Products
Cyber Fusion Center

Stay ahead of threats with our cyber fusion solutions for threat intelligence sharing and analysis, threat response, and security automation.
Learn More

Threat Intelligence Platforms (TIP)

Intel Exchange

Intel Exchange Lite

Collaborate
Security Orchestration and Automation (SOAR)

Respond

Orchestrate
Threat Intelligence Ecosystem

Solutions for ISACs, ISAOs, and CERTs

Solutions for ISAC, ISAO, and CERT Members

Intel Exchange Spoke

Cyware Browser Extension
Partners

Partners & Integrations

Learn how our solutions seamlessly connect with other tools and technology partners to fit your security needs.

Channel Partners

MSSPs

Technology Alliances

Open APIs

MISP

Register a Deal

CywareOne Login
Resources

Resources Library

Stay updated on the cyber threat landscape with free daily alerts, the latest industry reports, security trends, and more.

Resource Library

Cyware Labs: Research & Threat Briefings

Security Guides

Free Threat Intel Feeds

Webinars & Videos

Community Resources

Cyware Academy
Company

Contact Us

Get in touch with our team to learn more about our solutions and how they can help your organization.

Get in Touch

Leadership

Careers
We’re Hiring

Cyware in the News

Press Releases

Compliance

Login

Go to listing page

List of Data Breaches, Malware, Vulnerabilities, Scams, and Issued Patches in November 2019

Threat Actor
Breach, Incident
Vulnerability
Malware

List of Data Breaches, Malware, Vulnerabilities, Scams, and Issued Patches in November 2019

Share Blog Post

We are just one month away from 2020 and as we set the countdown to a brand new year, let's not forget the major cyber threats and incidents that made an impact in the cybersecurity world in November.

The month witnessed the discovery of several new ransomware such as PureLocker, AnteFrigus, NextCry, DeathRansom, and Cyborg. New variants of prominent malware like Gafgyt botnet, Ryuk ransomware, Megacortex ransomware, Trickbot trojan, and Emotet trojan were also found targeting processes, networks, and systems of several organizations. Multiple new threat actor groups like RedCurlz, RevengeHotels and ProCC to name a few, were also found targeting organizations in various sectors across the globe.

In the vulnerabilities section, a new variant of ZombieLoad was uncovered affecting all Intel CPU microarchitectures since 2013. Besides this, a team of academics also discovered two vulnerabilities collectively known as TPM-Fail impacting TPM chips. The flaws could allow an attacker to retrieve cryptographic keys stored inside the Trusted Platform Module (TPM) of a processor.

Talking about breaches, an Elasticsearch server exposed over 4 Terabytes of data on over 1.2 billion individuals. The leaked information included email addresses, employer status, locations, job titles, names, phone numbers, and social media profiles.

Scammers were observed using simple social engineering techniques to fool organizations into making fraudulent wire transfers. In one such event, fraudsters managed to steal $29 million from a Japan-based media giant Nikkei via a phishing email. Scamsters also swindled $2.1 million and $742,000 from Waterloo Brewing and Ocala city respectively in two different BEC attacks.

Among the security patches, Microsoft addressed a total of 74 vulnerabilities spotted across its products. On the other hand, Google fixed 40 security flaws affecting its platform and system components.

Here’s a detailed list of all the breaches, malware, vulnerabilities, scams, and patches that were reported in November.

Breaches

Media Giant Nikkei Loses $29 Million to BEC Scammers

More victims of yet another Click2Gov breach this week

The Brooklyn Hospital Center Notice of Data Security Incident

‘Camgirl’ sites exposed millions of users after security lapse

'What a mess': McDonald's customers frustrated as 'Hamburglar' hacks more app accounts

Millions of accounts - including Kiwis' - compromised in huge internet registry breach

NCR Barred Mint, QuickBooks from Banking Platform During Account Takeover Storm

Government of Nunavut Targeted in a Ransomware Attack; All Services Impacted

BEC Fraudsters Divert $742,000 from Ocala City in Florida

Conveyancing law firms targeted in new multimillion-rand cyber scam

Testing and safeguarding actual maritime systems

Spain Hit by Wave of Ransomware Attacks

Vedantu's data breach risked 680,000 customers data

Website of India's Ruling Party Hacked Once Again, This Time With Pro-Pakistan Messages and Threats

Cybercriminals Hold Foxborough School to Ransom Amid Weekslong Network Shutdown

Eye Clinic Breach Reveals Data of Thousands of Patients

Hacker claims to have stolen personal data of Universiti Malaysia Sabah students

Marine Firm James Fisher Reports Cyber Breach

Trend Micro Discloses Insider Threat Impacting Some of its Consumer Customers

Facebook says 100 software developers may have improperly accessed user data

Sask. non-profit for adults with disabilities loses more than $400K to cyber attack

Anonymous and LulzSecITA hacked professional orders and telephone operator Lyca Mobile

Mysterious Hacker Dumps Database of Infamous IronMarch Neo-Nazi Forum

Data of Alfa-Bank's clients being sold on the black market

Brooklyn Hospital Loses Patient Records After a Ransomware Infection

Mississippi School District Falls Victim to Cyber Attack

California DMV exposed drivers' SSN details to federal gov't officials

Maine’s InterMed Suffers Data Breach; 30,000 Affected

Texas Health Resources Data Breach Impacts 82K Patients

ConnectWise warns of ongoing ransomware attacks targeting its customers

Delta Dental of Arizona - Notice of Data Incident

Ransomware forces New Mexico school district to scrub 30,000 devices

QuikSilver and Billabong Affected by Ransomware Attack

Major ASP.NET Hosting Provider Infected by Ransomware

Ransomware attack at Mexico's Pemex halts work, threatens to cripple computers

Retailer Orvis Leaked Hundreds of Internal Passwords on Pastebin

UK Labour Party Targeted in Large-Scale Cyber Attack Ahead of Election

Cryptocurrency Investor Loses $24 Million Worth of Bitcoin in a SIM Swap Attack

DDoS Attacks Target Amazon, SoftLayer and Telecom Infrastructure

Starling Physicians Warns Patients of Data Breach

U.S. Manufacturing Group Hacked by China as Trade Talks Intensified

Solara Medical Supplies Provides Notice of a Data Breach

Calibre CPA Group, Notice of Data Privacy Event

Select Health Network Provides Notice of Data Security Incident

Company discovered it was hacked after a server ran out of free space

Australia's parliamentary IT system hacked earlier this year: report

Indiana School District Recovering From Ransomware Attack

Open Database Exposes Data on Patients of Substance Abuse Facilities

East Texas School District Suffers Ransomware Attack

CAH Holdings Issues Notice of Data Security Incident

Multiple 2K Social Media Accounts Hacked And Posting Offensive Material

‘Magic: The Gathering’ game maker exposed 452,000 players’ data

Thousands Of Disney+ Accounts Are Up For Sale On Hacking Forums

Turkish cybercriminals hack ATMs in India, steal huge cash

Louisiana Government Computers Knocked Out After Ransomware Attack

Offshore Bank Targeted By Phineas Fisher Confirms it Was Hacked

Open AWS database leaks PayMyTab customers' personal info

VA Released Millions of People's Personal Data Despite Known Risks

Ransomware Bites 400 Veterinary Hospitals

Password Data for Over 2.2 Million Users of Currency and Gaming Sites Dumped Online

Infection Hits French Hospital Like It’s 2017 As Ransomware Cripples 6,000 Computers

Millions of Sites Exposed by Flaw in Jetpack WordPress Plugin

Leave.EU Chairman's Twitter Account Hacked, Private Messages Leaked

Open Gekko Group database exposes info on hotel clients, travelers

Report: GitHub repository exposes WeWork customer contracts

Allied Universal Breached by Maze Ransomware, Stolen Data Leaked

T-Mobile discloses security breach impacting prepaid customers

Chinese Phonemaker OnePlus Alerts Customers to Data Breach

1.2 Billion Records Found Exposed Online in a Single Google Cloud Server

110 Nursing Homes Cut Off from Health Records in Ransomware Attack

Cyberattack prompts Indigenous child welfare authority in Manitoba to call RCMP

Livingston School District in New Jersey Hit With Ransomware

Lights That Warn Planes of Obstacles Were Exposed to Open Internet

Catch Says POS Malware Incident Might Have Exposed Customers' Data

Massive DDoS Attacks – South African Internet Providers Crippled

How a govt-run health portal risked data of 2 million patients

Vistaprint Left a Customer Service Database Unprotected, Exposing Calls, Chats and Emails

NYPD fingerprint database touched by ransomware

Over 160 Church's Chicken Restaurants Across 11 U.S. States Hit by Payment Card Breach

Facebook and Twitter say hundreds of users accidentally gave improper access to personal data through third-party apps

Two third-party SDKs allowed secret harvesting of Twitter and Facebook user data

Sale of 4 Million Stolen Cards Tied to Breaches at 4 Restaurant Chains

In just three months, Google sent 12k warnings about government-backed attacks

Customer credit card information compromised at Mexican restaurant chain

Synchrony Financial Says Suspicious Emails To Amazon Credit Card Holders Sent In Error

Hackers Steal $48.7M in Ethereum From South Korean Cryptocurrency Exchange Upbit

Did you buy a DiBella’s sub in 2018? Here’s why you need to check your bill

Ransomware Locks Medical Records at Great Plains Health

Magellan Rx Management Statement Regarding Security Incident

Adobe Discloses Security Breach Impacting Magento Marketplace Users

North Platte Hospital Reports Ransomware Attack

Palo Alto Networks Hit by Data Breach; Employee Social Security Numbers Shared Online

Cloudy biz Datrix locks down phishing attack in 15 mins after fat thumb triggers email badness

Mixcloud Breach Exposes 21 Million User Records

Cowlitz County PUD among U.S. utilities targeted in cyberattacks

Official Monero website is hacked to deliver currency-stealing malware

Malware

Hackers can steal the contents of Horde webmail inboxes with one click

Discord Abused to Spread Malware and Harvest Stolen Data

Emotet Trojan Brings a Malware Scare with Halloween Emails

New Google Android Threat: Malicious App Installed By 40 Million Play Store Users

WIZARD SPIDER Adds New Features to Ryuk for Targeting Hosts on LAN

32,000+ WiFi Routers Potentially Exposed to New Gafgyt Variant

Hackers Can Use NFC To Plant Malware On Your Android Smartphone

Hackers Can Target Able2Extract Users With Malicious Image Files

Nemty Ransomware Expands Its Reach, Also Delivered by Trik Botnet

Feds warn against Hidden Cobra’s Hoplight malware

C2 With It All: From Ransomware To Carding

An inside look at WP-VCD, today's largest WordPress hacking operation

Pharma Spam Redirects to .su & .eu Sites

New Exploit Kit Capesand Reuses Old and New Public Exploits and Tools, Blockchain Ruse

'Infinite leverage' — some Robinhood users have been trading with unlimited borrowed money

New Megacortex Ransomware Changes Windows Passwords, Threatens to Publish Data

Buran Ransomware; the Evolution of VegaLocker

Phishing campaign delivers data-stealing malware via fake court summons emails

This is how Google Analytics is abused by phishing scammers

Emotet resurgence packs in new binaries, Trickbot functions

Specially Crafted ZIP Files Used to Bypass Secure Email Gateways

Amazon's Ring Video Doorbell Lets Attackers Steal Your Wi-Fi Password

Legitimate TDS Platform Abused to Push Malware via Exploit Kits

49 Disguised Adware Apps With Optimized Evasion Features Found on Google Play

QNAP Warns Users to Secure Devices Against QSnatch Malware

Skimmers for Both Magento and WordPress

Examining Trickbot Infections

Hackers Can Target LEADTOOLS Users With Malicious Image Files

Clever WebEx Spam Use Cisco Redirect to Deliver RAT Malware

Malware Meets Politics With Trump and Clinton Themed Infections

Glimpse malware uses alternative DNS to evade detection

WP-VCD malware is number one in WordPress infections since August

TrickBot Malware Uses Fake Sexual Harassment Complaints as Bait

Two New Carding Bots Threaten E-Commerce Sites

YouTube BitCoin Videos Pushing Predator Info-Stealing Trojan

Tech Support Scammers Exploiting Unpatched Firefox Bug

49 Google Play app titles found to deliver pesky ads

Buran ransomware-as-a-service continues to improve

New PureLocker Ransomware Linked to MaaS Provider for Cobalt Gang, FIN6

Telegram MTProxy Servers Used to DDoS Iranian Cloud Provider

Malicious Android Application Used in Phishing Scam

Strange AnteFrigus Ransomware Only Targets Specific Drives

WannaMine v4: Analysis & Remediation

Stealthy new Android malware poses as ad blocker, serves up ads instead

Web payment card skimmers add anti-forensics capabilities

Tpmfail: a timing attack that can extract keys from secure computing chips in 4-20 minutes

Double Vision: Stealthy Malware Dropper Delivers Dual RATs

Over 100,000 Fake Domains With Valid TLS Certificates Target Major Retailers

A new sophisticated JavaScript Skimmer dubbed Pipka used in the wild

Stealthy Malware Flies Under AV Radar with Advanced Obfuscation

New NextCry Ransomware Encrypts Data on NextCloud Linux Servers

Beware: Pegasus-like Spyware Found Targeting WhatsApp Users with MP4 Files

Phishers Targeting Microsoft Office 365 Admin Credentials

Mispadu: Advertisement for a discounted Unhappy Meal

Windows Hello for Business Opens Door to New Attack Vectors

Buran Ransomware Infects PCs via Microsoft Excel Web Queries

Google Confirms Android Camera Security Threat: ‘Hundreds Of Millions’ Of Users Affected

Shade Ransomware Is the Most Actively Distributed Malware via Email

‘Windows Update’ Installs Cyborg Ransomware

NSA Publishes Advisory Addressing Encrypted Traffic Inspection Risks

New Phoenix Keylogger tries to stop over 80 security products to avoid detection

Stalking App Ghosty on Android Allowed Users to See Private Instagram Accounts

Ransomware Gangs Adopt APT Tactics in Targeted Attacks

Mac Backdoor Linked to Lazarus Targets Korean Users

Microsoft Warns Customers of DoppelPaymer Ransomware Threat

New Banking Trojan Infects Victims via McDonald’s Malvertising

New Roboto botnet emerges targeting Linux servers running Webmin

This fake software update tries to download malware onto your PC even when you click 'later'

DePriMon downloader uses novel ways to infect your PC with ColoredLambert malware

Emergent Android banking Trojan shows app overlay attacks are still effective

IRS Phishing Campaign Targeted 100,000 People

New SectopRAT Trojan creates hidden second desktop to control browser sessions

New Microsoft file system technique can make ransomware ‘invisible’

Ransomware: A free tool can decrypt this malware variant that puts a ransom note on your desktop wallpaper

New Fake UPS Malware Email Campaign

Web skimmer phishes credit card data via rogue payment service platform

Raccoon Stealer Malware Scurries Past Microsoft Messaging Gateways

Payment Solutions Giant Edenred Announces Malware Infection

Clop Ransomware Tries to Disable Windows Defender, Malwarebytes

Trickbot Updates Password Grabber Module

After 1 Million of malware samples analyzed

Tushu, Take Twoshu: Malicious SDK Reappears in Google Play

Stantinko botnet adds cryptomining to its pool of criminal activities

New Dexphot Malware Goes Ballistic; Infects More than 80,000 Computers

New DeathRansom Ransomware Begins to Make a Name for Itself

Top 25 Most Dangerous Vulnerabilities Refreshed After 8 Years

The Role of Evil Downloaders in the Android Mobile Malware Kill Chain

Ryuk Ransomware Forces Prosegur Security Firm to Shut Down Network

Dutch Govt Warns of 3 Ransomware Infecting 1,800 Businesses

Beware of Thanksgiving eCard Emails Distributing Malware

New Chrome Password Stealer Sends Stolen Data to a MongoDB Database

Vulnerabilities

On Halloween night, Google discloses Chrome zero-day exploited in the wild

Microsoft Office for Mac cannot properly disable XLM macros

The First BlueKeep Mass Hacking Is Finally Here—but Don't Panic

Google Chrome update amends 37 vulnerabilities

Two unpatched RCE flaws in rConfig software expose servers to hack

Actively exploited bug in fully updated Firefox is sending users into a tizzy

Vulnerability in Asus Wi-Fi software put users at risk of fraud and robbery

Libarchive vulnerability can lead to code execution on Linux, FreeBSD, NetBSD

Siemens PLC Feature Can Be Exploited for Evil - and for Good

Red Hat Enterprise Linux 8.1 adds live Linux kernel patching

Google Patches Critical Flaws in Android's System Component

NVIDIA Fixes Security Flaws in GPU Driver, GeForce Experience

Cisco: All these routers have the same embedded crypto keys, so update firmware

Microsoft Warns of More Harmful Windows BlueKeep Attacks, Patch Now

Amazon Kindle, Embedded Devices Open to Code-Execution

Australian Govt Warns of Active Emotet and BlueKeep Threats

DHS Warns of Critical Flaws in Medtronic Medical Devices

Apple may be leaking your Keychain logins to Family Sharing members

Nautilus ATM Flaws Could Allow Hackers Access to Cash, Data

New Update Lets Windows Users Test Extended Security Updates

Worcester Polytechnic Institute Researchers Discover Vulnerabilities Affecting Billions of Computer Chips

Manual code review finds 35 vulnerabilities in 8 enclave SDKs

New 5G flaws can track phone locations and spoof emergency alerts

Intel Failed to Fix a Hackable Chip Flaw Despite a Year of Warnings

Facebook Bug Allows Accesses to iPhone's Camera While User Scrolls Through News Feed

McAfee antivirus software impacted by code execution vulnerability

CPUs Under Attack: ZombieLoad returns in new variant and TPM-FAIL vulnerabilities put billions of devices at risk

Intel PMx driver flaw gave hackers 'near-omnipotent control' of devices

Samsung, LG, Motorola Phones Hacked Using New Qualcomm ‘Hole’

Windows & Linux get options to disable Intel TSX to prevent Zombieload v2 attacks

NowSecure Discovers Critical Android Vulnerability That May Lead to Remote Code Execution

146 New Vulnerabilities All Come Preinstalled on Android Phones

Undocumented Access Feature Exposes Siemens PLCs to Attacks

Google addressed an XSS flaw in Gmail

Cisco VoIP adapters have critical security flaws

D-Link Adds More Buggy Router Models to ‘Won’t Fix’ List

Half of Oracle E-Business customers open to months-old bank fraud flaw

Apache Solr Bug Gets Bumped Up to High Severity

High-Severity Windows UAC Flaw Enables Privilege Escalation

Microsoft Outlook for Android Bug Opens Door to XSS

Satlink VSAT modem vulnerabilities open door to cross-site scripting attacks

New bypass disclosed in Microsoft PatchGuard (KPP)

Dozens of Vulnerabilities Found in Open Source VNC Systems

Patched GIF Processing Vulnerability CVE-2019-11932 Still Afflicts Multiple Mobile Apps

Researcher Discovered A Critical Security Flaw In The Truecaller App

Splunk Faces Y2K Bug-Like Problem Unless Patched

Exploit kits are slowly migrating toward fileless attacks

Server-Side Request Forgery Exposes Data of Technology, Industrial and Media Organizations

Scams

Netflix embroiled in new phishing scam

Fraudsters Use Salary Increase Scam to Steal Employees' Credentials

Watch out for this phishing email posing as a Vodafone invoice in your inbox

Taxman warns over scam e-mail demanding payment of 'overdue' tax bills

FBI: Cybercrimes on the rise because of sophisticated scams

UAE: Emirates warns users about a fake newsletter and a spam survey

US Govt Asks Users to Be Wary of Holiday Scams and Malware

'Tis the season for gift card scams: Be on the lookout for these potential schemes

Warning as Irish firms lose millions in sophisticated invoice scams

Hackers are stealing loyalty rewards and points. Are your air miles or hotel points at risk?

Russian bloke charged in US with running $20 million stolen card-as-a-service online souk

These scammers have set their sights on members of the military

Following the Latest YouTube Scam, Here’s What You Need to Know About Malware Attacks Delivered Through Videos

'Cryptoqueen' brother admits role in OneCoin fraud

Perth agent targeted in $70k scam

Woman loses $300k to 'Singtel customer service' caller helping her solve Wi-Fi connectivity problem

Silly Phishing Scam Warns That Your Password Will be Changed

An Atlanta woman stole an NBA player's identity and tried to get a $2.5 million loan

Travellers warned to be aware of 'juice jacking' device charging scam

Cybersecurity experts warn of latest Black Friday deals email scams

Internet fraud: Nigerian scammer 'pulls off $1m heist' from prison

Paytm cautions customers of scam

An Extra Letter “S” Enabled a Million-Dollar Real Estate Scam

Scam Alert: Jury Duty Scams Resurface in East Tennessee

Macys.com checkout page hacked; customers advised to be vigilant of fraud

Waterloo Brewing admits to having lost $2.1 million in a social engineering attack

Black Friday Alert: Financial botnets primarily targeting e-commerce apparel sites

Scams conducted through push notifications

Scam Browser Notification Prompts Increased by 69% in 2019

Hidden Cam Above Bluetooth Pump Skimmer

Police warn bank customers not to fall for bank cards, accounts reactivation scam

Dropbox Phishing Scam: Don’t Get Fooled by Fake Shared Documents

Holiday Scam Season Is Here for All Shoppers

Anatomy Of A Scam: Nigerian Romance Scammer Shares Secrets

Black Friday Shoppers Targeted By Scams and Fake Domains

It’s Way Too Easy to Get a .gov Domain Name

Austin Man Indicted for Stealing Unreleased Music from Artists

The lure of PSD2

Couple fall victim to holiday Airbnb scam during Belfast visit

Dodgy parcel delivery scam targeting Christmas shoppers

Black Friday Smart TV Buyers Should Take this FBI Cybersecurity Advice Seriously

Black Friday/Cyber Monday shoppers warned of sneaker scam

Patches

Magento Urges Users to Apply Security Update for RCE Bug

Microsoft Fixes Windows 10 Missing Deferred Update Settings Bug

Microsoft's November 2019 Patch Tuesday arrives with a patch for an IE zero-day

SAP Updates Four Hot News Notes on November 2019 Patch Day

A light November Patch Tuesday for Adobe

VMware patches five security vulnerabilities

Red Hat Responds to Zombieload v2

Flaws found in NSW iVote system yet again

Symantec Fixes Privilege Escalation Flaw in Endpoint Protection

Nykaa fixes a data security bug

Docker Patched the Most Severe Copy Vulnerability to Date With CVE-2019-14271

Tags

zombieload vulnerability

nextcry ransomware

gafgyt botnet

revengehotels

tpm fail

megacortex ransomware

Posted on: December 04, 2019

More from Cyware

Stay updated on the security threat landscape and technology innovations at Cyware with our threat intelligence briefings and blogs.

The Virtual Cyber Fusion Suite

Explore Solutions

Capabilities

Resource Library

Use Cases