Products
Cyber Fusion Center

Stay ahead of threats with our cyber fusion solutions for threat intelligence sharing and analysis, threat response, and security automation.
Learn More

Threat Intelligence Platforms (TIP)

Intel Exchange

Intel Exchange Lite

Collaborate
Security Orchestration and Automation (SOAR)

Respond

Orchestrate
Threat Intelligence Ecosystem

Solutions for ISACs, ISAOs, and CERTs

Solutions for ISAC, ISAO, and CERT Members

Intel Exchange Spoke

Cyware Browser Extension
Partners

Partners & Integrations

Learn how our solutions seamlessly connect with other tools and technology partners to fit your security needs.

Channel Partners

MSSPs

Technology Alliances

Open APIs

MISP

Register a Deal

CywareOne Login
Resources

Resources Library

Stay updated on the cyber threat landscape with free daily alerts, the latest industry reports, security trends, and more.

Resource Library

Cyware Labs: Research & Threat Briefings

Security Guides

Free Threat Intel Feeds

Webinars & Videos

Community Resources

Cyware Academy
Company

Contact Us

Get in touch with our team to learn more about our solutions and how they can help your organization.

Get in Touch

Leadership

Careers
We’re Hiring

Cyware in the News

Press Releases

Compliance

Login

Go to listing page

List of Data Breaches, Malware, Vulnerabilities, Scams, and Issued Patches in March 2019

Threat Actor
Breach, Incident
Vulnerability
Malware

List of Data Breaches, Malware, Vulnerabilities, Scams, and Issued Patches in March 2019

Share Blog Post

Just like the previous month, March too witnessed a volley of cybersecurity-related incidents.

Researchers uncovered the latest versions of several existing malware such as Emotet trojan, Ursnif trojan, Mirai botnet, GarrantyDecrypt ransomware, CryptoMix Clop ransomware and STOP ransomware targeting several organizations, systems, processes and more. Additionally, some infamous malware that includes the name of Adwind RAT, DMSniff and H-Worm made a comeback in different attack campaigns. Security researchers also spotted various new malware such as Pirate Matryoshka, StealthWorker, SLUB backdoor, Yatron ransomware, GlitchPoS and Gustuff affecting several industries in different sectors.

Talking about data breaches, ‘GnosticPlayers’ hacker came up with the fourth set of massive data (around 26 million user records) stolen from six different companies. The data was put up for sale at a price of $4.940 or 1.2431 bitcoin on a dark web forum. Also, two new unique sets of databases containing a total of 69,186 stolen Pakistani banks’ cards were put up for sale on the infamous Joker’s Stash market forum.

The month also saw the discovery of several new vulnerabilities in different products, the prominent one being the ‘SPOILER ATTACK’ vulnerability in Intel’s CPUs and the ‘Evil Cursor’ bug in Google’s Chrome browser.

In patches, Apple rolled out security updates for 51 security flaws found across its multiple products that use iOS 12.2. The flaws impacted the 6th generation iPods and the latest versions of iPhone 5s & iPad Air. Other major security updates include fixes for Cross-Site Scripting vulnerability in WordPress 5.1.1, three critical flaws in Ubuntu 18.04 LTS operating system and a serious ‘Denial-of-Service’ bug in Facebook Fizz.

Here is the aggregated list of breaches, malware, vulnerabilities, scams and patches that were reported in March.

Breaches

Iran-backed hackers hit both U.K., Australian parliaments, says report

Hackers scrawl ‘Jerusalem is capital of Palestine’ across many Israeli web pages

Open MongoDB Databases Expose Chinese Surveillance Data; 364 Million Profiles at Risk

South African voter details exposed on IEC website

#OpJerusalem Targeted Israeli Windows Users with JCry Ransomware

Rush Reports Data Breach Involving 45,000 Patients

Saudi caller ID app leaves data of 5+ million users in unsecured MongoDB server

Chinese hackers reportedly targeted 27 universities for military secrets

More healthcare facilities affected by Wolverine Solutions Group data breach come forward

An Email Marketing Company Left 809 Million Records Exposed Online

Grinnell, Oberlin and Hamilton applicants ransomed over hacked application info

Iranian-backed hackers stole data from U.S. government contractor

Latest Pakistan bank-card fraud looks like an actual breach, researchers say

Update: New research suggests that marketing email database breach impacts more than 2 Billion contact records

Columbia Surgical Specialists pay $15,000 ransom to unlock files

Hapless engineers leave UK cable landing station gate open, couple of journos waltz right in

Creepy Database Lists 'BreedReady' Status for 1.8 Million Women

Cyberattack with ransom demand has disrupted public defenders for weeks

Kathmandu investigating month-long data security breach

Dozens of High-Profile Box Accounts Found Leaking Sensitive Data; Major Tech Companies and Corporate Giants Impacted

Chinese IT Services Giant Harvests Contacts, Tracks Users

Sportswear brand FILA falls victim to the card-stealing JavaScript infection

Pakistani Government Site Compromised, Logs Visitor Keystrokes

Unsecured Database Exposed 33 Million Job Profiles in China

Dark Web Marketplace Offering Major Ad Platform Login

Unsecured Gearbest server exposes millions of shoppers and their orders

Personal information of over 800,000 blood donors exposed online

Database leaks 250K legal documents, some marked 'not designated for publication'

Marketing email hacker returns and puts 26 million user records for sale on the Dark Web

HSE website users are having data ‘leaked to commercial actors’, report warns

Virus Shuts Down North Carolina County's Computer Network

Education and Science Giant Elsevier Left Users’ Passwords Exposed Online

Glitch exposes Sprint customer data to other users

Payment Card Thieves Slip into MyPillow and AmeriSleep Bedding Sites

Devicemaker data breach exposes 277K patients' information

Passwords and usernames of staff from MOH, MOE and other agencies stolen and put up for sale by hackers

Facebook Stored Hundreds of Millions of User Passwords in Plain Text for Years

Nokia firmware blunder sent some user data to China

Oregon state agency suffers data breach, potentially exposing personal information

Ransomware Forces Two Chemical Companies to Order ‘Hundreds of New Computers’

This Spyware Data Leak Is So Bad We Can't Even Tell You About It

Kanopy Data Breach Reveal Movies Members Have Been Streaming

FEMA Improperly Released Personal Information of 2.3 Million Disaster Victims

Spear Phishing Scheme Dupes Nine Staff Members at Oregon DHS Compromising PHI of 350,000 in Over 2M Emails

Virus attacks Spain's defense intranet, foreign state suspected

More than 110,000 Australians caught up in September's Facebook cyber-attack

Ransomware Hits Garage of Canadian Domain Registration Authority

N.S.A. Contractor Arrested in Biggest Breach of U.S. Secrets Pleads Guilty

Toyota announces second security breach in the last five weeks

Earl Enterprises Suffers Data Breach; Several Restaurant Brands like Buca di Beppo, Planet Hollywood and Earl of Sandwich Impacted

Malware

Fake Browser Updates Push Ransomware and Bank Malware

Cybaze-Yoroi ZLab analyze GoBrut: A new GoLang Botnet

Exposed Docker Control API and Community Image Abused to Deliver Cryptocurrency-Mining Malware

Necurs Botnet Evolves to Hide in the Shadows, with New Payloads

Op 'Sharpshooter' Connected to North Korea's Lazarus Group

Ransomware Pretends to Be Proton Security Team Securing Data From Hackers

New GarrantyDecrypt ransomware variant impersonates the security team for Proton Technologies

Malware is Hiding in Script Injection and Bypasses AV Detection

JAVA-VBS Joint Exercise Delivers RAT

Fileless Banking Trojan Targeting Brazilian Banks Downloads Possible Botnet Capability, Info Stealers

Triton is the world’s most murderous malware, and it’s spreading

Jokeroo Ransomware-as-a-Service Offers Multiple Membership Packages

PINCHY SPIDER Adopts “Big Game Hunting” to Distribute GandCrab

CMS hackers focus on WordPress

New CryptoMix Clop Ransomware Variant Claims to Target Networks

StealthWorker Malware Uses Windows, Linux Bots to Hack Websites

Cybaz-Yoroi ZLAB shed the light on Op. ‘Pistacchietto’: An Italian Job

Fileless Malware Targeting Brazilian and Thai Bank Customers With Multiple Threats

Attack Campaign Using Fake Browser Updates to Deliver Ransomware and Banking Malware

New SLUB Backdoor Uses GitHub, Communicates via Slack

Egypt government used Gmail third-party apps to phish activists

RSA Conference 2019: Emotet Takes Aim at Latin America

STOP Ransomware Installing Password Stealing Trojans on Victims

Free decrypters for BigBobRoss ransomware released

Inside the Emotet Banking Trojan and Malware Distributor

WordPress shopping sites under attack

Apex Legends for Android: a Fake App could Compromise your Smartphone

Researchers Find Critical Backdoor in Swiss Online Voting System

This banking malware just returned with new sneaky tricks to steal you data

Yatron Ransomware Plans to Spread Using EternalBlue NSA Exploits

Facebook phishing campaign hitting iOS users

Operation Comando: How to Run a Cheap and Effective Credit Card Business

Malware Spreads As a Worm, Uses Cryptojacking Module to Mine for Monero

New BitLocker attack puts laptops storing sensitive data at risk

Malicious Counter-Strike 1.6 servers used zero-days to infect users with malware

Point of sale malware campaign targets hospitality and entertainment businesses

Beware of Bitcoin Investment Emails Pushing Clipboard Hijackers

Android Adware ‘SimBad’ detected in 206 Android apps with almost 150 million installs

Attackers Sending Out Fake CDC Flu Warnings to Distribute GandCrab

Multi-Factor Auth Bypassed in Office 365 and G Suite IMAP Attacks

Nasty WinRAR bug is being actively exploited to install hard-to-detect malware

New report pins down location of Emotet RAT controllers

Spam Warns about Boeing 737 Max Crashes While Pushing Malware

Password-spraying attacks abuse IMAP to break into cloud accounts

US-CERT warns of New Zealand mosque shooting scams and malware campaigns

Center for Internet Security warns of Trickbot

New Mirai Variant Comes with 27 Exploits, Targets Enterprise Devices

JNEC.a Ransomware Spread by WinRAR Ace Exploit

Cardinal RAT Sins Again, Targets Israeli Fin-Tech Firms

Check Point Forensic Files: Monero CryptoMiner Campaign Adapts APT Techniques

Netflix and AMEX Customers Actively Targeted by Phishing Campaigns

“Bad Tidings” Phishing Campaign Impersonates Saudi Government Agencies and a Saudi Financial Institution

Fake or Fake: Keeping up with OceanLotus decoys

NSO Group spyware used to target widow of Mexican journalist, researchers say

Hacking Microcontroller Firmware through a USB

Iphone malvertising app downloaded millions of times calls 22 known malicious servers

AZORult++: Rewriting history

The odd case of a Gh0stRAT variant

Hackers Hijacked ASUS Software Updates to Install Backdoors on Thousands of Computers

Anubis II - malware and after life

TrickBot Creators Collaborate With BokBot to Conduct Man-in-the-Middle Attacks

PewDiePie ransomware oblige users subscribe to PewDiePie YouTube channel

Malware Payloads Hide in Images: Steganography Gets a Reboot

A Guide to LockerGoga, the Ransomware Crippling Industrial Firms

Emsisoft has Released a Decryptor for the Hacked Ransomware

The Ursnif Gangs keep Threatening Italy

Hackers abuse Magento PayPal integration to test validity of stolen credit cards

Gustuff Android banking trojan found targeting more than 125 banking, IM, and cryptocurrency apps

UNNAM3D Ransomware Locks Files in Protected Archives, Demands Gift Cards

Vigilantes Counter Christchurch Manifesto with Weaponized Version

SQL Injection in Magento Core

Hundreds of compromised Wordpress and Joomla websites are serving up malware to visitors

Hackers Hid Poorly Targeted Malware in Plain Sight On Google Play Store

North Korea-Linked Hackers Target macOS Users

Malware researchers decrypted the Qrypter Payload

Emotet-Distributed Ransomware Loader for Nozelesn Found via Managed Detection and Response

Massively invasive Italian spyware campaign found on Google Play

Vulnerabilities

Vulnerability exposes location of thousands of malware C&C servers

Analyzing a Windows DHCP Server Bug (CVE-2019-0626)

Adobe Patches ColdFusion Vulnerability Exploited in the Wild

New exploit lets attackers take control of Windows IoT Core devices

Newly discovered vulnerability could allow attackers to take full control of Windows IoT Core devices

Data leaks, default passwords exposed in visitor management systems

Google’s Project Zero reveals zero-day macOS vulnerability to the public

Container Escape Hack Targets Vulnerable Linux Kernel

RSA products found to have security flaws

Remote-Root Bug in Logitech Harmony Hub Patched and Explained

Outdoor Tech’s Chips ski helmet speakers are a hot mess of security flaws

Vulnerable Docker Hosts Actively Abused in Cryptojacking Campaigns

Microsoft Zero-Day Allows Exploits to Sneak Past Sandboxes

Majority of 400 Vulnerable Docker Servers Found to Be Mining Monero, Research Shows

All Intel Chips Open to New Spoiler Non-Spectre Attack

Emotet, Lokibot, TrickBot still impacting enterprise environments globally

Google reveals Chrome zero-day under active attacks

UPnP-enabled Connected Devices in the Home and Unpatched Known Vulnerabilities

WDS bug lets hackers hijack Windows Servers via malformed TFTP packets

Word Bug Allows Attackers to Sneak Exploits Past Anti-Malware Defenses

Vulnerability in Windows Deployment Services could allow attackers to hijack Windows server installations

Hackers Revive Microsoft Office Equation Editor Exploit

Security holes found in big brand car alarms

Several Industrial Automation Products Affected by WibuKey DRM Flaws

Google Issues Urgent Warning for Windows 7 Users

RSA Conference 2019: Ultrasound Hacked in Two Clicks

Facebook Messenger Bug May Have Exposed Who You Chatted With

Severe Flaw Disclosed In StackStorm DevOps Automation Software

Unpatched Windows Bug Allows Attackers to Spoof Security Dialog Boxes

The fourth horseman: CVE-2019-0797 vulnerability

Serious Crypto Flaw Affects Australian E-Voting Systems

Security researchers found over 40 bugs in blockchain platforms in 30 days

DoS vulnerability found in Cisco SPA514G IP phones

Proof-of-concept code published for Windows 7 zero-day

Code Execution Flaw Found in Sonatype Nexus Repository Manager

Fujitsu wireless keyboard model vulnerable to keystroke injection attacks

AMD Believes SPOILER Vulnerability Does Not Impact Its Processors

Denial of Service vulnerability discovered in Triconex TriStation Software Suite Emulator

Kaspersky Lab uncovers Windows zero-day exploited by recently-discovered threat actor

Host of Flaws Found in CUJO Smart Firewall

Vulnerability in SoftNAS Cloud allows attackers to bypass authentication

Google Photos vulnerability could have let hackers retrieve image metadata

Severe security bug found in popular PHP library for creating PDF files

The ‘Katz’ Out of the Bag: Catching Mimikatz With Anomaly Detection

Vulnerability in NSA's Reverse Engineering Tool Allows Remote Code Execution

Internet-Exposed IBM BigFix Relays May Lead to Full Remote Compromise

Multiple vulnerabilities found in Java Card

Zero-day in WordPress SMTP plugin abused by two hacker groups

FDA Says Cybersecurity Vulnerabilities Found in Some Medtronic Devices

Security flaw put RBS customers at risk of cyber-attack

Researchers find 36 new security flaws in LTE protocol

Abuse of hidden “well-known” directory in HTTPS sites

Huawei Driver Allowed Windows 10 Laptops to Be Fully Compromised

xen1thLabs Discovered Critical Vulnerability in Cisco IP Phones

Unpatched vulnerability in MikroTik RouterOS enables easily exploitable denial of service attack

Vuls in Pydio 8 Allow Escalated Admin Access

Researchers discover and abuse new undocumented feature in Intel chipsets

Critical Flaw Allows Hackers to Take Control of PowerFlex AC Drives

Hackers publish details on critical Magento flaw

Scams

Remove "Windows Defender Alert : Error Code # 0x3e7" Pop-up Scam

‘Cryptocurrency’ Founder Indicted Over Alleged $6m Scam

Beware of These IRS Phishing Scams During Tax Season

Scammers Are Spoofing DHS Phone Numbers to Get Your Personal Info

FBI San Francisco Warns the Public of the Dangers of SIM Swapping

Bulgarian cyber security chief warns public against online scams

FTC Issue PSA on Social Security Number Scams

Decoding the ATM Skimming Attack — Krebs on Security

New "Final Warning" Sextortion Emails State Adult Sites Infected You

DHS Issues Fraud Alert Regarding Phone Scam

Add DEA to the List of Agencies Phone Scammers Are Impersonating

Christchurch donation scam warning

Attackers Sending Fake Copyright Infringement Notices to Instagram Users

New Sextortion Email Uses CIA Investigation as Scare Tactic

Fake eBay Ad in Google Search Led to Tech Support Scams

Bitcoin Fraudster Duped Italian Investors out of $300,000 in Gold & Crypto

An Ad Fraud Scheme Targeting Android Apps And Twitter’s Ad Network Cost Advertisers Millions

Two Found Guilty in Online Dating, BEC Scheme

Google and Facebook got tricked out of $123 million by a scam that costs small businesses billions every year

Office Depot pays $35 million over claims it lied to customers about malware infections

Chinese Embassy Robocall Scam Rakes in $40M From Victims

Patches

Windows 10 Update KB4482887 Released With Performance Fix for Spectre Bug

Bugs fixed after ethical hackers find 26 weak spots in govt systems

Cloudflare Deploys Firewall Rule to Block New Drupal Exploits

Android Security Patch for March 2019 Now Rolling Out with 45 Security Fixes

Canonical Releases New Linux Kernel Security Update for Ubuntu 18.04 LTS

Rockwell Automation Patches Critical DoS/RCE Flaw in RSLinx Software

NX-OS-hit! Got Cisco Nexus and MDS 9000 switches? Then you've got patching to do, too

Ubuntu 14.04.6 LTS (Trusty Tahr) Released with Patched APT Package Manager

Opera Browser Updated with Google Chrome Security Fix

Google Patches Critical Bluetooth RCE Bug

Adobe Patch Tuesday covers Photoshop CC and Digital Editions

Microsoft Patches Two Windows Zero-days

Wordpress 5.1.1 Fixes XSS Vulnerability Leading to Website Takeovers

Canonical Releases Minor Linux Kernel Security Update for Ubuntu 14.04 LTS

Intel Fixes High Severity Vulnerabilities in Graphics Driver for Windows

Libssh Releases Update to Patch 9 New Security Vulnerabilities

Microsoft to fix 'novel bug class' discovered by Google engineer

VMware security advisories issued

'Critical' Denial-of-Service Bug Patched in Facebook Fizz

Cisco Patches High-Severity Flaws in IP Phones

WordPress Plugin Removed After Zero Day Discovered

Google fixes Chrome 'evil cursor' bug abused by tech support scam sites

Apple patches more than 50 security bugs

Stored XSS Patched in WordPress 5.1.1

NVIDIA Patches High Severity GeForce Experience Vulnerability

Cisco Releases Flood of Patches for IOS XE and Small Business Routers

Gamers Urged to Patch Critical Bugs in GOG Galaxy

Hackers fix 20 security flaws in cryptocurrency-related platforms in 2 weeks

VMware Patches Flaws Disclosed at Pwn2Own 2019

Tags

cross site scripting vulnerability

unprotected mongodb databases

slub backdoor

ursnif trojan

emotet trojan

azorult trojan

glitchpos

Posted on: April 01, 2019

More from Cyware

Stay updated on the security threat landscape and technology innovations at Cyware with our threat intelligence briefings and blogs.

The Virtual Cyber Fusion Suite

Explore Solutions

Capabilities

Resource Library

Use Cases