List of Data Breaches, Malware, Vulnerabilities, Scams, and Issued Patches in February 2019
Dirty Sock vulnerability • Mar 5, 2019
We use cookies to improve your experience. Do you accept?
Dirty Sock vulnerability • Mar 5, 2019
Just like the previous month, February too witnessed a volley of cybersecurity-related incidents.
Researchers uncovered the latest versions of several existing malware such as Trickbot trojan, Danabot trojan, Ursnif trojan, Astaroth trojan, Shlayer trojan, Separ info-stealer and KORKERDS cryptominer targeting several organizations, systems, processes and more. Additionally, infamous malware that includes the likes of AdvisorBot, FormBook and IceID made a comeback in different attack campaigns. Security researchers also spotted various new malware such as SpeakUp trojan, Qealler info-stealer, KerrDown malware downloader,B0r0nt0k ransomware and Cayosin botnet affecting several industries in different sectors.
Talking about breaches, data of 14 million Instagram users was found in an unsecured database. In another instance, data of almost 620 million accounts stolen from 16 popular websites was available for sale at a price less than $20,000 on the Dream Market forum. The same hacker had also released two distinct batches of data containing around 127 million account records and 93 million user records on the Dark Web respectively. Dunkin Donuts was attacked for the second time in three months. This resulted in the compromise of some of its customers' accounts.
The month also saw the discovery of several new vulnerabilities such as ZOMBIEPOODLE, GOLDENDOODLE, DIRTY SOCK and Thunderclap.
In patches, Microsoft issued security updated for 77 security flaws found across its multiple products. Other major security updates include fixes for a Container Privilege Escalation Vulnerability in Cisco products, NSS vulnerabilities in Ubuntu 18.10, 18.04 LTS & 16.04 LTS and authentication vulnerability in SAP HANA XSA.
Here is the consolidated list of breaches, malware, vulnerabilities, scams and patches that were reported in February.
Breaches
Israeli cyberexpert detects China hack in Ottawa, warns against using Huawei 5G
Indian state government leaks thousands of Aadhaar numbers
Minnesota Department of Human Services Reports Data Breach
Hacking, gone off the rails: Holiday travelers react to data breach · TechNode
NZTA again forced to contact the Privacy Commissioner after another privacy breach
Student Loans Company hit by a million cyber attacks last year
Crosby ISD’s IT system hacked by ransomware virus
British MPs Targeted By a "Malicious Hack" Accessing Their Phone And Email Contacts
Researcher reveals data leak at South Africa’s main electricity provider
Unauthorized intruder preys on Bayside Covenant Church
Trakt app users' personal data exposed: We were hit by a 'PHP exploit'... back in 2014
Jack'd Dating App Exposes Millions of Private Photos
Mumsnet reports itself to regulator over data breach
Australia Suffers Major Security Incident: Federal Parliament's Computer Network Hacked
Instagram data from 14 million profiles found in insecure database
Phishers Target Anti-Money Laundering Officers at U.S. Credit Unions — Krebs on Security
Users complain of account hacks, but OkCupid denies a data breach
Dunkin' Donuts accounts compromised in second credential stuffing attack in three months
Home loan details of 100,000 customers hacked in major data breach
DataCamp Implements Partial Password Reset After Data Security Incident
Chinese company leaves Muslim-tracking facial recognition database exposed online
'Coffee Meets Bagel' Dating Site Hit by Data Breach
127 million user records from 8 companies put up for sale on the dark web
Phishers Target Texas Department of Transportation Contractors with Online Bidding Scheme
Emails, Hashed Passwords of 18 Million Ixigo Users Stolen
42,000 AdventHealth Patients Impacted in Yearlong Data Breach
Major Crypto Brokerage Coinmama Reports 450,000 Users Affected by Data Breach
Hacker Puts Up for Sale Third Round of Hacked Databases with 93 Million Accounts on the Dark Web
2.7 Million Health-Related Calls, Sensitive Info Exposed for Six Years
India’s state gas company leaks millions of Aadhaar numbers
Breach in Stanford System Exposes Student Records
Phishing Campaign Spoofs United Nations and Multiple Other Organizations
Toyota Australia embroiled in cyber threat
Almost Half A Million Delhi Citizens' Personal Data Exposed Online
Misconfigured database exposes 974,000 University of Washington Medicine patients
Credit card details of 2.15 million Americans put up for sale on hacking forum
70000 Pakistani banks’ cards with PINs go on sale on the dark web
UConn Health Says Data Breach Could Impact More Than 300,000
Hacker steals $7.7 million in EOS cryptocurrency after blacklist snafu
Topps.com Sports Collectible Site Exposes Payment Info in MageCart Attack
Dow Jones Data Leak: Watchlist of 2.4 Million High-Risk Individuals Exposed Online
Malware
Webstresser takedown’s 151,000 DDoS-minded users targeted by authorities in 20 countries
The return of the AdvisorsBot malware
Most Magento shops get compromised via vulnerable extensions
Google bans slew of malicious Android apps that stole user photos and advertised scams
This password-stealing phishing attack comes disguised as a fake meeting request from the boss
Digital sign systems allowed hacker access through default passwords
SpeakUp Linux Backdoor Sets Up for Major Attack
Attackers Use CoAP for DDoS Amplification
ExileRAT shares C2 with LuckyCat, targets Tibet
New Botnet Shows Evolution of Tech and Criminal Culture
Alexa 500 Sites Targeted with Adaptive Malware
Operation Eligible Receiver 97’s Impact on Ransomware
Outlaw Shellbot infects Linux servers to mine for Monero
Abusing the Mali ccTLD (.ml) To Target Dutch Organisations
Backdoored cryptocurrency software found serving AZORult malware
Users of Crypto Wallets Electrum and MyEtherWallet Face Phishing Attacks
GandCrab Ransomware Helps Shady Data Recovery Firms Hide Ransom Costs
IcedID Operators Using ATSEngine Injection Panel to Hit E-Commerce Sites
Android Phones Can Get Hacked Just by Looking at a PNG Image
How Hackers and Scammers Break into iCloud-Locked iPhones
"Lucky Draw" Smishing Campaign Asks Money to Deliver Car Prize
Geodo Botnets Using New Spam Campaign to Deliver Qakbot Malware
DanaBot Trojan updated with new C&C communication
Ursnif: Long Live the Steganography and AtomBombing!
Matrix Ransomware Changes The Rules
Phishing emails imitate American banks to infect victims with TrickBot
Triout Android Spyware Framework Makes a Comeback, Abusing App with 50 Million Downloads
Trojan Targeting Only Italian Machines Contains Cheeky Mario Image
Linux Coin Miner Copied Scripts From KORKERDS, Removes All Other Malware and Miners
Qealler – a new JAR-based information stealer
The malspam security products miss: banking and email phishing, Emotet and Bushaloader
N.Korea Plants Virus in South Korean Bus Apps
Windows App Runs on Mac, Downloads Info Stealer and Adware
Automatic 4K/HD for Youtube extension pulled from Chrome Store for pop-up ad abuse
Evil USB Cable Can Remotely Accept Commands From Hacker
Client-Side DNS Attack Emerges From Academic Research
Trickbot Adds Remote Application Credential-Grabbing Capabilities to Its Repertoire
'Clipper' malware that alters crypto wallet addresses slips into Play Store
Gootkit: Unveiling the Hidden Link with AZORult
Researchers hide malware in Intel SGX enclaves
STOP ransomware claims even more victims
New Astaroth Trojan Variant Exploits Anti-Malware Software to Steal Info
Shlayer Malware Disables macOS Gatekeeper to Run Unsigned Payloads
Software pirates use Apple tech to put hacked apps on iPhones
Emotet malware tweaks tactics in fresh attack wave
With Love from GandCrab: Hackers Spread Ransomware Via Valentine's-themed Emails
Researchers Unearth New Phishing Attack That Even Most Vigilant Users Could Fall For
"Sin”-ful SPIDERS: WIZARD SPIDER and LUNAR SPIDER Sharing the Same Web
Brokerage Firms Warned by FINRA Regulator of New Phishing Attack
Windows App runs on Mac to download MacOS malware
New Trickbot module implements Remote App Credential-Grabbing features
Ransomware attackers exploit old plug-in flaw to infect MSPs and their clients
Storage Maker QNAP Warns of Malware Targeting Its NAS Devices
JavaScript bridge makes malware analysis with WinDbg easier
Rietspoof malware spreads via Facebook Messenger and Skype spam
Popular Torrents Uploader Caught Sharing ‘GandCrab’ Ransomware
Pre-installed malware discovered on Alcatel smartphones
Microsoft removes eight apps from its Windows App Store that were mining cryptocurrencies
Researchers Discover Malware that Turns ATM into a Slot Machine Game
The Long Run of Shade Ransomware
Malvertising Campaign Strikes US; Over 800 Million Malicious Ad Impressions Recorded
POS Systems at Hundreds of Bars, Restaurants, and Coffee Shops All Over the US Infected with Malware
Hard-to-detect credential-theft malware has infected 1,200 and is still going
DrainerBot infected apps play invisible videos to drain your data
NoRelationship phishing attack dances around Microsoft Office 365 email filters
Monero Miner-Malware Uses RADMIN, MIMIKATZ to Infect, Propagate via Vulnerability
JD Finance Android App Caught Storing Screenshots With Banking Info
IoT botnets target enterprise video conferencing systems
GandCrab Ransomware Affiliates Continue to Push Decryptable Versions
Attack Campaign Experiments with Rapid Changes in Email Lure Content
Research Warns ‘Familiar’ Monero Mining Malware Is Infecting Windows Systems
Meet the man-in-the-room attack: Hackers can invisibly eavesdrop on Bigscreen VR users
Hackers Use Fake Google reCAPTCHA to Cloak Banking Malware
Cr1ptT0r Ransomware Targets Embedded Systems, Infects D-Link NAS Gear
Phishing campaign attempts to spread a new brand of snooping malware
New Malware Campaign Targets Job Seekers
Trojan Attack Masked as Payment Confirmation
Fbot malware targets HiSilicon DVR/NVR Soc devices
B0r0nt0K Ransomware Wants $75,000 Ransom, Infects Linux Servers
LinkedIn Messaging Abused to Target US Companies With Backdoors
The malspam security products miss: Emotet, Ursnif, and a spammer's blunder
New browser attack lets hackers run bad code even after users leave a web page
Malware attacks Pornhub users accounts for their credentials
Malvertising attacks using polyglot images spotted in the wild
Online Bidding Phishing Schemes Targeting U.S. Government Contractors
New Golang brute forcer discovered amid rise in e-commerce attacks
Smoke Loader Botnet Still Active on Black Market After 8 Years
Google Analytics and Angular in Magento Credit Card Stealing Scripts
Hackers Can Slip Invisible Malware into 'Bare Metal' Cloud Computers
New detection method identifies cryptomining and other fileless malware attacks
Outlook and Microsoft Account Phishing Emails Utilize Azure Blob Storage
Fin6 using FrameworkPOS scraping malware in POS attacks
Ransomware, Trojan and Miner together against “PIK-Group”
Qbot malware's back, and latest strain relies on Visual Basic script to slip into target machines
Vulnerabilities
Researchers published the PoC exploit code for Linux SystemD bugs
Over 485,000 Ubiquiti devices vulnerable to new attack
Introducing Zombie POODLE and GOLDENDOODLE
Crooks Continue to Exploit GoDaddy Hole — Krebs on Security
RIP, RDP: Security house Check Point punches holes in desktop controls
IoT Scale Flaws Allow Denial of Service, Privacy Issues
Cisco Identity Services Engine Multiple Cross-Site Scripting Vulnerabilities
Microsoft Confirms Elevation of Privilege Vulnerability in Exchange Server
Major Airlines At Risk From Check-in System Flaw
Researcher finds macOS bug but won’t share details with Apple
New critical vulnerability discovered in open-source office suites
Critical Flaws Allow Hackers to Take Control of Kunbus Industrial Gateway
Security vulnerabilities in video conferencing devices could be remotely exploited by hackers
FireOS Flaw Allowed Limited Content Injection in Amazon Tablets
New Zombie 'POODLE' Attack Bred From TLS Flaw
Privacy Protection Bypass Flaw in macOS Gives Access to Browsing History
Lenovo Watch X was riddled with security bugs, researcher says
AWS Issues Alert for Multiple Container Systems
WordPress plugin flaw lets you take over entire sites
Researchers Uncover Doomsday Docker Security Hole
Siemens Warns of Critical Remote-Code Execution ICS Flaw
Heir to Dirty Cow, Dirty Sock Vulnerability Lets Attackers Gain Root Access on Linux Systems
OpenOffice Zero-Day Code Execution Flaw Gets Free Micropatch
Researchers Dig into Microsoft Office Functionality Flaws
Microsoft patches 0-day vulnerabilities in IE and Exchange
Critical OkCupid Flaw Exposed Daters to MiTM, Phishing Attacks
TLS 1.3 vulnerability enables hackers to eavesdrop on encrypted traffic
Data-spewing Spectre chip flaws can't be killed by software alone, Google Researchers conclude
Exploit Code Published for Recent Container Escape Vulnerability
Privilege Escalation Vulnerability Found in LG Device Manager
Flaw in mIRC App Allows Attackers to Execute Commands Remotely
Big security flaws found in popular password managers
Rockwell Automation to Patch Publicly Disclosed Power Monitor Flaws
Critical Flaw Uncovered In WordPress That Remained Unpatched for 6 Years
Microsoft publishes security alert on IIS bug that causes 100% CPU usage spikes
Windows Servers Vulnerable to DoS Attacks, Microsoft Warns
New flaws in 4G, 5G allow attackers to intercept calls and track phone locations
CVE-2019-9019 affects British Airways Entertainment System on Boeing 777-36N(ER)Security Affairs
Chips may be inherently vulnerable to Spectre and Meltdown attacks
Serious Flaws in WibuKey DRM Impact Siemens Products
Smart Homes at Risk Due to Unpatched Vulnerabilities, Weak Credentials
It took hackers only three days to start exploiting latest Drupal bug
Exposing flaws in metrics for user login systems
Analyzing WordPress Remote Code Execution Vulnerabilities CVE-2019-8942 and CVE-2019-8943
Thunderclap flaws impact how Windows, Mac, Linux handle Thunderbolt peripherals
Chrome Zero-Day Exploited to Harvest User Data via PDF Files
McAfee Says Mr. Coffee Coffee Makers Have a Security Vulnerability
Cisco RV110W, RV130W, and RV215W Routers Management Interface Remote Command Execution Vulnerability
Scams
Experts observed a new sextortion scam Xvideos-themed
Australia: New tax scam warning over identity theft text
Bangkok: Elderly fall prey to scam gangs
Scammers Threatening YouTube Content Creators with Channel Suspension
Beware! Scammer groups are exploiting Gmail 'dot accounts' for online fraud
Scammers Hit Thousands With Sophisticated Fake Norton Scans
20 Indicted in Multimillion-Dollar Online Fraud Scheme
The Scarlet Widow Gang Entraps Victims Using Romance Scams
Scammers Are Filing Fake Trademarks to Steal High-Value Instagram Accounts
31 AGs ask FTC to update Identity Theft Rules
Online ATM-style scam puts shoppers at risk: Symantec
'Sextortion' scammers use LinkedIn to target high net-worth individuals
Telephone Scams: Your Credit Card was Used in Fraudulent Activities
Investment scam targets Instagram users
Beware: Superbalist credit card scam
Email Scammers Ditch Wire Transfers for iTunes Gift Cards
Patches
Apple Says It Has Fixed FaceTime Security Bug
Mozilla patches two critical issues in Thunderbird
Canonical Patches Linux Kernel Regression in Ubuntu 18.04 LTS, Update Now
Google releases February 2019 security patch for Pixel devices, Essential Phone gets updated too
Zcash cryptocurrency fixes infinite counterfeiting vulnerability
antiX MX 18.1 Distro Released with Latest Debian GNU/Linux 9.7 "Stretch" Updates
Microsoft States Windows Update DNS Issues are Finally Fixed
Temporary Patch Released For Adobe Reader Zero Day
Adobe Releases Security Fixes for Flash Player, ColdFusion, and More
Microsoft February Patch Tuesday fixes 77 security flaws, including IE zero-day
SAP security fixes address Critical flaw in SAP HANA XSA
Nokia 2 update rolls out with February Android Security patch
Linux Subsystem Files Accessible via Explorer in Future Windows 10 Releases
Uber fixes bug that exposed third-party app secrets
Cisco patches a couple of root access-granting security flaws
Adobe sends out second fix for critical Reader data leak vulnerability
Canonical Preps Emergency Point Releases for Ubuntu 16.04 LTS & Ubuntu 14.04 LTS
NVIDIA Patches Security Issues in GPU Display Driver for Windows, Linux
CentOS 6 and Red Hat Enterprise Linux 6 Get Important Kernel Security Update