List of Data Breaches, Malware, Vulnerabilities, Scams, and Issued Patches in November 2018

We are just one-month away from 2019 and as we start the countdown to a brand new year, let's not forget the major cyber threats and incidents that made an impact in the cybersecurity world in the month of November.

The month witnessed the discovery of several new ransomware such as XUY, Argus, DATAWAIT, BlackHat and C3YPT3OR. New variants of prominent malware like Stuxnet, TrickBot and Azorult were also found targeting processes, networks and systems of several organizations.

In the vulnerabilities section, seven new Spectre and Meltdown variants affecting AMD, ARM and Intel CPUs were discovered by academic researchers. Two new flaws dubbed as ‘BleedingBit flaw’ - that could allow attackers to install malicious firmware and gain access to the console port - was uncovered in Bluetooth Low Energy chips. Another new Bluetooth flaw dubbed as CarsBlues was found affecting millions of vehicles and this could allow attackers to steal Personally Identifiable Information (PII) of drivers.

Talking about breaches, an ElasticSearch server exposed 73 GB of data belonging to about 57 million US citizens. The leaked information included first name, last name, employer ID, job title, email address, physical address, state, ZIP code and other sensitive data of residents.

Scammers were observed using simple social engineering techniques to fool both individuals & organizations and steal crucial data. In one such event, fraudsters managed to steal $21.5 million from European-based cinema chain Pathé via phishing email.

Microsoft released security patches to address several issues such as a Windows zero-day exploit, a remote code execution flaw in Outlook 2010 and a Flash Player vulnerability in Windows 10.

Here’s a detailed list of all the breaches, malware, vulnerabilities, scams and patches that were reported in November.  

Breaches


Malware


Vulnerabilities


Scams


Patches






  • Share this blog:
To enhance your experience on our website, we use cookies to help us understand how you interact with our website. By continuing navigating through Cyware’s website and its products, you are accepting the placement and use of cookies. You can also choose to disable your web browser’s ability to accept cookies and how they are set. For more information, please see our Privacy Policy.