Posted November 14, 2017
This weekly brief highlights the latest Threat Intelligence: Evidence-based knowledge about an existing hazard designed to help organizations make inform decisions regarding their response to the threat. news to provide insight into the latest threats to various industries.
“According to a report released on Tuesday by Forrester Research, Cyber-criminals will up their game in 2018 to drive profits, targeting IoT systems and installing Ransomware: A type of malicious software designed to block access to a computer system until a sum of money is paid. on mission critical POS systems.
Attackers will look to ransomware to generate profits from POS as the EMV standard and end-to-end encryption systems take hold, making it virtually impossible to scrape card data.
According to the firm, Security professionals should focus their efforts on plugging the gaps exposed by default passwords, weak encryption implementations and inadequate patching/remediation capabilities. The report also claimed the 2018 US midterm elections could be another major opportunity for hackers to disrupt, and will provide a clear indication of how resilient the US voting system is.”
“A Russian-linked hacker group, Energetic Bear (but also known as Dragonfly and Crouching Yeti) has been targeting the energy sector in the United States has leveraged a supply chain attack to compromise a website belonging to a Turkish energy company and later used the site as a watering hole attack targeting people associated with Turkish critical infrastructure.
To set up their attacks, Energetic Bear compromises websites that give them exposure to specific targets. They used the same technique for the website of Turcas Petrol, a Turkish energy company, located at turcas.com.tr. This development in attacks could signal growing abilities and enhanced tools leveraged by the hacking group, raising concern for previously targeted sectors.”
“Attackers are combining credential Phishing: The fraudulent practice of sending emails purporting to be from reputable companies in order to induce individuals to reveal personal information, such as passwords and credit card numbers., credit card data theft, and Malware: Software that is intended to damage or disable computers and computer systems. into a single campaign targeting banking details.
While it’s common to see attacks involving phishing or malware, the combination of these tactics in a single campaign targeting Android devices of financial services and banking customers indicates the extent to which attackers are willing to play a longer game in order to get to their goal.
The attacks combine phishing with the distribution of the Marcher Android trojan, a form of banking malware which has been active since at least late 2013. Lures previously used to distribute Marcher include a fake software update, a fake security update, and a fake mobile game.
Uncovered by researchers, the latest Marcher campaign has been ongoing since January and uses a multistep scheme to target customers of Austrian banks.”
Insurance + Healthcare
“A 2017 data breach report from Risk Based Security (RBS) revealed there has been a 305% increase in the number of records exposed in data breaches in the past year.
In Q3 2017, there were 1,465 data breaches reported, bringing the total number of publicly disclosed data breaches up to 3,833 incidents for the year. RBS reports there has been a steady rise in publicly disclosed data breaches since the end of May, with September the worst month of the year. The severity of data breaches has also increased. In 2016, 2.3 billion records were exposed in the first 9 months of the year. In 2017, the figure jumped to 7.09 billion.”