Weekly Threat Intelligence Brief: June 7, 2017

Posted June 7, 2017

This weekly brief highlights the latest threat intelligence news to provide insight into the latest threats to various industries.

Healthcare

“The California-based Fortune 500 company Molina Healthcare has been exposing patients’ medical claims online without requiring authentication, according to investigative reporter Brian Krebs.

It’s not clear at this point how long the vulnerability may have been in place.

Last month, Krebs reports, he received an anonymous tip that any Molina customer could access other customers’ medical claims simply by changing a single number in the URL when accessing their own claims — and that no authentication was required to access customer claims online.”

– eSecurity Planet

Information Security

“OneLogin, an online service that lets users manage logins to sites and apps from a single platform, says it has suffered a security breach in which customer data was compromised, including the ability to decrypt encrypted data.

Headquartered in San Francisco, OneLogin provides single sign-on and identity management for cloud-base applications. OneLogin counts among its customers some 2,000 companies in 44 countries, over 300 app vendors and more than 70 software-as-a-service providers.

A breach that allowed intruders to decrypt customer data could be extremely damaging for affected customers. After OneLogin customers sign into their account, the service takes care of remembering and supplying the customer’s usernames and passwords for all of their other applications.”

– Krebs on Security

Pharmaceutical

“Researchers from the security research firm WhiteScope identified cyber vulnerabilities in file system encryption and in the storage of unencrypted patient data across major vendors of implantable cardiac devices, according to the team’s report.

“The findings reveal consistency across all vendors, highlighting the inherent weaknesses in the ecosystem architecture,” the firm wrote.

Previous research has revealed security flaws in cardiac devices, including pacemakers. The WhiteScope researchers bought and evaluated parts of implantable cardioverter defibrillators and pacemakers from 4 major vendors.”

– Mass Device

 Technology

“Russian search giant Yandex has had its Kiev and Odessa offices raided by Ukraine’s State Security Service (SBU).

The raids were part of a treason investigation seeking to discover whether Ukrainian users’ data had been illegally collected and distributed to Russian security agencies.

Yandex, which says it has 11 million users in Ukraine, denies doing so.

The Ukrainian President, Petro Poroshenko, announced sanctions against the firm earlier this month.

He said Ukrainian ISPs should stop providing access to Yandex and other Russian services.”

– BBC

Defense

“NATO will not rule out invoking Article 5 of its charter should one or more member nations find themselves under a serious cyberattack that threatens critical military and civilian infrastructure.

– Defense News

You May Also Be Interested In…

• [WEBINAR] Building a Threat Intelligence Program
• [WHITE PAPER] Building a Threat Intelligence Program That Works For You
• [Data Sheet] LookingGlass Cyber Threat Center
• [Data Sheet] Information Protection