Cyware Daily Threat Intelligence January 14, 2019

Top Breaches Reported in Last 24 Hours

MHS suffers a data breach
The Managed Health Services(MHS) of Indian Health Plan recently disclosed that it has suffered a data breach that may have resulted in the compromise of personal data of up to 31,000 patients. The exposed information includes names, insurance ID numbers, addresses, dates of birth, medical conditions and dates of service of patients. The breach occurred between July 30 and September 7, 2018, after hackers gained access to employee email accounts at MHS partner LCP Transportation. 

APT 10 blamed for Keidanren attack 
According to researchers, the infamous Chinese hacking group APT 10 is behind the data leak of Japan's major business lobby Keidanren. The attack occurred in 2016. Experts found that the type of virus used in the attack is identical to those used by the APT10 group in previous attacks. The data leaked in the attack included information regarding policy recommendations, name lists of internal committees and email exchanges with public officers and member companies.  

Top Vulnerabilities Reported in Last 24 Hours

WhatsApp privacy bug
A privacy bug in WhatsApp that exposes users' WhatsApp message history in plain text has been discovered recently. The issue came into limelight after a user activated the WhatsApp on a new device using a new phone number. The WhatsApp mysteriously displayed the message history associated with the WhatsApp account of the previous owner of the same SIM/mobile number. Experts suggest that the bug exists in WhatsApp's '45-day message deleting mechanism' feature. In order to mitigate the issue, users are advised to delete their WhatsApp account before they stop using a SIM. 

CISCO releases security patches
CISCO has released 18 security updates to address vulnerabilities in its products. The update includes fixes for critical flaws - CVE-2018-15453 and CVE-2018-15460. While CVE-2018-15453 could be triggered by a malicious email, CVE-2018-15460 could enable a permanent Denial-of-Service condition on targeted devices. The CVE-2018-15453 could allow a remote attacker to cause an affected device to corrupt system memory. 

Top Scams Reported in Last 24 Hours

New OTP theft detected
A new form of One Time Password(OTP) theft has been discovered targeting many IT employees. The fraud involves either fraudster fooling the victims into giving away their OTPs or using malware to get the SMSes related to OTPs. The OTP is then used to transfer money from the victims' accounts to their own. The scam begins by perpetrators calling the victim posing as a bank employee and asking him to update or renew his credit/debit cards. The victim is required to provide the card number and CVV number to scammers. After that, the victim receives an SMS regarding OTP which is to be shared with the scammers. Such SMSes are in encrypted form and do not contain any legible text.





  • Share this blog:
To enhance your experience on our website, we use cookies to help us understand how you interact with our website. By continuing navigating through Cyware’s website and its products, you are accepting the placement and use of cookies. You can also choose to disable your web browser’s ability to accept cookies and how they are set. For more information, please see our Privacy Policy.