Products
Cyber Fusion Center

Stay ahead of threats with our cyber fusion solutions for threat intelligence sharing and analysis, threat response, and security automation.
Learn More

Threat Intelligence Platforms (TIP)

Intel Exchange

Intel Exchange Lite

Collaborate
Security Orchestration and Automation (SOAR)

Respond

Orchestrate
Threat Intelligence Ecosystem

Solutions for ISACs, ISAOs, and CERTs

Solutions for ISAC, ISAO, and CERT Members

Intel Exchange Spoke

Cyware Browser Extension
Partners

Partners & Integrations

Learn how our solutions seamlessly connect with other tools and technology partners to fit your security needs.

Channel Partners

MSSPs

Technology Alliances

Open APIs

MISP

Register a Deal

CywareOne Login
Resources

Resources Library

Stay updated on the cyber threat landscape with free daily alerts, the latest industry reports, security trends, and more.

Resource Library

Cyware Labs: Research & Threat Briefings

Security Guides

Free Threat Intel Feeds

Webinars & Videos

Community Resources

Cyware Academy
Company

Contact Us

Get in touch with our team to learn more about our solutions and how they can help your organization.

Get in Touch

Leadership

Careers
We’re Hiring

Cyware in the News

Press Releases

Compliance

Login

Go to listing page

List of Data Breaches, Malware, Vulnerabilities, Scams, and Issued Patches in October, 2019

Threat Actor
Breach, Incident
Vulnerability
Malware

List of Data Breaches, Malware, Vulnerabilities, Scams, and Issued Patches in October, 2019

Share Blog Post

Just like the previous month, October too witnessed a volley of cybersecurity-related incidents that affected several organizations, systems, processes and more.

Researchers uncovered several new malware families apart from exploring the latest version of the existing malware. Novter botnet, Tarmac, MedusaLocker ransomware, Lemon_Duck powershell, and many more new malware were found targeting several industries in different sectors, while Gustuff and Adwind trojan were uncovered with enhanced capabilities.

In addition, security experts also demonstrated two new attack methods named PDFex and Minerva attack that could allow attackers to steal more sensitive details. While PDFex attack is launched against PDF viewers, Minerva attack is used against vulnerable cryptographic libraries. Decryption keys for ransomware such as HildaCrypt, STOP, Nemty, Paradise, and Muhstik were also released to allow victims to recover their encrypted files for free.

In the realm of bugs, hackers were found exploiting authentication bypass vulnerability, remote code execution vulnerability, and other critical security flaws to gain access to systems, servers, and networks of organizations.

The past month also saw several massive data breaches across the world that involved the loss of personal and financial details. In one incident, tax records of 20 million Russians were exposed due to an unprotected database. On the other hand, personal data of 92 million Brazilians were put up for auction on the dark web forum. Health records of about one million New Zealanders were also at risk after a breach of Tu Ora Compass Health.

Scammers were, as usual, found leveraging common social engineering techniques to trick users into revealing personal and financial data.

Here's an aggregated list of all breaches, malware, vulnerabilities, patches, and scams reported in October.

Breaches

Cyberattack Hits Major Sportswear Brand ASICS in Public

Comodo Forums Breached, Data of Over 170,000 Users Up for Grabs

Crowdstrike says an aviation industry hacker had significant high-level access to secrets

Tax records of 20 million Russians exposed online

Drury Hotels Provides Update Regarding Third-Party Service Provider Security Incident

Alabama Hospital System Halts Admissions Amid Malware Attack

Zendesk Discloses 2016 Data Breach; Data of 10,000 Users Compromised

Hackers Target Sex Forum Exposing Users’ Email Addresses

American Express Customer Info Accessed by Employee for Possible Fraud

Ransomware Hampers Operations for Public Hospital System

Four U.S. Food Chains Disclose Payment Card Theft via PoS Malware

Details of 92 Million Brazilians Auctioned on Underground Forums

Russia's Sberbank investigating potential client data leak

Hack attack puts health details of one million New Zealanders at risk

UAB Medicine Data Breach Exposes Patient Info in Phishing Attack

Alabama Hospitals Pay Up in Ransomware Attack

New Zealand ComCom suffers breach after laptop theft

Data Breach at Russian ISP Impacts 8.7 Million Customers

Ransomware attack hits Spanish city demanding undisclosed amount of Bitcoin

Credit Info Exposed in TransUnion Credential Stuffing Attack

Toms Shoes' Mailing List Hacked to Tell Users to Log Off

Hibiscus Petroleum suffers cyber attack

CHI Health says ransomware incident may have exposed info of patients at Lakeside Hospital’s orthopedic clinic

Cancer Treatment Centers of America in Atlanta discloses three phishing incidents in 6 months

Hackers Breach Volusion and Start Collecting Card Details From Thousands of Sites

Cloud Security breach leads to a leak of 957,000 patient records

Intel. analyst leaked top secret info to reporter, as part of ‘romantic’ relationship, feds say

A Bug in Indian Local Search App Exposed Over 156 Million Accounts

Phishing Incident Exposes Medical, Personal Info of 60K Patients

Dutch Prostitution Site Hacked: 250,000 Users’ Data Leaked

Human Rights Activist Allegedly Targeted With NSO Malware Says His Life Is ‘Hellish’

Leafly Cannabis Website Leaked User Info via Exposed Database

Monterey Health Center Provides Notice of Data Security Incident

Philly health department website exposed names of thousands of people with hepatitis

Mailing services firm Pitney Bowes says it suffered malware attack, shares down

Global Shipping Firm Pitney Bowes Affected by Ransomware Attack

M6, One of France's Biggest TV Channels, Hit by Ransomware

Alphabroder Suffers Ransomware Attack

One of the Largest Underground Stores for Buying Stolen Credit Card Data Hacked

Florida Women's Clinic Warns 520,000 Patients of Data Breach

Whirlpool Exposed Database with 28 Million Records from Connected Home Appliances

Montgomery County Public Schools forces password reset after Naviance hacked

Cashback Sites Leak Unencrypted Passwords, Bank & Other Sensitive User Data; 3.5 Million Individuals Affected

Open AWS Buckets Expose More Than 200K CVs at Two Online Recruitment Firms

Indiana Hospital System Notifying Patients After Data Breach

Canada Post resets passwords after customer accounts accessed

Cryptocurrency miners infected more than 50% of the European airport workstations

VA Exposes Sensitive Veteran Data to Thousands of Unauthorized Employees

Mission Health online store hijack went undetected for years

Ingredients Giant Ingredion Hit by Malware

CenturyLink Customer Data Exposed

Hackers Penetrate Deep Into Antivirus Giant Avasts' Network

Open Database Leaked 179GB in Customer, US Government, and Military Records

Home Group: Thousands warned over data breach

San Bernadino City schools hit with ransomware

NordVPN Admits to 'Isolated' Server Breach in Finland

Major German manufacturer still down a week after getting hit by ransomware

Japanese hotel chain sorry that hackers may have watched guests through bedside robots

Heat Group Founder Gillian Franklin Hit by $2 Million Cyber Attack

Amazon Web Services' DNS Systems Knackered by Hours-Long Cyberattack

Montana Hospital Leaks 129,000 Patient Records in Sophisticated Phishing Scam

Ransomware Hits B2B Payments Firm Billtrust

Kalispell Regional Healthcare Provides Notification of Data Security Event

Health Ministry: Patient data on National Neurology Registry at risk of exposure

Ransomware Attack Affects Municipal Computer Systems in Johnson City, Tennessee

US court system hacked to send phishing emails

South African ISPs are under attack

City of Johannesburg temporarily shuts down systems after hacking

Religious Website Data Exposed for Months

Geisinger Health Plan Notifies Members About Business Associate Phishing Attack

7-Eleven fuel app data breach exposes users' personal details

P&G Online Beauty Store Hacked to Steal Payment Info

7M Adobe Creative Cloud Users Exposed to Hackers

Massive DDoS attack affects Afrihost

Ransomware hit TrialWorks, law firms and lawyers were not able to access court documents

Cyberattacks Blamed for Sunday's Internet Disruption Across Turkey

UniCredit Breach Affects Three Million Records

Data Breach at St. Louis Health Center Impacts up to 152,000

U.S. Food Chain Krystal Alerts Customers of Payment Card Incident

Hospitals in Listowel and Wingham regain access to computer systems after ransomware attack

American Cancer Society's online store infected with credit card stealing malware

Queensland Health blocks personal staff emails, cites malware fears

Largest Cyberattack in Georgia's History Linked to Hacked Web Hosting Provider

Details for 1.3 Million Indian Payment Cards Put Up for Sale on Joker's Stash

Cyberattack targets Türk Telekom, Garanti bank

The Pirate Bay was recently down for over a week due to a DDoS attack

Bed Bath & Beyond discloses breach

Kyrgyz News Site Kloop Interrupted by DDoS Attack

Indian Nuclear Power Plant Targeted in a Cyberattack

World's First Domain Registrar Network Solutions Discloses Breach

SC hospital system says patient information compromised during cybersecurity incident

Ransomware Attack Hits Las Cruces, New Mexico Public Schools

21 Million Logins for Top 500 Firms Offered on the Dark Web

Website of Indian Institute of Advanced Study hacked

Valve Source Engine, Fortnite Servers Crippled By Gafgyt Variant

A Chinese Hacking Group Breached a Telecom to Monitor Targets' Texts, Phone Metadata

Xneelo mitigates “unusual” DDoS attack

Security researcher gets access to all Xiaomi pet feeders around the world

Malware

'WhiteShadow' Downloader Employs Microsoft SQL for Malware Delivery

PHP update fixes arbitrary code execution flaw, 9 other bugs

Malvertiser exploited two browser bugs to show over one billion malicious ads

Frequent VBA Macros used in Office Malware

New Fileless Malware Infecting Numerous Windows Computers In US, Europe

New Fileless Botnet Novter Distributed by KovCoreG Malvertising Campaign

New Adwind RAT Variant Used Against the US Petroleum Sector

Fake Office Activation Wizard Docs Used to Spread Emotet Trojan

Fake Browser Updates Infect Enterprises with Ransomware, Bankers

FDA issues warning on medical devices that are vulnerable to takeover from hackers

OpenDocument files now being used in attacks

Publishers Targeted by GhostCat Malware

Sodinokibi Ransomware Builds An All-Star Team of Affiliates

MasterMana Botnet takes over your machine to empty your cryptocurrency wallet

FTCode PowerShell Ransomware Resurfaces in Spam Campaign

Ramnit Targets Japanese Shoppers, Aiming at Top Fashion Brands

Windows Activator Bundles Banker with C2 in YouTube Description

Minerva attack can recover private keys from smart cards, cryptographic libraries

COMpfun successor Reductor infects files on the fly to compromise TLS traffic

'Lost Files' Data Wiper Poses as a Windows Security Scanner

Florida Poly researcher targets new kind of cyber attacks on Android

Lemon_Duck PowerShell Malware Targets Windows Users With Cryptojacking Campaign

macOS systems abused in DDoS attacks

Just a GIF Image Could Have Hacked Your Android Phone Using WhatsApp

Mitigating zero-day threats in the age of attack automation

Millions Of Android Phones Are Vulnerable To Israeli Surveillance Dealer Attack, Google Warns

Novter Trojan Sets its Sights on Microsoft Windows Defender

Magecart Impacts Hundreds of Thousands of Websites, Still Growing

HildaCrypt Ransomware Developer Releases Decryption Keys

White-hat hacks Muhstik ransomware gang and releases decryption keys

RobbinHood Ransomware Using Street Cred to Make Victims Pay

Microsoft Blocks Large Scale Credential Theft Attack Targeting Dozens of Organizations

New sextortion campaign taps altcoins to avoid detection

Microsoft Windows Warning As 4,700 Machines Compromised Every Day

Samsung Issues Critical Galaxy And Note Warning For 40 Million Users

Attackers Using Social Engineering to Bypass Multi-factor Authentication, the FBI Warns

Nation State Actors Hitting UK with VPN Attacks, Warns NCSC

More xHunt – New PowerShell Backdoor Blocked Through DNS Tunnel Detection

Gaming, photo apps in Google Play infect Android handsets with malware

New Credential Stealing Campaign Hits Nordic Countries

HiddenWasp and the Emergence of Linux-based Threats

Nemty Ransomware Decryptor Released, Recover Files for Free

New Malware Spies on Diplomats, High-Profile Government Targets

macOS users targeted with new Tarmac malware

Sodinokibi Ransomware: Following the Affiliate Money Trail

Nemty 1.6 Ransomware Released and Pushed via RIG Exploit Kit

Attackers Create Elaborate Crypto Trading Scheme to Install Malware

North Korea Uses Fake Cryptocurrency Companies To Break Into macOS

Researchers find Bitcoin sextortion malware also mines Monero

Casbaneiro is a threat to cryptocurrency in Latin America

Fake company pushes phony cryptocurrency app to spread Mac malware

Newly Discovered ‘Cutlet Maker’ Malware Used in Series of Jackpotting Attacks on ATMs in Germany

Scammers are dangling an iOS jailbreak to trick victims into downloading a malicious app

Blackremote: Money money money – a Swedish actor peddles an expensive new RAT

New SDBot Remote Access Trojan Used in TA505 Malspam Campaigns

Phishing Email Spoofing Telstra Uses ‘$500 Gift Card Reward’ To Trick Users

Cryptojacking worm uses Docker to infect over 2,000 systems to secretly mine Monero

'Sextortion botnet spreads 30,000 emails an hour’

WAV audio files are now being used to hide malicious code

Unsecured Docker Hosts Attacked by New Graboid Cryptojacking Worm

Cryptominers & Backdoors Found in Fake Plugins

Stripe Users Targeted in Phishing Attack That Steals Banking Info

500+ Million UC Browser Android Users Exposed to MiTM Attacks. Again.

Malicious Tor Browser Steals Cryptocurrency from Darknet Market Users

Fake Photo Beautification Apps on Google Play can Read SMS Verification Code to Trigger Wireless Application Protocol (WAP)/Carrier Billing

Some Android adware apps hide icons to make it hard to remove them

The Redaman Malware is Hiding C&C Server IPs in Blockchain

Researchers release decryption tools for the Stop ransomware

Maze Ransomware Now Delivered by Spelevo Exploit Kit

Italians Rocked by Ransomware

New Android Warning: 40M Users Installed Video App Hiding Devious Malware—Delete Now

Hackers Backdoor Sites by Hiding Fake WordPress Plugins

Tools and Tactics of the Sodinokibi Ransomware Distributors

Misuse of Alphabet’s Virus Scanner is Exposing Sensitive Files

Researchers find stealthy MSSQL server backdoor developed by Chinese cyberspies

Gustuff return, new features for victims

Office 365 Now Warns About Suspicious Emails with Unverified Senders

Malspam Campaign Targeted German Orgs with Buran Ransomware

Phishing alert: This fake email about a bank payment delivers trojan malware

Discord Turned Into an Info-Stealing Backdoor by New Malware

New MedusaLocker ransomware looks to make a monster profit

New Google Android Malware Warning Issued To 8 Million Play Store Users

UN, UNICEF, Red Cross Officials Targeted in Recent Phishing Campaign

Researchers Analyze North Korea-Linked NukeSped RAT

This easy-to-use information-stealing trojan malware is quickly gaining popularity among cyber criminals

iOS Clicker Trojan Malware Found in 17 Apps in Apple's App Store

Malicious Android Apps Hide Ads From Google Employees

AutoIT-compiled Negasteal/Agent Tesla, Ave Maria Delivered via Malspam

Vendor Email Compromise (VEC): The Classic BEC Scheme with a Spin

New FuxSocy Ransomware Impersonates the Notorious Cerber

Malware That Spits Cash Out of ATMs Has Spread Across the World

This old trojan malware is back with a new trick to help it hide in plain sight

New 'unremovable' xHelper malware has infected 45,000 Android devices

Ransomware Attack Causes School 'District-Wide Shutdown'

New GlitchPOS credit card stealer malware found for sale

Maze Ransomware Attacks Italy in New Email Campaign

Paradise Ransomware Decryptor Gets Your Files Back for Free

Israeli Spyware Used to Snoop on Indian Journalists and Activists

Attackers are now phishing Office 365 login credentials with fake voicemail messages

At Least 13 Managed Service Providers Were Used to Push Ransomware this Year

Phishing Campaign Targets Precision Engineering Company

QSnatch Malware Infects Thousands of NAS Devices, Steals Credentials

Vulnerabilities

Vulnerability in Cisco Webex and Zoom may expose online meetings to snooping

Decades-Old Code Is Putting Millions of Critical Devices at Risk

Oyo leaves customer data exposed due to a security flaw

Academics find eight vulnerabilities in Android's VoIP components

Jamf emits mystery security fix for Pro macOS, iOS wrangler, keeps admins in dark by censoring chatter

A New Wave of Buggy WordPress Infections

Multiple zero-day vulnerabilities found medical IoT devices: CISA

Expert disclosed details of remote code execution flaw in Whatsapp for Android

Foxit PDF Reader Vulnerable to 8 High-Severity Flaws

Research finds that NHS cyberattack vulnerability could risk patient data

Fifa 20 error exposes players' details

DHS and FDA warn about much broader impact of Urgent/11 vulnerabilities

Signal Bug Could Have Let Hackers Listen to Android Users Via Microphone

A year after patch, Drupalgeddon2 is still being employed in cybercriminal attacks

D-Link router models affected by remote code execution issue that will not be fixed

Patches for Internet Explorer Zero-Day Causing Problems for Many Users

Zero-day published for old Joomla CMS versions

Kernel privilege escalation bug actively exploited in Android devices

Vulnerable Twitter API Leaves Tens of Thousands of iOS Apps Open to Attacks

Code Execution Vulnerability Impacts NSA Reverse Engineering Tool

Vulnerabilities Expose TwinCAT Industrial Systems to DoS Attacks

Exploits in the Wild for vBulletin Pre-Auth RCE Vulnerability CVE-2019-16759

iTerm2 issues emergency update after MOSS finds a fatal flaw in its terminal code

Gamers Warned of High-Severity Intel, Nvidia Flaws

Microsoft NTLM vulnerabilities could lead to full domain compromise

CVE-2019-16928: Exploiting an Exim Vulnerability via EHLO Strings

Cisco Finds 11 Vulnerabilities in Schneider Electric Modicon Controllers

SafeBreach Discovers New Critical Vulnerability In HP Touchpoint Analytics

Bug in popular firewall exposed corporate networks to hackers

Sudo Flaw Lets Linux Users Run Commands As Root Even When They're Restricted

Recently Discovered Simjacker Vulnerability Estimated to Impact Millions of Sim Cards From Over 61 Mobile Operators

Big Discovery Bank security flaw

Millions of Amazon Echo and Kindle Devices Affected by WiFi Bug

Researcher releases PoC rooting app that exploits recent Android zero-day

Unpatched Linux bug may open devices to serious attacks over Wi-Fi

Alexa and Google Home devices leveraged to phish and eavesdrop on users, again

Vatican launches smart rosary, someone already found a security flaw

Cisco issues critical security warning for IOS XE REST API container

Banking Apps Blacklisted Samsung Galaxy S10 After Fingerprint Vulnerability Was Exposed

Avast, Avira Products Vulnerable to DLL Hijacking

Major Chinese browser ‘Maxthon’ has a bug that allows anyone admin access

Fujitsu Wireless Keyboard Plagued By Unpatched Flaws

Critical Firefox Bugs Allow Arbitrary Code-Execution

Microsoft Office Bug Remains Top Malware Delivery Vector

Hackers are using a bug in PHP7 to remotely hijack web servers

Unsupported D-Link routers vulnerable to RCE flaws

This old trojan malware is back with a new trick to help it hide in plain sight

Critical Vulnerabilities Found in Rittal Cooling System

Untitled Goose Game RCE flaw revealed

Scams

These sneaky email scammers are making it even harder for workers to spot fake invoices

New Silent Starling Attack Group Puts Spin on BEC

Police Seize Bot Farm Behind Potentially Fatal Scam Messages

Warning: This PayPal scam will steal your details

Digi Phishing Campaign Detected, Asking Credentials for a Prize

Beware of Fake Amazon AWS Suspension Emails for Unpaid Bills

Cracked PAC hack lets hackers drain your bank account

Convincing new Commonwealth Bank scam scrapes victims’ card details

Scammers Using Hacked Servers, Bogus Links to Target LinkedIn Users

New Phishing Attack Mimics Performance Appraisal Processes To Target Corporate Employees

Imposter Emails Plague Healthcare Industry

One Sextortion Email Scam Is Raking In Over $20,000 A Month

Cash App Scammers Deal Their Cons on Twitter, Instagram, YouTube

Scammers use fake Jeremy Clarkson ad in Bitcoin scam

Unearthing the Steam-powered scammers

Blogger and WordPress Sites Hacked to Show Sextortion Scams

Amazon scam gives fraudsters access to your bank details

Currys PC World customers scammed via eBay

Your obsession with celebrities is helping scammers spread spam

Patches

Life's certainties: Death, taxes, and Cisco patching more serious vulnerabilities

vBulletin Releases Patch Update for New RCE and SQLi Vulnerabilities

Google October Android Security Update Fixes Critical RCE Flaws

These are the Apple macOS Catalina 10.15 security updates you need to know about

SAP Patches Critical Vulnerabilities With October 2019 Security Updates

Nokia 7 Plus, Nokia 6.1, and Nokia 7.1 get October security patch update

Juniper Networks addresses 84 bugs, including 31 critical ones

Google Patches 8 Vulnerabilities in Chrome 77

Nitro PDF Pro to Get Micropatches for 7 Potential RCE Bugs

Adobe patches 81 vulnerabilities for four products

Oracle Patches a Mighty 219 Vulnerabilities: 140 Remotely Exploitable

WordPress 5.2.4 Patches Six Vulnerabilities

OnePlus 5, OnePlus 5T get OxygenOS 9.0.9 with October security patch

Cisco: These Wi-Fi access points are easily owned by remote hackers, so patch now

VMware patches critical bug in Harbor Container Registry for PCF

Analysis of Two Newly Patched Kubernetes Vulnerabilities

Pulse VPN patched their vulnerability, but businesses are trailing behind

Google Patches More High-Value Chrome Sandbox Escape Vulnerabilities

Samsung Rolls Out Fix For Galaxy S10 Fingerprint Sensor Glitch

Major vulnerability patched in the EU's eIDAS authentication system

Apple Patches Tens of Vulnerabilities in macOS Catalina, iOS 13

Tags

medusalocker ransomware

novter botnet

gustuff banking trojan

pdfex attack

minerva attack

Posted on: November 07, 2019

More from Cyware

Stay updated on the security threat landscape and technology innovations at Cyware with our threat intelligence briefings and blogs.

The Virtual Cyber Fusion Suite

Explore Solutions

Capabilities

Resource Library

Use Cases