Threat Intelligence Blog

Posted November 15, 2016

This weekly brief highlights the latest threat intelligence news to provide insight into the latest threats to various industries.


“In recent weeks, many more hacker attacks – including some ransomware assaults – on healthcare entities large and small have been added to the federal tally of major breaches, continuing a trend that started in 2015.

A Nov. 7 snapshot of the Department of Health and Human Services’ Office for Civil Rights’ “wall of shame” website of breaches impacting 500 or more individuals shows a continuing uptick in reported hacker incidents compared to last year.”

Healthcare Info Security

Financial Services

Tesco Bank, owned by Britain’s biggest retailer Tesco, halted online transactions from all current accounts on Monday after money was stolen from 20,000 of them in the country’s first such cyber heist.

The bank, which manages 136,000 current accounts, said it would repay people who had lost money in the attack, which targeted 40,000 accounts in all and fuelled fears about the British financial sector’s vulnerability.

Tesco Bank’s Chief Executive Benny Higgins told the BBC he thought “relatively small amounts” had been stolen, but the bank declined to give details of how much money in total had been taken or if it knew how the thefts had transpired.”

– Reuters


In a securities filing on Wednesday, Yahoo said some of its employees knew that a “state-sponsored actor” had broken into its network two years ago.

This was the attack that led to theft of data such as names, dates of birth and passwords associated with more than 500 accounts. It’s considered to be one of the largest ever data breaches affecting a private company.

The company did not state whether, at the time, this attack was disclosed to senior management.”

– ITPro

Law Enforcement

“Despite concerns about possible attempts to hack or otherwise tamper with the U.S. election, voting appears to have gone smoothly, with no attacks or intrusions.

The Department of Homeland Security said it had no reports of election-related cyber breaches.

In Indianapolis, a team of cybersecurity experts fortified by two kinds of pizza and eight cases of Redbull spent Tuesday monitoring for any cybersecurity issues linked to the election — but found none.”

– USA Today


“In the immediate aftermath of a major data breach, cybercriminals will often look to take advantage of the situation by sending phishing emails warning people their credentials aren’t safe and that they must login through a malicious link to ensure they’re safe – when clicking through will just add to their problems.

However, it appears that some hackers and cyber thieves are more than happy to play a longer game, with one group seemingly using last year’s Office of Personnel Management [OPM] data breach as a platform for launching a new Locky ransomware campaign.”


You May Also Be Interested In…

Additional Posts

LookingGlass Ranked Number 90 Fastest Growing Company in North America on Deloitte’s 2016 Technology Fast 500™

LookingGlass Cyber Solutions™ today announced it ranked #90 on Deloitte’s Technology Fast ...

Weekly Phishing Activity: November 14, 2016

The following data offers a snapshot into the weekly trends of the top industries being targeted by ...