This week’s Threat Report spotlights the growing risks facing both everyday technology users and major global brands. From state-linked insider threats and eSIM vulnerabilities to the widespread exposure of personal data and critical car system flaws, these incidents demonstrate how attackers are evolving rapidly.
A US Air Force cyber defence analyst has pleaded guilty to leaking classified military intelligence through a dating app, raising alarm over insider threats in highly sensitive environments.
Details:
Senior Airman Aaron Bushnell, assigned to the 70th Intelligence, Surveillance and Reconnaissance Wing, used a foreign-based dating platform to share national defence information.
He admitted to knowingly transmitting this information to an individual he believed was affiliated with a foreign government.
The case was uncovered by the FBI and the Air Force Office of Special Investigations (AFOSI) and reveals gaps in vetting and insider threat detection protocols.
Potential Impact:
Compromised national security and defence intelligence
Highlights vulnerability of military staff to foreign social engineering tactics
Increased scrutiny over insider threat monitoring across critical infrastructure
Recommendation:
Strengthen internal threat monitoring protocols for privileged access users
Educate personnel on risks of online platforms and foreign liaisons
Regularly update threat detection systems to flag unusual outbound communications
Implement behaviour-based monitoring across sensitive roles
A critical vulnerability in Kigen's embedded Universal Integrated Circuit Cards (eUICC)—widely used in IoT devices—could allow remote attackers to take control of devices through the cellular network infrastructure.
Details:
Tracked as CVE-2024-39941, the flaw resides in the eIM (eSIM Interoperability Module) used in Kigen’s firmware.
Attackers could potentially hijack mobile sessions, extract data, and impersonate devices in cellular networks.
Millions of IoT devices—particularly in medical, industrial, and automotive sectors—could be affected.
Potential Impact:
Mass-scale IoT disruption through cellular network exploits
Device spoofing and data interception across healthcare and industrial control systems
Undermining of network-based device identity verification
Recommendation:
Urgently apply firmware patches provided by Kigen
Audit IoT devices for affected firmware versions
Segment network access for IoT devices
Work with mobile network providers to monitor for anomalies in eSIM communications
Security researchers have disclosed that a recruitment chatbot used by McDonald’s exposed over 64 million job applications via a misconfigured cloud storage bucket.
Details:
The breach occurred on the “McHire” platform, hosted by third-party firm Paradox.ai.
Data exposed includes names, addresses, CVs, employment history, and contact details.
Files were indexed by public search engines and remained accessible for months before being taken offline.
Potential Impact:
Identity theft and phishing risks for millions of past job applicants
Regulatory penalties due to failure to comply with data protection laws (e.g., GDPR, CCPA)
Damaged trust in both McDonald’s and its third-party vendor
Recommendation:
Review third-party vendor access and cloud storage security policies
Enforce role-based access controls and public file indexing restrictions
Notify affected users and conduct a full forensic analysis
Train HR and marketing teams on responsible data handling
Researchers have identified a new attack framework dubbed “PerfektBlue” which leverages multiple zero-days across various vehicle infotainment and telematics systems to achieve full remote compromise of modern vehicles.
Details:
The attack affects vehicles manufactured between 2015 and 2024 across multiple brands.
Exploits include remote code execution in head units, CAN bus manipulation, and GPS spoofing.
Attackers could disable alarms, track vehicles, hijack control systems, and unlock doors remotely.
Potential Impact:
Endangerment of driver safety through remote control of vehicle functions
Massive risk to fleets using affected models (e.g., healthcare transport services)
Regulatory scrutiny on automotive cybersecurity compliance
Recommendation:
Contact vehicle manufacturers for patch status and apply available firmware updates
Disable remote features if unnecessary or until patched
Conduct vehicle penetration tests as part of procurement and compliance processes
Lobby for stricter software assurance in automotive supply chains
This week’s headlines reflect a sobering reality: cyber risks are infiltrating not just enterprise IT, but everyday tools, vehicles, and job applications. For digital health organisations, especially those leveraging IoT, connected transport, and third-party systems, vigilance is more important than ever.
Stay ahead of emerging cyber threats with real-time insights from Periculo’s Threat Intelligence. Our updates provide you with critical information on the latest vulnerabilities, attacks, and security trends, all designed to help you protect your business and make informed decisions. Contact Us for more details.