Threat Intelligence Blog

Posted March 27, 2018

This weekly brief highlights the latest threat intelligence news to provide insight into the latest threats to various industries.

Technology

“Expedia subsidiary Orbitz today revealed hackers may have accessed personal information from about 880,000 payment cards. The business said an investigation showed that the breach may have occurred between Jan. 1, 2016 and Dec. 22, 2017 for its partner platform, and between Jan. 1, 2016 and June 22, 2016 for its consumer platform. Information such as names, phone numbers, email and billing addresses may have been accessed, the travel website operator said. It said its website, Orbitz.com, was not impacted. “To date, we do not have direct evidence that this personal information was actually taken from the platform and there has been no evidence of access to other types of personal information, including passport and travel itinerary information,” Orbitz said. The company said it has addressed the breach after it was discovered in March this year. Credit card issuer American Express said in a statement that the attack did not compromise its platforms.”

 –Reuters

Energy

“Dozens of demonstrators were arrested and three police officers were injured during protests at the Kinder Morgan site in Burnaby this week. Mounties said at least a dozen people were arrested on Shellmont Street Tuesday, many of whom had breached a court-ordered injunction involving the Trans Mountain facility. The arrests came a day after 19 people were arrested at a similar protest, 13 of whom had breached the injunction. One male protester was arrested after locking himself to the front of an excavator being transported on the back of a truck. He was extracted from the lock and held in civil contempt of a court ordered injunction. A woman was arrested after climbing on top of the same excavator and refusing to come down. She eventually did climb down after what RCMP described as “hours of negotiation.””

CTV

Information Security Risk

“Facebook says it has suspended the account of Cambridge Analytica amid reports it harvested the profile information of millions of US voters without their permission. The company reportedly stole information from 50 million Facebook users’ profiles, to help them design software to predict and influence voters’ choices at the ballot box. Also suspended were the accounts of its parent organization, Strategic Communication Laboratories, as well as those of two University of Cambridge psychologists and a Canadian data analytics expert who worked with them. The premise of the collection was through the use of an app, which offered a personality prediction test, describing itself on Facebook as “a research app used by psychologists.” Some 270,000 people downloaded the app allowing researchers to access information such as the city listed on their profile, or content they had “liked.” However, the app also collected the information of the test-takers’ Facebook friends, leading to the accumulation of a data pool tens of millions-strong.”

The Guardian

Operational Risk

“A new variant of the FakeBank Android malware includes the ability to intercept phone calls victims are making to their banks and redirecting users to scammers. This new FakeBank variant is currently active in South Korea, researchers said. Experts found the FakeBank banking trojan inside 22 Android apps distributed via third-party app stores and via links shared on social media sites.”


Additional Posts

Elevating Your Security Posture with Threat-Intelligence-as-a-Service

Every enterprise organization is in a security arms-race that they must win. As technology becomes ...

Camouflage & Deception: A New Approach to Threat Mitigation

Organizations are faced with threats that range from annoyances to more sophisticated threats ...