List of Data Breaches, Malware, Vulnerabilities, Scams, and Issued Patches in December 2018

Share Blog post

Happy 2019 to everyone with more opportunities than challenges. 

As we step into the new year with more optimism and vigor, let’s not forget the major cybersecurity events that occurred in December 2018.  

The month December witnessed the discovery of several new malware and vulnerabilities. Researchers uncovered 21 new Linux malware families that operated as trojanized versions of the OpenSSH client. Prolific threat actor groups were found leveraging several new and sophisticated cyber espionage campaigns such as Pied Piper, Operation Sharpshooter and Stolen Pencil to infect systems and spread malware across different organizations worldwide.

A critical security flaw was unearthed in Kubernetes, the popular cloud container orchestration system that could allow attackers to gain elevated access to the computers. The flaw scored a rating of 9.8 on the severity scale. 

In breaches, Quora exposed sensitive data of about 100 million users after hackers gained unauthorized access to the systems. Facebook came under fire again for a faulty Photo API bug that exposed private photos of around 6.8 million users to third-party apps. NASA disclosed a data breach that impacted the personal data of former and current employees. 
 
Amidst all these threats and breaches, Microsoft unleashed security updates to fix 38 vulnerabilities across a large set of its products. Nine of these vulnerabilities were rated ‘Critical’.

Talking about scams, a new bomb threat scam was found doing the rounds in the US. The scammers sent threatening emails, asking the recipients to transfer $20,000 in bitcoins or be a victim of a bomb explosion. 

Here is an aggregated list of breaches, malware, vulnerabilities, scams and patches that were reported in December 2018.

Breaches


Malware


Vulnerabilities


Scams


Patches



 Tags

linux malware families
quora data breach
pied piper campaign
operation sharpshooter campaign
stolen pencil campaign
scammers

Posted on: December 31, 2018

Get the Cyware Blog delivered to your email!


More from Cyware

Stay updated on the security threat landscape and technology innovations at Cyware with our threat intelligence briefings and blogs.


Join Thousands of Other Cyware Followers!