List of Data Breaches, Malware, Vulnerabilities, Scams, and Issued Patches in June, 2019

See All
The month of June witnessed a flurry of new malware, newly discovered vulnerabilities and attack methods used by threat actors. In addition to these, numerous breach incidents were also reported which affected renowned organizations as well as major businesses, and institutions. 

New versions of Dridex trojan, Mirai botnet, Sodinokibi ransomware, and FormBook trojan among others were found being used by cybercriminals to execute their malicious and phishing tasks. Apart from new variants, security researchers also discovered new and sophisticated malware like GoldBrute botnet, Silex botnet, ATMJaDi info-stealer, ViceLeaker trojan among others. Conversely, decryptors for two prominent ransomware - GandCrab and pyLocky - were also released to help victims recover encrypted files.    

The past month saw cyber attacks on various universities such as University of Chicago Medicine, Australian National University, Shanghai Jiao Tong University, Oregon State University, Graceland University, and Missouri Southern State University. A majority of attacks were carried out through phishing emails, resulting in the loss of personal and financial information of staff, students and parents. 

In a major data breach incident reported in June, AMCA’s payment system had affected over 20 million individuals of five different diagnostic firms. The affected diagnostic companies were Quest Diagnostics, LabCorp, BioReference Laboratories, Carecentrix, and Sunrise Laboratories.

A threat actor who goes by the online name of ‘Achilles’ was found selling network access of many high-profile corporations that included UNICEF, Transat, Comodo Group, and Symantec, on online underground forums. 

With ransomware attacks creating chaos worldwide, several cities and organizations were forced to pay the ransoms in order to recover their encrypted data and systems. This included N.E.O Urology in Ohio, City council of Riviera Beach & Lake City in Florida, Estes Park Health in Colorado.

Security researchers had also uncovered several cyber espionage campaigns namely, IPStorm, FishWrap, PCASTLE and Bouncing Golf that were launched against multiple firms. Two new attack methods named Tap n’ Ghost and Malboard that could be used against Android phones and computers were also uncovered in June. 

Talking about vulnerabilities, a new version of Rowhammer attack called RAMBleed was detected affecting DRAM modules. Two critical remote code execution vulnerabilities were also uncovered in Exim software and Oracle’s Web Logic Server that could let attackers take control of victims’ systems.  

In scams, scammers were found duping users into revealing their personal details and swindled money. These separate incidents included a fake Instagram post scam, a tech support scam as well as a cryptocurrency giveaway scam.   

The following is a consolidated report of all major data breaches, malware, vulnerabilities and scams reported in June 2019.

Breaches

Malware

Vulnerabilities

Scams

Patches


See Our Products In Action




  • Share this blog:
Previous
APT10: A Chinese Hacking Group Targeting Managed Service Providers Through Spear Phishing
Next
Why Research and Education Sector Needs to Scale Up its Information Sharing Activities?
To enhance your experience on our website, we use cookies to help us understand how you interact with our website. By continuing navigating through Cyware’s website and its products, you are accepting the placement and use of cookies. You can also choose to disable your web browser’s ability to accept cookies and how they are set. For more information, please see our Privacy Policy.