Products
Cyber Fusion Center

Stay ahead of threats with our cyber fusion solutions for threat intelligence sharing and analysis, threat response, and security automation.
Learn More

Threat Intelligence Platforms (TIP)

Intel Exchange (CTIX)

Intel Exchange Lite

Collaborate (CSAP)
Security Orchestration and Automation (SOAR)

Respond (CFTR)

Orchestrate
Threat Intelligence Ecosystem

Solutions for ISACs, ISAOs, and CERTs

Solutions for ISAC, ISAO, and CERT Members

Intel Exchange Spoke

Cyware Browser Extension
Partners

Partners & Integrations

Learn how our solutions seamlessly connect with other tools and technology partners to fit your security needs.

Channel Partners

MSSPs

Technology Alliances

Open APIs

MISP

Register a Deal

Cyware One Login
Resources

Resources Library

Stay updated on the cyber threat landscape with free daily alerts, the latest industry reports, security trends, and more.

Resource Library

Cyware Labs: Research & Threat Briefings

Security Guides

Free Threat Intel Feeds

Webinars & Videos

Community Resources
Company

Contact Us

Get in touch with our team to learn more about our solutions and how they can help your organization.

Get in Touch

Leadership

Careers
We’re Hiring

Cyware in the News

Press Releases

Login

Go to listing page

List of Data Breaches, Malware, Vulnerabilities, Scams, and Issued Patches in February 2019

Threat Intelligence
Threat Actor
Breach, Incident
Vulnerability
Malware

List of Data Breaches, Malware, Vulnerabilities, Scams, and Issued Patches in February 2019

Share Blog Post

Just like the previous month, February too witnessed a volley of cybersecurity-related incidents.

Researchers uncovered the latest versions of several existing malware such as Trickbot trojan, Danabot trojan, Ursnif trojan, Astaroth trojan, Shlayer trojan, Separ info-stealer and KORKERDS cryptominer targeting several organizations, systems, processes and more. Additionally, infamous malware that includes the likes of AdvisorBot, FormBook and IceID made a comeback in different attack campaigns. Security researchers also spotted various new malware such as SpeakUp trojan, Qealler info-stealer, KerrDown malware downloader,B0r0nt0k ransomware and Cayosin botnet affecting several industries in different sectors.

Talking about breaches, data of 14 million Instagram users was found in an unsecured database. In another instance, data of almost 620 million accounts stolen from 16 popular websites was available for sale at a price less than $20,000 on the Dream Market forum. The same hacker had also released two distinct batches of data containing around 127 million account records and 93 million user records on the Dark Web respectively. Dunkin Donuts was attacked for the second time in three months. This resulted in the compromise of some of its customers' accounts.

The month also saw the discovery of several new vulnerabilities such as ZOMBIEPOODLE, GOLDENDOODLE, DIRTY SOCK and Thunderclap.

In patches, Microsoft issued security updated for 77 security flaws found across its multiple products. Other major security updates include fixes for a Container Privilege Escalation Vulnerability in Cisco products, NSS vulnerabilities in Ubuntu 18.10, 18.04 LTS & 16.04 LTS and authentication vulnerability in SAP HANA XSA.

Here is the consolidated list of breaches, malware, vulnerabilities, scams and patches that were reported in February.

Breaches

Israeli cyberexpert detects China hack in Ottawa, warns against using Huawei 5G

Indian state government leaks thousands of Aadhaar numbers

Minnesota Department of Human Services Reports Data Breach

Hacking, gone off the rails: Holiday travelers react to data breach · TechNode

NZTA again forced to contact the Privacy Commissioner after another privacy breach

Student Loans Company hit by a million cyber attacks last year

Crosby ISD’s IT system hacked by ransomware virus

British MPs Targeted By a "Malicious Hack" Accessing Their Phone And Email Contacts

Researcher reveals data leak at South Africa’s main electricity provider

Unauthorized intruder preys on Bayside Covenant Church

Trakt app users' personal data exposed: We were hit by a 'PHP exploit'... back in 2014

Jack'd Dating App Exposes Millions of Private Photos

Mumsnet reports itself to regulator over data breach

Australia Suffers Major Security Incident: Federal Parliament's Computer Network Hacked

Instagram data from 14 million profiles found in insecure database

Phishers Target Anti-Money Laundering Officers at U.S. Credit Unions — Krebs on Security

Users complain of account hacks, but OkCupid denies a data breach

Dunkin' Donuts accounts compromised in second credential stuffing attack in three months

Home loan details of 100,000 customers hacked in major data breach

Photo-sharing Platform 500px Suffered a Security Breach That Exposed its Users' Data and Profile Information

DataCamp Implements Partial Password Reset After Data Security Incident

Chinese company leaves Muslim-tracking facial recognition database exposed online

'Coffee Meets Bagel' Dating Site Hit by Data Breach

127 million user records from 8 companies put up for sale on the dark web

Phishers Target Texas Department of Transportation Contractors with Online Bidding Scheme

Emails, Hashed Passwords of 18 Million Ixigo Users Stolen

42,000 AdventHealth Patients Impacted in Yearlong Data Breach

Major Crypto Brokerage Coinmama Reports 450,000 Users Affected by Data Breach

Hacker Puts Up for Sale Third Round of Hacked Databases with 93 Million Accounts on the Dark Web

2.7 Million Health-Related Calls, Sensitive Info Exposed for Six Years

India’s state gas company leaks millions of Aadhaar numbers

Breach in Stanford System Exposes Student Records

Phishing Campaign Spoofs United Nations and Multiple Other Organizations

Toyota Australia embroiled in cyber threat

Almost Half A Million Delhi Citizens' Personal Data Exposed Online

Misconfigured database exposes 974,000 University of Washington Medicine patients

Credit card details of 2.15 million Americans put up for sale on hacking forum

70000 Pakistani banks’ cards with PINs go on sale on the dark web

UConn Health Says Data Breach Could Impact More Than 300,000

Hacker steals $7.7 million in EOS cryptocurrency after blacklist snafu

Topps.com Sports Collectible Site Exposes Payment Info in MageCart Attack

Dow Jones Data Leak: Watchlist of 2.4 Million High-Risk Individuals Exposed Online

Malware

Webstresser takedown’s 151,000 DDoS-minded users targeted by authorities in 20 countries

Looking Into Jaff Ransomware

The return of the AdvisorsBot malware

Most Magento shops get compromised via vulnerable extensions

Google bans slew of malicious Android apps that stole user photos and advertised scams

From Amazon to Emotet: a look at those phishing and malware emails that bypassed email security products

This password-stealing phishing attack comes disguised as a fake meeting request from the boss

Digital sign systems allowed hacker access through default passwords

SpeakUp Linux Backdoor Sets Up for Major Attack

Attackers Use CoAP for DDoS Amplification

ExileRAT shares C2 with LuckyCat, targets Tibet

New Botnet Shows Evolution of Tech and Criminal Culture

Alexa 500 Sites Targeted with Adaptive Malware

Operation Eligible Receiver 97’s Impact on Ransomware

Software executive exploits ATM loophole to steal $1 million; explains his actions as “internal security tests”

Outlaw Shellbot infects Linux servers to mine for Monero

Abusing the Mali ccTLD (.ml) To Target Dutch Organisations

Backdoored cryptocurrency software found serving AZORult malware

Users of Crypto Wallets Electrum and MyEtherWallet Face Phishing Attacks

GandCrab Ransomware Helps Shady Data Recovery Firms Hide Ransom Costs

IcedID Operators Using ATSEngine Injection Panel to Hit E-Commerce Sites

Android Phones Can Get Hacked Just by Looking at a PNG Image

How Hackers and Scammers Break into iCloud-Locked iPhones

"Lucky Draw" Smishing Campaign Asks Money to Deliver Car Prize

Geodo Botnets Using New Spam Campaign to Deliver Qakbot Malware

DanaBot Trojan updated with new C&C communication

Ursnif: Long Live the Steganography and AtomBombing!

Matrix Ransomware Changes The Rules

Phishing emails imitate American banks to infect victims with TrickBot

Triout Android Spyware Framework Makes a Comeback, Abusing App with 50 Million Downloads

Trojan Targeting Only Italian Machines Contains Cheeky Mario Image

Linux Coin Miner Copied Scripts From KORKERDS, Removes All Other Malware and Miners

Qealler – a new JAR-based information stealer

The malspam security products miss: banking and email phishing, Emotet and Bushaloader

N.Korea Plants Virus in South Korean Bus Apps

Windows App Runs on Mac, Downloads Info Stealer and Adware

Automatic 4K/HD for Youtube extension pulled from Chrome Store for pop-up ad abuse

Evil USB Cable Can Remotely Accept Commands From Hacker

Client-Side DNS Attack Emerges From Academic Research

Trickbot Adds Remote Application Credential-Grabbing Capabilities to Its Repertoire

'Clipper' malware that alters crypto wallet addresses slips into Play Store

Gootkit: Unveiling the Hidden Link with AZORult

Researchers hide malware in Intel SGX enclaves

STOP ransomware claims even more victims

New Astaroth Trojan Variant Exploits Anti-Malware Software to Steal Info

Shlayer Malware Disables macOS Gatekeeper to Run Unsigned Payloads

Software pirates use Apple tech to put hacked apps on iPhones

Emotet malware tweaks tactics in fresh attack wave

With Love from GandCrab: Hackers Spread Ransomware Via Valentine's-themed Emails

Researchers Unearth New Phishing Attack That Even Most Vigilant Users Could Fall For

"Sin”-ful SPIDERS: WIZARD SPIDER and LUNAR SPIDER Sharing the Same Web

Brokerage Firms Warned by FINRA Regulator of New Phishing Attack

Windows App runs on Mac to download MacOS malware

New Trickbot module implements Remote App Credential-Grabbing features

Ransomware attackers exploit old plug-in flaw to infect MSPs and their clients

Storage Maker QNAP Warns of Malware Targeting Its NAS Devices

JavaScript bridge makes malware analysis with WinDbg easier

Rietspoof malware spreads via Facebook Messenger and Skype spam

Popular Torrents Uploader Caught Sharing ‘GandCrab’ Ransomware

Pre-installed malware discovered on Alcatel smartphones

Microsoft removes eight apps from its Windows App Store that were mining cryptocurrencies

Researchers Discover Malware that Turns ATM into a Slot Machine Game

The Long Run of Shade Ransomware

Malvertising Campaign Strikes US; Over 800 Million Malicious Ad Impressions Recorded

POS Systems at Hundreds of Bars, Restaurants, and Coffee Shops All Over the US Infected with Malware

Hard-to-detect credential-theft malware has infected 1,200 and is still going

DrainerBot infected apps play invisible videos to drain your data

NoRelationship phishing attack dances around Microsoft Office 365 email filters

Monero Miner-Malware Uses RADMIN, MIMIKATZ to Infect, Propagate via Vulnerability

JD Finance Android App Caught Storing Screenshots With Banking Info

IoT botnets target enterprise video conferencing systems

GandCrab Ransomware Affiliates Continue to Push Decryptable Versions

Attack Campaign Experiments with Rapid Changes in Email Lure Content

Research Warns ‘Familiar’ Monero Mining Malware Is Infecting Windows Systems

Meet the man-in-the-room attack: Hackers can invisibly eavesdrop on Bigscreen VR users

Hackers Use Fake Google reCAPTCHA to Cloak Banking Malware

Cr1ptT0r Ransomware Targets Embedded Systems, Infects D-Link NAS Gear

Phishing campaign attempts to spread a new brand of snooping malware

New Malware Campaign Targets Job Seekers

Trojan Attack Masked as Payment Confirmation

Fbot malware targets HiSilicon DVR/NVR Soc devices

B0r0nt0K Ransomware Wants $75,000 Ransom, Infects Linux Servers

LinkedIn Messaging Abused to Target US Companies With Backdoors

The malspam security products miss: Emotet, Ursnif, and a spammer's blunder

New browser attack lets hackers run bad code even after users leave a web page

Malware attacks Pornhub users accounts for their credentials

Malvertising attacks using polyglot images spotted in the wild

Online Bidding Phishing Schemes Targeting U.S. Government Contractors

New Golang brute forcer discovered amid rise in e-commerce attacks

Smoke Loader Botnet Still Active on Black Market After 8 Years

Google Analytics and Angular in Magento Credit Card Stealing Scripts

Hackers Can Slip Invisible Malware into 'Bare Metal' Cloud Computers

New detection method identifies cryptomining and other fileless malware attacks

Outlook and Microsoft Account Phishing Emails Utilize Azure Blob Storage

Fin6 using FrameworkPOS scraping malware in POS attacks

Ransomware, Trojan and Miner together against “PIK-Group”

Qbot malware's back, and latest strain relies on Visual Basic script to slip into target machines

Vulnerabilities

Researchers published the PoC exploit code for Linux SystemD bugs

Over 485,000 Ubiquiti devices vulnerable to new attack

Introducing Zombie POODLE and GOLDENDOODLE

Crooks Continue to Exploit GoDaddy Hole — Krebs on Security

RIP, RDP: Security house Check Point punches holes in desktop controls

IoT Scale Flaws Allow Denial of Service, Privacy Issues

Cisco Identity Services Engine Multiple Cross-Site Scripting Vulnerabilities

Microsoft Confirms Elevation of Privilege Vulnerability in Exchange Server

Major Airlines At Risk From Check-in System Flaw

Researcher finds macOS bug but won’t share details with Apple

New critical vulnerability discovered in open-source office suites

Critical Flaws Allow Hackers to Take Control of Kunbus Industrial Gateway

Security vulnerabilities in video conferencing devices could be remotely exploited by hackers

Vulnerabilities in Lifesize enterprise collaboration products could allow attackers to use it as a snooping tool

FireOS Flaw Allowed Limited Content Injection in Amazon Tablets

New Zombie 'POODLE' Attack Bred From TLS Flaw

Privacy Protection Bypass Flaw in macOS Gives Access to Browsing History

Lenovo Watch X was riddled with security bugs, researcher says

AWS Issues Alert for Multiple Container Systems

WordPress plugin flaw lets you take over entire sites

Researchers Uncover Doomsday Docker Security Hole

Siemens Warns of Critical Remote-Code Execution ICS Flaw

Heir to Dirty Cow, Dirty Sock Vulnerability Lets Attackers Gain Root Access on Linux Systems

OpenOffice Zero-Day Code Execution Flaw Gets Free Micropatch

Researchers Dig into Microsoft Office Functionality Flaws

Microsoft patches 0-day vulnerabilities in IE and Exchange

Critical OkCupid Flaw Exposed Daters to MiTM, Phishing Attacks

TLS 1.3 vulnerability enables hackers to eavesdrop on encrypted traffic

Data-spewing Spectre chip flaws can't be killed by software alone, Google Researchers conclude

Exploit Code Published for Recent Container Escape Vulnerability

Privilege Escalation Vulnerability Found in LG Device Manager

Flaw in mIRC App Allows Attackers to Execute Commands Remotely

Reddit User Discovers WhatsApp Vulnerability that Lets You Bypass Face ID or Touch ID Security Feature

Big security flaws found in popular password managers

Rockwell Automation to Patch Publicly Disclosed Power Monitor Flaws

Critical Flaw Uncovered In WordPress That Remained Unpatched for 6 Years

WinRAR versions released in the last 19 years impacted by severe security flaw; Over 500 million users at risk

Microsoft publishes security alert on IIS bug that causes 100% CPU usage spikes

Windows Servers Vulnerable to DoS Attacks, Microsoft Warns

New flaws in 4G, 5G allow attackers to intercept calls and track phone locations

CVE-2019-9019 affects British Airways Entertainment System on Boeing 777-36N(ER)Security Affairs

Chips may be inherently vulnerable to Spectre and Meltdown attacks

Serious Flaws in WibuKey DRM Impact Siemens Products

Smart Homes at Risk Due to Unpatched Vulnerabilities, Weak Credentials

It took hackers only three days to start exploiting latest Drupal bug

Exposing flaws in metrics for user login systems

Analyzing WordPress Remote Code Execution Vulnerabilities CVE-2019-8942 and CVE-2019-8943

Thunderclap flaws impact how Windows, Mac, Linux handle Thunderbolt peripherals

Chrome Zero-Day Exploited to Harvest User Data via PDF Files

McAfee Says Mr. Coffee Coffee Makers Have a Security Vulnerability

Cisco RV110W, RV130W, and RV215W Routers Management Interface Remote Command Execution Vulnerability

Scams

Experts observed a new sextortion scam Xvideos-themed

Australia: New tax scam warning over identity theft text

Bangkok: Elderly fall prey to scam gangs

Scammers Threatening YouTube Content Creators with Channel Suspension

Beware! Scammer groups are exploiting Gmail 'dot accounts' for online fraud

Scammers Hit Thousands With Sophisticated Fake Norton Scans

20 Indicted in Multimillion-Dollar Online Fraud Scheme

The Scarlet Widow Gang Entraps Victims Using Romance Scams

Scammers Are Filing Fake Trademarks to Steal High-Value Instagram Accounts

31 AGs ask FTC to update Identity Theft Rules

Online ATM-style scam puts shoppers at risk: Symantec

'Sextortion' scammers use LinkedIn to target high net-worth individuals

Criminal groups are offering $360,000 salaries to accomplices who can help them scam CEOs about their porn-watching habits

Telephone Scams: Your Credit Card was Used in Fraudulent Activities

Investment scam targets Instagram users

Beware: Superbalist credit card scam

Email Scammers Ditch Wire Transfers for iTunes Gift Cards

Patches

Apple Says It Has Fixed FaceTime Security Bug

Mozilla patches two critical issues in Thunderbird

Canonical Patches Linux Kernel Regression in Ubuntu 18.04 LTS, Update Now

LibreOffice patches malicious code-execution bug, Apache OpenOffice – wait for it, wait for it – doesn't

Google releases February 2019 security patch for Pixel devices, Essential Phone gets updated too

Zcash cryptocurrency fixes infinite counterfeiting vulnerability

antiX MX 18.1 Distro Released with Latest Debian GNU/Linux 9.7 "Stretch" Updates

Microsoft States Windows Update DNS Issues are Finally Fixed

Temporary Patch Released For Adobe Reader Zero Day

Adobe Releases Security Fixes for Flash Player, ColdFusion, and More

Microsoft February Patch Tuesday fixes 77 security flaws, including IE zero-day

SAP security fixes address Critical flaw in SAP HANA XSA

Nokia 2 update rolls out with February Android Security patch

An unpatched directory traversal vulnerability found in WP Cost Estimation plug-in receives a security update

Linux Subsystem Files Accessible via Explorer in Future Windows 10 Releases

Uber fixes bug that exposed third-party app secrets

Cisco patches a couple of root access-granting security flaws

Adobe sends out second fix for critical Reader data leak vulnerability

Canonical Preps Emergency Point Releases for Ubuntu 16.04 LTS & Ubuntu 14.04 LTS

NVIDIA Patches Security Issues in GPU Display Driver for Windows, Linux

CentOS 6 and Red Hat Enterprise Linux 6 Get Important Kernel Security Update

Tags

dirty sock vulnerability

shlayer trojan

thunderclap flaw

danabot trojan

b0r0nt0k ransomware

trickbot trojan

Posted on: March 05, 2019

More from Cyware

Stay updated on the security threat landscape and technology innovations at Cyware with our threat intelligence briefings and blogs.

The Virtual Cyber Fusion Suite

Explore Solutions

Capabilities

Resource Library

Use Cases