Scroll Top

The Latest 28 Security breaches Worldwide – Week 17, 2019


28 Security breaches Worldwide – Week 17, 2019

Be informed about the latest 28 Security breaches Worldwide, identified and reported publicly during Week 17, 2019. As these security-related breaches have a severe negative impact on any business, consider a security AUDIT to prevent any similar cases.

  • A popular WiFi locator app did more than just find hotspots.

  • Here is a description of a new supply chain attack dubbed Operation ShadowHammer.

  • A SQL injection attack has been discovered in a popular query tool from Laravel.
    • The injection happens through the interaction of JSON and SQL command parsing. The software is patched with either v.1.16.1 or v.1.17.1, and users should upgrade. Serious SQL Injection vulnerability in laravel-query-builder

  • The website received a phish back in July last year that eventually triggered a breach this past February.
    • The company has more than a million members along with an e-commerce site. It acknowledged the leak of private customer data, although not any payment card numbers were divulged. All users’ passwords have been subsequently reset. DATA INCIDENT

  • The source code of the Carbanak malware has been available on VirusTotal for the past two years.
    • It was found only recently by researchers, and this week they begin taking apart the code and understanding the many complexities of how it works. The malware targeted banks and has successfully been used to steal more than $1B over time. This post is the first of a multi-part series. CARBANAK Week Part One: A Rare Occurrence

  • The UK’s main cybersecurity agency has published a list of the top breached passwords.

  • Malware is getting more customized.
    • Researchers have found odd executable formats that will only work with specific scripts and are usually ignored by scanners. It is called Ocean Lotus and from the Vietnamese hacking group APT32. It has some very creative obfuscation techniques. “Funky malware format” found in Ocean Lotus sample

  • A researcher has found a bug in a Shopify API call that could be used for leaking transaction data.

  • Researchers have found more than 60M LinkedIn user records on a series of public databases.

  • The hacker who accidentally stopped the spread of WannaCry has pled guilty to creating earlier banking malware.


Protect your WordPress: BEFORE IT’S TOO LATE! You will also protect your customers, your reputation and your online business!

Discover trending and viral stories about Security breaches Worldwide. The remaining Security breaches made news headlines. All these happened just in last week.

  • The Stuxnet story continues to unwind.

  • This post explains how affiliate marketing scams work.

  • This post is a good primer (i.e., suitable for management) about what is credential stuffing and how hackers pull off these sorts of exploits.

  • The lineup of Black Hat briefings has been announced.
    • They include explanations of the NSA’s Ghidra open source toolkit, desynch HTTP attacks, and a history of Project Zero. As usual, it will be held in Vegas the first week of August. Black Hat USA

  • Oracle WebLogic has a nasty remote code execution bug that affects all versions of the software.
    • The issue has to do with components that support specific operations and it could apply to more than 36,000 active users. It is a zero-day fault. To fix this, you will want to delete particular files that are at risk and set up appropriate access controls. The company is working on a patch. Oracle WebLogic Deserialization RCE Vulnerability (0day) Alert

  • The Qbot banking Trojan continues to infect victims and was spotted last month.

  • The Euro manufacturing firm Aebi Schmid was hit by ransomware recently.

  • Hackers are increasingly using public cloud services to store their payloads and exfiltrate data from their victims.

  • Various government finance agencies around the world have been hit with rigged versions of the TeamViewer app along with malicious Excel spreadsheets for at least the past year.
    • Recently, Check Point researchers spotted a targeted attack against officials within government finance authorities and representatives in several embassies in Europe. The attack, which starts with a malicious attachment disguised as a top secret US document, weaponizes TeamViewer, the popular remote access and desktop sharing software, to gain full control of the infected computer. FINTEAM: Trojanized TeamViewer Against Government Targets

  • DDoS attacks are lasting longer with higher peak rates and overall volumes than ever before.

  • The ecommerce site for the Atlanta basketball Hawks was hit with the Magecart malware this week.
    • It was found by a researcher and observed to be stealing names, addresses and credit card numbers of fans of the team. He continues to find at least 50 new instances of the malware daily, thanks to a custom search tool that he wrote. ATLANTA HAWKS SNIPED BY MAGECART

  • The OilRig APT group, the threat actor behind the DNSpionage malware campaign, has rolled out a new variant called Karkoff.
    • The malware looks for Avira and Avast AV before infecting the machine with a better RAT tool that is written in .Net and runs a backdoor service. It also creates a log file, making it easier to analyze its timeline. DNSpionage brings out the Karkoff

  • RATs have been found targeting finserv companies.
    • They are attributed to TA505, a Russian state-sponsored group. They start with phishing emails with malicious document attachments. New Tech: Digital Risk Protection, Q2 2018 (pdf)



Get Healthy, Stay Healthy: A healthier online business starts today and it begins with you!

Do you have any concerns with Security breaches? Leave your thoughts in the comments below!

Related Posts