Linux malware families
List of Data Breaches, Malware, Vulnerabilities, Scams, and Issued Patches in December 2018
Published on Dec 31, 2018
Happy 2019 to everyone with more opportunities than challenges.
As we step into the new year with more optimism and vigor, let’s not forget the major cybersecurity events that occurred in December 2018.
The month December witnessed the discovery of several new malware and vulnerabilities. Researchers uncovered 21 new Linux malware families that operated as trojanized versions of the OpenSSH client. Prolific threat actor groups were found leveraging several new and sophisticated cyber espionage campaigns such as Pied Piper, Operation Sharpshooter and Stolen Pencil to infect systems and spread malware across different organizations worldwide.
A critical security flaw was unearthed in Kubernetes, the popular cloud container orchestration system that could allow attackers to gain elevated access to the computers. The flaw scored a rating of 9.8 on the severity scale.
In breaches, Quora exposed sensitive data of about 100 million users after hackers gained unauthorized access to the systems. Facebook came under fire again for a faulty Photo API bug that exposed private photos of around 6.8 million users to third-party apps. NASA disclosed a data breach that impacted the personal data of former and current employees.
Amidst all these threats and breaches, Microsoft unleashed security updates to fix 38 vulnerabilities across a large set of its products. Nine of these vulnerabilities were rated ‘Critical’.
Talking about scams, a new bomb threat scam was found doing the rounds in the US. The scammers sent threatening emails, asking the recipients to transfer $20,000 in bitcoins or be a victim of a bomb explosion.
Here is an aggregated list of breaches, malware, vulnerabilities, scams and patches that were reported in December 2018.
Breaches
Over 45,000 routers hacked via NSA exploit
'Watering hole' attacks: How China's hackers went after think tanks and universities
Rhode Island's Thundermist health center struck by ransomware
Hackers breach Quora and steal sensitive data for 100 million users
Ames, Iowa, parking ticket payment system breached
Equity Concepts Notifies Clients of Security Incident
Cyber breach exposed NRCC emails
Florida marijuana dispensary website leaked customer data
Cyber attack forces 4 Montreal health board websites offline
Unprotected MongoDB Exposes Scraped Profile Data of 66 Million
Eastern European banks lose tens of millions of dollars in Hollywood-style hacks
NHS patients' genetic data targeted as foreign hackers attack high security MoD unit
German engineering group KraussMaffei blackmailed in cyber attack
Someone Defaced Linux.org Website With ‘Goatse’ And Anti-Diversity Tirade
Bethesda Accidentally Leaked Personal Data of ‘Fallout 76’ Customers Looking for Help
Redwood Eye Care subcontractor hit with ransomware
Quincy City Hall Infected with Emotet, Hacked Email Used in Phishing Scheme
$807,130 Stolen by Hackers After Cape Cod Community College Phishing Attack
UAE and Saudi servers targeted in cyberattack against Saipem
City of North Bend hit with ransomware
Data Breach Could Impact 47K Patients Treated At North Texas Hospital
Another Google+ data bug exposes info for 52.5 million users
Saipem servers suffer cyber attack in Middle East
Hackers Steal Over 40k Logins for Government Services in 30 Countries
University of Maryland Medical System Investigates Malware Attack
Russian Critical Infrastructure Targeted by Profit-Driven Cybercriminals
Hackers trick Save the Children into sending $1m to a phony account
Popular avatar app Boomoji exposed millions of users’ contact lists and location data
Chinese hackers targeting U.S. Navy contractors with multiple breaches
Cyberattack knocks Schenectady County website offline
Facebook exposed up to 6.8 million users’ private photos to developers in latest leak
Brazilian IT firm Tivit suffers data leak
TMON users hit by cyberattack again
PewDiePie printer hackers strike again
Shocking number of Irish office workers fall victim to phishing scams
Hackers Deface Wall Street Journal With Pro-PewDiePie Message
Hackers Breach Dozens of Local Government Payment Portals to Steal Credit Card Data
Fraudsters got access to Wellcome Trust with phishing scam
Potential data breach after travel agency employee loses hard disk
NASA discloses data breach; employee data compromised
Facebook gave Spotify and Netflix access to users’ private messages
Vermont, Dallas medical facilities suffer email account breaches
At least nine global MSPs hit in APT10 attacks: ACSC
Warby Parker alerts customers to cyber data breach
China hacked HPE, IBM and then attacked clients
Caribou Coffee chain announces card breach impacting 239 stores
Chinese websites have been under attack for a week via a new PHP framework bug
Breach in parking payment system in Saint John might have exposed data
Dark Web marketplaces selling children's Social Security numbers
BevMo Website Breach Affects Thousands Of Customers’ Credit Data
Personal info of 997 North Korean defectors leaked
My Health Record had 42 data breaches in 2017-18: ADHA
Malware
Pied Piper phishing scheme infests victims with FlawedAmmyy, RMS RATs
Hackers Using NSA Hacking Tools to Build Botnet
The Evolution of BackSwap - Check Point Research
Phishing campaign spreading CARROTBAT dropper focuses on cryptocurrency, Korean interests
Digital Oscilloscope Comes with Backdoor Accounts, Old Software Components
Software Company WakeNet AB Discovered Spreading PUPs to Users
Credit card stealing malware on Canada’s 1-800-FLOWERS website went undetected for four years
Dissecting the latest Ursnif DHL-Themed CampaignSecurity Affairs
Over 20,000 PCs infected with new ransomware strain in China
415,000 routers worldwide hijacked to secretly mine cryptocurrency
Researchers create a new attack that could make website security captchas obsolete
Thanksgiving Spam Campaign Used Obfuscation to Deliver Emotet Banking Trojan
Farewell to Kelihos and ZOMBIE SPIDER
He's not cracked RSA-1024 encryption, he's a very naughty Belarusian ransomware middleman
Fake Voice Apps Emerge in Google Play Store
Adobe Flash zero-day exploit... leveraging ActiveX… embedded in Office Doc... BINGO!
Emotet and Trickbot Are the Future of Malware
21 new Linux malware families discovered
Pulling Linux Rabbit/Rabbot Malware out of a Hat
Banking Trojan DanaBot Now Uses Signed Email Spam as Propagation Method
CyptoJacking Campaign Used Two Malware Strains to Target IoT and Linux Devices
From attacking IoT devices to Linux servers. Mirai is back!
Mac malware combines EmPyre backdoor and XMRig miner
New Macro Downloaders Serve Up PUB-and-Spam Sandwich to Food and Retail Sectors
Lokibot campaigns continue with some changes to C2 urls
22 apps with 2 million+ Google Play downloads had a malicious backdoor
Android adware tricks ad networks into thinking it's an iPhone to make more money
DarkVishnya steals millions using attached devices to hack bank computers
Expert devised a new WiFi hack that works on WPA/WPA2Security Affairs
The Simpler the Better? Looking Deeper Into the Malware Used in Brazilian Financial Cybercrime
Old-School Bagle Worm Spotted in Modern Spam Campaigns
Supply chain compromise: Adding undetectable hardware Trojans to integrated circuits
Satan Ransomware Variant Exploits 10 Server-Side Flaws
Latest Malware Strains Target Cloudera Hadoop Vulnerabilities
New Exploit Kit “Novidade” Found Targeting Home and SOHO Routers
Hackers ramp up attacks on mining rigs before Ethereum price crashes into the gutter
New Mac malware 'DarthMiner' joins the dark side
Super Micro says no evidence of spy chips found in its hardware
Capitalinstall malware targets healthcare sector, delivers payload via Microsoft Azure
Mac malware makes debut in top 10 list
Operation Sharpshooter: New global campaign targets critical infrastructure
Cryptocurrency Miner Spreads via Old Vulnerabilities on Elasticsearch
The TrickBot and MikroTik Connection – A Story of Investment and Collaboration
Shamoon Malware Returns With a Bang: New Variant Uploaded to VirusTotal
New LamePyre macOS Malware Sends Screenshots to Attacker
Tildeb: Analyzing the 18-year-old Implant from the Shadow Brokers’ Leak
Phishing Attack Through Non-Delivery Notification
Russia-Linked Phishing Attacks Hit Government Agencies on Four Continents
Brazilian mobile users hit with banking malware
LCG Kit: Sophisticated builder for Malicious Microsoft Office Documents
Shamoon 3 Targets Oil and Gas Organization
Logitech app security flaw allowed keystroke injection attacks
Attackers increasingly exploiting vulnerabilities to enlarge their IoT botnets
CARROTBAT Malware Family Supports at Least 12 Unique Decoy Documents
Research: New secured phishing site goes up every two minutes
Cybercriminals Use Malicious Memes that Communicate with Malware
Doppelgänger accounts are still a powerful tool for cyberstalkers
Magecart-style credit card sniffer spotted for sale, online retailers beware
Office 365 Phishing Attack Using Fake Non-Delivery Notifications
Clever SEO Spam Injection Technique Unearthed
Fileless GandCrab As Seen by SandBlast Agent
URSNIF, EMOTET, DRIDEX and BitPaymer Gangs Linked by a Similar Loader
Backdoor Targeting Malaysian Government a "Mash-up" of Malware
Analysis of Quasar Open-Source Remote Administration Tool
Widespread Apple ID Phishing Attack Pretends to be App Store Receipts
Watch researchers remotely brick a server by corrupting its BMC & UEFI firmware
Android Wallpaper Apps Found Running Ad Fraud Scheme
Financial Services Employees in the US and UK Targeted with RAT
New attack intercepts keystrokes via graphics libraries
Hackers Assault Hundreds Of 'Secure' Google Accounts With Evil Phishes
Microsoft delivers emergency patch for under-attack IE
With Mirai Comes Miori: IoT Botnet Delivered via ThinkPHP Remote Code Execution Exploit
Analyzing a Danabot Paylaod that is targeting Italy
Fake Amazon Order Confirmations Push Banking Trojans on Holiday Shoppers
Shamoon 3 Wiper Code Includes Verse From Quran
New Satan Variants Target Financial Sector With Monero Miners and Ransomware
APT33 may be behind a series of intrusions and attempted intrusions within the engineering industry
Underminer exploit kit improves in its latest iteration
‘Island hopping’: How Chinese hackers exploit the interconnected world of business and government
Researcher publishes proof-of-concept code for creating Facebook worm
Underminer exploit kit improves in its latest iteration
‘Island hopping’: How Chinese hackers exploit the interconnected world of business and government
Four months after its debut, sneaky Mac malware went undetected by AV providers
18 Months Later, WannaCry Still Lurks on Infected Computers
JungleSec Ransomware Infects Victims Through IPMI Remote Consoles
New Shamoon Sample from France Signed with Baidu Certificate
Siren bot uses 10 methods to send DoS attacks
Vulnerabilities
Vulnerability discovered in safety controller configuration software
NVRmini2 Network Video Recorder Vulnerabilities
XS-Search Flaw Found in Google's Issue Tracker
?Kubernetes' first major security hole discovered
Magento e-commerce sites fraught with vulnerabilities
Trend Micro Research Uncovers Major Flaws in Leading IoT Protocols
Cisco Energy Management Suite Installations Exposed by Default PostgreSQL Pass
Warning! Unprivileged Linux Users With UID > INT_MAX Can Execute Any Command
Vulnerability Exposes Rockwell Controllers to DoS Attacks
Exploit Code for the Kubernetes Flaw Is Now Available
Latest Malware Strains Target Cloudera Hadoop Vulnerabilities
Satan Ransomware Variant Exploits 10 Server-Side Flaws
Exploit Code for the Kubernetes Flaw Is Now Available
Virgin Media fixes multiple security flaws in Super Hub 3
Kaspersky Lab Uncovers Third Windows Zero Day Exploit In Three Months.
50 CVEs in 50 Days: Fuzzers Create a Breakthrough in Discovering Vulnerabilities
SAP Patches Critical Vulnerability in Hybris Commerce
WordPress plugs bug that led to Google indexing some user passwords
Bug allowed full takeover of Samsung user accounts
NCSC warns of vulnerabilities in Office 365 being exploited by cyber-criminals
Siemens Patches Several Critical Flaws in SINUMERIK Controllers
Vulnerabilities in high-performance computer chips could lead to failures in modern electronics
Audit finds major security holes in US ballistic missile systems
File Inclusion Bug in Kibana Console for Elasticsearch Gets Exploit Code
Serious Flaws Found in ABB Safety PLC Gateways
Researchers slam Hola VPN over absent encryption, user IP leaks
Critical unfixed flaws affect ABB Safety PLC Gateways
Two Android apps used in combat by US troops contained severe vulnerabilities
Researcher publishes PoC for new Windows zero-day
Multiple Vulnerabilities in WIBU-SYSTEMS WibuKey.sys
Huawei Router Flaw Leaks Default Credential Status
Unpatched Kernel-Level Vuln in IBM Security Tool for Apple MacOS Revealed
13 Major Vulnerabilities Discovered in the Popular IoT OS FreeRTOS
'Serious' Twitter flaw allows hackers to post on other people's accounts
Chrome OS to block USB access while the screen is locked
Thousands of Orange modems found leaking WiFi credentials
Critical Bug Patched in Schneider Electric Vehicle Charging Station
Security Flaw in Guardzilla Smart Cameras Is Exposing Users’ Recordings, Researchers Say
Demo Exploit Code Published for Remote Code Execution via Microsoft Edge
Windows Zero-Day Bug Allows Overwriting Files with Arbitrary Data
Scams
Request for Gift Card Purchases in Phishing Emails
From Thanksgiving to Christmas, cybercriminals cash in on a range of threats over the holidays
Russian Ransomware Brokers Scam Victims
More data joy: Email scammers are buying marks' info from legit biz intelligence firms
ESET warns Irish users to avoid this convincing Revenue email scam
Fake Volkswagen Campaign Spreads Through Social Networks
Huge explosion in online scams in 2018, mostly romance-related
Cyber criminals benefiting from Bitcoin ransom emails in sextortion scams
Bitcoin scams on the rise in Edmonton, police warn
Holiday Spam, the Perfect Seasonal Gift for Criminals
Bitcoin scammers send bomb threats worldwide, triggering evacuations
Dozens of companies impersonated in evolving 'Three Questions Quiz' scam
IRS Warns About Fake Payroll Direct Deposit, Wire Transfer And W-2 Scam Emails
New Extortion Email Threatens to Send a Hitman Unless You Pay 4K
Scammers Target County Vendors with Email Spoofing, Phishing
Beware of BMW Lottery Email Scam Stating You Won a BMW M240i
Warning Issued About Scam Involving Social Security Numbers
Netflix users, don't fall for this phishing scam
Patches
Nokia 2.1 gets November security update in India
Webafrica fixes security flaw in ticket support system
Google Patches 11 Critical RCE Android Vulnerabilities
Adobe releases out-of-band security update for newly discovered Flash zero-day
Incoming! Microsoft unleashes more fixes for Windows 10 October 2018 Update
Google Patches More Than 50 Android Vulnerabilities in December
Windows 10 Version 1809 Bug Fixed, Upgrade Blocked Until Patch Is Installed
phpMyAdmin Releases Critical Software Update — Patch Your Sites Now!
Microsoft Patch Tuesday addresses zero-day
Adobe Patches 39 Cross-Platform Critical Security Issues in Acrobat and Reader
Security Updates for Microsoft Visual Studio Products (December 2018)
Samsung Galaxy S8 getting December 2018 security patch update in Germany
WordPress Patches Privilege Escalation Vulnerabilities
Cisco Patches Privilege Escalation Vulnerability in Adaptive Security Appliance
