List of Data Breaches, Malware, Vulnerabilities, Scams, and Issued Patches in March 2018
March has witnessed a number of big data breaches, cyber incidents, emergence of new malware, disclosure of vulnerabilities and new scams targeting people from different sections of the society. The biggest names that grabbed headlines were Facebook - that suffered a data breach impacting at least 50 million people, Memcached based DDoS attack - the biggest and baddest of them all DDoS attacks, and disclosure by the U.S government authorities about a series of campaign run Russian hackers targeting critical infrastructure.
Amongst these, the malware cryptocurrency miners and ransomware continued to fight the battle for dominance with the former taking an edge. Other interesting malware discovered this month were Qrypter, CannibalRAT, ThreadKit and GoScanSSH. Several vulnerabilities with high severity were also disclosed. However, adequate patches were also released by the respective companies for protecting their customers.
The following is a consolidated report of all major data breaches, malware, vulnerabilities and scams reported in March, 2018.
Malware
New Malware Used in Attacks Aimed at Inter-Korean Affairs
Python-Written CannibalRAT Used in Targeted Attacks
Beware of Thanatos, the latest cyber-extortion scam
Sure, I’ll take that! New ComboJack Malware Alters Clipboards to Steal Cryptocurrency
Millions of Office 365 Accounts Hit with Password Stealers
Updated Avzhan DDoS bot spotted in Chinese drive-by attack
"Fakeapp" Android Malware Steals Facebook Credentials, Logs into Accounts
McAfee Uncovers Operation Honeybee, a Malicious Document Campaign Targeting Humanitarian Aid Groups
GandCrab Ransomware Version 2 Released With New .Crab Extension & Other Changes
Gozi ISFB Remains Active in 2018, Leverages “Dark Cloud” Botnet For Distribution
RedDrop malware runs up big bills on Android smartphones and spies on users
MIRUS malware infects html files with CoinHive scripts: Quick Heal
Coinminer Comes with a Process "Kill List" to Keep Competitors at Bay
Leaked source code for Ammyy Admin turned into FlawedAmmyy RAT
Qwerty Ransomware Utilizes GnuPG to Encrypt a Victims Files
New cryptojacking attack uses WannaCry exploit to mine on Windows servers
CCleaner Incident Investigation Reveals Possible Stage 3 Payload
Sophisticated False Flags Planted in Olympic Destroyer Malware
Memcached DDoS Attack: Kill Switch, New Details Disclosed
Qrypter RAT Hits Hundreds of Organizations Worldwide
"OceanLotus" Spies Use New Backdoor in Recent Attacks
Greedy cybercriminals host malware on GitHub
Middleboxes in Turkish telecom redirecting users to nation-state spyware
Hancitor: fileless attack with a DLL copy trick
Sigma Ransomware Being Distributed Using Fake Craigslist Malspam
Campaign Possibly Connected to “MuddyWater” Surfaces in the Middle East and Central Asia
China-Linked Spies Used New Malware in U.K. Government Attack
Slingshot malware that attacks routers may be state-sponsored espionage tool
Android Malware Intercepts Phone Calls to Connect Banking Users to Scammers
Zenis Ransomware Encrypts Your Data & Deletes Your BackupsCanonical Releases Malware attack on 400k PCs caused by backdoored BitTorrent app
RottenSys: 'Aggressive' malware found pre-installed on five million Android devices
POS malware evolves to target chip and PIN-protected cards
Meet the Scarlett Johansson PostgreSQL malware attack
GandCrab Ransomware Crooks take Agile Development Approach
New PoS Malware Pinkkite takes Flight
Hermes ransomware distributed to South Koreans via recent Flash zero-day
Cryptocurrency Miner Distributed via PHP Weathermap Vulnerability, Targets Linux Servers
Rapid 2.0 Ransomware Released, Will Not Encrypt Data on PCs with Russian Locale
The AVCrypt Ransomware Tries To Uninstall Your AV Software
SANNY Malware Delivery Method Updated in Recently Observed Attacks
GhostMiner Uses Fileless Techniques, Removes Other Miners, But Makes Only $200
Cryptocurrency mining malware uses five-year old vulnerability to mine Monero on Linux servers
TeleRAT, a new Android Trojan that uses Telegram for data exfiltration
TrickBot Banking Trojan Gets Screenlocker Component
'Fauxpersky' malware steals and sends passwords to an attacker's inbox
Panda Banker Zeros in on Japanese Targets
Hajime Botnet Makes a Comeback With Massive Scan for MikroTik Routers
Monero-Mining HiddenMiner Android Malware Can Potentially Cause Device Failure
Hackers spread password stealer malware from YouTube comment section
HiddnAd and Guerilla Adware Removed From the Google Play Store
GoScanSSH Malware Avoids Government and Military Servers
Crypter-as-a-Service Helps jRAT Fly Under The Radar
The DiskWriter or UselessDisk BootLocker May Be A Wiper
FinFisher exposed: A researcher’s tale of defeating traps, tricks, and complex virtual machines
Dark Caracal Points To Apt Actors Moving To Mobile Targets
Security Alert: Spam Campaign Spreads Adwind RAT variant, Targeting Computer Systems
Vulnerability
Bug In Hp Remote Management Tool Leaves Servers Open To Attack
Remotely Exploitable Flaws Patched in DHCP
Spectre haunts Intel's SGX defense: CPU flaws can be exploited to snoop on enclaves
Vulnerability Spotlight: Dovecot out-of-bounds Read Vulnerability
Old version of HPE Lights-Out server management contains DoS vulnerability
Security researchers identify new vulnerability affecting Pivotal Spring projects
LTE security holes could lead to fake emergency alerts
Researchers Bypassed Windows Password Locks With Cortana Voice Commands
Open-source Exim remote attack bug: 400,000 servers still vulnerable, patch now
After Oracle WebLogic miner attack, critical Apache Solr bug is now targeted
CIGslip Lets Attackers Bypass Microsoft Code Integrity Guard
Windows RDP flaw: 'Install Microsoft's patch, turn on your firewall'
Several privacy-busting bugs found in popular VPN services
Researchers find critical flaws in SecurEnvoy SecurMail, patch now!
AMD allegedly has its own Spectre-like security flaws
Researchers Discover Security Issue on Chrome RDP
Remotely Exploitable Vulnerability Discovered in MikroTik's RouterOS
CRLF Injection and HTTP Response Splitting Vulnerability
ManageEngine zero-day vulnerabilities impact three out of five Fortune 500's
Researcher demonstrates how vulnerable Ledger Nano S wallets are to hacking
Windows Remote Assistance Tool Can Be Used for Targeted Attacks
Pwn2Own competition flushes out five Apple bugs, four Microsoft flaws
Security flaws in dating app Grindr expose users' location data
macOS Vulnerability Reveals Passwords in Plain Text
Watering Hole Attack Exploits North Korea's Flash Flaw
Vulnerability in iOS camera QR code reader could direct users to malicious websites
Patches
Microsoft announces new updates to protect against Spectre and Meltdown attacks
Emerson Patches Severe Flaw in ControlWave Controllers
Google Patches 11 Critical Bugs In March Android Security Bulletin
Microsoft Releases KB4090913 Update to Fix Critical USB Driver Issue
Intel issues Meltdown/Spectre fixes for Ivy Bridge, Sandy Bridge as patch effort winds down
Cisco Patches Hard-coded Password in PCP Software
Chrome 65 update ready, contains 45 security fixes
SAP Patches Decade-Old Flaws With March 2018 Patches
Patch Tuesday: Adobe patches 7 critical flaws
Spectre/Meltdown Patches for Ubuntu 17.10 for Raspberry Pi 2
Microsoft stops pushing buggy Win7 patch KB 4088875, hopefully as a precursor to yanking it
Transport for NSW scrambles to patch servers missing fixes released in 2007
Siemens Patches Flaws in SIMATIC Controllers, Mobile Apps
Google is distributing more Meltdown and Spectre Patches for Chrome OS devices
Drupal Forewarns ‘highly Critical’ Bug To Be Patched Next Week
First OpenSSL Updates in 2018 Patch Three Flaws
Breaches
Marine Forces Data Leak: Highly Sensitive Info of over 21,000 Marines, Sailors and Civilians Exposed
Equifax discovers another 2.4 million customers hit by data breach
Five Threat Groups Target Industrial Systems: Dragos
GitHub hit with record 1.35-Tbps denial of service attack, more attacks expected
ShopRite pharmacy security breach affects 10K customers
Trustico compromises own customers' HTTPS private keys in spat with partner
Another Ransomware Variant Strikes CDOT Days after Initial Attack
Payment Card Breach Hits Some Applebee's Restaurants
NIS America hacked: Customer payment card data stolen, $5 off next purchase offered as apology gift
Danish mobile network failure hits 450,000 customers
Thieves heist 600 PCs built for digital coin mining in Iceland
123 Reg Backup Snafu Causes Clients to Lose Files Since August 2017
Russia’s Fancy Bear Hacks its Way Into Montenegro
50,000 WordPress Sites Infected with Cryptocurrency Mining Malware
Nike website flaw exposed sensitive server data
Fresno State data breach, 15,000 affected
Microsoft Stops Malware Campaign That Tried to Infect 400,000 Users in 12 Hours
Hidden Cobra Targets Turkish Financial Sector With New Bankshot Implant
Dutch Tax Auth. again targeted in cyber attack
Router-Hacking 'Slingshot' Spy Operation Compromised More Than 100 Targets
Cyber-Espionage Group Infects Victims Through MicroTik Routers
Data hack impacts thousands of Florida Virtual School Students
Hacking Attack Might Have Breached 135K Outpatient Center Records
HotSpot Shield, PureVPN & ZenMate found leaking users real IP addresses
Jewelry site accidentally leaks personal details (and plaintext passwords!) of 1.3M users
Shipping company staff's details stolen after emails secretly sent to external accounts
BJC Healthcare data breach, 33,000 affected
Dutch Data Protection Authority accidentally leaked its employees' data
Puerto Rico power utility hacked but customer data not at risk
Russian Hackers Attacked U.S. Aviation as Part of Breaches
National Lottery: 10 Million Players told to Change Passwords as Attackers Hit Online Accounts
Frost Bank announced it has suffered a data breach that exposed check images
Expedia's Orbitz says 880,000 payment cards hit in breach
Atlanta computer systems under siege in possible ransomware attack
Thousands of servers found leaking 750MB worth of passwords and keys
Bulgaria reveals two financial cyber attacks worth 5.2 mln USD
SAMBA Provides Notice Of Data Incident
Up to 8,000 customers affected by data breach at An Post
Stormont emails hit by cyber-attack
Cyber-attackers target Britain's anti-doping agency
Baltimore's 911 system Hacked?
Boeing confirms malware attack, downplays production impact
Unsecured N.Y. medical practice server exposes 42,000 records
Vanderbilt University researcher's claim breaches linked to patient deaths
Apparent attack by Russian hackers penetrated Germany’s foreign ministry
Google, PlayStation & NRA suffered DDoS attacks via Memcached servers
Monero Mining Malware Attack Linked to Egyptian Telecom Giant
Facebook Sued by Investors Over Voter-Profile Harvesting
Cambridge Analytica used self-destructing email to cover its tracks
Scams
Watch Out for This Clever Credit Card Scam
Scammers targeting Office 365 and DocuSign
Elon Musk targeted in crypto-cash scam
Phishing campaign found to be targeting humanitarian organisations
FBI Richmond Warns the Public of Scammers Using Spoofed Numbers
Fake Fortnite Mobile iOS Invites Being Pushed On Social Sites
Tech support scams using browser lockers rising
Cryptocurrency scammers run off with more than $2 million after ditching their investors
Yet again, Google tricked into serving scam Amazon ads
Scammers Are Using Fake IRS Sites To Steal Your Personal Info
Thieves steal millions of PC Optimum points, go on shopping sprees
Beware of scammers asking for bitcoin payouts this tax season: fraud watchdog