Go to listing page
List of Data Breaches, Malware, Vulnerabilities, Scams, and Issued Patches in June, 2019
Share Blog Post
The month of June witnessed a flurry of new malware, newly discovered vulnerabilities and attack methods used by threat actors. In addition to these, numerous breach incidents were also reported which affected renowned organizations as well as major businesses, and institutions.
New versions of Dridex trojan, Mirai botnet, Sodinokibi ransomware, and FormBook trojan among others were found being used by cybercriminals to execute their malicious and phishing tasks. Apart from new variants, security researchers also discovered new and sophisticated malware like GoldBrute botnet, Silex botnet, ATMJaDi info-stealer, ViceLeaker trojan among others. Conversely, decryptors for two prominent ransomware - GandCrab and pyLocky - were also released to help victims recover encrypted files.
The past month saw cyber attacks on various universities such as University of Chicago Medicine, Australian National University, Shanghai Jiao Tong University, Oregon State University, Graceland University, and Missouri Southern State University. A majority of attacks were carried out through phishing emails, resulting in the loss of personal and financial information of staff, students and parents.
In a major data breach incident reported in June, AMCA’s payment system had affected over 20 million individuals of five different diagnostic firms. The affected diagnostic companies were Quest Diagnostics, LabCorp, BioReference Laboratories, Carecentrix, and Sunrise Laboratories.
A threat actor who goes by the online name of ‘Achilles’ was found selling network access of many high-profile corporations that included UNICEF, Transat, Comodo Group, and Symantec, on online underground forums.
With ransomware attacks creating chaos worldwide, several cities and organizations were forced to pay the ransoms in order to recover their encrypted data and systems. This included N.E.O Urology in Ohio, City council of Riviera Beach & Lake City in Florida, Estes Park Health in Colorado.
Security researchers had also uncovered several cyber espionage campaigns namely, IPStorm, FishWrap, PCASTLE and Bouncing Golf that were launched against multiple firms. Two new attack methods named Tap n’ Ghost and Malboard that could be used against Android phones and computers were also uncovered in June.
Talking about vulnerabilities, a new version of Rowhammer attack called RAMBleed was detected affecting DRAM modules. Two critical remote code execution vulnerabilities were also uncovered in Exim software and Oracle’s Web Logic Server that could let attackers take control of victims’ systems.
In scams, scammers were found duping users into revealing their personal details and swindled money. These separate incidents included a fake Instagram post scam, a tech support scam as well as a cryptocurrency giveaway scam.
The following is a consolidated report of all major data breaches, malware, vulnerabilities and scams reported in June 2019.
Breaches
Hackers Hit Global Telcos in Espionage Campaign; Large Amounts of Personal and Corporate Data Stolen
Malware
Mirai Botnet Malware Offspring Graduates From University, Puts on a Suit, Slips Into Your Enterprise
Vulnerabilities
Nginx nJS will need patches, hotels exposed via security systems, Docker containers dinged, and more
Scams
Patches
Tags
Posted on: July 02, 2019
More from Cyware
Stay updated on the security threat landscape and technology innovations at Cyware with our threat intelligence briefings and blogs.