List of Data Breaches, Malware, Vulnerabilities, Scams, and Issued Patches in December 2018

Happy 2019 to everyone with more opportunities than challenges. 

As we step into the new year with more optimism and vigor, let’s not forget the major cybersecurity events that occurred in December 2018.  

The month December witnessed the discovery of several new malware and vulnerabilities. Researchers uncovered 21 new Linux malware families that operated as trojanized versions of the OpenSSH client. Prolific threat actor groups were found leveraging several new and sophisticated cyber espionage campaigns such as Pied Piper, Operation Sharpshooter and Stolen Pencil to infect systems and spread malware across different organizations worldwide.

A critical security flaw was unearthed in Kubernetes, the popular cloud container orchestration system that could allow attackers to gain elevated access to the computers. The flaw scored a rating of 9.8 on the severity scale. 

In breaches, Quora exposed sensitive data of about 100 million users after hackers gained unauthorized access to the systems. Facebook came under fire again for a faulty Photo API bug that exposed private photos of around 6.8 million users to third-party apps. NASA disclosed a data breach that impacted the personal data of former and current employees. 
 
Amidst all these threats and breaches, Microsoft unleashed security updates to fix 38 vulnerabilities across a large set of its products. Nine of these vulnerabilities were rated ‘Critical’.

Talking about scams, a new bomb threat scam was found doing the rounds in the US. The scammers sent threatening emails, asking the recipients to transfer $20,000 in bitcoins or be a victim of a bomb explosion. 

Here is an aggregated list of breaches, malware, vulnerabilities, scams and patches that were reported in December 2018.

Breaches


Malware


Vulnerabilities


Scams


Patches






  • Share this blog:
Previous
How Cyber Threat Intelligence has become a game changer for organization security?
Next
Impact of STIX and TAXII on the cybersecurity landscape
To enhance your experience on our website, we use cookies to help us understand how you interact with our website. By continuing navigating through Cyware’s website and its products, you are accepting the placement and use of cookies. You can also choose to disable your web browser’s ability to accept cookies and how they are set. For more information, please see our Privacy Policy.