IP appliances are configured with a Client SSL profile that has the non-default Session Tickets option enabled. The server can be tricked into leaking 31 bytes of memory at a time.”

– SC Magazine


“The UK’s largest sporting retailer, Sports Direct, reportedly suffered a data breach last year but has been accused of failing to tell its workforce that their personal details – including names, email addresses and phone numbers – may have been accessed by a hacker.

The cyberattack allegedly hit the firm in September after a hacker was able to exploit software bugs in an unpatched content management system (CMS) platform that was being used as a staff web portal, The Register reported on 8 February.”

IB Times


Following a breach, the Taiwan-based computer manufacturer Acer will pay $115,000 and improve its security practices in a settlement with the New York State Attorney General (NYSAG) Eric T. Schneiderman.

The breach, first reported in June 2016, included personally identifiable information (PII) – including names, addresses, email addresses, card numbers, expiration dates, security codes and user names and passwords – and was accessed over a one-year period, May 2015 through April 2016. The PII of more than 35,000 Acer customers across the U.S., Canada and Puerto Rico was compromised, including more than 2,200 in New York State.”

SC Magazine


According to Claudio Guarnieri and Collin Anderson, two independent security researchers who have been tracking Iranian hackers for the past few years, the malwareMalware: A generic term for a software that is designed to disable or otherwise damage computers, networks and computer systems LookingGlass Cyber (n) - another type of cold that can destroy a computer by latching on to destroy other programs. has also been used against a human rights advocate.

The malware, dubbed MacDownloader, attempts to pose as both an installer for Adobe Flash, as well as the Bitdefender Adware Removal Tool, to extract system information and copies of OS X keychain databases.”

SC Magazine

You May Also Be Interested In…

Additional Posts

Four Disruptive ‘Cyber Trends’ At RSA

As an industry analyst and Forbes contributor who writes about digital transformation, I am always ...

LookingGlass Recognized as Best Overall Security Company by Info Security Products Guide

LookingGlass, a leader in threat intelligence driven security, today announced that they have been ...