Just like the previous month, March too witnessed a volley of cybersecurity-related incidents.
Researchers uncovered the latest versions of several existing malware such as Emotet trojan, Ursnif trojan, Mirai botnet, GarrantyDecrypt ransomware, CryptoMix Clop ransomware and STOP ransomware targeting several organizations, systems, processes and more. Additionally, some infamous malware that includes the name of Adwind RAT, DMSniff and H-Worm made a comeback in different attack campaigns. Security researchers also spotted various new malware such as Pirate Matryoshka, StealthWorker, SLUB backdoor, Yatron ransomware, GlitchPoS and Gustuff affecting several industries in different sectors.
Talking about data breaches, ‘GnosticPlayers’ hacker came up with the fourth set of massive data (around 26 million user records) stolen from six different companies. The data was put up for sale at a price of $4.940 or 1.2431 bitcoin on a dark web forum. Also, two new unique sets of databases containing a total of 69,186 stolen Pakistani banks’ cards were put up for sale on the infamous Joker’s Stash market forum.
The month also saw the discovery of several new vulnerabilities in different products, the prominent one being the ‘SPOILER ATTACK’ vulnerability in Intel’s CPUs and the ‘Evil Cursor’ bug in Google’s Chrome browser.
In patches, Apple rolled out security updates for 51 security flaws found across its multiple products that use iOS 12.2. The flaws impacted the 6th generation iPods and the latest versions of iPhone 5s & iPad Air. Other major security updates include fixes for Cross-Site Scripting vulnerability in WordPress 5.1.1, three critical flaws in Ubuntu 18.04 LTS operating system and a serious ‘Denial-of-Service’ bug in Facebook Fizz.
Here is the aggregated list of breaches, malware, vulnerabilities, scams and patches that were reported in March.