Month: October 2018

In what appears to be the world’s biggest airline data breach, Cathay Pacific announced on October 24, 2018 on Twitter that it has been hacked. Hackers accessed personal information of 9.4 million customers, including:

• Names, nationalities, dates of birth, telephone numbers, emails, physical addresses, passport numbers, identity cards and frequent-flier programs, and historical travel information.
• 403 expired credit card numbers
• 27 non-expired credit numbers with no CVV (Card Verification Value printed on the card)
• About 860,000 passport numbers
• About 245,000 Hong Kong IDs.

The breach took place in March 2018 and was confirmed by investigators in May, however it was disclosed only in October. Some local lawmakers criticized Cathay for taking so long to reveal the breach. Cathay responded, saying it wanted to have an accurate grasp on the situation, and it took immediate steps once the breach was discovered.

Read more about it here.

Over 9 million security cameras, digital video recorders (DVRs), and network video recorders (NVRs) manufactured by Hangzhou Xiongmai Technology Co., Ltd. contain vulnerabilities that can allow a remote attacker to easily take over devices, security researchers at EU-based SEC Consult revealed on October 10, 2018. But end users won’t be able to tell whether they are using a hackable device, because the company doesn’t sell any product with its name on it. Rather, it ships all equipment as white label for other companies to put their name on it. Over 100 companies using Xiongmai devices have been identified so far.

The vulnerability is caused by the devices, creating a secure tunnel with a cloud account. These cloud accounts haven’t been sufficiently protected. The accounts and their passwords can be easily guessed.

Read more about it here.

The United States Department of Homeland Security (DHS) has issued an alert of ongoing activity from an advanced persistent threat (APT) actor targeting global managed service providers (MSPs).

Managed services is the practice of outsourcing on a proactive basis certain processes and functions intended to improve operations and cut expenses. It is an alternative the outsourcing model.

The alert says: “The National Cybersecurity and Communications Integration Center (NCCIC) is aware of ongoing APT actor activity attempting to infiltrate the networks of global managed service providers (MSPs).” The alert provides some mitigation steps.

Read more about it here.

According to a report published by Bloomberg News, China implanted a tiny chip, the size of a grain of rice, on computer equipment manufactured for US companies and government agencies. The attack reached almost 30 U.S. companies, including Amazon and Apple, by compromising America’s technology supply chain. The micro chip was inserted on equipment manufactured in China for US based Super Micro Computer Inc., one of the world’s biggest suppliers of server motherboards.

Amazon discovered the tiny chips when it was about to acquire software firm Elemental, and conducted in 2015 a security assessment of equipment made for Elemental by Supermicro. Amazon reported the discovery to U.S. authorities, sending a shudder through the intelligence community.

Read more about it here.