Cookie Settings

This website uses cookies and similar technologies to provide essential functionality and improve your experience. Some features, such as demo scheduling and chat support, require marketing cookies to function. By clicking "Accept All", you consent to all cookies. Alternatively, you can customize your preferences, but note that declining marketing cookies will limit certain website features.

Skip to main content

Cyware Daily Threat Intelligence

Cyware Daily Threat Intelligence - Featured Image

Daily Threat Briefing Jun 15, 2022

The most awaited Follina patch has arrived! However, more cyber threats have emerged in the past 24 hours. Top chip manufacturers, such as Intel and AMD, have shown their vulnerable sides. A report has uncovered that threat actors could reach users’ crypto keys by launching a side-channel attack named Hertzbleed. Independent advisories have been issued by the firms.

Several spyware-laced apps have been spotted on Google Play Store. With at least five of them still active, they can steal your phone and banking data while also causing unsolicited, unauthorized charges.

Top Breaches Reported in the Last 24 Hours

PHI exposed at CHI Health

Nebraska-based non-profit CHI Health disclosed a data breach through its vendor MCG Health. The event exposed some patients' PHI, such as SSNs, medical codes, phone numbers, and email addresses. The number of victims is yet to be determined and the nature of the attack wasn’t disclosed. The incident has also impacted nearly 700 individuals at Avera Health.

Ambulance billing service attacked

Some servers of Comstar, a U.S. ambulance billing service, were targeted in a cyberattack that resulted in the exposure of sensitive information belonging to medical patients. Personal and health data, including health insurance information, drivers’ licenses, and financial account information, of an unknown number of patients were laid bare in the aftermath of the intrusion.

Top Malware Reported in the Last 24 Hours

BlackCat launches search site

The BlackCat ransomware group, aka ALPHV, has created a dedicated website for customers and employees of its victims to check if their data was compromised in its attacks. The group has begun its extortion game by listing data from a hotel and spa in Oregon. It claims to have harvested 112GB of data, including the personal data of more than 1,500 employees.

Spyware apps on Google Play Store

Dr. Web has noted the rising malware threats in the wake of widespread adware and information stealing trojans on the Google Play Store. These are presently hidden in apps posing as utility apps for wallpaper, photo editor, horoscope, and others. Going by users’ reviews, those reported earlier were still demonstrating malicious functionality. Separately, Cyble researchers also reported the Hydra banking trojan on the platform.

Top Vulnerabilities Reported in the Last 24 Hours

Citrix administrator at risk

A critical flaw was discovered in Citrix Application Delivery Management (ADM) that could essentially allow an attacker to take over administrative controls. Tracked as CVE-2022-27511, the flaw is described as an improper access control issue. The firm also addressed CVE-2022-27512 in the current patch roll-out, which is an issue regarding the improper control of resources.

SAP’s June 2022 Patch

SAP has released 17 new and updated SAP Security Notes as part of its June 2022 Security Patch Day. The list includes one HotNews note (the highest severity rating in SAP’s book) and three High Priority notes. The HotNews patch refers to the latest tested Chromium release 101.0.4951.54 for SAP Business Client. One of the High Priority patches addresses improper access control in the SAProuter proxy in NetWeaver and ABAP Platform.

Microsoft fixes Follina

A patch has been made available to address an actively exploited Windows zero-day vulnerability called Follina. Follina was being abused since April and its disclosure only accelerated its pace of exploitation. As a part of its Patch Tuesday updates, Microsoft fixed 55 other flaws, three of which were rated Critical, 51 as Important, and one as Moderate in severity.

Hertzbleed impacts Intel and AMD

A team of researchers has discovered weaknesses in processors from Intel, AMD, and other companies, which attackers can remotely abuse to obtain encryption keys and other sensitive data traveling through the hardware. Named Hertzbleed, the power side-channel attack uses Dynamic Voltage and Frequency Scaling (DVFS) feature in modern CPUs. The vulnerability is tracked as CVE-2022-24436 for Intel chips and CVE-2022-23823 for AMD CPUs.

Related Threat Briefings