Search
  • Avantia Threat Update

Air Canada - Flying Not So High!


Getting 'high' has a whole new meaning for Canadians!

Breaches are flying high this week thanks to Air Canada! China’s hospitality industry targeted and the data shows up on the Dark Web. And, in an effort to cut out Google’s cut, the creators of the game Fortnite create massive security challenges for unwitting gamers.

Highlights:

  • Fortnite on Android.

  • Hackers Take Flight!

  • Russian Breach.


In Other News:

Trust Several companies that specialize in developing software designed to spy on one’s spouse or other unsuspecting “targets” have been compromised over the past few years. This category of software, which is essentially spyware installed on the target’s phone, collects a good bit of highly personal and sensitive data. This time, the company who makes the app, TheTruthSpy, was breached, allowing the target’s texts, location information, social media chats and other sensitive data to be extracted and posted on TOR/Dark Web forums for all to see.


Fortnite It seems like every kid on the planet is playing the popular video game, Fortnite, these days. Epic, who is the maker of the hit title, is planning on launching the Android version of the game soon, but not on the Google Play Store… this is an unprecedented move by a well-respected and popular game title, and likely has to do with Epic not wanting to give Google a cut of their money printing machine. This controversial move by the game developer has been made even more so due to Google researchers finding that the app is vulnerable to ‘man in the disk’ attacks. Man in the disk is an attack vector that takes advantage of Android’s less-secure external storage space. The vulnerability has since been patched, but make sure to have your kids update their app. Scratch that… tell your kids to put the game down and go outside and play!

THREAT FOCUS: Air Canada - CANADA Air Canada: Canada’s largest full-service airline.

Exploit: Unclear. Risk to Small Business: High: The number of customers affected is a low percentage of the airline’s customer base, but to most other businesses, a breach of this scale would be much worse. Either way, the breach is extremely damaging to the company due to loss of customer trust. Individual Risk: Extreme: The nature of the data leaked is highly sensitive and useful for identity theft. Date Occurred/Discovered: August 22, 2018 – August 24, 2018

Date Disclosed: August 29, 2018 Data Compromised: Names; Email addresses; Phone numbers; Passport numbers; Passport expiry date; Passport country of issuance; NEXUS numbers; Gender; Dates of birth; Nationality; Country of Residence

Customers Impacted: 20,000 Customers

THREAT FOCUS: Huazhu Hotels Group - CHINA Huazhu Hotels Group: One of China’s largest hotel chains.

Exploit: Unclear. Risk to Small Business: High: The loss of customer trust alone would greatly cost the company, in addition to the other costs associated with a breach. Individual Risk: Extreme: The information is already for sale on the Dark Web. Date Occurred/Discovered: Earlier this month Date Disclosed: August 28, 2018 Data Compromised: ID card number; Mobile phone number; Email address; Login password; Customer name; Home address; Date of birth; Check in time; Departure time; Hotel ID number; Room number

Customers Impacted: 130 million Customers

THREAT FOCUS: ABBYY Software - RUSSIA ABBYY: Moscow-based optical character recognition software provider.

Exploit: Exposed database. Risk to Small Business: Extreme: Sensitive internal documents were exposed that could have major effects on their business. Individual Risk: Low: Only corporate documents were exposed. Date Occurred/Discovered: August 19, 2018 Date Disclosed: August 27, 2018 Data Compromised: Contracts; Non- disclosure agreements; Memos; Other confidential documents.

Customers Impacted: 200,000 sensitive documents stolen.


POSTSCRIPT:

Scam, Scam, Go Away. Australia is well-known (amongst non-Australians) to be a dangerous place, with many poisonous plants, snakes and animals that inhabit its borders. Another danger in the outback is Cybercriminals! According to the Australian Competition and Consumer Commission (ACCC) most recent report, Australian Small Businesses have been scammed out of $2.3 million so far in 2018. The scam that most frequently targeted businesses is the false-billing scam, while employment and investment scams syphoned the most amount of money away from Australian businesses.

Stay safe and make sure to have a healthy dose of suspicion when dealing with unexpected emails, especially those that deal with money!



Consider this: When you think about Cyber Security think about the ones you care the most about – your family. If you have children or young adults using Smartphones, Tablets or Laptops consider their vulnerability. Do you want to put their digital selves in the hands of pedophiles, scammers and cyber criminals. The purchase of children’s digital credentials (username/password) is big business on the Dark Web. Check out our inexpensive Individual or Family monitoring service – it’s a ‘no brainer’ for your peace of mind. CLICK HERE FOR PRICING


Disclaimer: Avantia Corporate Services Pty Ltd provides the content in this publication for general information only and has compiled the content from number of sources believed to be reliable. No warranty, implied or otherwise, is given as to its accuracy or fitness for use, no validation or investigation has been performed by Avantia Corporate Services or the Author as to its accuracy or reliability. Readers should conduct their own investigation and come to their own conclusions before taking any action.

Subscribe below to receive our weekly Threat Updates straight to your inbox.

Call (07) 3010 9711 

info@avantiacorp.com.au

 

Avantia Corporate Services Pty Ltd,                    Level 7, 320 Adelaide Street

Brisbane, Queensland 4000

AUSTRALIA.

  • LinkedIn Social Icon
  • Facebook Social Icon

DISCLAIMER*: Avantia Corporate Services Pty Ltd and Avantia Cyber Security provides the content in this publication to the reader for general information purposes only and has compiled the content from a number of sources in Australia, the USA, and up to 56 other countries who provide cyber breach and cybersecurity information to us in real-time. Given their international focus and experience in the cyberspace arena, we believe their data to be accurate and reliable, however, we give no warranty (implied or otherwise), as to the content's accuracy or fitness for use. No validation or investigation has been performed by Avantia Corporate Services or the Author as to its accuracy or reliability. Readers should conduct their own investigation and come to their own conclusions before taking any action.

*COPYRIGHT 2020* Avantia Corporate Services  PTY LTD - All Rights Reserved.

© 2020 by Avantia CORPORATE SERVICES . All Rights Reserved.