The month of June witnessed a flurry of new malware, newly discovered vulnerabilities and attack methods used by threat actors. In addition to these, numerous breach incidents were also reported which affected renowned organizations as well as major businesses, and institutions.
New versions of Dridex trojan, Mirai botnet, Sodinokibi ransomware, and FormBook trojan among others were found being used by cybercriminals to execute their malicious and phishing tasks. Apart from new variants, security researchers also discovered new and sophisticated malware like GoldBrute botnet, Silex botnet, ATMJaDi info-stealer, ViceLeaker trojan among others. Conversely, decryptors for two prominent ransomware - GandCrab and pyLocky - were also released to help victims recover encrypted files.
The past month saw cyber attacks on various universities such as University of Chicago Medicine, Australian National University, Shanghai Jiao Tong University, Oregon State University, Graceland University, and Missouri Southern State University. A majority of attacks were carried out through phishing emails, resulting in the loss of personal and financial information of staff, students and parents.
In a major data breach incident reported in June, AMCA’s payment system had affected over 20 million individuals of five different diagnostic firms. The affected diagnostic companies were Quest Diagnostics, LabCorp, BioReference Laboratories, Carecentrix, and Sunrise Laboratories.
A threat actor who goes by the online name of ‘Achilles’ was found selling network access of many high-profile corporations that included UNICEF, Transat, Comodo Group, and Symantec, on online underground forums.
With ransomware attacks creating chaos worldwide, several cities and organizations were forced to pay the ransoms in order to recover their encrypted data and systems. This included N.E.O Urology in Ohio, City council of Riviera Beach & Lake City in Florida, Estes Park Health in Colorado.
Security researchers had also uncovered several cyber espionage campaigns namely, IPStorm, FishWrap, PCASTLE and Bouncing Golf that were launched against multiple firms. Two new attack methods named Tap n’ Ghost and Malboard that could be used against Android phones and computers were also uncovered in June.
Talking about vulnerabilities, a new version of Rowhammer attack called RAMBleed was detected affecting DRAM modules. Two critical remote code execution vulnerabilities were also uncovered in Exim software and Oracle’s Web Logic Server that could let attackers take control of victims’ systems.
In scams, scammers were found duping users into revealing their personal details and swindled money. These separate incidents included a fake Instagram post scam, a tech support scam as well as a cryptocurrency giveaway scam.
The following is a consolidated report of all major data breaches, malware, vulnerabilities and scams reported in June 2019.