Logo Logo
  • Home
  • Modshield SB
  • services
    • Application Security Testing
    • IoT Security Testing
    • Infrastructure Security Testing
    • Testing for Compliance
    • Red Team Exercise
    • Performance Testing
  • Training
    • Cybersecurity Awareness Program
    • Cybersecurity For Developers(Web Application)
    • Cybersecurity For Developers(Mobile Application)
  • Resources
    • Blog
    • CyberNews
  • About
    • Partners
    • Contact

Top Cyber news February Week 3

  • Home
  • Blog Details
February 17 2022
  • CyberNews

Exploiting login details, SMS and Patient details. Learn this weeks’ top cyber news

  • Internet Society data leak exposed 80,000 members’ login details
  • The use of infected Android phones by SMS PVA Services reveals flaws in SMS verification.
  • Data of 116,000 Patients Affected by Cyberattack

Let’s dive deep into this weeks’ cyber news.

Internet Society data leak exposed 80,000 members’ login details

The Internet Society (ISOC), a non-profit dedicated to keeping the internet open and safe, has accused a third-party vendor of the unintended release of the personal data of its 80,000-plus members.

The data, which was stored in an unprotected Microsoft Azure cloud repository, consisted of millions of JSON files with full names, email and mailing addresses, and login information, among other things.

Cyber news: The Internet Society (ISOC), a non-profit dedicated to keeping the internet open and safe, has accused a third-party vendor of releasing the personal information of its 80,000+ members without their permission.
Internet Society data leak

“We can presume that all of the members’ login and related information was exposed to the public internet for an indefinite period of time-based on the size and nature of the exposed repository.” Clario security researchers made the finding with the help of independent researcher Bob on December 8, 2021, and notified the Internet Society. On December 15, a week later, the repository was secured.

The use of infected Android phones by SMS PVA Services reveals flaws in SMS verification.

In the previous two years, the number of short message service (SMS) phone-verified account (PVA) services has increased. Customers can use SMS PVA services to register for online services and platforms using different mobile numbers. These services let people get around the SMS verification methods that many online platforms and services employ to verify new accounts. For illicit activity, malicious actors can generate phone-verified accounts or register disposable accounts in bulk.

Cyber news: Malicious actors can change "authentic user behaviour" on specific sites by utilising SMS PVA accounts. This suggests that the prices of a platform may increase as a result of scams and fraud.
Use of infected Android phones

These SMS PVA services demonstrate that cybercriminals can evade SMS verification on a large scale. This also means that on platforms, there could be authenticated and validated accounts that act like bots, trolls, or fake accounts.

Malicious actors using SMS PVA accounts can alter “authentic user behaviour” on specific sites. This indicates that a platform’s costs could rise as a result of scams and fraud. A platform could potentially be responsible for physical injury or property damage (directly or indirectly).

We can predict how threat actors would use phoney accounts in their scams and criminal operations based on previous uses of these services.

Data of 116,000 Patients Affected by Cyberattack on South Shore Hospital Network

After a cyberattack of the non-network profit’s in early December, South Shore Hospital in Chicago notified 115,670 present and past patients and workers that their data had been compromised.

SSH identified suspicious activity on its network on Dec. 10, 2021, and “initiated its emergency operating processes to continue providing safe patient- and family-centred care,” according to the company. While the event appears to be a ransomware attack, the notice does not disclose any other information about the hack.

Cyber news: South Shore Hospital in Chicago notified 115,670 current and former patients and employees that their data had been exposed following a non-network profit intrusion in early December.
Data of 116,000 Patients Affected

Patient names, Social Security numbers, contact information, dates of birth, financial information, diagnosis, medical data, health insurance policy numbers, and Medicare or Medicaid information were among the damaged data, according to an outside forensics firm.

Stay up to date with our cyber news blogs

Previous Post Next Post

Leave a Comment

Recent Posts

  • SOC 2 Compliance – Complete Guide
  • What is compliance and why do you need it?
  • OWASP WAF – Web Application Firewall
  • Top Cyber News April Week 3
  • Top Cyber News April Week 2

Recent Comments

  1. Vishnu on IEC 62443 – Cybersecurity for Industrial Automation and Control Systems

Archives

  • July 2022
  • June 2022
  • April 2022
  • March 2022
  • February 2022
  • January 2022
  • December 2021
  • November 2021
  • October 2021
  • September 2021
  • August 2021
  • December 2020
  • November 2020
  • October 2020
  • September 2020
  • June 2020

Categories

  • Blog
  • CyberNews
© Copyright 2020. Anada WordPres Theme By WordPressRiver