LessThunk.com

DAILY COMMENTARY

 

Cyveillance Weekly Threat Intelligence Brief – September 15, 2015

weekly_1

We publish this weekly threat intelligence brief keep you informed on the latest security incidents and threats. For security news throughout the day, follow us on Twitter. Subscribe to our blog to stay up-to-date on findings from our analyst research reports!

 

Insurance/Healthcare

“Fully 81 percent of healthcare executives say their organizations have been compromised by malware, botnets or cyber attacks at least once in the past two years, according to the findings of the 2015 KPMG Healthcare Cybersecurity Survey [PDF]. The survey of 223 chief information officers, chief technology officers, chief security officers and chief compliance officers at healthcare providers and health plans also found that 13 percent of respondents said they’re targeted by external hack attempts about once a day, and another 12 percent are seeing about two or more such attacks a week.”

eSecurity Planet

Financial Services

“The extortion group known as DD4BC has stepped up the number of attacks this year and is now targeting the financial services industry, according to a new report. […] the report, has identified 114 attacks carried out by DD4BC since April 2015.”

Coin Desk

Legal and Regulations

According to the Secretary of Defense, “urgent and compelling” reasons led to the introduction of new rules regarding incident reporting by Department of Defense (DoD) contractors, as well as security standards for cloud service providers. The interim rules are putting into effect sections of the National Defense Authorization Act for Fiscal Years 2013 and 2015, and were announced without prior opportunity for public comments. The DoD will consider public comments – which have to be submitted on or before Oct. 26 – before issuing the final rule.

Lexology

Pharmaceuticals

“Databases used to storage electronic medical records are prone to information leakage despite being encrypted, according to research from Microsoft. In a paper due to be presented at the ACM Conference on Computer and Communications Security in October, sensitive medial data on patients could be stolen using four methods of hacking.”

SC Magazine

Technology

“The Justice Department on Friday moved to drop charges against a Temple University professor accused of trying to send sensitive superconductor technology to China, a setback in the U.S. government’s push to become more aggressive with China over economic espionage. The dropped charges come as the Federal Bureau of Investigation and the Obama administration have been ramping up efforts to counter what they say is a growing problem of economic espionage directed at U.S. companies by Chinese firms.”

Wall Street Journal

Law Enforcement

“Stung by recent court decisions that have gone against them, Justice Department lawyers are pushing to clarify a computer trespass law that critics malign as overly broad. The 1986 law, known as the Computer Fraud and Abuse Act, was intended to punish hackers who breach someone else’s computer network and steal information from it. But federal prosecutors have struggled at times in applying it to people who have permission to access a computer — a police department database, for instance, or a corporate network — but abuse that right by using it for purposes that have not been authorized.”

Boston Globe

Defense

“Hackers infiltrated the Pentagon food court’s computer system, compromising the bank data of an unknown number of employees. Lt. Col. Tom Crosson, a Defense Department spokesman, said on Tuesday that employees were notified that hackers may have stolen bank account information from people who paid for concessions at the Pentagon with a credit or debit card.”

Washington Examiner

// g?c=a+f+c:(g+=f.length,f=a.indexOf("&",g),c=0<=f?a.substring(0,g)+c+a.substring(f):a.substring(0,g)+c)}return 2E3<c.length?void 0!==d?r(a,b,d,void 0,e):a:c};var ca=function(){var a=/[&\?]exk=([^& ]+)/.exec(t.location.href);return a&&2==a.length?a[1]:null};var da=function(a,b,c){a.addEventListener?a.addEventListener(b,c,!1):a.attachEvent&&a.attachEvent("on"+b,c)};var ea=function(a,b){for(var c in a)Object.prototype.hasOwnProperty.call(a,c)&&b.call(void 0,a[c],c,a)},ga=function(){var a=fa;if(!a)return"";var b=/.*[&#?]google_debug(=[^&]*)?(&.*)?$/;try{var c=b.exec(decodeURIComponent(a));if(c)return c[1]&&1<c[1].length?c[1].substring(1):"true"}catch(d){}return""};var ha=function(a){var b="";ea(a,function(a,d){if(0===a||a)b+="&"+d+"="+encodeURIComponent(String(a))});return b},ia=function(a,b,c){a.google_image_requests||(a.google_image_requests=[]);var d=a.document.createElement("img");if(c){var e=function(a){c(a);a=e;d.removeEventListener?d.removeEventListener("load",a,!1):d.detachEvent&&d.detachEvent("onload",a);a=e;d.removeEventListener?d.removeEventListener("error",a,!1):d.detachEvent&&d.detachEvent("onerror",a)};da(d,"load",e);da(d,"error",e)}d.src=b;a.google_image_requests.push(d)};var ja=function(a,b,c){this.u=a;this.s=b;this.c=c;this.f=null;this.o=this.g;this.w=!1},ka=function(a,b,c){this.message=a;this.fileName=b||"";this.lineNumber=c||-1},ma=function(a,b,c){var d;try{d=c()}catch(e){var f=a.c;try{var g=la(e),f=a.o.call(a,b,g,void 0,void 0)}catch(l){a.g("pAR",l)}if(!f)throw e;}finally{}return d},u=function(a,b){var c=na;return function(){var d=arguments;return ma(c,a,function(){return b.apply(void 0,d)})}};ja.prototype.g=function(a,b,c,d,e){var f={};f.context=a;b instanceof ka||(b=la(b));f.msg=b.message.substring(0,512);b.fileName&&(f.file=b.fileName);0<b.lineNumber&&(f.line=b.lineNumber.toString());a=h.document;f.url=a.URL.substring(0,512);f.ref=a.referrer.substring(0,512);if(this.f)try{this.f(f)}catch(g){}if(d)try{d(f)}catch(l){}d=this.u;try{if((this.w?d.v:Math.random())<(c||d.m)){var q=d.l+(e||this.s)+ha(f),q=q.substring(0,2E3);ia(h,q)}}catch(Q){}return this.c};var la=function(a){var b=a.toString();a.name&&-1==b.indexOf(a.name)&&(b+=": "+a.name);a.message&&-1==b.indexOf(a.message)&&(b+=": "+a.message);if(a.stack){var c=a.stack,d=b;try{-1==c.indexOf(d)&&(c=d+"\n"+c);for(var e;c!=e;)e=c,c=c.replace(/((https?:\/..*\/)[^\/:]*:\d+(?:.|\n)*)\2/,"$1");b=c.replace(/\n */g,"\n")}catch(f){b=d}}return new ka(b,a.fileName,a.lineNumber)};var oa=String.prototype.trim?function(a){return a.trim()}:function(a){return a.replace(/^[\s\xa0]+|[\s\xa0]+$/g,"")},pa=function(a,b){return ab?1:0};var v=Array.prototype,qa=v.indexOf?function(a,b,c){return v.indexOf.call(a,b,c)}:function(a,b,c){c=null==c?0:0>c?Math.max(0,a.length+c):c;if(k(a))return k(b)&&1==b.length?a.indexOf(b,c):-1;for(;c<a.length;c++)if(c in a&&a[c]===b)return c;return-1},ra=v.map?function(a,b,c){return v.map.call(a,b,c)}:function(a,b,c){for(var d=a.length,e=Array(d),f=k(a)?a.split(""):a,g=0;gparseFloat(a))?String(b):a}(),Ea={},Fa=function(a){if(!Ea[a]){for(var b=0,c=oa(String(Da)).split("."),d=oa(String(a)).split("."),e=Math.max(c.length,d.length),f=0;0==b&&f<e;f++){var g=c[f]||"",l=d[f]||"",q=RegExp("(\\d*)(\\D*)","g"),Q=RegExp("(\\d*)(\\D*)","g");do{var m=q.exec(g)||["","",""],K=Q.exec(l)||["","",""];if(0==m[0].length&&0==K[0].length)break;b=pa(0==m[1].length?0:parseInt(m[1],10),0==K[1].length?0:parseInt(K[1],10))||pa(0==m[2].length,0==K[2].length)||pa(m[2],K[2])}while(0==b)}Ea[a]=0<=b}},Ga=h.document,Ha=Ga&&A?Ca()||("CSS1Compat"==Ga.compatMode?parseInt(Da,10):5):void 0;var Ia;if(!(Ia=!za&&!A)){var Ja;if(Ja=A)Ja=9<=Ha;Ia=Ja}Ia||za&&Fa("1.9.1");A&&Fa("9");var B=document,t=window;var C=null;function D(a){return"function"==typeof encodeURIComponent?encodeURIComponent(a):escape(a)}var E=function(a,b){ia(a,b,void 0)},Ka=function(){if(!B.body)return!1;if(!C){var a=B.createElement("iframe");a.style.display="none";a.id="anonIframe";C=a;B.body.appendChild(a)}return!0},La={};var na,Ma="http"+("http:"==t.location.protocol?"":"s")+"://pagead2.googlesyndication.com/pagead/gen_204?id=";na=new ja(new function(){this.l=Ma;this.m=.01;this.v=Math.random()},"jserror",!0);var F=function(a,b){return u(a,b)};var Na=function(a,b,c){if("array"==aa(b))for(var d=0;d<b.length;d++)Na(a,String(b[d]),c);else null!=b&&c.push("&",a,""===b?"":"=",encodeURIComponent(String(b)))},Oa=function(a,b,c){for(c=c||0;c<b.length;c+=2)Na(b[c],b[c+1],a);return a},Pa=function(a,b){var c=2==arguments.length?Oa([a],arguments[1],0):Oa([a],arguments,1);if(c[1]){var d=c[0],e=d.indexOf("#");0e?c[1]="?":e==d.length-1&&(c[1]=void 0)}return c.join("")};var Qa={j:"ud=1",i:"ts=0",A:"sc=1",h:"gz=1"};if(B&&B.URL){var fa=B.URL,Ra=!(fa&&0=b)){var d=0,e=function(){a();d++;db;){if(c.google_osd_static_frame)return c;if(c.aswift_0&&(!a||c.aswift_0.google_osd_static_frame))return c.aswift_0;b++;c=c!=c.parent?c.parent:null}}catch(e){}return null},Wa=function(a,b,c,d,e){if(10<Ua)t.clearInterval(M);else if(++Ua,t.postMessage&&(b.b||b.a)){var f=Va(!0);if(f){var g={};I(b,g);g[0]="goog_request_monitoring";g[6]=a;g[16]=c;d&&d.length&&(g[17]=d.join(","));e&&(g[19]=e);try{var l=L(g);f.postMessage(l,"*")}catch(q){}}}},Xa=function(a){var b=Va(!1),c=!b;!b&&t&&(b=t.parent);if(b&&b.postMessage)try{b.postMessage(a,"*"),c&&t.postMessage(a,"*")}catch(d){}};var N=!1,O=function(a){if(a=a.match(/[\d]+/g))a.length=3};if(navigator.plugins&&navigator.plugins.length){var Ya=navigator.plugins["Shockwave Flash"];Ya&&(N=!0,Ya.description&&O(Ya.description));navigator.plugins["Shockwave Flash 2.0"]&&(N=!0)}else if(navigator.mimeTypes&&navigator.mimeTypes.length){var Za=navigator.mimeTypes["application/x-shockwave-flash"];(N=Za&&Za.enabledPlugin)&&O(Za.enabledPlugin.description)}else try{var P=new ActiveXObject("ShockwaveFlash.ShockwaveFlash.7"),N=!0;O(P.GetVariable("$version"))}catch($a){try{P=new ActiveXObject("ShockwaveFlash.ShockwaveFlash.6"),N=!0}catch(ab){try{P=new ActiveXObject("ShockwaveFlash.ShockwaveFlash"),N=!0,O(P.GetVariable("$version"))}catch(bb){}}};var cb=y("Firefox"),db=wa()||y("iPod"),eb=y("iPad"),fb=y("Android")&&!(va()||y("Firefox")||z()||y("Silk")),gb=va(),hb=y("Safari")&&!(va()||y("Coast")||z()||y("Edge")||y("Silk")||y("Android"))&&!(wa()||y("iPad")||y("iPod"));var R=function(a){return(a=a.exec(x))?a[1]:""};(function(){if(cb)return R(/Firefox\/([0-9.]+)/);if(A||xa)return Da;if(gb)return R(/Chrome\/([0-9.]+)/);if(hb&&!(wa()||y("iPad")||y("iPod")))return R(/Version\/([0-9.]+)/);if(db||eb){var a;if(a=/Version\/(\S+).*Mobile\/(\S+)/.exec(x))return a[1]+"."+a[2]}else if(fb)return(a=R(/Android\s+([0-9.]+)/))?a:R(/Version\/([0-9.]+)/);return""})();var jb=function(){var a=t.parent&&t.parent!=t,b=a&&0<="//tpc.googlesyndication.com".indexOf(t.location.host);if(a&&t.name&&0==t.name.indexOf("google_ads_iframe")||b){var c;a=t||t;try{var d;if(a.document&&!a.document.body)d=new w(-1,-1);else{var e=(a||window).document,f="CSS1Compat"==e.compatMode?e.documentElement:e.body;d=(new w(f.clientWidth,f.clientHeight)).round()}c=d}catch(g){c=new w(-12245933,-12245933)}return ib(c)}c=t.document.getElementsByTagName("SCRIPT");return 0<c.length&&(c=c[c.length-1],c.parentElement&&c.parentElement.id&&0<c.parentElement.id.indexOf("_ad_container"))?ib(void 0,c.parentElement):null},ib=function(a,b){var c=kb("IMG",a,b);return c||(c=kb("IFRAME",a,b))?c:(c=kb("OBJECT",a,b))?c:null},kb=function(a,b,c){var d=document;c=c||d;d=a&&"*"!=a?a.toUpperCase():"";c=c.querySelectorAll&&c.querySelector&&d?c.querySelectorAll(d+""):c.getElementsByTagName(d||"*");for(d=0;d<c.length;d++){var e=c[d];if("OBJECT"==a)a:{var f=e.getAttribute("height");if(null!=f&&0<f&&0==e.clientHeight)for(var f=e.children,g=0;g<f.length;g++){var l=f[g];if("OBJECT"==l.nodeName||"EMBED"==l.nodeName){e=l;break a}}}f=e.clientHeight;g=e.clientWidth;if(l=b)l=new w(g,f),l=Math.abs(b.width-l.width)<.1*b.width&&Math.abs(b.height-l.height)<.1*b.height;if(l||!b&&10<f&&10<g)return e}return null};var lb,S=0,T="",U=!1,V=!1,mb=!1,nb=!0,ob=!1,pb=!1,qb=!1,rb=!1,sb="",tb=0,ub=0,W=0,vb=[],J=null,wb="",xb=[],yb=null,zb=[],Ab=!1,Bb="",Cb="",Db=(new Date).getTime(),Eb=!1,Fb="",Gb=!1,Hb=["1","0","3"],X=0,Y=0,Ib=0,Jb="",Lb=function(a,b,c){U&&(nb||3!=(c||3)||pb)&&Kb(a,b,!0);(mb||V&&ob)&&Kb(a,b)},Mb=function(){var a=yb;return a?2!=a():!0},Kb=function(a,b,c){(b=b||wb)&&!Ab&&(2==Y||c)&&Mb()&&(b=Nb(b,c),E(a,b),rb=!0,c?U=!1:Ab=!0)},Nb=function(a,b){var c;c=b?"osdim":mb?"osd2":"osdtos";var d=["//pagead2.googlesyndication.com/activeview","?id=",c];"osd2"==c&&V&&ob&&d.push("&ts=1");T&&d.push("&avi=",T);lb&&d.push("&cid=",lb);d.push("&ti=1");d.push("&",a);d.push("&uc="+Ib);Eb?d.push("&tgt="+Fb):d.push("&tgt=nf");d.push("&cl="+(Gb?1:0));""!=sb&&(d.push("&lop=1"),c=n()-tb,d.push("&tslp="+c));d=d.join("");for(c=0;c<xb.length;c++){try{var e=xb[c]()}catch(f){}var g="max_length";2<=e.length&&(3==e.length&&(g=e[2]),d=r(d,D(e[0]),D(e[1]),g))}2E3<d.length&&(d=d.substring(0,2E3));return d},Z=function(a,b){if(Bb){try{var c=r(Bb,"vi",a);Ka()&&E(C.contentWindow,c)}catch(d){}0<=qa(Hb,a)&&(Bb="");var c=b||wb,e;e=r("//pagead2.googlesyndication.com/pagead/gen_204?id=sldb","avi",T);e=r(e,"vi",a);c&&(e+="&"+c);try{E(t,e)}catch(f){}}},Ob=function(){Z("-1")},Qb=function(a){if(a&&a.data&&k(a.data)){var b;var c=a.data;if(k(c)){b={};for(var c=c.split("\n"),d=0;d=e)){var f=Number(c[d].substr(0,e)),e=c[d].substr(e+1);switch(f){case 5:case 8:case 11:case 15:case 16:case 18:e="true"==e;break;case 4:case 7:case 6:case 14:case 20:case 21:case 22:case 23:e=Number(e);break;case 3:case 19:if("function"==aa(decodeURIComponent))try{e=decodeURIComponent(e)}catch(g){throw Error("Error: URI malformed: "+e);}break;case 17:e=ra(decodeURIComponent(e).split(","),Number)}b[f]=e}}b=b[0]?b:null}else b=null;if(b&&(c=new H(b[4],b[12]),J&&J.match(c))){for(c=0;cX&&!V&&2==Y&&Rb(t,"osd2","hs="+X)},Tb=function(){var a={};I(J,a);a[0]="goog_dom_content_loaded";var b=L(a);try{Sa(function(){Xa(b)},10,"osd_listener::ldcl_int")}catch(c){}},Ub=function(){var a={};I(J,a);a[0]="goog_creative_loaded";var b=L(a);Sa(function(){Xa(b)},10,"osd_listener::lcel_int");Gb=!0},Vb=function(a){if(k(a)){a=a.split("&");for(var b=a.length-1;0<=b;b–){var c=a[b],d=Qa;c==d.j?(nb=!1,a.splice(b,1)):c==d.h?(W=1,a.splice(b,1)):c==d.i&&(V=!1,a.splice(b,1))}Jb=a.join("&")}},Wb=function(){if(!Eb){var a=jb();a&&(Eb=!0,Fb=a.tagName,a.complete||a.naturalWidth?Ub():G(a,"load",Ub,"osd_listener::creative_load"))}};p("osdlfm",F("osd_listener::init",function(a,b,c,d,e,f,g,l,q,Q){S=a;Bb=b;Cb=d;U=f;lb=Q;l&&Vb(l);V=f;1==q?vb.push(947190538):2==q?vb.push(947190541):3==q&&vb.push(947190542);J=new H(e,ca());G(t,"load",Ob,"osd_listener::load");G(t,"message",Qb,"osd_listener::message");T=c||"";G(t,"unload",Sb,"osd_listener::unload");var m=t.document;!m.readyState||"complete"!=m.readyState&&"loaded"!=m.readyState?("msie"in La?La.msie:La.msie=-1!=navigator.userAgent.toLowerCase().indexOf("msie"))&&!window.opera?G(m,"readystatechange",function(){"complete"!=m.readyState&&"loaded"!=m.readyState||Tb()},"osd_listener::rsc"):G(m,"DOMContentLoaded",Tb,"osd_listener::dcl"):Tb();-1==S?Y=f?3:1:-2==S?Y=3:0

//

The post Cyveillance Weekly Threat Intelligence Brief – September 15, 2015 appeared first on Cyveillance Blog – The Cyber Intelligence Blog.


Categorised as: interesting

Posted by: Vichimen

Comments are disabled on this post


Comments are closed.



Disclaimers – All content here is NOT presented as investment advice; LessThunk is NOT endorsing any website or specific investment by displaying external links.

We may or may-not (coincidentally) hold some quantity of stock or other investment related to any given post, no endorsement is implied in any sense.

css.php