List of Data Breaches, Malware, Vulnerabilities, Scams, and Issued Patches in November 2019

See All
We are just one month away from 2020 and as we set the countdown to a brand new year, let's not forget the major cyber threats and incidents that made an impact in the cybersecurity world in November.  

The month witnessed the discovery of several new ransomware such as PureLocker, AnteFrigus, NextCry, DeathRansom, and Cyborg. New variants of prominent malware like Gafgyt botnet, Ryuk ransomware, Megacortex ransomware, Trickbot trojan, and Emotet trojan were also found targeting processes, networks, and systems of several organizations. Multiple new threat actor groups like RedCurlz, RevengeHotels and ProCC to name a few, were also found targeting organizations in various sectors across the globe. 

In the vulnerabilities section, a new variant of ZombieLoad was uncovered affecting all Intel CPU microarchitectures since 2013. Besides this, a team of academics also discovered two vulnerabilities collectively known as TPM-Fail impacting TPM chips. The flaws could allow an attacker to retrieve cryptographic keys stored inside the Trusted Platform Module (TPM) of a processor. 

Talking about breaches, an Elasticsearch server exposed over 4 Terabytes of data on over 1.2 billion individuals. The leaked information included email addresses, employer status, locations, job titles, names, phone numbers, and social media profiles. 

Scammers were observed using simple social engineering techniques to fool organizations into making fraudulent wire transfers. In one such event, fraudsters managed to steal $29 million from a Japan-based media giant Nikkei via a phishing email. Scamsters also swindled $2.1 million and $742,000 from Waterloo Brewing and Ocala city respectively in two different BEC attacks.

Among the security patches, Microsoft addressed a total of 74 vulnerabilities spotted across its products. On the other hand, Google fixed 40 security flaws affecting its platform and system components.

Here’s a detailed list of all the breaches, malware, vulnerabilities, scams, and patches that were reported in November.

Breaches

 

Malware


Vulnerabilities

 

Scams


Patches



See Our Products In Action




  • Share this blog:
Previous
From Indicators to Intelligence: How to Make Threat Information Actionable?
Next
Reducing Cyber Risk Without Breaking the Bank
To enhance your experience on our website, we use cookies to help us understand how you interact with our website. By continuing navigating through Cyware’s website and its products, you are accepting the placement and use of cookies. You can also choose to disable your web browser’s ability to accept cookies and how they are set. For more information, please see our Privacy Policy.