Cyware Daily Threat Intelligence July 25, 2018

Top Vulnerabilities Reported in the Last 24 Hours
Remote code execution flaw
Security researchers have discovered two critical remote code execution (RCE) vulnerabilities in AVEVA's  InTouch and InduSoft tools. One of the flaws was a critical stack buffer overflow bug which could have allowed attackers the ability to manipulate process parameters and potentially cause destructive attacks. Meanwhile, the other RCE flaw could allow attackers the ability to exploit the stack buffer overflow bug to inject malicious code. It is highly recommended that users update to the latest patched version.

OpenSSL vulnerability
Two vulnerabilities have been discovered in OpenSSL, which impact  IBM Tivoli Storage FlashCopy Manager (FCM). The first flaw exists in AVX2 Montgomery multiplication procedure. The flaw could be exploited to steal sensitive information such as private key data. Meanwhile, the second vulnerability is an unspecified bug in numerous Oracle products. It could allow attackers to cause low confidentiality impact, low integrity impact, and high availability impact. Patches are available for these issues. Users are advised to update to the latest version.

Top Breaches Reported in the Last 24 Hours
GHAP data breach
Golden Heart Administrative Professionals was hit by hackers. Cybercriminals stole the healthcare data of over 44,000 patients. On April 14, GHAP fell victim to a ransomware attack, which saw attackers gain access to sensitive patient information, including names, addresses, Social Security numbers, dates of birth, medical treatment and diagnosis codes and in some cases, credit card information. Around 6,500 patients who needed an ambulance from 2012 through 2017 are potentially impacted by the breach. 

Virginia bank hack
Virginia-based National Bank of Blacksburg was hacked twice in an eight-month period. The two attacks saw cybercriminals make away with over $2.4 million. The first heist occurred in May 2016 and the second took place in January 2017. In both instances, the bank's employees fell victim to a phishing email, which allowed the attackers to gain access to the bank's networks. 





  • Share this blog:
To enhance your experience on our website, we use cookies to help us understand how you interact with our website. By continuing navigating through Cyware’s website and its products, you are accepting the placement and use of cookies. You can also choose to disable your web browser’s ability to accept cookies and how they are set. For more information, please see our Privacy Policy.