We use cookies to improve your experience. Do you accept?

List of Data Breaches, Malware, Vulnerabilities, Scams, and Issued Patches in July, 2019

List of Data Breaches, Malware, Vulnerabilities, Scams, and Issued Patches in July, 2019 - Featured Image

Okrum backdoor Aug 2, 2019

The month of July witnessed a flurry of new malware, newly discovered vulnerabilities and attack methods used by threat actors. In addition to these, numerous large-scale data breaches were also reported which affected renowned organizations as well as government institutions.

New versions of Trickbot trojan, Miori botnet, Watchbog trojan, Pegasus spyware and Ratsnif trojan among others were found being used by cybercriminals to execute their malicious and phishing tasks. Apart from new variants, security researchers also discovered new, unique malware such as EvilGnome backdoor, Topinambour malware dropper, Okrum backdoor, ERIS ransomware among others. On the other hand, decryptors for two ransomware - Ims00rry and LooCipher - were also released to help victims recover encrypted files from attacks that had this ransomware.

The past month witnessed a major cyber attack at 62 universities in the US after hackers exploited a weakness in a popular admission and enrollment banner software made by Ellucian. The hackers stole student data and later used it to create thousands of fake accounts. Likewise, several healthcare providers across the world had to bear the brunt of cyberattacks. A majority of the attacks were carried out via phishing emails, resulting in the loss of personal and financial information of staff, students and parents.

In a major update to AMCA’s data breach, a few more diagnostic centers in the US were found to be impacted by the incident. The new companies included American Esoteric Laboratories, Laboratory Medicine Consultants, South Texas Dermatopathology, Austin Pathology Associates, and Pathology Solutions.

Multiple data leak incidents due to misconfigured databases were also reported last month. The major victim organizations due to this were AavGo, K12, YouHodler, Orvibo, Jiangsu Provincial Public Security Department, Pipl and LexisNexis. Researchers had also found a massive data leak named DataSpii that occurred due to eight Chrome and Firefox browser extensions. The leak had affected close to 4.1 million users.

As a consequence of ransomware infection, several cities and organizations were forced to pay the ransom in order to recover their encrypted data and systems. This included LaPorte County in Indiana and Park DuValle Community Health Center in Louisville.

Two new attack methods named Spearphone attack and CTRL-ALT-LED that could be used against Android phones and computers were also uncovered in July.

Talking about vulnerabilities, Instagram, LinkedIn, WhatsApp and Telegram contained serious vulnerabilities that could put users’ data at risk. In addition, a critical vulnerability detected in Lenovo Iomega NAS devices had exposed 36TB of 3 million files.

Coming to security fixes and patches, Oracle had released a series of updates to fix 322 flaws, while Microsoft had addressed 77 security issues found across its multiple products.

In scams, scammers were found duping users into revealing their personal details and swindled money. These separate incidents included a WhatsApp scam, a BEC scam as well as a fake invoice scam.

The following is a consolidated report of all major data breaches, malware, vulnerabilities and scams reported in the last month.

Breaches

Georgia Court System Hit by Malware Attack

Exposed Orvibo Database Leaks Two Billion Records

Hacker Deletes Entire Student Newspaper Website of University of Ottawa

Boyd Group Income Fund Hit by a Ransomware Attack

Thousands Left Vulnerable in Nexus Repository Breach

Wiltshire Council 'hit by cyber attacks after Novichok poisonings'

'Silence' Hackers Hit Banks in Bangladesh, India, Sri Lanka, and Kyrgyzstan

St John Ambulance becomes latest casualty of a ransomware attack

Alive Hospice, Notice of Data Privacy Event

Card Skimming Attack Hits 962 eCommerce Stores

Croatian Government Targeted by Mysterious Hackers with Never Before Seen Malware Payload

Football Association of Ireland says player, manager data safe after breach

E.On 'error' reveals 498 customers' email addresses

Maryland Govt Agency Breach Exposes Names, SSNs of 78K People

Canonical GitHub account hacked, Ubuntu source code safe

Fieldwork Software Database Leak Exposed Sensitive SMB Records, Customer Credit Card Details

Over 90 Million Records Leaked by Chinese Public Security Department

Eastern Ontario community hit with a ransomware attack

GE Aviation Passwords, Source Code Exposed in Open Jenkins Server

Philadelphia Federal Credit Union confirms security breach

Hackers Breached Greece's Top Level Domain Registrar

188 Million Records Exposed on MongoDB Database

160,000 Resumes on Chinese Recruitment Site Zhilian Allegedly Exposed and Leaked

Arlington Investigating Cyber Attack on County Payroll System

Monroe College Hit with a $2 Million Ransomware Attack

Essentia Health alerts 1,000 patients of data breach

Google Very Angry After Contractor Leaks Over a Thousand Assistant Recordings

Northwood, Inc. Provides Notice of Data Security Incident

MyDashWallet was compromised for 2 months — users, move your cryptocurrency

Evite Data Breach Much Bigger Than Earlier Thought; Over 100 Million People Affected

Hackers Breach Into Unknown Number of Sprint Customer Accounts via Samsung Website

Triple Cyberattacks Hit New Bedford, Gila and Syracuse Schools

Hacker Steals Data of Millions of Bulgarians and Emails it to Local Media

Airline check-in bug may have exposed all y'all boarding passes to spies

American Express Customers Targeted by Novel Phishing Attack

Personal Data Including SMS and Calls of Mobile Loan App Users in China Left Open for All to See

Henry County, Ga., Investigates Possible Cyberattack

Hackers Targeted the Admissions and Enrollment Departments at 62 Universities and Created Thousands of Fake Student Accounts

Malicious BitPaymer Campaign Targets 15 U.S. Organizations in 3 Months

Slack Resetting Thousands of User Passwords After Learning 2015 Breach Was Worse Than Previously Known

QuickBooks Cloud Hosting Firm iNSYNQ Hit in Ransomware Attack

Hackers Publish List of Phished Discord Credentials

Hackers breach FSB contractor, expose Tor deanonymization project and more

Huawei's Czech Unit Secretly Collected Data: Report

AMCA Breach: Many More Impacted Healthcare Firms Come Forward

Lancaster University students' data stolen by cyber-thieves

Personal information for 70,000 Hawaii students potentially compromised

Deliveroo Accounts Are Being Hacked And Sold For Just $6

BASF, Siemens, Henkel, Roche Targeted in Cyberattacks

Brazil Hackers Target 1,000 Phones, Including Economy Minister’s

Emergency Declared as Threat Actors Target Louisiana School Systems

Neo-Nazi SWATters Target Dozens of Journalists

New Details Reveal that Hackers Targeted Cellphones of the President of Brazil

Online Form Maker Formget Exposed User-Uploaded Documents

Australia's NAB Says 13,000 Customers' Personal Data Breached

Ransomware crooks hit Synology NAS devices with brute-force password attacks

Eastern Ontario municipality suffered from a ransomware attack

Exposed password gave hacker access to Comodo internal files

Staff bank details of mobile phone company Sure stolen in cyber attack

Capital One: hacker gained access to personal information of over 100 million Americans

Tangipahoa Schools in La. Discover Possible Cybersecurity Breach

Ransomware Hampers Lincoln County Sheriff’s Office

Los Angeles Police Department Suffers Data Breach Exposing Private Data of 2500 Police Officers and 17,500 Applicants

Seven & I Holdings Resets All 7pay Passwords After Big Hack

Lancaster Uni cordons off breached systems a week after thousands of folks' data pinched

Security Lapse Exposed Weak Points on Honda’s Internal Network

University of York students targeted in data hack

Malware

Wake-up Android users; thousands of malicious copycat apps infesting Play Store

Newly discovered Spelevo exploit kit found compromising B2B site to distribute IcedID and Dridex trojans

Cirque du Soleil app gives attackers same admin rights as operators

Adware Campaign Identified From 182 Game and Camera Apps on Google Play and Third-Party Stores Like 9Apps

The Gopher in the Room: Analysis of GoLang Malware in the Wild

Malware Loader Goes Through Heaven's Gate to Avoid Detection

Hardcoded Credentials Expose SICK Controllers to Remote Attacks

Mac OSX/CrescentCore malware designed to evade antivirus

A Quick and Efficient Method For Locating the main() function of Linux ELF Malware Variants

WannaLocker ransomware found combined with RAT and banking trojan

Trickbot Trojan Now Has a Separate Cookie Stealing Module

Many VMware Products Affected by SACK Linux Vulnerabilities

Sodin ransomware exploits Windows vulnerability and processor architecture

Hackers Hijacked VR Chatrooms to Manipulate Users' Reality

First-ever Malware Strain Spotted Abusing New DoH (DNS over HTTPS) Protocol

Researchers Uncover Long-Term Facebook Malware Campaign

BianLian Android Banking Trojan Upgraded With Screen Recorder

Fake Android app serves bogus ‘Samsung firmware updates’ and troubles 10 million users with unwanted ads

Cryptomining Campaign Targets Linux Servers with Go Malware

Backdoor found in Ruby library for checking for strong passwords

Anubis Android Malware Returns with Over 17,000 Samples

Dismantling a fileless campaign: Microsoft Defender ATP next-gen protection exposes Astaroth attack

Dridex Banking Trojan, RMS RAT Dropped via Fake eFax Messages

GoBotKR Targets Pirate Torrents to Build a DDoS Botnet

Iran-Linked Malware Shared by USCYBERCOM First Seen in December 2016: Kaspersky

Trickbot Trojan Gets IcedID Proxy Module to Steal Banking Info

Rig Exploit Kit Pushing Eris Ransomware in Drive-by Downloads

Critical infrastructure at risk again from Stuxnet-like attack

New Miori Variant Uses Unique Protocol to Communicate with C &C

Apple has pushed a silent Mac update to remove hidden Zoom web server

Pale Moon says hackers added malware to older browser versions

New CTRL-ALT-LED technique can allow threat actors to exfiltrate data from secure air-gapped systems

Magecart Hackers Infect 17,000 Sites Through Misconfigured Amazon S3 Buckets

Whitehats use DoS attack to score key victory against ransomware crooks

Researchers Unveil The Most Clever 'Zip Bomb' Ever Made That Explodes a 46MB File to 4.5 Petabytes

Widely Used Kiosks Compromised by Hardcoded Credentials

Fake CS: GO, PUBG, Rust Cheats Push Password-Stealing Trojan

Fake DeepNude Downloads Gives You Malware Instead of Nudes

Chinese Antivirus Companies Don’t Flag Chinese Border Malware

iOS URL Scheme Susceptible to Hijacking

TrickBot malware learns how to spam, ensnares 250M email addresses

Attacks in Turkey Used Excel Formula Injection

Experts released a free decryptor for Loocipher Ransomware

Brazil is at the forefront of a new type of router attack

Emsisoft released a free decryptor for the Ims00rry ransomware

Unofficial Telegram App with 100K Installs Pushed Malicious Sites

FBI Releases Master Decryption Keys for GandCrab Ransomware

Meet Extenbro, a new DNS-changer Trojan protecting adware

New Attack Lets Android Apps Capture Loudspeaker Data Without Any Permission

Malware Framework Creates One Billion Fake Google Adsense Ad Impressions in Only a Few Months

Malicious Python libraries targeting Linux servers removed from PyPI

New type of phishing attack targets UK finance sector

New EvilGnome Backdoor Spies on Linux Users, Steals Their Files

Google removes seven stalkerware apps from Play Store

This Data-Stealing Malware Waits for You to Click a Mouse Button Three Times Before Going Into Action

Spam Campaign Targets Colombian Entities with Custom-made ‘Proyecto RAT,’ Uses Email Service YOPmail for C &C

Phishing scam attempts to bilk Laurentian University donors

Sodinokibi ransomware attempts to fill GandCrab void

Miria malware sets sights on enterprise IoT devices

Researchers devise method to track Bluetooth devices

Elusive MegaCortex Ransomware Found - Here is What We Know

Browser Extensions Scraped Data From Millions of People

BrushaLoader still sweeping up victims one year later

Multistage Attack Delivers BillGates/Setag Backdoor, Can Turn Elasticsearch Databases into DDoS Botnet ‘Zombies’

China-Linked APT15 group is using a previously undocumented backdoor

Popular File-Sharing Service WeTransfer Used in Malicious Spam Campaigns

Updated Karagany Malware Targets Energy Sector

BlueKeep Scanner Discovered in Watchbog Cryptomining Malware

Sodinokibi Ransomware Distributed by Hackers Posing as German BSI

Android Malware 'Triada' Most Active on Telco Networks

MyDoom: The 15-year-old malware that's still being used in phishing attacks in 2019

Rare Steganography Hack Can Compromise Fully Patched Websites

Hackers Inject Multi-Gateway Card Skimmer via Fake Google Domains

Attackers Are Wiping Iomega NAS Devices, Leaving Ransom Notes

ProtonMail Warns of Phishing Attacks Possibly Linked to Russia

New TrickBot Version Focuses on Microsoft's Windows Defender

Malware researchers analyzed an intriguing Java ATM Malware

IoT home security camera allows hackers to listen in over HTTP

Keeping a Hidden Identity: Mirai C &Cs in Tor Network

Malvertising: Online advertising's darker side

Vulnerabilities

Bulgarian IT expert arrested after demoing vulnerability in kindergarten software

Some insulin pumps vulnerable to cyberattacks, says Health Canada

Personalized medicine software vulnerability uncovered by Sandia researchers

Squirrel Exploit Leaves Microsoft Teams Vulnerable to Privilege Escalation

Linux Servers Under Worm Attack Via Exim Flaw

Sophos Creates PoC for BlueKeep Exploit to Take Control of Devices

Tale of a Windows Error Reporting Zero-Day (CVE-2019-0863)

Security flaws in a popular smart home hub let hackers unlock front doors

Many Phoenix Contact PLCs Still Vulnerable Months After Researcher Issues Warning

US Cyber Command issues alert about hackers exploiting Outlook vulnerability

Security Camera Firm Arlo Zaps High-Severity Bugs

17-Year-Old Weakness in Firefox Let HTML File Steal Other Files From Device

Multiple Chinese Threat Groups Exploiting CVE-2018-0798 Equation Editor Vulnerability Since Late 2018

7-Eleven Japanese customers lose $500,000 due to mobile app flaw

Monero security flaw could’ve seen XMR stolen from cryptocurrency exchanges

IPFire Open-Source Linux Firewall Now Patched Against SACK Panic Vulnerabilities

Researchers Poke Holes in Siemens Simatic S7 PLCs

Zoom Security Flaw Exposes Webcam Hijack Risk -- Change Settings Now

Tenable Research Discloses Critical Vulnerability in Siemens STEP 7 (CVE-2019-10915)

Several Siemens Devices Affected by Intel MDS Vulnerabilities

Unpatched Prototype Pollution Flaw Affects All Versions of Popular Lodash Library

Logitech Unifying Receivers Vulnerable to Key Injection Attacks

CyberMDX Research Team Discovers Medical Device Vulnerability in GE Anesthesia and Respiratory Devices

Decoding the Icegram Persistent Cross-Site Scripting

Windows zero-day CVE-2019-1132 exploited in targeted attacks

Flaw in Rockwell PanelView Allows Root-Level Access to Devices

Bug in Anesthesia Machines Allows Changing Gas Mix Levels

Crooks Used SQL Injections to Hack Drupal Sites and Install Fake Ransomware

Malicious PHP script, aptly given the name “Magento Killer” by its creators, has been found targeting Magento websites

Recent Windows zero-day used by Buhtrap gang for cyber-espionage

Researchers Break Into AMD's Secure Encrypted Virtualization Technology With Minor Effort

USBCreator D-Bus Privilege Escalation in Ubuntu Desktop

This Flaw Could Have Allowed Hackers to Hack Any Instagram Account Within 10 Minutes

Researchers Disclose WhatsApp and Telegram Exploit That Gives Hackers Access to Personal Media

Zoom’s video conferencing security flaw also applies to RingCentral and Zhumu

iOS 13 Bug Allows Easy Access to All Passwords of the User

Critical WordPress Plugin Flaw Leaves 200,000 Sites at Risk

Zoom RCE only hit those who uninstalled it: Assetnote

Bluetooth Vulnerability Could Allow iOS and macOS Devices Be Tracked and Identified

Vulnerability Allows Hackers to Take Control of Drupal 8 Websites

RDP Bug Takes New Approach to Host Compromise

Bug in NVIDIA’s Tegra Chipset Opens Door to Malicious Code Execution

Hackers Exploit Recent WordPress Plugin Bugs for Malvertising

ProFTPD Remote Code Execution Bug Exposes Over 1 Million Servers

Several Vulnerabilities Found in Comodo Antivirus

Critical RCE Flaw in Palo Alto Gateways Hits Large Companies Including Uber

VLC Player Critical Security Does Not Affect Macs

Windows zero-days don't usually work against the latest OS version

Flaws in widely used corporate VPNs put company secrets at risk

13 vulnerabilities disclosed in U-Boot loader

Android vulnerability lets hackers hijack your phone with malicious videos

Vulnerabilities Found in Mitsubishi Inverter Engineering Software

Bishop Fox Researchers Discover High-Risk Vulnerability in InterSystems Application

Microsoft Office 365 Webmail Exposes User's IP Address in Emails

Warning As Google Falls Victim To Critical Security Issue On LinkedIn Jobs Pages

Urgent11 Security Flaws Impact Routers, Printers, SCADA, and IoT Devices

Authenticated XSS Found in WordPress Plugin Facebook Widget

Apple's AWDL protocol plagued by flaws that enable tracking and MitM attacks

OXID eShop Used by Mercedes Fixes Remote Takeover Security Bug

US Issues Hacking Security Alert for Small Planes

Critical Vulnerabilities Found in Prima FlexAir Access Control System

Scams

Dubai Police: Over 800 bank fraud cases in three years

Hackers target real estate agent emails in growing loan scam

FBI Releases Warning on Sextortion Scams Targeting Teenagers

Instagram scams now include fake 'verification'

Over $800,000 Stolen by Scammers in Atlanta Area City BEC Fraud

Billionaire Richard Branson: Scammers are pretending to be me to steal your money

Social media used by fraudsters to advertise benefit scam

An Amazon Phishing Scam Hits Just in Time For Prime Day

New Zealand: Fake Inland Revenue tax refund email doing the rounds

Scammers impersonating vicars to gain people's bank details, GCHQ warns

Nigerian scammers slide into DMs, so Ars trolls them

New 'US State Police' Extortion Scam Includes Contact Numbers

Hydro-Québec warns customers about fraudsters using the company's name

Australia: Government agency sends out sextortion alert

PSNI warning public over scam attempts

Beware phony gift card email scams: Here's why attackers love using them

Equifax settlement claims: The FTC says watch out for fake websites trying to scam you

Patches

Google Releases July 2019's Android Security Patch to Fix over 30 Security Flaws

IBM Patches Critical, High-Severity Flaws in Spectrum Protect

Magento Patches Flaws Leading to Site Takeover

Critical Warning Issued Regarding 10 Million Samsung Phone Updates

Tor Project to fix bug used for DDoS attacks on Onion sites for years

Adobe Fixes Low Priority Flaws With July 2019 Patch Tuesday Updates

Cisco delivers Patch Tuesday warmup with bundle of 18 bug fixes

Microsoft Windows Users Warned to Critically Update their Computers or Risk 'WannaCry 2.0'

Microsoft July 2019 Patch Tuesday fixes zero-day exploited by Russian hackers

Intel Patches High-Severity Flaw in Processor Diagnostic Tool

Critical SAP Vulnerability in Diagnostic Agent Patched

Jira Server and Data Center Update Patches Critical Vulnerability

Mozilla's latest Firefox releases fix 21 bugs

Juniper Networks patches dozens of vulnerabilities

Cisco releases updates for DoS vulnerability

Oracle to Release Critical Patch Update

Google Fixes Security Bugs in Chrome

Patch Now: Iomega Storage Boxes Leave Millions of Files Open to the Internet

Microsoft Patches PowerShell Core Security Bug to Fix WDAC Bypass

Apple fixes Watch bug that let someone eavesdrop on your conversation

Windows 10: Latest update squashes two dozen bugs, delivers fixes for Office and IE

Apple patches bugs in four operating systems, Safari browser

Canonical Outs New Linux Kernel Security Updates for Ubuntu 19.04 and 18.04 LTS

Debian Outs First Linux Kernel Security Update for Debian GNU/Linux 10 "Buster"

Telegram Rolls Out Fix for Voicemail Hack Used Against Brazilian Politicians

Chrome 76 Patches 43 Vulnerabilities