List of Data Breaches, Malware, Vulnerabilities, Scams, and Issued Patches in December 2019
Snatch ransomware • Jan 2, 2020
Wishing a happy 2020 to everyone with more adventures and opportunities!
As we step into the new year with more optimism and vigor, let’s not forget the major cybersecurity events that occurred in December 2019.
The month of December witnessed several malicious campaigns due to Emotet trojan. For most of the attacks, the malware was distributed through phishing emails disguised as festival-themed parties or climate change invitation. In other cases, the attackers exploited the known vulnerabilities to spread the trojan variants.
Security researchers also came across several newly discovered malware such as Poison Frog, ZeroCleare, Snatch ransomware, Lampion trojan, Krampus-3PC, Mozi botnet, and Buer downloader. Variants of VegaLocker ransomware, Echobot, and Glupteba were also uncovered wreaking havoc on different systems, processes, and networks.
Ransomware operators came up with a new tactic to name and shame the affected organizations and cities on their websites if they do not receive the ransom. In one such incident, operators of Maze ransomware had publicly disclosed around 2GB of stolen information from the city of Pensacola on its websites after the latter rejected the demand of a $1,000,000 ransom.
Two new critical vulnerabilities, named Plundervolt and Magellan 2.0, were also found affecting Intel CPU and Google Chrome versions prior to 79.03945.79.
Amid all these new threats and malware, there was also a massive crackdown on the internal infrastructures used by the Imminent MonitorRAT and Thallium threat actor group. Their operations were shut down after security experts got hold of their systems, networks, and malicious domains.
A pool of security updates was also issued to fix multiple flaws affecting Apple, Intel, and Siemens products. While Siemens Industrial control systems were affected by a total of 54 vulnerabilities, Apple’s macOS Catalina was impacted by 52 flaws.
Breaches
Millions of SMS messages exposed in database security lapse
Buyback website reveals details of 37,000 gun owners
Twitter account of Huawei Mobile Brazil hacked
Tuft & Needle Exposed Thousands of Customer Shipping Labels
Smith & Wesson Web Site Hacked to Steal Customer Payment Info
Australia's Largest IVF Provider 'Monash IVF Group' Targeted in a Cyberattack
HackerOne breach lets outside hacker read customers’ private bug reports
British American Tobacco Suffers Data Breach and Ransomware Attack
UK Retailer Sweaty Betty Hacked to Steal Customer Payment Info
Ransomware Attack Hits Major US Data Center Provider
Yet Another School District Hit by Ransomware, This Time in Illinois
A Sprint Contractor Left Thousands of US Cell Phone Bills on the Internet by Mistake
Hackers Trick Venture Capital Firm Into Sending Them $1 Million
Ransomware Writes Drama at Shakespeare Theatre
Data Breach Impacts Thousands of Fort Worth Water Customers
Report: BMW and Hyundai Hacked by Vietnamese Hackers
Academy Sports notifies online customers of suspicious activity
Ransomware at Colorado IT Provider Affects 100+ Dental Offices
Security flaw in Airtel app exposes customers data, fixed now
Bitcoin Ransomware Locks 10 Years’ Worth of Government Data in Argentina
PR Software Firm Exposes Data on Nearly 500k Contacts
A Saudi Telecom Exposed a Streaming List of GPS Locations
Over 750,000 Applications for US Birth Certificate Copies Exposed Online
Pensacola Hit by Cyberattack After Fatal Shooting at Naval Station
2.7 Billion Email Addresses Exposed Online, 1 Billion+ Include Passwords
Iran Banks Burned, Then Customer Accounts Were Exposed Online
Louisiana State Government Systems Down Following Ryuk Ransomware Attack
Thousands of iPR Software Users Exposed on Amazon S3 Bucket
Mississippi City Operations Disrupted by Ransomware Attack
460,000 Turkish Card Details Put Up for Sale, Web Skimmers Suspected
Iran says it foiled "very big" foreign cyber attack
Arrest Data Exposed by South Carolina Firm Included Personal Info of Juvenile Suspects
Ransomware Hits Florida PRIDE On Saturday, Systems Still Down
Maze Ransomware Demands $6 Million Ransom From Southwire
Waco Water Bill Attack Just the Latest in a Wave of Click2Gov Breaches
Louisiana Community College System Hit with Ransomware
Romanian Cybergang Infects Over 400,000 Computers with Crypto Mining Malware
Hospital Boosts Security, Issues Notifications After Breach
New Orleans City Employees Shut Down Computers Amid Cyberattack
Large Hospital System Says It Was Hit by Ransomware Attack
Attackers Steal Credit Cards in Rooster Teeth Data Breach
Payroll data of thousands of current, former Facebook employees stolen: report
Iran investigating third cyberattack in a week
Private browsing history of South African mobile users exposed
Data Breach May Have Compromised Police, Firefighter Info
LifeLabs Hack May Have Compromised Personal Info of 15 Million Canadians
LifeLabs Hack May Have Compromised Personal Info of 15 Million Canadians
Cloud Data Leak Exposes Thousands of US Defense Contractor Staff
Cool Ideas hit by big DDoS attack
Cloud flaws expose millions of child-tracking smartwatches
Prairie insurance and financial brokerage failed to disclose ransomware attack
Honda Exposes Thousands of Records of North American Customers
Galt City Hall, St. Lucie Police Hit With Ransomware
170 Million Passwords Stolen in Zynga Hack
Wawa Warns of 'Data Security Incident' Involving Credit and Debit Card Information
Teen crook hacked into 75 phones and stole $1M in cryptocurrency: authorities
Nexus Mods Game Modding Site Discloses Data Breach
Frankfurt Shuts Down IT Network Following Emotet Infection
Indiana County Urges Password Changes After Online Breach
The Town of New Milford Issues Notice of Data Security Event
A healthcare startup exposed a cache of medical images
Cyber attack forces airline to cancel flights in Alaska
One Day, Three Credit Card Data Breach Notifications
Personal data of 2,400 Mindef, SAF staff may have been leaked
Maze Ransomware Gang Names More Alleged Victims
Malware Hits Truckstop.com Sites, Services Shut Days Before Christmas
Hackers Steal $480,000 Worth of NULS Cryptocurrency From its Dev Team
'Plenty of Fish' Dating App was Leaking Users’ Hidden Names and Postal Codes
No, Spotify, you shouldn't have sent mysterious USB drives to journalists
German cities under attack by Emotet botnet
Maze Ransomware Releases Files Stolen from City of Pensacola
Entercom Radio Network Hit By Second Cyber Attack This Year
Unified Carrier Registration Plan Reports Data Breach
New Mexico hospital tells patients to monitor bank statements after malware infection
Cyber attack shuts down computers at San Antonio mental health provider
Ransomware attack at IT Services Provider Synoptek
U.S. Coast Guard Says Ryuk Ransomware Took Down Maritime Facility
Windows systems at Maastricht University were infected with a ransomware
Criminals Pull Hard Before Xmas, Attack U.S. Health Industry
IoT vendor Wyze confirms server leak
Names, SSNs exposed in Moss Adams breach
The UK Cabinet Office Apologizes After Publishing Over 1,000 Award Recipients' Addresses
How online 'cloud buckets' are exposing private photos and other sensitive data
School Software Vendor Active Network Suffers Data Breach
Special Olympics New York Hacked to Send Phishing Emails
Poloniex requires password reset after account information leak
Microsoft Says North Korea-based Hackers Were Stealing Sensitive Information
Major US Companies Breached, Robbed, and Spied on by Chinese Hackers
Malware
NAS drives & backup systems attacked by new ransomware attack
Clop Ransomware attempts to disable Windows Defender and Malwarebytes
This trojan malware is being used to steal passwords and spread ransomware
Another Day, Another Fake Google Domain
Facebook Ads Manager Targeted by New Info-Stealing Trojan
TrickBot Widens Infection Campaigns in Japan Ahead of Holiday Season
New version of IcedID Trojan uses steganographic payloads
Tetris game app used to distribute PyXie Python RAT
Two malicious Python libraries caught stealing SSH and GPG keys
Obfuscation Tools Found in the Capesand Exploit Kit Possibly Used in “KurdishCoder” Campaign
The Great Cannon DDoS Tool Used Against Hong Kong Protestors’ Forum
APAC’s Compromised Domains Fuel Emotet Campaign
Payment card-skimming malware targeting 4 sites found on Heroku cloud platform
Buer, a new loader emerges in the underground marketplace
New Iranian Wiper Discovered in Attacks on Middle Eastern Companies
Microsoft Warns of Persistent Windows Hello for Business Orphaned Keys
North Korean MacOS Malware Adopts In-Memory Execution
US Govt Alerts Financial Services of Ongoing Dridex Malware Attacks
VPNs emerge as new channel for attacks as security researchers uncover multiple security issues
Clipper malware used to steal cryptocurrency funds
Fake Elder Scrolls Online developers go phishing on PlayStation
TrickBot Campaign Uses Fake Payroll Emails to Conduct Phishing Attacks
Bayrob Malware Operators Get Lengthy Prison Sentences
Nation-State Attackers May Have Co-opted Vega Ransomware
New Mac Malware Hides in Memory and Masquerades as a Crypto App
Snatch ransomware reboots PCs in Windows Safe Mode to bypass antivirus apps
Hardware-based Password Managers Store Credentials in Plaintext
Talk About Secure Coding: Ryuk Ransomware Contains a Bug Causing Data Loss for Some Victims
Phishing Attack Hijacks Office 365 Accounts Using OAuth Apps
Windows, Chrome Zero-Days Chained in Operation WizardOpium Attacks
Hundreds of counterfeit online shoe stores injected with credit card skimmer
TrickBot gang is now a malware supplier for North Korean hackers
Waterbear is Back, Uses API Hooking to Evade Security Product Detection
Smart Krampus-3PC Malware Targets iPhone Users
HawkEye Keylogger Acts as First-Stage Loader for Cryptocurrency Miner
This new ransomware is targeting companies across Europe and the US
Mystery Russian Telegram Hacks Intercept Secret Codes To Spy On Messages
Attackers now use process hollowing to hide cryptocurrency miners on your PC
This password-stealing hacking campaign is targeting governments around the world
Multi-stage downloader Trojan sLoad abuses BITS almost exclusively for malicious activities
Apple’s new parental controls on iOS can be bypassed
New Echobot Variant Exploits 77 Remote Code Execution Flaws
Another Ransomware Will Now Publish Victims' Data If Not Paid
Targeted Attacks Deliver New "Anchor" Malware to High-Profile Companies
Ryuk Ransomware Likely Behind New Orleans Cyberattack
Revisiting Glupteba: Still Relevant Five Years after Debut
Web Cache Deception attacks still impact websites with 'substantial user populations'
Emotet Trojan is Inviting You To A Malicious Christmas Party
South Korean Industrial Giants Slammed in Active Info-stealing APT Campaign
Hackers Could Use Smart Displays to Spy on Meetings
Researcher Releases Data on 100,000 Phishing Attempts to Teach You How to Not Get Hacked
Poison Frog Malware Samples Reveal OilRig's Sloppiness
PowerShell Scripts Delivered Via Office Macro Attachments Target Polish Employees
Momentum botnet spotted in the wild
Chinese Rancor APT Refreshes Malware Kit for Espionage Attacks
Attackers Posing as German Authorities Distribute Emotet Malware
ScreenConnect MSP Software Used to Install Zeppelin Ransomware
TP-Link Routers Give Cyberattackers an Open Door to Business Networks
Cryptocurrency-mining botnet uses a Taylor Swift image to hide malware payloads
'Hornet's Nest' Campaign Delivers Six Different Types of Malware in One Go
Exploit Kit Starts Pushing Malware Via Fake Adult Sites
Cybercriminals Use Support Greta Thunberg’ Campaign to Deliver Malware
Windows Remote Desktop Services Used for Fileless Malware Attacks
Scammers are using Play Store apps to serve ads that nobody can escape
Tokyo 2020 Staff Warns of Phishing Disguised As Official Emails
Ryuk Ransomware Stops Encrypting Linux Folders
Introducing BIOLOAD: FIN7 BOOSTWRITE’s Lost Twin
A new trojan dubbed Lampion is targeting Portugal
Vulnerabilities
Android 'spoofing' bug helps targets bank accounts
Vulnerability Allows Hackers to Take Control of ABB Substation Protection Devices
A bug in Microsoft’s login system put users at risk of account hijacks
Vulnerabilities Disclosed in Kaspersky, Trend Micro Products
Critical Code Execution Vulnerability Found in GoAhead Web Server
The most copied StackOverflow Java code snippet contains a bug
Attackers Continue to Exploit Outlook Home Page Flaw
Ubuntu Linux Gets Intel Microcode Update to Fix CPU Hangs
Atlassian scrambles to fix zero-day security hole accidentally disclosed on Twitter
Aviatrix VPN vulnerability left user endpoints wide open
Severe Auth Bypass and Priv-Esc Vulnerabilities Disclosed in OpenBSD
Android Vulnerability Exposes Almost All Apps To Attacks
New Linux Vulnerability Lets Attackers Hijack VPN Connections
Tenable Research Finds New Vulnerabilities in Popular Blink Smart Security Cameras
‘Plundervolt’ attack breaches chip security with a shock to the system
An iOS bug let anyone ‘lock-up’ nearby iPhones
Bitdefender Finds Security Hole in Wemo Smart Plug
Connected Children’s Toys aren’t Cybersafe: Researchers Reports Several Serious Vulnerabilities
Flaw in Elementor and Beaver Addons Let Anyone Hack WordPress Sites
Npm team warns of new 'binary planting' bug
Google halts Chrome 79 rollout on Android after bug deletes user data
Multiple Vulnerabilities in Barco ClickShare
What is StrandHogg and why has it got Indian government's cybersecurity arm worried?
TP-Link Archer Router Vulnerability Voids Admin Password, Can Allow Remote Takeover
F-Secure Finds Major Vulnerabilities in Popular Wireless Presentation System
Several Critical Vulnerabilities Found in WAGO Controllers
Alexa, Google Home Eavesdropping Hack Still Exists
Seven Critical Vulnerabilities Discovered in Portainer
BlueCross BlueShield Whistleblower Warns of Cybersecurity Vulnerabilities
WhatsApp exploit let one message render the app unusable for entire groups
Privilege Escalation Flaws Found in Preinstalled Acer, ASUS Software
Vulnerability Related to Processing of Archive Files Patched in Drupal
Hackers Continue to Exploit Cisco ASA Vulnerability Patched Last Year
Windows 10 Security Warning As Dropbox Zero-Day Is Confirmed
Citrix Vulnerability Leaves 80,000 Companies at Risk
New Mozi P2P Botnet Takes Over Netgear, D-Link, Huawei Routers
Uptick Seen in ISO Email Attachments Delivering Malware
Google Chrome impacted by new Magellan 2.0 vulnerabilities
A ton of Ruckus Wireless routers are vulnerable to hackers
Patches
Siemens Offers Workarounds for Newly Found PLC Vulnerability
Code Execution Vulnerabilities Patched in Accusoft ImageGear
Mozilla patches 11 vulnerabilities in Firefox 71 and ESR 68.3
VMware Patches ESXi Vulnerability That Earned Hacker $200,000
NVIDIA Patches Severe Flaws in Mercedes Infotainment System Chips
Weidmueller Patches Critical Vulnerabilities in Industrial Switches
Google fixes a critical DoS flaw tracked as CVE-2019-2232 in Android
Droom Fixes Security Flaw That Exposed Users’ Private Data, Banking Details
Chrome 79 Released With Security Improvements, Proactive Tab Freeze, and More
Adobe Releases Their December 2019 Security Updates
Microsoft's December 2019 Patch Tuesday Fixes Win32k Zero-day, 36 Flaws
Amazon security: Patches fix multiple flaws exposing Blink cameras to hijacking
iOS 13.3 brings bug fixes and a new security feature, but does it bring new bugs
Chrome 79 Patches Critical Vulnerabilities
SAP Releases 5 Security Notes on December 2019 Patch Day
Apple Patches Over 50 Vulnerabilities in macOS Catalina
Israeli team finds viruses to steal credit card info. from stores, banks
Intel patches 15 vulnerabilities affecting software, firmware
GitHub Urges "Critical" Git Project Patches, after 9 Vulnerabilities Fixed
Schneider Electric Patches Vulnerabilities in Modicon, EcoStruxure Products
Update Intel's Rapid Storage Software to Fix System Takeover Bug
WordPress patches four security vulnerabilities
New Nokia 7.2 software update brings December security patch
Microsoft Issues Out-of-Band Update for SharePoint Bug
AdwCleaner 8.0.1 Fixes DLL Hijacking Vulnerability
SonyLIV Fixes Flaw That Could Allow Attackers to Fetch User Information
Update Your Twitter App Right Now if You're on Android
NVIDIA Patches High Severity Vulnerability in GeForce Experience
Scams
Fake Steam Skin Giveaway Site Steals your Login Credentials
New development bank warns public about email scam
FTC Warns of Ongoing Scam Spreading Scary Terrorism Allegations
New Zealand: Vehicle owners warned of email scam with fake link to transaction site
Spotify scam harvests users' credit card details
New scam keeps fraudsters connected after victim hangs up
Sophisticated Woolworths scam rears ugly head
This Alleged Bitcoin Scam Looked a Lot Like a Pyramid Scheme
Seniors Targeted in Penny Stock Scam
Fraudsters Almost Swindled the Royal Canadian Mint with Payroll 'Spoofing' Scam
Christmas text scam targeting Royal Mail customers with iPhone 11 offer
Ambitious scam wants far more than just PayPal logins
QR code scam can empty your wallet
New Phishing Technique Bypassing Security Software
Canadian banks targeted in a massive phishing campaign
Thousands of fake online stores are rushing to cash in
