List of Data Breaches, Malware, Vulnerabilities, Scams, and Issued Patches in September 2018

September has come to an end and before we move ahead, let's have a quick look at the prominent breaches, malware attacks, vulnerabilities and scams that made a major impact in the cyber security world. 

Talking about malware, security researchers uncovered various new malware such as CroniX, Fallout exploit kit, CryptoNar, Hakai botnet and Chainshot targeting various business entities, systems and processes. In addition, a new attack method named 'SonarSnoop' that could allow cybercriminals to steal victims' phone unlock pattern was also discovered by researchers.    

Hackers were found exploiting authentication bypass vulnerability, remote code execution vulnerability and other critical security flaws to gain access to systems, servers and networks of an organization. Various new vulnerabilities such as 'Peekaboo flaw', 'EternalBlue flaw' and 'FragmentSmack vulnerability' were also discovered affecting various devices, systems and processes. 

Coming to breaches, the month witnessed data leak of millions of customers in several breach incidents. While unsecured database at Veeam data management firm exposed around 445 million customer records, a security flaw on GovPayNow payment site resulted in the revelation of sensitive data of more than 14 million users.   

Scammers were as usual at their best in tricking users, especially the senior citizens, into revealing their personal data by sending phishing emails or by tech-support scams.