Cyware Daily Threat Intelligence June 06, 2018

Google patches bugs
As part of its June 2018 update, Google has patched 57 vulnerabilities affecting the Android operating system and kernel and chipset components. These components are tied to the third-party firms MediaTek, NVIDIA, and Qualcomm. Of the 57 vulnerabilities, eleven are rated critical and the rest are rated high.

Flaw in F-Secure products
A critical remote code execution flaw has been discovered in F-Secure's file scanner implementation. The flaw affects most of the F-Secure's Windows endpoint protection products. Hackers can exploit this flaw locally and remotely for privilege escalation. F-Secure products for macOS and Linux are not affected by this issue. 92 million account details exposed
Account details belonging to more than 92 million customers of Israel-based genealogy and DNA testing service MyHeritage, have been exposed. Exposed data included email IDs and hashed passwords. MyHeritage clearly stated on its website that they are making significant investments to make sure that user credentials are secured.

Transamerica security breach
A security breach has been reported by Transamerica, where hackers managed to delete some of the customer's sensitive information. Victims' sensitive information like names, DoB, account numbers, and social security numbers were also reportedly stolen. Transamerica is investigating the matter and has contacted appropriate law enforcement agencies to help them out.

Cyber attack on Ukraine
Unidentified hackers attempted at launching attacks against an embassy of a NATO member state in Kiev, Ukraine. Ukraine’s state security service (SBU) quickly intervened and prevented the attack. As per reports released by SBU, hackers used information from its health ministry to launch the attack. Australian webcams hacked
Scammers have hacked several webcams and filmed dozens of Australians in their homes to create fake testimonials. These videos were uploaded to YouTube in order to convince future targets that their services are legitimate. Scammers users fake tech support websites to gain access to the webcams.

Hackers target booking[.]com users
Users of booking[.]com are being targeted to steal login credentials. Scammers are sending WhatsApp texts claiming that their account has been hacked. Users are asked to change their passwords at once. The data under threat include names, addresses, phone numbers, dates and prices of bookings, and reference numbers.