The month of July witnessed a flurry of new malware, newly discovered vulnerabilities and attack methods used by threat actors. In addition to these, numerous large-scale data breaches were also reported which affected renowned organizations as well as government institutions.
New versions of Trickbot trojan, Miori botnet, Watchbog trojan, Pegasus spyware and Ratsnif trojan among others were found being used by cybercriminals to execute their malicious and phishing tasks. Apart from new variants, security researchers also discovered new, unique malware such as EvilGnome backdoor, Topinambour malware dropper, Okrum backdoor, ERIS ransomware among others. On the other hand, decryptors for two ransomware - Ims00rry and LooCipher - were also released to help victims recover encrypted files from attacks that had this ransomware.
The past month witnessed a major cyber attack at 62 universities in the US after hackers exploited a weakness in a popular admission and enrollment banner software made by Ellucian. The hackers stole student data and later used it to create thousands of fake accounts. Likewise, several healthcare providers across the world had to bear the brunt of cyberattacks. A majority of the attacks were carried out via phishing emails, resulting in the loss of personal and financial information of staff, students and parents.
In a major update to AMCA’s data breach, a few more diagnostic centers in the US were found to be impacted by the incident. The new companies included American Esoteric Laboratories, Laboratory Medicine Consultants, South Texas Dermatopathology, Austin Pathology Associates, and Pathology Solutions.
Multiple data leak incidents due to misconfigured databases were also reported last month. The major victim organizations due to this were AavGo, K12, YouHodler, Orvibo, Jiangsu Provincial Public Security Department, Pipl and LexisNexis. Researchers had also found a massive data leak named DataSpii that occurred due to eight Chrome and Firefox browser extensions. The leak had affected close to 4.1 million users.
As a consequence of ransomware infection, several cities and organizations were forced to pay the ransom in order to recover their encrypted data and systems. This included LaPorte County in Indiana and Park DuValle Community Health Center in Louisville.
Two new attack methods named Spearphone attack and CTRL-ALT-LED that could be used against Android phones and computers were also uncovered in July.
Talking about vulnerabilities, Instagram, LinkedIn, WhatsApp and Telegram contained serious vulnerabilities that could put users’ data at risk. In addition, a critical vulnerability detected in Lenovo Iomega NAS devices had exposed 36TB of 3 million files.
Coming to security fixes and patches, Oracle had released a series of updates to fix 322 flaws, while Microsoft had addressed 77 security issues found across its multiple products.
In scams, scammers were found duping users into revealing their personal details and swindled money. These separate incidents included a WhatsApp scam, a BEC scam as well as a fake invoice scam.
The following is a consolidated report of all major data breaches, malware, vulnerabilities and scams reported in the last month.