August has come to an end and before we move ahead, let's have a quick look at the prominent breaches, malware attacks, vulnerabilities and scams that made a major impact in the cybersecurity world.
Talking about malware, security researchers uncovered various new malware last month. The newly discovered malware include SystemBC proxy, LookBack trojan, Lord exploit kit, GermanWiper ransomware, Gwmndy botnet, Saefko trojan and Cerberus Android trojan among others. Apart from these, new variants of DealPly adware, Lokibot trojan, Ursnif trojan, Echobot, Bashlite & Mirai botnets, and Asurex backdoor were also found infecting users' systems, important files, and network infrastructures.
The month of August also witnessed several instances of attacks due to malicious apps. The one that grabbed attention was related to CamScanner app. Experts discovered that the app which had more than 100 million downloads, included a malware which was capable of installing malicious payloads and harvesting users’ data. In another incident, a first-of-its-kind rogue spyware app called Radio Balouch or RB Music was uncovered distributing open-source cyber-espionage tool AhMyth.
In the realm of bugs, threat actors exploited authentication bypass vulnerability, remote code execution vulnerability and other critical security flaws to gain access to systems, servers and networks of organizations. Various new vulnerabilities such as ‘QualPwn flaw’, ‘URGENT/11’, SWAPGS and ‘SockPuppet vulnerability’ were also discovered affecting Qualcomm chips, VxWorks operating system, Intel CPUs and iOS devices respectively.
Several cities and organizations also suffered huge losses as a result of Business Email Compromise (BEC) attacks. This included City of Naples, City of Saskatoon, Collier County, City of Griffin and Portland Public Schools.
Coming to security fixes and patches, Adobe had released a series of updates to fix 118 flaws, while Microsoft had addressed 93 security issues found across its multiple products.
The following is a consolidated report of all major data breaches, malware, vulnerabilities and scams reported in August.