Go to listing page

Cyware Daily Threat Intelligence, June 15, 2022

Cyware Daily Threat Intelligence, June 15, 2022

Share Blog Post

The most awaited Follina patch has arrived! However, more cyber threats have emerged in the past 24 hours. Top chip manufacturers, such as Intel and AMD, have shown their vulnerable sides. A report has uncovered that threat actors could reach users’ crypto keys by launching a side-channel attack named Hertzbleed. Independent advisories have been issued by the firms. 

Several spyware-laced apps have been spotted on Google Play Store. With at least five of them still active, they can steal your phone and banking data while also causing unsolicited, unauthorized charges.


Top Breaches Reported in the Last 24 Hours


PHI exposed at CHI Health
Nebraska-based non-profit CHI Health disclosed a data breach through its vendor MCG Health. The event exposed some patients' PHI, such as SSNs, medical codes, phone numbers, and email addresses. The number of victims is yet to be determined and the nature of the attack wasn’t disclosed. The incident has also impacted nearly 700 individuals at Avera Health.

Ambulance billing service attacked
Some servers of Comstar, a U.S. ambulance billing service, were targeted in a cyberattack that resulted in the exposure of sensitive information belonging to medical patients. Personal and health data, including health insurance information, drivers’ licenses, and financial account information, of an unknown number of patients were laid bare in the aftermath of the intrusion.

Top Malware Reported in the Last 24 Hours


BlackCat launches search site
The BlackCat ransomware group, aka ALPHV, has created a dedicated website for customers and employees of its victims to check if their data was compromised in its attacks. The group has begun its extortion game by listing data from a hotel and spa in Oregon. It claims to have harvested 112GB of data, including the personal data of more than 1,500 employees.

Spyware apps on Google Play Store
Dr. Web has noted the rising malware threats in the wake of widespread adware and information stealing trojans on the Google Play Store. These are presently hidden in apps posing as utility apps for wallpaper, photo editor, horoscope, and others. Going by users’ reviews, those reported earlier were still demonstrating malicious functionality. Separately, Cyble researchers also reported the Hydra banking trojan on the platform.

Top Vulnerabilities Reported in the Last 24 Hours


Citrix administrator at risk
A critical flaw was discovered in Citrix Application Delivery Management (ADM) that could essentially allow an attacker to take over administrative controls. Tracked as CVE-2022-27511, the flaw is described as an improper access control issue. The firm also addressed CVE-2022-27512 in the current patch roll-out, which is an issue regarding the improper control of resources.

SAP’s June 2022 Patch
SAP has released 17 new and updated SAP Security Notes as part of its June 2022 Security Patch Day. The list includes one HotNews note (the highest severity rating in SAP’s book) and three High Priority notes. The HotNews patch refers to the latest tested Chromium release 101.0.4951.54 for SAP Business Client. One of the High Priority patches addresses improper access control in the SAProuter proxy in NetWeaver and ABAP Platform.

Microsoft fixes Follina
A patch has been made available to address an actively exploited Windows zero-day vulnerability called Follina. Follina was being abused since April and its disclosure only accelerated its pace of exploitation. As a part of its Patch Tuesday updates, Microsoft fixed 55 other flaws, three of which were rated Critical, 51 as Important, and one as Moderate in severity.

Hertzbleed impacts Intel and AMD
A team of researchers has discovered weaknesses in processors from Intel, AMD, and other companies, which attackers can remotely abuse to obtain encryption keys and other sensitive data traveling through the hardware. Named Hertzbleed, the power side-channel attack uses Dynamic Voltage and Frequency Scaling (DVFS) feature in modern CPUs. The vulnerability is tracked as CVE-2022-24436 for Intel chips and CVE-2022-23823 for AMD CPUs.

 Tags

google play store
blackcat ransomware group
sap security notes
amd processors
hertzbleed
intel chips
citrix adm
chi health
follina flaw
comstar
hydra banking trojan
avera health

Posted on: June 15, 2022


More from Cyware

Stay updated on the security threat landscape and technology innovations at Cyware with our threat intelligence briefings and blogs.