List of Data Breaches, Malware, Vulnerabilities, Scams, and Issued Patches in April, 2019
The month of April saw no decline in malware attacks, scams and breaches. As usual, the threat actors were at their best in disrupting the smooth operation of public and private organizations.
A variety of new malware were discovered targeting both companies and users, resulting in the loss of data and disruption of services. This includes the names of HOPLIGHT, PreAMo, NamPoHyu, RobbinHood, vXCrypter and Xwo. New details about the sophisticated supply chain attack named ‘ Operation ShadowHammer’ attack had resurfaced last month. It was found that the attack had targeted six other major companies in Asia apart from compromising 1 million ASUS users.
In a major data breach incident, the infamous ‘GnosticPlayers’ hacker had made a comeback with his fifth set of stolen data. The hacker had put up nearly 65.5 million records on sale on the Dream Market forum. He was selling the data for 0.8463 Bitcoin on the dark web. Security experts also came across a new dark market named Genesis that was selling digital fingerprints of over 60,000 users.
Popular social media platform, Facebook was in soup last month, for secretly collecting email contacts of 1.5 million users and storing millions of Instagram users' passwords in a readable format. Apart from Facebook, LinkedIn also came under the radar for leaking approximately 60 million user records online. A major phishing attack was also reported by India’s largest IT outsourcing and consulting organization Wipro that might have impacted at least a dozen of the company's clients.
In the realm of vulnerabilities, security researchers discovered two new and critical vulnerabilities named Prototype Pollution and Dragonblood. While Prototype Pollution affected jQuery JavaScript library, the Dragonblood impacted the new WPA3 Wi-Fi security protocol.
The past month also witnessed some major security updates from Oracle, Microsoft and Adobe. While Oracle released security patches for 297 bugs, Microsoft issued updates for 74 flaws. Adobe, on the other hand, published security patches for 43 vulnerabilities found across its products.
The following is a consolidated list of all major data breaches, malware, vulnerabilities and scams reported in April, 2019.
Breaches
Indian govt agency left details of millions of pregnant women exposed online
Thousands of Unprotected Kibana Instances Exposing Elasticsearch Databases
Over 13K iSCSI storage clusters left exposed online without a password
New York Albany Capital Hit by Ransomware Attack
Iran conducted 'major cyber assault' on key UK infrastructure
Arizona Beverages knocked offline by ransomware attack
Georgia Tech Data Breach Exposes Info for 1.3 Million People
Millions of Facebook records found on Amazon cloud servers
Chinese companies have leaked over 590 million resumes via open databases
Pharmaceutical giant Bayer targeted by cyberattack, threat 'contained'
UniCredit Employee in China Allegedly Embezzled $15 Million From Clients
Payment Card Data Stolen From AeroGrow Website
Cyberattack diverts almost $500,000 out of city of Tallahassee payroll account
Bangladesh: Cybercriminals hack Petrobangla website
Phishing attacker gains access to Baystate Medical Center patient records
Minnesota State Agency Breach May Have Put Thousands at Risk
Bitcoin phisher steals $365,000 and 10,000 passwords from dark web users
Mailgun hacked part of massive attack on WordPress sites
Greenville confirms ransomware attacked city computers
VSDC Site Hacked Again to Spread Password Stealing Malware
Home Office Leaks the Emails of Hundreds of EU Citizens
Matrix.org hack forces servers offline, encrypted chat history lost
Garfield County, Utah falls victim to ransomware, pays attackers
Blue Cross of Idaho hacked, some member information accessed
Hacker group leaks hundreds of law officer records
Group Hacks FBI Websites, Posts Personal Info on Agents: Report
Microsoft reveals hackers accessed some Outlook.com accounts for months
Major coordinated disinformation campaign hits the Lithuanian Defense
Pregnancy club fined £400,000 for illegally sharing data of over 14 million people
A hacker has dumped nearly one billion user records over the past two months
Experts: Indian IT Outsourcing and Consulting Giant Wipro Breached by Hackers to Launch Attacks
Swedish Social Democrats' Twitter account hacked
Over 100 Million JustDial Users' Personal Data Found Exposed On the Internet
Navicent Health Discloses Data Breach as the Result of a Digital Attack
Cyber-security firm Verint hit by ransomware
Facebook accidentally scraped the email contacts of 1.5 million users
Chipotle customers are saying their accounts have been hacked
Shopify API flaw offered access to revenue data of thousands of stores
Millions of records about Middle Eastern drivers left in an insecure database
Scammers are selling 3.2 million payment records stolen from Indian cardholders
The Weather Channel knocked off air by 'malicious software attack'
Imperial County government website has been down for 5 days, prompting investigation
Facebook: Millions of Instagram Users’ Passwords Were Stored in a Readable Format on its Servers
Unsecured Databases Leak 60 Million Records of Scraped LinkedIn Data
Security flaw in French government messaging app exposed confidential conversations
An Unsecured Database Exposes Millions of Rehab Records
Cyberattack hits Augusta municipal operations; City Center closed
Hacker dumps thousands of sensitive Mexican embassy documents online
Wipro Hackers Also Targeted Other Major IT Giants Including Infosys, Cognizant and Capgemini
A hotspot finder app exposed 2 million Wi-Fi network passwords
Bodybuilding.com discloses security breach
Security lapse at contract startup Evisort exposed sensitive data
EmCare data breach exposes 60,000 employees, patients
Manufacturing giant Aebi Schmidt hit by ransomware
Magecart Hackers Hit Atlanta Hawks with Credit Card Stealing Malware
Oops. 228K Danish Passports Have Swapped Fingerprint Data
Amnesty says Hong Kong office hit by China-linked cyber attack
Ransomware disables Cleveland airport's email systems, info screens
Flaw in Columbia, S.C., website search tool exposed database, SMPT server passwords
Partners for Quality notifies 3,673 clients after employee email accounts compromised
Hacked Docker Hub Database Exposed Sensitive Data of 190K Users
University warning of data breach over a year later
Russian hackers allegedly infiltrated Florida voter systems
Unknown Data Breach Exposes 80 Million US Households
Brit events and info biz Incisive Media admits open server port may have left readers deets exposed
Tech Support Scam Employs New Trick by Using Iframe to Freeze Browsers
$1.75 Million Stolen by Crooks in Church BEC Attack
Iran's Wildest Hacker Crew Stole 13,000 Passwords From Across 98 Organizations
Personal Data From Hundreds Of Thousands Tommy Hilfiger Japan Customers Exposed Online
Hackers Steal and Ransom Financial Data Related to Some of the World’s Largest Companies
Malware
Popup enlarges at the last second so users click on ads instead of 'Close' button
NSA-style backdoor in Huawei laptops found by Microsoft
New Linux/DDosMan threat emerged from an evolution of the older Elknot
Mira ransomware uses the Rijndael algorithm to encrypt files
vxCrypter Is the First Ransomware to Delete Duplicate Files
Text-based AI models are vulnerable to paraphrasing attacks, researchers find
ShadowHammer Dangers Include Update Avoidance
Game of Thrones downloads could be hiding dangerous malware
Analyzing AZORult malware using NSA Ghidra suite
New Version of XLoader That Disguises as Android Apps and an iOS Profile Holds New Links to FakeSpy
Malware Actors Using New File Hosting Service to Launch Attacks
Exodus Android Spyware With Possible Links to Italian Government Analyzed
Malware Campaigns Sharing Network Resources: r00ts.ninja
Xwo - A Python-based bot scanner
Bashlite IoT Malware Updated with Mining and Backdoor Commands, Targets WeMo Devices
WordPress iOS app leaked authentication tokens
In-Depth Analysis of JS Sniffers Uncovers New Families of Credit Card-Skimming Code
Roaming Mantis, Part IV, Comes With Mobile config for Apple phishing
Over 58,000 Android users had stalkerware installed on their phones last year
‘Memsad’ software rot threatens to leak your digital secrets
Brazilian Banking Trojan BasBanke spreads via Facebook and WhatsApp promos
Phishing Attack Uses Browser Extension Tool SingleFile to Obfuscate Malicious Log-in Pages
Pre-Installed Security App on Xiaomi Could Allow Hackers to Turn it Into a Malware
Mimikatz Credential Theft Techniques
Backdoor in popular open-source tool put 28 million users at risk
The evolution of phishing kits
Threat Group Employs Amazon-Style Fulfillment Model to Distribute Malware
Careful with compressed files: JNEC, the new WinRAR ransomware
Planetary Ransomware Decryptor Gets Your Files Back For Free
DNS hijacking campaigns target Gmail, Netflix, and PayPal users
TrickerBot malware attacks are ramping up ahead of Tax Day
Mirai Compiled for New Processors Surfaces in the Wild
The odd case of a Gh0stRAT variant
Researchers Uncover New Version of the Infamous Flame Malware
'Exodus' Spyware Posed as a Legit iOS App
Anubis Android Trojan Spotted with Almost Functional Ransomware Module
LockerGoga: It's not all about the ransom
Grab-and-go Baldr malware enters the black market
Gustuff banking botnet targets Australia
Mysterious safety-tampering malware Triton infects a second critical infrastructure site
Credential Dumping Campaign Hits Multinational Corporations
Porn Site Ransomware Cybercriminals Hacked 'Millions of Users In 20 Countries'
Privacy ‘Poisoning’ Cyberattacks Pose Risk to Blockchain
US government publishes new details on HIDDEN COBRA's HOPLIGHT malware
Popular Yuzo WordPress Plugin Exploited to Redirect Users to Scams
EMOTET spread in Chile impacted hundreds of users and targeted financial and banking services
OceanLotus: macOS malware update
Hacked Uniden Commercial Site Serves Emotet Trojan
A new piece of malware that could endanger the healthcare sector
Emotet now using stolen emails for new attacks
CryptoPokemon ransomware decryptor developed
Malware Creates Cryptominer Botnet Using EternalBlue and Mimikatz
Game of Thrones streams and torrents host dangerous malware, experts warn
RobbinHood Ransomware Claims It's Protecting Your Privacy
Large-scale DDoS Attack Abuses HTML's Hyperlink Audit Ping Facility
Google Play and Microsoft Stores Delete Suspected Compromised Apps
Account With Admin Privileges Abused to Install BitPaymer Ransomware via PsExec
Hacker Group Uses RATVERMIN Backdoor to Target Ukrainian Military
This malware campaign is targeting the military with phony emails from a defence contractor
'NamPoHyu Virus' Ransomware Targets Remote Samba Servers
Aggah Campaign: Bit.ly, BlogSpot, and Pastebin Used for C2 in Large Scale Campaign
Malvertising campaign abuses Chrome for iOS bug to target iPhone users
Siegeware and BAS attacks, an emerging threat
Malicious AutoHotkey Scripts Used to Steal Info, Remotely Access Systems
Researcher Hijacks a Microsoft Service Using Loophole in Azure Cloud Platform
Network DoS Attack on PLCs Can Disrupt Physical Processes
DLL Cryptomix Ransomware Variant Installed Via Remote Desktop
RevengeRAT Distributed via Bit.ly, BlogSpot, and Pastebin C2 Infrastructure
Old-school cruel: Dodgy PDF email attachments enjoying a renaissance
“Funky malware format” found in Ocean Lotus sample
PreAMo: A Clicker Campaign found on Google Play
Examining Triton Attack Framework: Lessons Learned in Protecting Industrial Systems
Analyzing C/C++ Runtime Library Code Tampering in Software Supply Chain Attacks
Trojanized TeamViewer Used in Targeted Attacks Against Multiple Embassies
DNSpionage brings out the Karkoff
Banking Trojan Drive-by Download Leverages Trust in Google Sites
Malicious lifestyle apps found on Google Play, 30 million installs recorded
Research on private key generation reveals theft of ETH funds from accounts with discoverable keys
CARBANAK: Continuing the Source Code Analysis
Supply Chain Hackers Snuck Malware Into Videogames
North Korean Hackers Distribute Malware Disguised as Gov't E-Mails
Google File Cabinet Plays Host to Malware Payloads
The Russian Shadow in Eastern Europe: Gamaredon ‘s Ukrainian MOD Campaign
Qualcomm Chip Bug Poses Risk to App Account Security
Security researcher creates new backdoor inspired by leaked NSA malware
Cyber Analysis: Behind the CARBANAK Backdoor
GandCrab attackers exploit recently patched Confluence vulnerability
NSA Exploits Leveraged by a New Cryptocurrency Mining Malware to Spread Across Enterprise Networks
Hacker Finds He Can Remotely Kill Car Engines After Breaking Into GPS Tracking Apps
ShadowHammer Supply-Chain Attack Didn't Just Target Asus; At Least Six Other Organizations Targeted
Emotet Adds New Evasion Technique and Uses Connected Devices as Proxy C &C Servers
Plugins Added to Malicious Campaign
Android-Based Sony Smart-TVs Open to Image Pilfering
The Anatomy of Highly Profitable Credential Stuffing Attacks
GitHub hosted Magecart skimmer used against hundreds of e-commerce sites
BabyShark Malware – Attacks Continue Using KimJongRAT and PCRat
A Closer Look at the RobbinHood Ransomware
Developer uncovers phishing method in Chrome for mobile dubbed the 'inception bar'
Europeans Hit with Multi-Stage Malware Loader via Signed Malspam
Google boots major Android app developer from store for conducting massive ad fraud
Fake Windows PC Cleaner Drops AZORult Info-Stealing Trojan
Hackers are breaching into McDonald's app to place enormous orders of Big Macs and nuggets
New Emotet variant uses connected devices as proxy C2 servers
Large electric transformers are subject to cyber attacks which can cause outages of months to years
Malware Infests Popular Pirate Streaming Hardware
Vulnerabilities
"Feature" of PostgreSQL 9.3 could enable hackers to execute code; affects Mac, Windows, Linux
0-Day in TP-Link SR20 Routers Allows Command Execution
Serious Path Traversal Flaw Found in Kubernetes
Plugin vulnerabilities exploited in traffic monetization schemes
JavaScript Library Introduced XSS Flaw in Google Search
Microsoft Edge and Internet Explorer Zero-Days Allow Access to Confidential Session Data
Apache Bug Lets Normal Users Gain Root Access Via Scripts
PoC Exploits Released for Unpatched Edge, IE Vulnerabilities
Researcher prints 'PWNED!' on hundreds of GPS watches' maps due to unfixed API
NZ tech company discovers major Google Chrome, Mozilla Firefox bug
Critical flaw in Rockwell Automation's ICS component gave hackers complete access
Huawei patches laptop software that acted like NSA-style malware
Unpatched Flaw in Xiaomi's Built-in Browser App Lets Hackers Spoof URLs
Researcher publishes Google Chrome exploit
Year-Old DoS Vulnerability Allows Attacks on Some MikroTik Routers
Unofficial patches released for Java flaws disclosed by Google Project Zero
TP-Link Routers Vulnerable to Zero-Day Buffer Overflow Attack
Researcher Reveals Multiple Flaws in Verizon Fios Routers — PoC Released
Vulnerability in Verizon Fios Quantum Gateway allows attackers to gain root privileges
Intel finally issues Spoiler attack alert: Now non-Spectre exploit gets CVE but no patch
Demo Exploit Code Available for Privilege Escalation Bug in Windows
Nearly a Billion Chrome users vulnerable to exploit patched in later versions
Dragonblood vulnerabilities disclosed in WiFi WPA3 standard
Vulnerabilities in smart IP cameras expose users to privacy, security risks
Internet Explorer zero-day lets hackers steal files from Windows PCs
Gov’t warns on VPN security bug in Cisco, Palo Alto, F5, Pulse software
Multiple Enterprise VPN Apps Allow Attackers to Bypass Authentication
Yellow Pencil WordPress Plugin flaw expose tens of thousands of sites
Multiple vulnerabilities in Shimo VPN’s helper tool
New Details Emerge on Windows Zero Day
EA Origin client bug allows threat actors to run remote code
ThinkPHP 5.x Remote Code Execution Analysed
Broadcom WiFi Driver Flaws Expose Computers, Phones, IoT to RCE Attacks
Popular jQuery JavaScript library impacted by prototype pollution flaw
Exploits in the Wild for WordPress Social Warfare Plugin CVE-2019-9978
Belkin Wemo Zero-Day Vulnerability Could Leave the Door Open for IoT Attacks
Apple Updates XProtect to Block 'Windows' Malware on Macs
With Notarization, Apple Moves to Greatly Reduce Malware on Macs
Zero-day vulnerability in Oracle WebLogic
GitHub Service Abused by Attackers to Host Phishing Kits
Multiple vulnerabilities in Sierra Wireless AirLink ES450
Critical P2P Flaws Expose Millions of IoT Devices
Scams
WARNING: Scammers now trying to steal your details through Paypal
New scam aims to trick you into giving up your cell phone account information
March Madness Scams Give Attackers Fast Break
CIA Porn Extortion Scams Now Use Password Protected PDFs
Tax-themed Email Campaigns Target 2019 Filers
London Blue Scammers Extend Operation, Attack Targets in Asia
Beware of Calls Saying Your Social Security Number is Suspended
Apple scammed by college students through fake iPhone replacement scheme
Sextortion Scams Now Using Password Protected Evidence Files
New Extortion Email Threatens to Install WannaCry and DDoS Your Network
Police issues warning to employers over fake employee emails
Researchers warns users of fraudulent e-mail messages
BEC Fraudsters Eye HR Departments As Prey
The Nasty List Phishing Scam is Sweeping Through Instagram
‘Land Lordz’ Service Powers Airbnb Scams — Krebs on Security
New Business Email Compromise Scheme Reroutes Paycheck by Direct Deposit
Fraudsters Exploit Sympathies Surrounding Notre Dame Tragedy
How a VPN Review Site Dominated Google Search With a Scam
Devious Chase Bank Phishing Scam Asks For Selfies
Hundreds of GoDaddy Accounts Used for "Miracle" Product Scams
Fake California Cop Racket Targets Victims in Bitcoin Phone Scam
Fraudster poses as Jason Statham to steal victim's money
Patches
Google Fixes Two Critical Android Code Execution Vulnerabilities
NVIDIA Fixes Flaws in Linux4Tegra Driver for Jetson AI Supercomputers
Apache Patches Carpe Diem Vulnerability in Web Server Update
Rockwell Patches Stratix Switch Flaws Introduced by Cisco Software
Microsoft's April Patch Tuesday comes with fixes for two Windows zero-days
Samba updates eliminate pair of vulnerabilities
Adobe Releases April 2019 Security Updates for Flash, Shockwave, and More
Critical Vulnerability in Siemens Spectrum Power (CVE-2019-6579) Patched in Monthly Advisory
VMware Patches DoS, Information Disclosure Flaws in Graphics Components
Evernote fixes macOS app bug that allowed remote code execution
Oracle security warning: Customers told to patch ASAP to swat 297 bugs
Cisco Issues 31 Mid-April Security Alerts
Symfony, jQuery Vulnerabilities Patched in Drupal
Users Urged to Disable WordPress Plugin After Unpatched Flaw Disclosed