List of Data Breaches, Malware, Vulnerabilities, Scams, and Issued Patches in November 2018
C3YPT3OR • Dec 3, 2018
We use cookies to improve your experience. Do you accept?
C3YPT3OR • Dec 3, 2018
We are just one-month away from 2019 and as we start the countdown to a brand new year, let's not forget the major cyber threats and incidents that made an impact in the cybersecurity world in the month of November.
The month witnessed the discovery of several new ransomware such as XUY, Argus, DATAWAIT, BlackHat and C3YPT3OR. New variants of prominent malware like Stuxnet, TrickBot and Azorult were also found targeting processes, networks and systems of several organizations.
In the vulnerabilities section, seven new Spectre and Meltdown variants affecting AMD, ARM and Intel CPUs were discovered by academic researchers. Two new flaws dubbed as ‘BleedingBit flaw’ - that could allow attackers to install malicious firmware and gain access to the console port - was uncovered in Bluetooth Low Energy chips. Another new Bluetooth flaw dubbed as CarsBlues was found affecting millions of vehicles and this could allow attackers to steal Personally Identifiable Information (PII) of drivers.
Talking about breaches, an ElasticSearch server exposed 73 GB of data belonging to about 57 million US citizens. The leaked information included first name, last name, employer ID, job title, email address, physical address, state, ZIP code and other sensitive data of residents.
Scammers were observed using simple social engineering techniques to fool both individuals & organizations and steal crucial data. In one such event, fraudsters managed to steal $21.5 million from European-based cinema chain Pathé via phishing email.
Microsoft released security patches to address several issues such as a Windows zero-day exploit, a remote code execution flaw in Outlook 2010 and a Flash Player vulnerability in Windows 10.
Here’s a detailed list of all the breaches, malware, vulnerabilities, scams and patches that were reported in November.
Breaches
Nigerian airline Arik Air may have leaked customer data
Social Security Numbers, PII Stolen in NorthBay Healthcare Data Breach
Austal says hacker steals some data at its Australia business
Players affected as online game ‘Final Fantasy XIV’ hit by ‘unprecedented’ cyberattacks
Private messages from 81,000 hacked Facebook accounts for sale
Cyber attack exposes sensitive data about a nuclear power plant in France
Chicago, Galloway Township (N.J.) schools hit with cyberattacks
Four million Aussies were affected in Under Armour data breach
HSBC Bank Breached Again, Suspends Online Access to Affected Accounts
Hackers breach StatCounter to hijack Bitcoin transactions on Gate.io exchange
Cryptojacking Attack Forces Canadian University to Shut Down Entire Network
AMEX blunder left thousands of Indian customers’ personal info unsecured
Cambodia's ISPs hit by some of the biggest DDoS attacks in the country's history
Canada Post leaked personal data, orders of thousands of cannabis smokers
Security breach at Nordstrom exposed sensitive employee data
Florida Department of Health data breach could affect Escambia, Santa Rosa patients
Huntsville Hospital in Alabama notifies job applicants of data breach
India: IRCTC wakes up after 2 years to fix its security bug
Cybercriminals Found Selling Over a Million Online Dating Profiles for Just $153
An IP Address Vulnerability Took Down Some Google Services for 1 Hour
Malaysian media group hit by ransomware attack: Report
21K Donors Had Their Personal Info Leaked Following Kars4Kids Data Breach
BEC scammers stole €19m from film company Pathé
Amarillo City workers PII compromised
Major security breach as hackers obtain people’s personal info from York council phone app
6,500+ sites deleted after Dark Web hosting provider Daniel’s Hosting hack
Business email compromise scam costs Pathé $21.5 million
OSIsoft Breached, All Domain Accounts, Emails, and Passwords Assumed Compromised
Amazon suffers data breach days before Black Friday
Facebook, Instagram, and WhatsApp Suffer an Outage
Email Addresses and Phone Numbers of More than 60 Million Users Exposed by USPS
Amazon's data breach to impact Indian customers, say experts
Brazil's largest professional association suffers massive data leak
Someone may have hacked Drake's 'Fortnite' account
Venmo lost millions from fake payments this year
Ransomware Attack Forced Ohio Hospital System to Divert ER Patients
Urban Massage exposed a huge customer database, including sensitive comments on its clients
Atrium Health Patient Database Breached; 2.65 Million Patients Impacted
Elasticsearch server exposed the personal data of over 57 million US citizens
Dell.com resets all customer passwords after cyber attack
Dunkin' Donuts accounts may have been hacked in credential stuffing attack
Marriott says data breach compromised info of up to 500 million guests
CommBank Brandjacked In Phishing Email Scam
Moscow's new cable car closed by cyberattack
Malware
CamuBot Banking Malware Stands out for Its Ability to Bypass Biometric Authentication
Report: New Stuxnet Variant Strikes Iran
Perl-Based Shellbot Looks to Target Organizations via C&C
Cyberespionage group uses popular messenger’s brand for targeted attacks
Thousands of Android Users Infected With Banking Malware From 29 Bogus Apps
Trickbot Shows Off New Trick: Password Grabber Module
0x20k of Ghost Squad Hackers Releases ODay Exploit Targeting Apache Hadoop
Researchers find Stuxnet, Mirai, WannaCry lurking in industrial USB drives
New techniques expose your browsing history to attackers
Giant ransomware bundle threatens to make malware attacks easier for crooks
LoJax: the malware that can survive operating systems being reinstalled
Xnore spyware app's poor security lets you see other customers' texts and call logs
Spam campaign targets Exodus Mac Users
Google Play app caught phishing for cryptocurrency exchange login details
New Ransomware using DiskCryptor With Custom Ransom Message
Two botnets are fighting over control of thousands of unsecured Android devices
Inside SearchPageInstaller: macOS Malware Deploys a MITM Attack
Threat Actors Combine Windows Utilities in Malware Campaign Targeting Users in Brazil
U-Boot's Trusted Boot Validation Bypassed
Phishing extortion campaign using new, more effective methods
Microsoft Releases Info on Protecting BitLocker From DMA Attacks
Hackers hide cryptocurrency mining malware in Windows installation files
Chrome 71 Will Warn Users about Deceptive Mobile Billing Pages
Linux CryptoMiners Are Now Using Rootkits to Stay Hidden
Emotet distributed in a major new large-scale spam campaign
Linux Cryptocurrency miner leverages rootkit to avoid detection
Hide and Script: Inserted Malicious URLs within Office Documents’ Embedded Videos
New Cobalt Gang PDF Attack Avoids Traditional Static Analysis Tools
App Containing Trojan Stayed on Google Play For a Year
New Ransomware Strain Evades Detection by All but One Antivirus Engine
Pakistan military hit by Operation Shaheen malware
Using Machine Learning to Cluster Malicious Network Flows From Gh0st RAT Variants
Cryptojacking On The Rise: WebCobra Malware Uses Victims' Computers to Mine Cryptocurrency
Card skimming malware removed from Infowars online store
HookAds Malvertising Installing Malware via the Fallout Exploit Kit
Microsoft's super-secure Edge browser can be pwned eight different ways by a web page
Mylobot botnet delivers one-two punch with Khalesi malware
TrickBot takes over as top business threat
Understanding Evil Twin AP Attacks and How to Prevent Them
'DarkGate' miner, password-stealer could open up world of hurt for Windows users
This remote access trojan just popped up on malware's most wanted list
Four Fake Cryptocurrency Wallets Found on Google Play Store
Misconfigured Docker Services Actively Exploited in Cryptojacking Operation
tRat: New modular RAT appears in multiple email campaigns
Researchers spotted a new variant of the APT28 Lojax rootkitSecurity Affairs
The Week in Ransomware - November 16th 2018 - Mostly Small Variants Released
GandCrab: The most popular multi-million dollar ransomware of 2018
Hacking Gmail’s UX with from fields for phishing attacks
TrickBot Banking Trojan Starts Stealing Windows Problem History
500,000 Duped Into Downloading Android Malware Posing As Driving Games On Google Play
IRS Failed to Track 11,000 Breached Social Security Numbers for Tax Fraud
Malvertising in Apple Pay Targets iPhone Users
Ukraine detects new Pterodo backdoor malware, warns of Russian cyberattack
New Wine in Old Bottle: New Azorult Variant Found in FindMyName Campaign using Fallout Exploit Kit
Two Attack Campaigns Infect Brazilian Financial Institution Customers With Banking Trojans
13 Malware-Laden Fake Apps on Google Play
Mirai Evolves From IoT Devices to Linux Servers
Aurora / Zorro Ransomware Actively Being Distributed
How Dropbox's red team discovered an Apple zero-day exploit chain by accident
Rowhammer attacks can now bypass ECC memory protections
Ukrainian police arrest hacker who infected over 2,000 users with DarkComet RAT
Black Friday special by Emotet: Filling inboxes with infected XML macros
New Linux crypto-miner steals your root password and disables your antivirus
Very trivial Spotify phishing campaign uncovered by experts
Hacker backdoors popular JavaScript library to steal Bitcoin funds
Researchers Use Smart Bulb for Data Exfiltration
US iOS users targeted by massive malvertising campaign
Fake Voice Apps on Google Play, Botnet Likely in Development
8 Popular Android Apps Caught Up In Million-Dollar Ad Fraud Scheme
The SLoad Powershell malspam is expanding to Italy
DNSpionage Campaign Targets Middle East
The Looming Rise of AI-Powered Malware
macOS Spyware: The Dangers of a Fake CryptoWallet Keylogger
Android adware has plagued the Google Play Store in the past two months
Hackers are using leaked NSA hacking tools to quietly hijack thousands of computers
Proofs of Concept Abusing PowerShell Core: Caveats and Best Practices
Malicious developer creates wormable, fileless variant of njRAT
Hackers are opening SMB ports on routers so they can infect PCs with NSA malware
KingMiner malware hijacks the full power of Windows Server CPUs
Hackers are stealthily spreading brute-force Butter attack
New PowerShell-based Backdoor Found in Turkey, Strikingly Similar to MuddyWater Tools
Brand New Bag? TrickBot Malware Adds POS Data Collection Module
Vulnerabilities
Multiple Vulnerabilities in Yi Technology Home Camera
Security Code AutoFill Flaw Exposes iOS, macOS Users to Banking Fraud Attacks
Facebook Business accounts were vulnerable to being hijacked by anyone
A pair of new Bluetooth security flaws expose wireless access points to attack
PoC Exploit Compromises Microsoft Live Accounts via Subdomain Hijacking
Windows Defender Bug Needs a Restart, Not Shutdown, To Enable Sandbox
Mozilla exorcises five bugs on Halloween
Cisco zero-day exploited in the wild to crash and reload devices
Intel CPUs impacted by new PortSmash side-channel vulnerability
New Microsoft Edge Browser Zero-Day RCE Exploit in the Works
Critical 'Bleedingbit' flaws found in microcontrollers used by Wi-Fi access points
ICS Devices Vulnerable to Side-Channel Attacks: Researcher
Inception Attackers Target Europe with Year-old Office Vulnerability
Security researchers have busted the encryption in several popular Crucial and Samsung SSDs
IBM Watson will be used by NIST to assign CVSS scores to vulnerabilities
Online Radio Stations at Risk from Icecast Flaw
WordPress Design Flaw + WooCommerce Vulnerability Leads to Site Takeover
VirtualBox Zero-Day Vulnerability Details and Exploit Are Publicly Available
Microsoft, Google apps feature in the top 20 vulnerabilities in enterprise environments
Spammers hack 100,000 home routers via UPnP vulnerabilities to craft email-flinging botnet
Flaws in Roche Medical Devices Can Put Patients at Risk
Cisco Meeting Server Information Disclosure Vulnerability
IBM Network Performance Insight (CVE-2018-11771) - IBM PSIRT Blog
Researcher Bypasses Windows UAC by Spoofing Trusted Directory
The Intel Microcode Boot Loader Protects Older CPUs From Spectre
Researchers Unearth a 100,000-router botnet feeding on a 5-year-old UPnP bug in Broadcom chips
Another Facebook vulnerability could have exposed information about users and their friends
Unpatched Android OS Flaw Allows Adversaries to Track User Location
Adobe Fixes Acrobat and Reader Flaw With Publicly-Available PoC
GPUs are vulnerable to side-channel attacks
A new exploit for zero-day vulnerability CVE-2018-8589
Vulnerability in OpenSSL affects IBM Rational ClearCase (CVE-2018-0732)
7 New Meltdown and Spectre-type CPU Flaws Affect Intel, AMD, ARM CPUs
Vulnerability in OpenSSL affects IBM Rational ClearCase (CVE-2018-0732)
Multiple remote vulnerabilities in TP-Link TL-R600VPN
Infamous DirtyCOW is back in backdoor attack targeting Drupal Web Servers
3 New Code Execution Flaws Discovered in Atlantis Word Processor
German eID card system vulnerable to online identity spoofing
Bitcoin Cash ABC update exposes potentially catastrophic vulnerability
Hackers Exploit Flaw in GDPR Compliance Plugin for WordPress
Steam bug allowed unlimited free downloads
Apache Hadoop spins cracking code injection vulnerability YARN
Old Printer Vulnerabilities Die Hard
DoS Vulnerabilities Impact Linux Kernel
Siemens Warns of Linux, GNU Flaws in Controller Platform
Sennheiser’s flawed headphone software is a Trojan horse hackers could exploit
Sennheiser’s flawed headphone software is a Trojan horse hackers could exploit
Tenable Research Advisory: Zoom Unauthorized Command Execution (CVE-2018-15715)
Hackers can exploit this bug in surveillance cameras to tamper with footage
This is how Docker containers can be exploited to mine for cryptocurrency
Potential Privilege escalation vulnerability in WebSphere Application Server (CVE-2018-1840)
Scams
Scammers Target Fortnite Players
FBI Pittsburgh warns of Tree of Life Synagogue Shooting scams soliciting money and information
‘Aaron Smith’ Sextortion scam campaigns hit tens of thousands of individuals
New .republican and .democrat Domains Offer New Ways to Fake Out Voters
John Oliver promoted Vote411 to get out the vote. Then scammers made a fake version
Warning: Macau Scam operators have new targets, and they could be your parents
Watch Out for the "Programmer Who Cracked Your Email" Bitcoin Scam
Elon Musk Bitcoin Scammers Hijack Verified Status Accounts
Crooks Arrested After Stealing $80K Worth of Crypto Using Sim Swapping
Smishing: A New Security Threat The Targets Smartphones By Text Message
ATO spoofed: Scammers use cloned tax office phone number to trick victims
Scammers Use Facebook Sharer Page to Push Tech Support Scams
FBI Warns of Cyber Scammers Targeting Holiday Shoppers
IRS Issues Urgent Warning On Tax Transcript Scam
SIM-swapping 21-year-old scores $1 million by hijacking a phone
Beware 'Cyber Monday' deals on must-have toys, police warn shoppers
MoneyGram Warns Consumers to Stay Alert for Three Common Scams on Cyber Monday
Fraudsters changing contact details of banks on Google Maps to scam users
Watchdog issue warning over TV licence fraud after more than 2,500 complaints
New BEC Scams Take Advantage of the California Wildfires
Cyber-criminals invent a new “no talk” scam to trick you
Tech Support Scams Using Multiple Obfuscation Methods to Bypass Detection
Indian Police Break Up International Computer Virus Scam
Tech support scammers are using this new trick to bypass security software
Patches
It’s time to install the October Windows and Office patches — and maybe tweak your settings
Sauter Quickly Patches Flaw in Building Automation Software
Evernote for Windows patch resolves stored XSS vulnerability
Stop us if you've heard this one: Remote code hijacking flaw in Apache Struts, patch ASAP
How to Fix the BitLocker Hardware Encryption Bug in Windows 10
Several Vulnerabilities Patched in nginx
VMware Patches VM Escape Flaw Disclosed at Chinese Hacking Contest
Microsoft patches Windows zero-day used by multiple cyber-espionage groups
SAP Patches Critical Vulnerability in HANA Streaming Analytics
Siemens Releases 7 Advisories for SIMATIC, SCALANCE Vulnerabilities
Popular AMP Plugin for WordPress Patches Critical Flaw – Update Now
First beta of Red Hat Enterprise Linux 8 now available with security updates, new features
Privilege escalation bug patched in Accelerated Mobile Pages WordPress plug-in
Canonical Outs New Kernel Security Updates for All Supported Ubuntu Releases
Heads up: A ‘critical’ Win7/Server 2008 patch coming in February/March that’s really critical
Microsoft Releases Windows 10 Update KB4477029 to Fix Flash Player Vulnerability
Microsoft: Crash-causing Outlook 2010 security patches are now fixed
VMware issues critical security update for Workstation and Fusion products