Threat Intelligence Blog

This weekly brief highlights the latest threat intelligence news to provide insight into the latest threats to various industries.

Defense

“Senator John McCain wrote in his new book that America should seriously consider a cyberattack to retaliate for Russia’s meddling in U.S. elections, to send a strong message to the superpower. The book, titled “The Restless Wave” and scheduled for a May 22 release, also touches on accusations that Russia could have compromising material related to U.S. President Donald Trump and confirms that McCain has reviewed a copy of the Steele dossier, opposition research authored by an ex-British spy that includes salacious allegations about Trump and his alleged ties to Russia.”

 –Defense News

Technology

“Twitter revealed that a bug caused the platform to store user passwords in an unmasked form meaning that it is possible that Twitter stored plain text passwords openly without any hashing on an internal log. Twitter notes that it currently has “no reason to believe password information ever left Twitter’s system” or that these unprotected passwords were accessed by hackers, but the risk of the unknown remains. The company has advised users to change their passwords as a precautionary measure. At this time, Twitter declined to provide additional technical details on the incident but emphasized that it believes the likelihood that the passwords were discoverable is “extremely low” and an internal investigation has revealed no indications of a breach or other misuse.”

Risk Takers

Information Security Risk

“A bank in Australia lost the personal financial histories of 12 million customers, and chose not to reveal the breach to consumers, in one of the largest financial services privacy breaches ever to occur in Australia. The nation’s largest bank lost the banking statements for customers from 2004 to 2014 after a subcontractor lost several tape drives containing the financial information in 2016. While the bank initially notified the Office of the Australian Information Commissioner (OAIC) of the breach shortly after it became aware of it in 2016, a spokesperson for the OAIC said it was now making further inquiries into the privacy breach, following a damning report into the bank’s culture. The breach occurred in 2016 when the bank’s subcontractor Fuji Xerox was decommissioning a data storage center where some Bank customer data was stored.”

BuzzFeed

Operational Risk

“A new spam campaign designed to infect victims with GandCrab ransomware has surged, as the criminals behind the scheme look to infect as many victims as possible. Analysis by researchers at a security company found that three new samples of GandCrab 2.1 are being distributed as the payload in a single mass spam campaign. “This means that newly created samples are being pushed simultaneously, possibly with different configurations, or simply in an attempt to evade specific file signatures,” said researchers. Tens of thousands of GandCrab spam emails are being distributed each day, with mail servers hosted in the US representing the most common target by far, accounting for three quarters of deliveries. When it comes to successful infections, the US currently accounts for the fourth largest percentage of victims, behind Peru, Chile and India.”

 –ZDNet

Additional Posts

Goldman Sells In-House Cybersecurity Software to Tech Company Product combines threat intelligence and investigation

Goldman Sachs Group Inc. is selling cybersecurity software it developed to a company that ...

A Guide To Threat Intelligence Selection And Use

When operationalized effectively, threat intelligence can help companies identify business risks ...