List of Data Breaches, Malware, Vulnerabilities, Scams, and Issued Patches in January 2019
Ryuk ransomware • Feb 1, 2019
The January has come and gone, witnessing a lot of turbulence in the cybersecurity landscape. Attackers were as usual at their best, performing more sophisticated and frequent attacks than before.
Several severe and massive data breaches affecting the sensitive data of various organizations were observed this month. The mega Collection#1 data breach exposed nearly 773 million records while on the other hand, a data leak at VOIPO exposed tens of gigabytes of customer data. Security researchers discovered another database named Collection#2-5 leaking around 2.2 billion unique usernames and associated passwords. In other major incident, an unprotected MongoDB database containing almost 200 million CVs of Chinese jobseekers was left publicly accessible for at least one week.
Ryuk ransomware and its evolving activities were the talk of the town last month. Security researchers found the ransomware had updated its attack technique - by adding Emotet and Trickbot trojans - to target high-profile organizations. It raked in $3.7 million in Bitcoin payments within five months of its discovery. Variants of NRSMiner, ServHelper, STOP ransomware, AZORult trojan and Remexi backdoor malware were found targeting organizations, systems, networks and other critical infrastructures.
Two new vulnerabilities dubbed as ‘Fake Stake’ attacks vulnerability and ‘Pantsdown’ vulnerability were found affecting 26 low-end cryptocurrencies and BMC firmware stacks respectively.
Talking about security updates, Oracle issued 248 patches as part of its company’s quarterly security update to address vulnerabilities across multiple products. Microsoft too released security updates to fix 50 vulnerabilities in nine of its products. Apart from these, there were also security updates for flaws in Microsoft Exchange Server, Ubuntu 18.04 operating system, Drupal and Adobe Experience Manager products.
Here’s a look at the major breaches, malware, vulnerabilities, scams and security patches that were reported in January 2019.
Breaches
Hackers Threaten to Dump Insurance Files Related to 9/11 Attacks
Saint John parking payment system breached 'multiple' times since May 2017
Victorian Government employees' details stolen in data breach
Popsugar’s Twinning app was leaking everyone’s uploaded photos
Cloud Hosting Provider DataResolution.net Battling Christmas Eve Ransomware Attack
FoodPanda Breach Exposed Your Address, Number, And More
Dublin's Luas tram system hit by a ransomware attack
Massive data leak targets German officials including Angela Merkel
Singapore Airlines’ software glitch exposed customer data
Real-time location data for over 11,000 Indian buses left exposed online
Google Emails Users About Private Data Exposed by Google+ API Bug
OXO Discloses MageCart Attack That Targeted Customer Data on Oxo.com
First National 'dealing with authorities' after reported information leak
Hackers Steal Customer Data From Manufacturing Company
Thieves make off with shoppers’ credit card numbers after hacking apparel site for four months
Bridgeport, Conn., schools hit with ransomware
DePaul University group email exposes employees' info
Chinese group swindles $18.5 million from Indian arm of Italian company
Reddit Users Locked Out of Their Accounts for Unusual Activity
Iranian hackers suspected in worldwide DNS hijacking campaign
Unprotected MongoDB Exposes Over 200 Millions Resumes
Third-Party Breach Exposed 31K Patient Records
Del Rio City Hall Forced to Use Paper After Ransomware Attack
Cryptopia Exchange Hacked: 'Significant' Losses Reported
North Korean hackers infiltrate Chile's ATM network after Skype job interview
Voipo database exposed millions of call logs and SMS text messages
Advertising network compromised to deliver credit card stealing code
Triton/Trisis Attack Was More Widespread Than Publicly Known
Click2Gov breach threatens credit card data of Hanover County residents
Hackers breach and steal data from South Korea's Defense Ministry
An Astonishing 773 Million Records Exposed in Monster Breach
Oklahoma data breach may expose 7 years of FBI investigations: Report
West African banks targeted in multi-wave attack | SC Media
Online stores for governments and multinationals hacked via new security flaw
Twitter bug revealed private tweets for some Android users for almost five years
Cyberattack forces Health Sciences North to place systems on downtime at 24 hospitals
BlackRock exposes confidential data on thousands of advisers on iShares site
Over 900,000 affected by Cebuana Lhuillier data breach
ATLAS game taken offline twice after users hack admin account, find server exploit
Online casino group leaks information on 108 million bets, including user details
4M applications for youth org internships exposed
Alaska Notifies 87,000 People After Computer Security Breach
Millions of bank loan and mortgage documents have leaked online
Patient data of 70,000 compromised in Kansas-based Valley Hope Association breach
Report: UiTM system allegedly hacked, 1.16 million students info leaked online
DailyMotion discloses credential stuffing attack
LocalBitcoins blames security breach on forum 'third-party software'
Unsecured MongoDB databases expose Kremlin's backdoor into Russian businesses
Discover Card Users Affected by Data Breach, New Credit Cards Issued
Hundreds of Delaware residents among the victims of BenefitMall breach
Credit cards sold on 'dark web' for over a year after Saint John parking system hacked
Airbus reports breach into its systems after cyber attack
Malware
What is Ryuk, the malware believed to have hit the Los Angeles Times?
CA warns of destructive banking virus targeting network systems
Experts analyzed the distribution technique used in a recent Emotet campaign
Vulnerabilities found in hardware cryptocurrency wallets
New unCaptcha automated system bypasses Google reCAPTCHA once again
NRSMiner updates to newer version
Spyware Disguises as Android Applications on Google Play
Detailed: How Russian government's Fancy Bear UEFI rootkit sneaks onto Windows PCs
Security researcher cracks Google's Widevine DRM (L3 only)
WhatsApp Gold virus: What to do if you receive it
Opera Blacklists Tampermonkey Extension Being Installed by Malware
South Korean journalists receive malicious code-embedded emails; North Korea a prime suspect
14 iPhone apps have been talking to a known malware server
GandCrab Operators Use Vidar Infostealer as a Forerunner
Latest Phishing Technique Uses Fake Fonts to Evade Detection
New hardware-agnostic side-channel attack works against Windows and Linux
Package Tracker ‘Parcels’ Adds Your Device to a Botnet
This old ransomware is using an unpleasant new trick to try and make you pay up
Adware Disguised as Game, TV, Remote Control Apps Infect 9 Million Google Play Users
What we should learn from the 10th anniversary of the Conficker myster
$7,500 Steam Weakness Let Hackers Take Remote Control Of Gamers' PCs
New 'Crypto Dusting' Attack Gives Cash, Takes Reputation
Welcome to 2019: Your Exchange server can be pwned by an email
Shipping Execs Speared with Targeted ‘Whaling’ Attacks
ICEPick-3PM malware steals Android IPs
Hackers Using Zero-Width Spaces to Bypass MS Office 365 Protection
New ServHelper Backdoor and FlawedGrace RAT Pushed by Necurs Botnet
Pylocky Unlocked: Cisco Talos releases PyLocky ransomware decryptor
How Chrome extensions are making organisations vulnerable to attack
New ServHelper Backdoor and FlawedGrace RAT Pushed by Necurs Botnet
Hackers Using Zero-Width Spaces to Bypass MS Office 365 Protection
Pylocky Unlocked: Cisco Talos releases PyLocky ransomware decryptor
Malware found preinstalled on some Alcatel smartphones
Ryuk ransomware earns hackers $3.7M in Bitcoin over 5 months
GoDaddy removes JavaScript injection which tracks website performance, but might break it too
Proof-Of-Concept Malware Reveals Smart Building Vulnerabilities Your Business Needs To Deal With
New Ransomware Bundles PayPal Phishing Into Its Ransom Note
Pdfhelp@india.com Pdff ransomware discovered by a researcher
Djvu Ransomware Spreading New .TRO Variant Through Cracks & Adware Bundles
Hijacking a PLC Using its Own Network Features
Emotet re-emerges after the holidays
Google Chrome extension that steals card numbers still available on Web Store
MS Word Documents Spreading .Net RAT Malware
This cryptocurrency mining malware now disables security software to help remain undetected
Researchers identify malware that can dismantle cloud security protections
New Attacks Target Recent PHP Framework Vulnerability
Attackers Leverage Open Source in New BYOB Attack
Mac Malware OSX.Dok is Back, Actively Infecting Victims
Improved Fallout EK comes back after short hiatus
GandCrab Returns with Friends (Trojans)
Popular WordPress plugin hacked by angry former employee
DarkHydrus adds Google Drive support to its RogueRobin Trojan
Emotet Banking Trojan Resurfaces With New Spam Avoidance Capabilities
Malware, User Privacy Failures Found in Top Free VPN Android Apps
New Rumba STOP Ransomware Being Installed by Software Cracks
New Phobos ransomware exploits weak security to hit targets around the world
Security researchers take down 100,000 malware sites over the last ten months
Rogue Web Apps Can Turn Browser Extensions Into Backdoors
DHS issues security alert about recent DNS hijacking attacks
Sky Go app security failure exposes customers to snooping, data theft
Telegram being used as command and control for malware by threat actors: Forcepoint
Chinese Hacker Publishes PoC for Remote iOS 12 Jailbreak On iPhone X
New ransomware strain is locking up Bitcoin mining rigs in China
Redaman Targets Russian Banking Customers with 4-Month Mass Offensive
Massive Adware Campaign Targets Mac Users
Voicemail Phishing Campaign Tricks You Into Verifying Password
Experts Discover Modular “Anatova” Ransomware
Beware of Exit Map Spam Pushing GandCrab v5.1 Ransomware
Spoofing search results and infecting browser extensions: Razy in search of cryptocurrency
New ransomware poses as games and software to trick you into downloading it
Concerns raised about WordPress' new 'White Screen Of Death' protection feature
Attackers Use Steganography to Obfuscate PDF Exploits
Cyberattackers Bait Financial Firms with Google Cloud Platform
New Ursnif Malware Campaign Uses Fileless Infection to Avoid Detection
Business Payroll Compromise – a New Way for Criminals to Steal from Your Company
Hackers Using RDP Are Increasingly Using Network Tunneling to Bypass Protections
Sly criminals package ransomware with malicious ransom note
The Story of Manuel’s Java RAT
Azorult Trojan Steals Passwords While Hiding as Google Update
Fileless Infection Steals Creds with Bank Trojan
Spam Injector Disguised as License Key in WordPress Website
Info-Stealing FormBook Returns in New Campaign
New LockerGoga Ransomware Allegedly Used in Altran Attack
Sofacy’s Zepakab Downloader Spotted In-The-WildSecurity Affairs
Australian web hosts hit with a Manic Menagerie of malware
Chafer used Remexi malware to spy on Iran-based foreign diplomatic entities
Analyzing a new stealer written in Golang
DOJ moves to take down Joanap botnet operated by North Korean state hackers
Cookieminer: New malware targets Macs to steal from cryptocurrency wallets
Vulnerabilities
Hope you're over that New Year's hangover – there's an Adobe PDF app patch to install
Google Chrome flaw patched three years after initial report
Can't unlock an Android phone? No problem, just take a Skype call: App allows passcode bypass
Popular Mac Clean-Up Software Ridden With Flaws That Allow Local Root Access
Serious DoS Flaw Impacts Several Yokogawa Products
US-CERT Warns of Security Flaws in Windows
Tens of thousands of hot tubs are exposed to hack
Twitter's API still spews enough metadata to reveal exactly where you lived, worked
Privilege Escalation Flaws Impact Apple IntelHD5000 Kernel Extension
The D in SystemD stands for Dammmit... Security holes found in much-adored Linux toolkit
Windows 7 hit with network issues thanks to dodgy Microsoft security fix
Microsoft Office Vulnerability Exposes User Data, Including Passwords
Privilege Escalation Flaws Impact Apple IntelHD5000 Kernel Extension
The D in SystemD stands for Dammmit... Security holes found in much-adored Linux toolkit
Microsoft Office Vulnerability Exposes User Data, Including Passwords
Report: Critical Vulnerabilities Leaking User Data Found on DX.Exchange, Patched Later
Electric cars: Security flaws could let attackers control charging stations
Mimecast discovers MS Office vulnerability
SCP implementations impacted by 36-years-old security flaws
Unpatched vCard Flaw Could Let Attackers Hack Your Windows PCs
Popular Web-Hosting Platform Bluehost Riddled with Flaws, Researcher Claims
Demonstrating Command Injection and E-Stop Abuse Against Industrial Radio Remote Controllers
Flaws in PremiSys access system could open door for physical intruders
TP-Link TL-R600VPN remote code execution vulnerabilities
CVE-2018-19475: Ghostscript shell command execution in SAFER mode
Telegram Bots Have Got A Major Problem, Security Researchers Warn
Windows Zero-Day Bug that Overwrites Files Gets Interim Fix
Serious Flaws Found in ControlByWeb Industrial Weather Station
WiFi firmware bug affects laptops, smartphones, routers, gaming devices
Critical, Unpatched Cisco Flaw Leaves Small Business Networks Wide Open
MySQL Design Flaw Allows Malicious Servers to Steal Files from Clients
Flaws in Omron HMI Product Exploitable via Malicious Project Files
Critical vulnerability issued for Cisco switches
Major Wi-Fi security flaw discovered
GoDaddy weakness let bomb threat scammers hijack thousands of big-name domains
OpenBMC caught with 'pantsdown' over new security flaw
Security flaws found in 26 low-end cryptocurrencies
NumPy Is Awaiting Fix for Critical Remote Code Execution Bug
Flaws in Moxa IIoT Product Expose ICS to Remote Attacks
Critical "OwnDigo" Vulnerability Discovered in a Leading Antivirus Software
Flaws Expose Phoenix Contact Industrial Switches to Attacks
ThinkPHP Vulnerability Abused by Botnets Hakai and Yowai
Major vulnerability found in Android ES File Explorer app
LabKey Vulnerabilities Threaten Medical Research Data
WordPress sites under attack via zero-day in abandoned plugin
Detailed Analysis of macOS/iOS Vulnerability CVE-2019-6231
Vulnerability Spotlight: Multiple WIBU SYSTEMS WubiKey vulnerabilities
Security alert for vulnerabilities in Siemens PLCs
Microsoft Exchange 2013 and Newer are Vulnerable to NTLM Relay Attacks
Security Alert: Danish E-Shoppers Targeted by Another Wave of Nets.eu Phishing Campaign
New JobCrypter ransomware variant captures screenshots of infected devices
Attackers scanning unpatched Cisco small business routers after exploit code published
Positive Technologies discovers dangerous vulnerabilities in Siemens PLCs
Multiple vulnerabilities in ACD Systems Canvas Draw 5
New security flaw impacts 5G, 4G, and 3G telephony protocols
Scams
Twitter let someone promote an obvious PayPal phishing scam
Apple Phone Phishing Scams Getting Better — Krebs on Security
Thousands Complain About TV License Phishing Emails
NSFAS students warned of online scams following attempted cyber attacks | Cape Argus
SIM Swapping Victims Who Lost Millions Are Pressuring Telcos to Protect Their Customers
Crooks Use Email to Scam St Lawrence College Parents Out of Tuition
Free SuperCounters Widget Serves Unwanted Redirects to Dating Site
Social Security Number scammers are at it again
Phishing Scam Lures Australian Government Contractors Into Disclosing Account Credentials
Singapore Airlines Warns of Phishing Scam
Fortnite is being used by criminals to launder cash through V-Bucks
BEC Scammers Go After Employee Paychecks
Remove "Windows is not activated" Pop-up Scam (Microsoft Scam)
Fake BBC News page used to promote Bitcoin-themed scheme
Phishing Scam Spoofs Canadian eTA and U.S. ESTA Websites To Target Visa-Exempt Foreign Travelers
Ether Cryptocurrency Scammers Made $36 Million In 2018 -- Double Their 2017 Winnings
YouTube stars warn of impersonation scam
Spam Campaign Follows the White Rabbit to NSFW Phishing Scams
What to do if you get this email 'from Netflix'
IoT botnet used in YouTube ad fraud scheme
Patches
Microsoft to Release First 2019 Windows 10 Cumulative Updates Tomorrow
Microsoft January 2019 Patch Tuesday fixes 50 vulnerabilities
Make a SAP decision: Apply these security fixes if you're using German giant's software
Intel Patches High-Severity Privilege-Escalation Bugs
SAP Releases 'Hot News' Security Notes on First Patch Day of 2019
Google Patches Critical Vulnerability in Android
Microsoft spits out patches and plans to gobble up 7GB of storage for future Windows 10 updates
Intel Patches High-Severity Privilege-Escalation Bugs
SAP Releases 'Hot News' Security Notes on First Patch Day of 2019
Google Patches Critical Vulnerability in Android
Microsoft spits out patches and plans to gobble up 7GB of storage for future Windows 10 updates
Windows 7 hit with network issues thanks to dodgy Microsoft security fix
Microsoft Patches Remote Code Execution Vulnerability in Exchange Server
Juniper releases barrage of security fixes for security, networking devices
Cisco patches 18 vulnerabilities including a critical memory corruption DoS bug
Drupal Releases Security Updates
Adobe Patches Information Disclosure Flaws in Experience Manager
Unofficial Patches Released for Three Unfixed Windows Flaws
Plug in your iPhone, iPad, iPod, fire up the App Store: You have new Apple patches to install
Debian & Ubuntu Fix Man-in-the-Middle Attack in APT Package Manager, Update Now
Cisco Patches Flaws in Webex, SD-WAN, Other Products
Debian and PHP PEAR Projects Update for Application Vulnerabilities
Canonical Outs Major Linux Kernel Update for Ubuntu 18.04 LTS to Patch 11 Flaws
Google Chrome 72 removes HPKP, deprecates TLS 1.0 and TLS 1.1
