List of Data Breaches, Malware, Vulnerabilities, Scams, and Issued Patches in March 2019
Cross-site Scripting Vulnerability • Apr 1, 2019
Just like the previous month, March too witnessed a volley of cybersecurity-related incidents.
Researchers uncovered the latest versions of several existing malware such as Emotet trojan, Ursnif trojan, Mirai botnet, GarrantyDecrypt ransomware, CryptoMix Clop ransomware and STOP ransomware targeting several organizations, systems, processes and more. Additionally, some infamous malware that includes the name of Adwind RAT, DMSniff and H-Worm made a comeback in different attack campaigns. Security researchers also spotted various new malware such as Pirate Matryoshka, StealthWorker, SLUB backdoor, Yatron ransomware, GlitchPoS and Gustuff affecting several industries in different sectors.
Talking about data breaches, ‘GnosticPlayers’ hacker came up with the fourth set of massive data (around 26 million user records) stolen from six different companies. The data was put up for sale at a price of $4.940 or 1.2431 bitcoin on a dark web forum. Also, two new unique sets of databases containing a total of 69,186 stolen Pakistani banks’ cards were put up for sale on the infamous Joker’s Stash market forum.
The month also saw the discovery of several new vulnerabilities in different products, the prominent one being the ‘SPOILER ATTACK’ vulnerability in Intel’s CPUs and the ‘Evil Cursor’ bug in Google’s Chrome browser.
In patches, Apple rolled out security updates for 51 security flaws found across its multiple products that use iOS 12.2. The flaws impacted the 6th generation iPods and the latest versions of iPhone 5s & iPad Air. Other major security updates include fixes for Cross-Site Scripting vulnerability in WordPress 5.1.1, three critical flaws in Ubuntu 18.04 LTS operating system and a serious ‘Denial-of-Service’ bug in Facebook Fizz.
Here is the aggregated list of breaches, malware, vulnerabilities, scams and patches that were reported in March.
Breaches
Iran-backed hackers hit both U.K., Australian parliaments, says report
Hackers scrawl ‘Jerusalem is capital of Palestine’ across many Israeli web pages
Open MongoDB Databases Expose Chinese Surveillance Data; 364 Million Profiles at Risk
South African voter details exposed on IEC website
#OpJerusalem Targeted Israeli Windows Users with JCry Ransomware
Rush Reports Data Breach Involving 45,000 Patients
Saudi caller ID app leaves data of 5+ million users in unsecured MongoDB server
Chinese hackers reportedly targeted 27 universities for military secrets
More healthcare facilities affected by Wolverine Solutions Group data breach come forward
An Email Marketing Company Left 809 Million Records Exposed Online
Grinnell, Oberlin and Hamilton applicants ransomed over hacked application info
Iranian-backed hackers stole data from U.S. government contractor
Latest Pakistan bank-card fraud looks like an actual breach, researchers say
Columbia Surgical Specialists pay $15,000 ransom to unlock files
Hapless engineers leave UK cable landing station gate open, couple of journos waltz right in
Creepy Database Lists 'BreedReady' Status for 1.8 Million Women
Cyberattack with ransom demand has disrupted public defenders for weeks
Kathmandu investigating month-long data security breach
Chinese IT Services Giant Harvests Contacts, Tracks Users
Sportswear brand FILA falls victim to the card-stealing JavaScript infection
Pakistani Government Site Compromised, Logs Visitor Keystrokes
Unsecured Database Exposed 33 Million Job Profiles in China
Dark Web Marketplace Offering Major Ad Platform Login
Unsecured Gearbest server exposes millions of shoppers and their orders
Personal information of over 800,000 blood donors exposed online
Database leaks 250K legal documents, some marked 'not designated for publication'
Marketing email hacker returns and puts 26 million user records for sale on the Dark Web
HSE website users are having data ‘leaked to commercial actors’, report warns
Virus Shuts Down North Carolina County's Computer Network
Education and Science Giant Elsevier Left Users’ Passwords Exposed Online
Glitch exposes Sprint customer data to other users
Payment Card Thieves Slip into MyPillow and AmeriSleep Bedding Sites
Devicemaker data breach exposes 277K patients' information
Facebook Stored Hundreds of Millions of User Passwords in Plain Text for Years
Nokia firmware blunder sent some user data to China
Oregon state agency suffers data breach, potentially exposing personal information
Ransomware Forces Two Chemical Companies to Order ‘Hundreds of New Computers’
This Spyware Data Leak Is So Bad We Can't Even Tell You About It
Kanopy Data Breach Reveal Movies Members Have Been Streaming
FEMA Improperly Released Personal Information of 2.3 Million Disaster Victims
Virus attacks Spain's defense intranet, foreign state suspected
More than 110,000 Australians caught up in September's Facebook cyber-attack
Ransomware Hits Garage of Canadian Domain Registration Authority
N.S.A. Contractor Arrested in Biggest Breach of U.S. Secrets Pleads Guilty
Toyota announces second security breach in the last five weeks
Malware
Fake Browser Updates Push Ransomware and Bank Malware
Cybaze-Yoroi ZLab analyze GoBrut: A new GoLang Botnet
Exposed Docker Control API and Community Image Abused to Deliver Cryptocurrency-Mining Malware
Necurs Botnet Evolves to Hide in the Shadows, with New Payloads
Op 'Sharpshooter' Connected to North Korea's Lazarus Group
Ransomware Pretends to Be Proton Security Team Securing Data From Hackers
New GarrantyDecrypt ransomware variant impersonates the security team for Proton Technologies
Malware is Hiding in Script Injection and Bypasses AV Detection
JAVA-VBS Joint Exercise Delivers RAT
Triton is the world’s most murderous malware, and it’s spreading
Jokeroo Ransomware-as-a-Service Offers Multiple Membership Packages
PINCHY SPIDER Adopts “Big Game Hunting” to Distribute GandCrab
CMS hackers focus on WordPress
New CryptoMix Clop Ransomware Variant Claims to Target Networks
StealthWorker Malware Uses Windows, Linux Bots to Hack Websites
Cybaz-Yoroi ZLAB shed the light on Op. ‘Pistacchietto’: An Italian Job
Fileless Malware Targeting Brazilian and Thai Bank Customers With Multiple Threats
Attack Campaign Using Fake Browser Updates to Deliver Ransomware and Banking Malware
New SLUB Backdoor Uses GitHub, Communicates via Slack
Egypt government used Gmail third-party apps to phish activists
RSA Conference 2019: Emotet Takes Aim at Latin America
STOP Ransomware Installing Password Stealing Trojans on Victims
Free decrypters for BigBobRoss ransomware released
Inside the Emotet Banking Trojan and Malware Distributor
WordPress shopping sites under attack
Apex Legends for Android: a Fake App could Compromise your Smartphone
Researchers Find Critical Backdoor in Swiss Online Voting System
This banking malware just returned with new sneaky tricks to steal you data
Yatron Ransomware Plans to Spread Using EternalBlue NSA Exploits
Facebook phishing campaign hitting iOS users
Operation Comando: How to Run a Cheap and Effective Credit Card Business
Malware Spreads As a Worm, Uses Cryptojacking Module to Mine for Monero
New BitLocker attack puts laptops storing sensitive data at risk
Malicious Counter-Strike 1.6 servers used zero-days to infect users with malware
Point of sale malware campaign targets hospitality and entertainment businesses
Beware of Bitcoin Investment Emails Pushing Clipboard Hijackers
Android Adware ‘SimBad’ detected in 206 Android apps with almost 150 million installs
Attackers Sending Out Fake CDC Flu Warnings to Distribute GandCrab
Multi-Factor Auth Bypassed in Office 365 and G Suite IMAP Attacks
Nasty WinRAR bug is being actively exploited to install hard-to-detect malware
New report pins down location of Emotet RAT controllers
Spam Warns about Boeing 737 Max Crashes While Pushing Malware
Password-spraying attacks abuse IMAP to break into cloud accounts
US-CERT warns of New Zealand mosque shooting scams and malware campaigns
Center for Internet Security warns of Trickbot
New Mirai Variant Comes with 27 Exploits, Targets Enterprise Devices
JNEC.a Ransomware Spread by WinRAR Ace Exploit
Cardinal RAT Sins Again, Targets Israeli Fin-Tech Firms
Check Point Forensic Files: Monero CryptoMiner Campaign Adapts APT Techniques
Netflix and AMEX Customers Actively Targeted by Phishing Campaigns
Fake or Fake: Keeping up with OceanLotus decoys
NSO Group spyware used to target widow of Mexican journalist, researchers say
Hacking Microcontroller Firmware through a USB
Iphone malvertising app downloaded millions of times calls 22 known malicious servers
The odd case of a Gh0stRAT variant
Hackers Hijacked ASUS Software Updates to Install Backdoors on Thousands of Computers
Anubis II - malware and after life
TrickBot Creators Collaborate With BokBot to Conduct Man-in-the-Middle Attacks
PewDiePie ransomware oblige users subscribe to PewDiePie YouTube channel
Malware Payloads Hide in Images: Steganography Gets a Reboot
A Guide to LockerGoga, the Ransomware Crippling Industrial Firms
Emsisoft has Released a Decryptor for the Hacked Ransomware
The Ursnif Gangs keep Threatening Italy
Hackers abuse Magento PayPal integration to test validity of stolen credit cards
Gustuff Android banking trojan found targeting more than 125 banking, IM, and cryptocurrency apps
UNNAM3D Ransomware Locks Files in Protected Archives, Demands Gift Cards
Vigilantes Counter Christchurch Manifesto with Weaponized Version
Hundreds of compromised Wordpress and Joomla websites are serving up malware to visitors
Hackers Hid Poorly Targeted Malware in Plain Sight On Google Play Store
North Korea-Linked Hackers Target macOS Users
Malware researchers decrypted the Qrypter Payload
Emotet-Distributed Ransomware Loader for Nozelesn Found via Managed Detection and Response
Massively invasive Italian spyware campaign found on Google Play
Vulnerabilities
Vulnerability exposes location of thousands of malware C&C servers
Analyzing a Windows DHCP Server Bug (CVE-2019-0626)
Adobe Patches ColdFusion Vulnerability Exploited in the Wild
New exploit lets attackers take control of Windows IoT Core devices
Data leaks, default passwords exposed in visitor management systems
Google’s Project Zero reveals zero-day macOS vulnerability to the public
Container Escape Hack Targets Vulnerable Linux Kernel
RSA products found to have security flaws
Remote-Root Bug in Logitech Harmony Hub Patched and Explained
Outdoor Tech’s Chips ski helmet speakers are a hot mess of security flaws
Vulnerable Docker Hosts Actively Abused in Cryptojacking Campaigns
Microsoft Zero-Day Allows Exploits to Sneak Past Sandboxes
Majority of 400 Vulnerable Docker Servers Found to Be Mining Monero, Research Shows
All Intel Chips Open to New Spoiler Non-Spectre Attack
Emotet, Lokibot, TrickBot still impacting enterprise environments globally
Google reveals Chrome zero-day under active attacks
UPnP-enabled Connected Devices in the Home and Unpatched Known Vulnerabilities
WDS bug lets hackers hijack Windows Servers via malformed TFTP packets
Word Bug Allows Attackers to Sneak Exploits Past Anti-Malware Defenses
Hackers Revive Microsoft Office Equation Editor Exploit
Security holes found in big brand car alarms
Several Industrial Automation Products Affected by WibuKey DRM Flaws
Google Issues Urgent Warning for Windows 7 Users
RSA Conference 2019: Ultrasound Hacked in Two Clicks
Facebook Messenger Bug May Have Exposed Who You Chatted With
Severe Flaw Disclosed In StackStorm DevOps Automation Software
Unpatched Windows Bug Allows Attackers to Spoof Security Dialog Boxes
The fourth horseman: CVE-2019-0797 vulnerability
Serious Crypto Flaw Affects Australian E-Voting Systems
Security researchers found over 40 bugs in blockchain platforms in 30 days
DoS vulnerability found in Cisco SPA514G IP phones
Proof-of-concept code published for Windows 7 zero-day
Code Execution Flaw Found in Sonatype Nexus Repository Manager
Fujitsu wireless keyboard model vulnerable to keystroke injection attacks
AMD Believes SPOILER Vulnerability Does Not Impact Its Processors
Denial of Service vulnerability discovered in Triconex TriStation Software Suite Emulator
Kaspersky Lab uncovers Windows zero-day exploited by recently-discovered threat actor
Host of Flaws Found in CUJO Smart Firewall
Vulnerability in SoftNAS Cloud allows attackers to bypass authentication
Google Photos vulnerability could have let hackers retrieve image metadata
Severe security bug found in popular PHP library for creating PDF files
The ‘Katz’ Out of the Bag: Catching Mimikatz With Anomaly Detection
Vulnerability in NSA's Reverse Engineering Tool Allows Remote Code Execution
Internet-Exposed IBM BigFix Relays May Lead to Full Remote Compromise
Multiple vulnerabilities found in Java Card
Zero-day in WordPress SMTP plugin abused by two hacker groups
FDA Says Cybersecurity Vulnerabilities Found in Some Medtronic Devices
Security flaw put RBS customers at risk of cyber-attack
Researchers find 36 new security flaws in LTE protocol
Abuse of hidden “well-known” directory in HTTPS sites
Huawei Driver Allowed Windows 10 Laptops to Be Fully Compromised
xen1thLabs Discovered Critical Vulnerability in Cisco IP Phones
Unpatched vulnerability in MikroTik RouterOS enables easily exploitable denial of service attack
Vuls in Pydio 8 Allow Escalated Admin Access
Researchers discover and abuse new undocumented feature in Intel chipsets
Critical Flaw Allows Hackers to Take Control of PowerFlex AC Drives
Hackers publish details on critical Magento flaw
Scams
Remove "Windows Defender Alert : Error Code # 0x3e7" Pop-up Scam
‘Cryptocurrency’ Founder Indicted Over Alleged $6m Scam
Beware of These IRS Phishing Scams During Tax Season
Scammers Are Spoofing DHS Phone Numbers to Get Your Personal Info
FBI San Francisco Warns the Public of the Dangers of SIM Swapping
Bulgarian cyber security chief warns public against online scams
FTC Issue PSA on Social Security Number Scams
Decoding the ATM Skimming Attack — Krebs on Security
New "Final Warning" Sextortion Emails State Adult Sites Infected You
DHS Issues Fraud Alert Regarding Phone Scam
Add DEA to the List of Agencies Phone Scammers Are Impersonating
Christchurch donation scam warning
Attackers Sending Fake Copyright Infringement Notices to Instagram Users
New Sextortion Email Uses CIA Investigation as Scare Tactic
Fake eBay Ad in Google Search Led to Tech Support Scams
Bitcoin Fraudster Duped Italian Investors out of $300,000 in Gold & Crypto
An Ad Fraud Scheme Targeting Android Apps And Twitter’s Ad Network Cost Advertisers Millions
Two Found Guilty in Online Dating, BEC Scheme
Office Depot pays $35 million over claims it lied to customers about malware infections
Chinese Embassy Robocall Scam Rakes in $40M From Victims
Patches
Windows 10 Update KB4482887 Released With Performance Fix for Spectre Bug
Bugs fixed after ethical hackers find 26 weak spots in govt systems
Cloudflare Deploys Firewall Rule to Block New Drupal Exploits
Android Security Patch for March 2019 Now Rolling Out with 45 Security Fixes
Canonical Releases New Linux Kernel Security Update for Ubuntu 18.04 LTS
Rockwell Automation Patches Critical DoS/RCE Flaw in RSLinx Software
NX-OS-hit! Got Cisco Nexus and MDS 9000 switches? Then you've got patching to do, too
Ubuntu 14.04.6 LTS (Trusty Tahr) Released with Patched APT Package Manager
Opera Browser Updated with Google Chrome Security Fix
Google Patches Critical Bluetooth RCE Bug
Adobe Patch Tuesday covers Photoshop CC and Digital Editions
Microsoft Patches Two Windows Zero-days
Wordpress 5.1.1 Fixes XSS Vulnerability Leading to Website Takeovers
Canonical Releases Minor Linux Kernel Security Update for Ubuntu 14.04 LTS
Intel Fixes High Severity Vulnerabilities in Graphics Driver for Windows
Libssh Releases Update to Patch 9 New Security Vulnerabilities
Microsoft to fix 'novel bug class' discovered by Google engineer
VMware security advisories issued
'Critical' Denial-of-Service Bug Patched in Facebook Fizz
Cisco Patches High-Severity Flaws in IP Phones
WordPress Plugin Removed After Zero Day Discovered
Google fixes Chrome 'evil cursor' bug abused by tech support scam sites
Apple patches more than 50 security bugs
Stored XSS Patched in WordPress 5.1.1
NVIDIA Patches High Severity GeForce Experience Vulnerability
Cisco Releases Flood of Patches for IOS XE and Small Business Routers
Gamers Urged to Patch Critical Bugs in GOG Galaxy
Hackers fix 20 security flaws in cryptocurrency-related platforms in 2 weeks
