List of Data Breaches, Malware, Vulnerabilities, Scams, and Issued Patches in July, 2019
Okrum backdoor • Aug 2, 2019
We use cookies to improve your experience. Do you accept?
Okrum backdoor • Aug 2, 2019
The month of July witnessed a flurry of new malware, newly discovered vulnerabilities and attack methods used by threat actors. In addition to these, numerous large-scale data breaches were also reported which affected renowned organizations as well as government institutions.
New versions of Trickbot trojan, Miori botnet, Watchbog trojan, Pegasus spyware and Ratsnif trojan among others were found being used by cybercriminals to execute their malicious and phishing tasks. Apart from new variants, security researchers also discovered new, unique malware such as EvilGnome backdoor, Topinambour malware dropper, Okrum backdoor, ERIS ransomware among others. On the other hand, decryptors for two ransomware - Ims00rry and LooCipher - were also released to help victims recover encrypted files from attacks that had this ransomware.
The past month witnessed a major cyber attack at 62 universities in the US after hackers exploited a weakness in a popular admission and enrollment banner software made by Ellucian. The hackers stole student data and later used it to create thousands of fake accounts. Likewise, several healthcare providers across the world had to bear the brunt of cyberattacks. A majority of the attacks were carried out via phishing emails, resulting in the loss of personal and financial information of staff, students and parents.
In a major update to AMCA’s data breach, a few more diagnostic centers in the US were found to be impacted by the incident. The new companies included American Esoteric Laboratories, Laboratory Medicine Consultants, South Texas Dermatopathology, Austin Pathology Associates, and Pathology Solutions.
Multiple data leak incidents due to misconfigured databases were also reported last month. The major victim organizations due to this were AavGo, K12, YouHodler, Orvibo, Jiangsu Provincial Public Security Department, Pipl and LexisNexis. Researchers had also found a massive data leak named DataSpii that occurred due to eight Chrome and Firefox browser extensions. The leak had affected close to 4.1 million users.
As a consequence of ransomware infection, several cities and organizations were forced to pay the ransom in order to recover their encrypted data and systems. This included LaPorte County in Indiana and Park DuValle Community Health Center in Louisville.
Two new attack methods named Spearphone attack and CTRL-ALT-LED that could be used against Android phones and computers were also uncovered in July.
Talking about vulnerabilities, Instagram, LinkedIn, WhatsApp and Telegram contained serious vulnerabilities that could put users’ data at risk. In addition, a critical vulnerability detected in Lenovo Iomega NAS devices had exposed 36TB of 3 million files.
Coming to security fixes and patches, Oracle had released a series of updates to fix 322 flaws, while Microsoft had addressed 77 security issues found across its multiple products.
In scams, scammers were found duping users into revealing their personal details and swindled money. These separate incidents included a WhatsApp scam, a BEC scam as well as a fake invoice scam.
The following is a consolidated report of all major data breaches, malware, vulnerabilities and scams reported in the last month.
Breaches
Georgia Court System Hit by Malware Attack
Exposed Orvibo Database Leaks Two Billion Records
Hacker Deletes Entire Student Newspaper Website of University of Ottawa
Boyd Group Income Fund Hit by a Ransomware Attack
Thousands Left Vulnerable in Nexus Repository Breach
Wiltshire Council 'hit by cyber attacks after Novichok poisonings'
'Silence' Hackers Hit Banks in Bangladesh, India, Sri Lanka, and Kyrgyzstan
St John Ambulance becomes latest casualty of a ransomware attack
Alive Hospice, Notice of Data Privacy Event
Card Skimming Attack Hits 962 eCommerce Stores
Croatian Government Targeted by Mysterious Hackers with Never Before Seen Malware Payload
Football Association of Ireland says player, manager data safe after breach
E.On 'error' reveals 498 customers' email addresses
Maryland Govt Agency Breach Exposes Names, SSNs of 78K People
Canonical GitHub account hacked, Ubuntu source code safe
Fieldwork Software Database Leak Exposed Sensitive SMB Records, Customer Credit Card Details
Over 90 Million Records Leaked by Chinese Public Security Department
Eastern Ontario community hit with a ransomware attack
GE Aviation Passwords, Source Code Exposed in Open Jenkins Server
Philadelphia Federal Credit Union confirms security breach
Hackers Breached Greece's Top Level Domain Registrar
188 Million Records Exposed on MongoDB Database
160,000 Resumes on Chinese Recruitment Site Zhilian Allegedly Exposed and Leaked
Arlington Investigating Cyber Attack on County Payroll System
Monroe College Hit with a $2 Million Ransomware Attack
Essentia Health alerts 1,000 patients of data breach
Google Very Angry After Contractor Leaks Over a Thousand Assistant Recordings
Northwood, Inc. Provides Notice of Data Security Incident
MyDashWallet was compromised for 2 months — users, move your cryptocurrency
Evite Data Breach Much Bigger Than Earlier Thought; Over 100 Million People Affected
Hackers Breach Into Unknown Number of Sprint Customer Accounts via Samsung Website
Triple Cyberattacks Hit New Bedford, Gila and Syracuse Schools
Hacker Steals Data of Millions of Bulgarians and Emails it to Local Media
Airline check-in bug may have exposed all y'all boarding passes to spies
American Express Customers Targeted by Novel Phishing Attack
Personal Data Including SMS and Calls of Mobile Loan App Users in China Left Open for All to See
Henry County, Ga., Investigates Possible Cyberattack
Malicious BitPaymer Campaign Targets 15 U.S. Organizations in 3 Months
QuickBooks Cloud Hosting Firm iNSYNQ Hit in Ransomware Attack
Hackers Publish List of Phished Discord Credentials
Hackers breach FSB contractor, expose Tor deanonymization project and more
Huawei's Czech Unit Secretly Collected Data: Report
AMCA Breach: Many More Impacted Healthcare Firms Come Forward
Lancaster University students' data stolen by cyber-thieves
Personal information for 70,000 Hawaii students potentially compromised
Deliveroo Accounts Are Being Hacked And Sold For Just $6
BASF, Siemens, Henkel, Roche Targeted in Cyberattacks
Brazil Hackers Target 1,000 Phones, Including Economy Minister’s
Emergency Declared as Threat Actors Target Louisiana School Systems
Neo-Nazi SWATters Target Dozens of Journalists
New Details Reveal that Hackers Targeted Cellphones of the President of Brazil
Online Form Maker Formget Exposed User-Uploaded Documents
Australia's NAB Says 13,000 Customers' Personal Data Breached
Ransomware crooks hit Synology NAS devices with brute-force password attacks
Eastern Ontario municipality suffered from a ransomware attack
Exposed password gave hacker access to Comodo internal files
Staff bank details of mobile phone company Sure stolen in cyber attack
Capital One: hacker gained access to personal information of over 100 million Americans
Tangipahoa Schools in La. Discover Possible Cybersecurity Breach
Ransomware Hampers Lincoln County Sheriff’s Office
Seven & I Holdings Resets All 7pay Passwords After Big Hack
Lancaster Uni cordons off breached systems a week after thousands of folks' data pinched
Security Lapse Exposed Weak Points on Honda’s Internal Network
University of York students targeted in data hack
Malware
Wake-up Android users; thousands of malicious copycat apps infesting Play Store
Cirque du Soleil app gives attackers same admin rights as operators
The Gopher in the Room: Analysis of GoLang Malware in the Wild
Malware Loader Goes Through Heaven's Gate to Avoid Detection
Hardcoded Credentials Expose SICK Controllers to Remote Attacks
Mac OSX/CrescentCore malware designed to evade antivirus
A Quick and Efficient Method For Locating the main() function of Linux ELF Malware Variants
WannaLocker ransomware found combined with RAT and banking trojan
Trickbot Trojan Now Has a Separate Cookie Stealing Module
Many VMware Products Affected by SACK Linux Vulnerabilities
Sodin ransomware exploits Windows vulnerability and processor architecture
Hackers Hijacked VR Chatrooms to Manipulate Users' Reality
First-ever Malware Strain Spotted Abusing New DoH (DNS over HTTPS) Protocol
Researchers Uncover Long-Term Facebook Malware Campaign
BianLian Android Banking Trojan Upgraded With Screen Recorder
Cryptomining Campaign Targets Linux Servers with Go Malware
Backdoor found in Ruby library for checking for strong passwords
Anubis Android Malware Returns with Over 17,000 Samples
Dismantling a fileless campaign: Microsoft Defender ATP next-gen protection exposes Astaroth attack
Dridex Banking Trojan, RMS RAT Dropped via Fake eFax Messages
GoBotKR Targets Pirate Torrents to Build a DDoS Botnet
Iran-Linked Malware Shared by USCYBERCOM First Seen in December 2016: Kaspersky
Trickbot Trojan Gets IcedID Proxy Module to Steal Banking Info
Rig Exploit Kit Pushing Eris Ransomware in Drive-by Downloads
Critical infrastructure at risk again from Stuxnet-like attack
New Miori Variant Uses Unique Protocol to Communicate with C &C
Apple has pushed a silent Mac update to remove hidden Zoom web server
Pale Moon says hackers added malware to older browser versions
New CTRL-ALT-LED technique can allow threat actors to exfiltrate data from secure air-gapped systems
Magecart Hackers Infect 17,000 Sites Through Misconfigured Amazon S3 Buckets
Whitehats use DoS attack to score key victory against ransomware crooks
Researchers Unveil The Most Clever 'Zip Bomb' Ever Made That Explodes a 46MB File to 4.5 Petabytes
Widely Used Kiosks Compromised by Hardcoded Credentials
Fake CS: GO, PUBG, Rust Cheats Push Password-Stealing Trojan
Fake DeepNude Downloads Gives You Malware Instead of Nudes
Chinese Antivirus Companies Don’t Flag Chinese Border Malware
iOS URL Scheme Susceptible to Hijacking
TrickBot malware learns how to spam, ensnares 250M email addresses
Attacks in Turkey Used Excel Formula Injection
Experts released a free decryptor for Loocipher Ransomware
Brazil is at the forefront of a new type of router attack
Emsisoft released a free decryptor for the Ims00rry ransomware
Unofficial Telegram App with 100K Installs Pushed Malicious Sites
FBI Releases Master Decryption Keys for GandCrab Ransomware
Meet Extenbro, a new DNS-changer Trojan protecting adware
New Attack Lets Android Apps Capture Loudspeaker Data Without Any Permission
Malware Framework Creates One Billion Fake Google Adsense Ad Impressions in Only a Few Months
Malicious Python libraries targeting Linux servers removed from PyPI
New type of phishing attack targets UK finance sector
New EvilGnome Backdoor Spies on Linux Users, Steals Their Files
Google removes seven stalkerware apps from Play Store
Phishing scam attempts to bilk Laurentian University donors
Sodinokibi ransomware attempts to fill GandCrab void
Miria malware sets sights on enterprise IoT devices
Researchers devise method to track Bluetooth devices
Elusive MegaCortex Ransomware Found - Here is What We Know
Browser Extensions Scraped Data From Millions of People
BrushaLoader still sweeping up victims one year later
China-Linked APT15 group is using a previously undocumented backdoor
Popular File-Sharing Service WeTransfer Used in Malicious Spam Campaigns
Updated Karagany Malware Targets Energy Sector
BlueKeep Scanner Discovered in Watchbog Cryptomining Malware
Sodinokibi Ransomware Distributed by Hackers Posing as German BSI
Android Malware 'Triada' Most Active on Telco Networks
MyDoom: The 15-year-old malware that's still being used in phishing attacks in 2019
Rare Steganography Hack Can Compromise Fully Patched Websites
Hackers Inject Multi-Gateway Card Skimmer via Fake Google Domains
Attackers Are Wiping Iomega NAS Devices, Leaving Ransom Notes
ProtonMail Warns of Phishing Attacks Possibly Linked to Russia
New TrickBot Version Focuses on Microsoft's Windows Defender
Malware researchers analyzed an intriguing Java ATM Malware
IoT home security camera allows hackers to listen in over HTTP
Keeping a Hidden Identity: Mirai C &Cs in Tor Network
Malvertising: Online advertising's darker side
Vulnerabilities
Bulgarian IT expert arrested after demoing vulnerability in kindergarten software
Some insulin pumps vulnerable to cyberattacks, says Health Canada
Personalized medicine software vulnerability uncovered by Sandia researchers
Squirrel Exploit Leaves Microsoft Teams Vulnerable to Privilege Escalation
Linux Servers Under Worm Attack Via Exim Flaw
Sophos Creates PoC for BlueKeep Exploit to Take Control of Devices
Tale of a Windows Error Reporting Zero-Day (CVE-2019-0863)
Security flaws in a popular smart home hub let hackers unlock front doors
Many Phoenix Contact PLCs Still Vulnerable Months After Researcher Issues Warning
US Cyber Command issues alert about hackers exploiting Outlook vulnerability
Security Camera Firm Arlo Zaps High-Severity Bugs
17-Year-Old Weakness in Firefox Let HTML File Steal Other Files From Device
7-Eleven Japanese customers lose $500,000 due to mobile app flaw
Monero security flaw could’ve seen XMR stolen from cryptocurrency exchanges
IPFire Open-Source Linux Firewall Now Patched Against SACK Panic Vulnerabilities
Researchers Poke Holes in Siemens Simatic S7 PLCs
Zoom Security Flaw Exposes Webcam Hijack Risk -- Change Settings Now
Tenable Research Discloses Critical Vulnerability in Siemens STEP 7 (CVE-2019-10915)
Several Siemens Devices Affected by Intel MDS Vulnerabilities
Unpatched Prototype Pollution Flaw Affects All Versions of Popular Lodash Library
Logitech Unifying Receivers Vulnerable to Key Injection Attacks
Decoding the Icegram Persistent Cross-Site Scripting
Windows zero-day CVE-2019-1132 exploited in targeted attacks
Flaw in Rockwell PanelView Allows Root-Level Access to Devices
Bug in Anesthesia Machines Allows Changing Gas Mix Levels
Crooks Used SQL Injections to Hack Drupal Sites and Install Fake Ransomware
Recent Windows zero-day used by Buhtrap gang for cyber-espionage
Researchers Break Into AMD's Secure Encrypted Virtualization Technology With Minor Effort
USBCreator D-Bus Privilege Escalation in Ubuntu Desktop
This Flaw Could Have Allowed Hackers to Hack Any Instagram Account Within 10 Minutes
Researchers Disclose WhatsApp and Telegram Exploit That Gives Hackers Access to Personal Media
Zoom’s video conferencing security flaw also applies to RingCentral and Zhumu
iOS 13 Bug Allows Easy Access to All Passwords of the User
Critical WordPress Plugin Flaw Leaves 200,000 Sites at Risk
Zoom RCE only hit those who uninstalled it: Assetnote
Bluetooth Vulnerability Could Allow iOS and macOS Devices Be Tracked and Identified
Vulnerability Allows Hackers to Take Control of Drupal 8 Websites
RDP Bug Takes New Approach to Host Compromise
Bug in NVIDIA’s Tegra Chipset Opens Door to Malicious Code Execution
Hackers Exploit Recent WordPress Plugin Bugs for Malvertising
ProFTPD Remote Code Execution Bug Exposes Over 1 Million Servers
Several Vulnerabilities Found in Comodo Antivirus
Critical RCE Flaw in Palo Alto Gateways Hits Large Companies Including Uber
VLC Player Critical Security Does Not Affect Macs
Windows zero-days don't usually work against the latest OS version
Flaws in widely used corporate VPNs put company secrets at risk
13 vulnerabilities disclosed in U-Boot loader
Android vulnerability lets hackers hijack your phone with malicious videos
Vulnerabilities Found in Mitsubishi Inverter Engineering Software
Bishop Fox Researchers Discover High-Risk Vulnerability in InterSystems Application
Microsoft Office 365 Webmail Exposes User's IP Address in Emails
Warning As Google Falls Victim To Critical Security Issue On LinkedIn Jobs Pages
Urgent11 Security Flaws Impact Routers, Printers, SCADA, and IoT Devices
Authenticated XSS Found in WordPress Plugin Facebook Widget
Apple's AWDL protocol plagued by flaws that enable tracking and MitM attacks
OXID eShop Used by Mercedes Fixes Remote Takeover Security Bug
US Issues Hacking Security Alert for Small Planes
Critical Vulnerabilities Found in Prima FlexAir Access Control System
Scams
Dubai Police: Over 800 bank fraud cases in three years
Hackers target real estate agent emails in growing loan scam
FBI Releases Warning on Sextortion Scams Targeting Teenagers
Instagram scams now include fake 'verification'
Over $800,000 Stolen by Scammers in Atlanta Area City BEC Fraud
Billionaire Richard Branson: Scammers are pretending to be me to steal your money
Social media used by fraudsters to advertise benefit scam
An Amazon Phishing Scam Hits Just in Time For Prime Day
New Zealand: Fake Inland Revenue tax refund email doing the rounds
Scammers impersonating vicars to gain people's bank details, GCHQ warns
Nigerian scammers slide into DMs, so Ars trolls them
New 'US State Police' Extortion Scam Includes Contact Numbers
Hydro-Québec warns customers about fraudsters using the company's name
Australia: Government agency sends out sextortion alert
PSNI warning public over scam attempts
Beware phony gift card email scams: Here's why attackers love using them
Equifax settlement claims: The FTC says watch out for fake websites trying to scam you
Patches
Google Releases July 2019's Android Security Patch to Fix over 30 Security Flaws
IBM Patches Critical, High-Severity Flaws in Spectrum Protect
Magento Patches Flaws Leading to Site Takeover
Critical Warning Issued Regarding 10 Million Samsung Phone Updates
Tor Project to fix bug used for DDoS attacks on Onion sites for years
Adobe Fixes Low Priority Flaws With July 2019 Patch Tuesday Updates
Cisco delivers Patch Tuesday warmup with bundle of 18 bug fixes
Microsoft Windows Users Warned to Critically Update their Computers or Risk 'WannaCry 2.0'
Microsoft July 2019 Patch Tuesday fixes zero-day exploited by Russian hackers
Intel Patches High-Severity Flaw in Processor Diagnostic Tool
Critical SAP Vulnerability in Diagnostic Agent Patched
Jira Server and Data Center Update Patches Critical Vulnerability
Mozilla's latest Firefox releases fix 21 bugs
Juniper Networks patches dozens of vulnerabilities
Cisco releases updates for DoS vulnerability
Oracle to Release Critical Patch Update
Google Fixes Security Bugs in Chrome
Patch Now: Iomega Storage Boxes Leave Millions of Files Open to the Internet
Microsoft Patches PowerShell Core Security Bug to Fix WDAC Bypass
Apple fixes Watch bug that let someone eavesdrop on your conversation
Windows 10: Latest update squashes two dozen bugs, delivers fixes for Office and IE
Apple patches bugs in four operating systems, Safari browser
Canonical Outs New Linux Kernel Security Updates for Ubuntu 19.04 and 18.04 LTS
Debian Outs First Linux Kernel Security Update for Debian GNU/Linux 10 "Buster"
Telegram Rolls Out Fix for Voicemail Hack Used Against Brazilian Politicians