Cyware Daily Threat Intelligence July 25, 2018

Remote code execution flaw
Security researchers have discovered two critical remote code execution (RCE) vulnerabilities in AVEVA's  InTouch and InduSoft tools. One of the flaws was a critical stack buffer overflow bug which could have allowed attackers the ability to manipulate process parameters and potentially cause destructive attacks. Meanwhile, the other RCE flaw could allow attackers the ability to exploit the stack buffer overflow bug to inject malicious code. It is highly recommended that users update to the latest patched version.

OpenSSL vulnerability
Two vulnerabilities have been discovered in OpenSSL, which impact  IBM Tivoli Storage FlashCopy Manager (FCM). The first flaw exists in AVX2 Montgomery multiplication procedure. The flaw could be exploited to steal sensitive information such as private key data. Meanwhile, the second vulnerability is an unspecified bug in numerous Oracle products. It could allow attackers to cause low confidentiality impact, low integrity impact, and high availability impact. Patches are available for these issues. Users are advised to update to the latest version. GHAP data breach
Golden Heart Administrative Professionals was hit by hackers. Cybercriminals stole the healthcare data of over 44,000 patients. On April 14, GHAP fell victim to a ransomware attack, which saw attackers gain access to sensitive patient information, including names, addresses, Social Security numbers, dates of birth, medical treatment and diagnosis codes and in some cases, credit card information. Around 6,500 patients who needed an ambulance from 2012 through 2017 are potentially impacted by the breach. 

Virginia bank hack
Virginia-based National Bank of Blacksburg was hacked twice in an eight-month period. The two attacks saw cybercriminals make away with over $2.4 million. The first heist occurred in May 2016 and the second took place in January 2017. In both instances, the bank's employees fell victim to a phishing email, which allowed the attackers to gain access to the bank's networks.