| 1 | 13/02/2018 | ? | US Taxpayers | The Internal Revenue Service warns taxpayers of a quickly growing scam involving erroneous tax refunds being deposited into their bank accounts. | Account Hijacking | X Individual | CC | US |
| 2 | 13/02/2018 | ? | City of Allentown | The city of Allentown is hit by the Emotet Trojan. The City believes that the cost of remediation is closeto$1 million. | Malware | O Public administration and defence, compulsory social security | CC | US |
| 3 | 13/02/2018 | ? | City of Savannah | The city of Savannah is in recovery mode after being hit by a malware attack when a city worker most likely opened a malicious email. | Malware | O Public administration and defence, compulsory social security | CC | US |
| 4 | 14/02/2018 | ? | poorly secured Linux servers | According to researchers from GoSecure, attacks are launching SSH brute-force attacks on poorly secured Linux servers to deploy a backdoor dubbed Chaos backdoor | Brute-Force | Y Multiple Industries | CC | >1 |
| 5 | 16/02/2018 | ? | Unnamed Russian Bank | The Russian Central Bank reveals that unknown hackers stole 339.5 million roubles ($6 million) from a Russian bank last year in an attack using the SWIFT international payments messaging system. | Unknown | K Financial and insurance activities | CC | RU |
| 6 | 16/02/2018 | ? | Snapchat Users | Details emerge on a phishing attack occurred on July 2017 able to score credentials for 50,000 Snapchat users. | Account Hijacking | X Individual | CC | >1 |
| 7 | 16/02/2018 | rmsrf | Roomsurf | Roomsurf notifies his users of a data breach in which the attacker has been able to obtain usernames, phone numbers, and email addresses. | Unknown | I Accommodation and food service activities | CC | US |
| 8 | 16/02/2018 | ? | Davidson County | The Davidson County computers are hit by an unspecified ransomware. | Malware | O Public administration and defence, compulsory social security | CC | US |
| 9 | 16/02/2018 | ? | Jemison Internal Medicine | Jemison Internal Medicine notifies 6,550 patients of a ransomware attack. However the investigation reveals that the systems had already been compromised. | Malware | Q Human health and social work activities | CC | US |
| 10 | 16/02/2018 | ? | Laufer Group International | Laufer Group International is the victim of a W-2 scam. | Account Hijacking | N Administrative and support service activities | CC | US |
| 11 | 16/02/2018 | ? | White and Bright Family Dental | White and Bright Family Dental notifies patients of a hack occurred on January 30 2018. | Unknown | Q Human health and social work activities | CC | US |
| 12 | 17/02/2018 | ? | Mac Users | Researchers from Digita Security warn users about the Coldroot remote access Trojan that is going undetected by AV engines since more than one year and targets MacOS computers. | Malware | X Individual | CC | >1 |
| 13 | 18/02/2018 | ? | India’s City Union Bank | India’s City Union Bank reveals that cyber criminals have been able to hack its systems and transfer nearly $2 million through three unauthorized remittances to lenders overseas via the SWIFT financial platform. | Unknown | K Financial and insurance activities | CC | IN |
| 14 | 18/02/2018 | Flight Sim Labs (FSLabs) | Microsoft Flight Simulator Players | Mod developer Flight Sim Labs (FSLabs) has been accused of embedding malware in its flight simulation add-ons to steal pirates' Chrome passwords. | Malware | X Individual | CC | >1 |
| 15 | 19/02/2018 | ? | Blac Chyna | American model and entrepreneur Blac Chyna falls victim of The Fappening, having intimate content posted online. | Account Hijacking | X Individual | CC | US |
| 16 | 20/02/2018 | ? | Tesla | Researchers at security firm RedLock say hackers accessed one of Tesla's Amazon cloud accounts and used it to run currency-mining software. The breach started with a Kubernetes console left exposed. | Account Hijacking | C Manufacturing | CC | US |
| 17 | 20/02/2018 | APT37 AKA Reaper | Multiple Targets | Security Firm FireEye reveals the details of a lesser-known North Korean cyberespionage group targeting Korean Peninsula, Japan, Vietnam and the Middle East in 2017. | Targeted Attack | Y Multiple Industries | CE | >1 |
| 18 | 20/02/2018 | ? | The Colorado Department of Transportation (CDOT) | CDOT is hit with a ransomware attack, attributed to SamSam, which forces the organization to shut down 2,000 computers. | Malware | O Public administration and defence, compulsory social security | CC | US |
| 19 | 20/02/2018 | ? | Los Angeles Times | Troy Mursch, a security researcher at Bad Packets Report, finds cryptojacking code hidden (based on Coinhive) on the Los Angeles Times’ interactive Homicide Report webpage. | Malicious Script Injection | J Information and communication | CC | US |
| 20 | 20/02/2018 | ? | HardwareZone (HWZ) Forum website | The HardwareZone (HWZ) Forum website is hacked and approximately 685,000 user profiles are affected. A senior moderator’s account has been compromised by an unidentified hacker, and used to access the user profiles since September 2017. | Account Hijacking | J Information and communication | CC | SG |
| 21 | 20/02/2018 | APT28 AKA Fancy Bear | Multiple Targets in Middle East and Asia | Researchers from Kaspersky Lab publish a new report highlighting a shift in the activities of the infamous APT28 from Nato and Ukraine to Middle East and Central Asia. | Targeted Attack | Y Multiple Industries | CE | >1 |
| 22 | 21/02/2018 | ? | Facebook Users | Researchers at Avast report a sophisticated campaign in which attackers use Facebook and Facebook messenger to trick users into installing a highly sophisticated Android spyware. The operation is dubbed Tempting Cedar. | Malware | X Individual | CC | >1 |
| 23 | 21/02/2018 | ? | SWIFT | IT security researchers at Comodo Labs discover a new phishing scam targeting SWIFT financial messaging service. The scam does not only aim at stealing banking credentials but also infects victims computers with the Adwind RAT. | Account Hijacking | K Financial and insurance activities | CC | >1 |
| 24 | 21/02/2018 | Attackers of likely Nigerian origin | Multiple Fortune 500 companies | Researchers from IBM X-Force uncover an active Business Email Compromise campaign targeting multiple Fortune 500 companies. | Account Hijacking | Y Multiple Industries | CC | >1 |
| 25 | 21/02/2018 | ? | IoT and networking equipment | Security researchers from Fortinet spot a new variant of the Mirai malware (dubbed Mirai OMG) that focuses on infecting IoT and networking equipment with the main purpose of turning these devices into a network of proxy servers used to relay malicious traffic. | Malware | Y Multiple Industries | CC | >1 |
| 26 | 21/02/2018 | ? | University of Virginia Health System (uvahealth.com) | The University of Virginia Health System notifies almost 2,000 patients that their health records may have been exposed when an unauthorized third party implanted malware on a staffer's computer active between May 2015 and December 2016. | Malware | Q Human health and social work activities | CC | US |
| 27 | 21/02/2018 | ? | ASCD | ASCD is the victim of a W-2 scam. | Account Hijacking | Q Human health and social work activities | CC | US |
| 28 | 22/02/2018 | ? | The Los Angeles Philharmonic | The Los Angeles Philharmonic falls victim to a cyberattack that results in the theft of W-2 information for everyone that worked there in 2017. The security beach happened as the result of a "spear phishing" attack. | Account Hijacking | R Arts entertainment and recreation | CC | US |
| 29 | 22/02/2018 | LulzSecITA | Matteo Salvini Blog | The Italian elections are approaching, so Hacktivists from the collective LulzSecITA hack the blog of Matteo Salvini, the leader of right-wind Italian party "La Lega" and dump 70,000 emails. | Unknown | S Other service activities | H | IT |
| 30 | 22/02/2018 | ? | University of Alaska | Dozens of current and former employees and students of the University of Alaska are unable to access their Alaska.edu accounts. According to the investigation, user passwords have been changed by a third party. | Account Hijacking | P Education | CC | US |
| 31 | 22/02/2018 | ? | Mobistealth | A hacker breaks into two consumer spyware companies, Mobistealth and Spy Master Pro and dumps a large cache of data. | Unknown | J Information and communication | CC | US |
| 32 | 22/02/2018 | ? | Spy Master Pro | A hacker breaks into two consumer spyware companies, Mobistealth and Spy Master Pro and dumps a large cache of data. | Unknown | J Information and communication | CC | US |
| 33 | 22/02/2018 | ? | Curtis Lumber | Curtis Lumber is the victim of a spear phishing attack | Account Hijacking | G Wholesale and retail trade | CC | US |
| 34 | 22/02/2018 | ? | Punjab National Bank (PNB) | 10,000 Credit Cards details from Punjab National Bank are leaked in the dark web. | Unknown | K Financial and insurance activities | CC | IN |
| 35 | 23/02/2018 | ? | About one dozen Connecticut government agencies | About one dozen Connecticut government agencies are hit with what one published report says is a WannaCry attack that knocks about 160 computers offline. | Malware | O Public administration and defence, compulsory social security | CC | US |
| 36 | 23/02/2018 | OilRig APT | An insurance agency and a financial institution in the Middle East | Researchers from Palo Alto Networks reveal that the Iran-linked OilRig APT group is now using a new Trojan called OopsIE in recent attacks against an insurance agency and a financial institution in the Middle East. | Targeted Attack | K Financial and insurance activities | CE | N/A |
| 37 | 23/02/2018 | ? | Chinese Websites | Researchers from Malwarebytes unveil the details of a drive-by attack targeting Chinese websites, and dropping an updated version of the Avzhan DDoS bot. | Malware | Y Multiple Industries | CC | CN |
| 38 | 23/02/2018 | ? | Children’s Aid Society of Oxford County Family and Children’s Services of Lanark, Leeds and Grenville | Two Ontario children’s aid societies are hit by Ransomware. | Malware | Q Human health and social work activities | CC | CA |
| 39 | 24/02/2018 | Anonymous | Matteo Salvini Facebook Page | And after the personal blog, hacktivists from Anonymous also deface Matteo Salvini's blog page. | Defacement | S Other service activities | H | IT |
| 40 | 24/02/2018 | ? | Teesside University | Students at Teesside University are warned about a possible email security breach and urged to reset their university password. | Unknown | P Education | CC | US |
| 41 | 24/02/2018 | ? | Wallace Community College Selma | Personal and financial information of current and former employees of Wallace Community College Selma is leaked through a phishing scam. | Account Hijacking | P Education | CC | US |
| 42 | 24/02/2018 | ? | Single Individuals | According to security researchers from Qihoo 360 Netlab, an advertising network is hiding in-browser cryptocurrency miners (cryptojacking scripts) in the ads it serves since December 2017. | Malicious Script Injection | X Individual | CC | >1 |
| 43 | 25/02/2017 | ? | Jorgie Porter | English actress and model Jorgie Porter is the latest victim of The Fappening hackers, who manage to steal her intimate pictures and videos and post them online. | Account Hijacking | X Individual | CC | UK |
| 44 | 25/02/2017 | Anonymous | Some Ohio State Websites | In name of #opUSA, hacktivists from the Anonymous collective take down some Ohio State websites. | DDoS | O Public administration and defence, compulsory social security | H | US |
| 45 | 25/02/2017 | ? | Inland Revenue Department | Thousands of Inland Revenue files are locked up after New Zealand’s tax department becomes the target of a Cryptolocker attack in November. | Malware | O Public administration and defence, compulsory social security | CC | NZ |
| 46 | 26/02/2017 | Deep Panda | Some UK think tanks | Crowdstrike reveals that some UK think tanks specializing in international security were hacked by China-based group 'Deep Panda' beginning in April 2017. | Targeted Attack | M Professional scientific and technical activities | CE | UK |
| 47 | 26/02/2017 | ? | Four British Schools | Hackers break into CCTV systems of at least four British schools and stream footage of pupils live on the internet. | Unknown | P Education | CC | UK |
| 48 | 26/02/2017 | ? | Porsche Japan | The Japanese arm of Porsche says more than 28,000 email addresses have been leaked via a hack. | Unknown | C Manufacturing | CC | JP |
| 49 | 26/02/2017 | ? | Vulnerable Oracle WebLogic Servers | Security researchers from Trend Micro uncover a new campaign, which involves hackers exploiting an Oracle server vulnerability (an Oracle WebLogic WLS-WSAT flaw CVE-2017-10271) to deliver two cryptominers: a 64-bit variant and a 32-bit variant of the XMRig Monero miner. | Malware | Y Multiple Industries | CC | >1 |
| 50 | 26/02/2017 | Hackers with connections to Iran | Unnamed Australian Universities | Australian universities have been targeted by hackers with connections to Iran in recent months, and "a number of investigations" are in progress, according to cybersecurity firm Crowdstrike. | Targeted Attack | P Education | CE | AU |
| 51 | 26/02/2017 | ? | Travel Corporation | Travel Corporation falls victim of a W-2 Scam. | Account Hijacking | R Arts entertainment and recreation | CC | US |
| 52 | 26/02/2017 | ? | U.S. Residents in 20 states | According to federal court documents, russian hackers operating in Colorado and 15 other states used data-mining viruses to steal thousands of credit card numbers from U.S. residents in 20 states and sold them on the darknet for more than $3.6 million. | Malware | X Individual | CC | US |
| 53 | 27/02/2018 | ? | Android Users | Security Firm Wandera reveals the details of RedDrop, a sophisticated strain of mobile malware targeting Android devices can extract sensitive data and audio recordings, run up premium SMS charges and then tries to extort money from victims. | Malware | X Individual | CC | >1 |
| 54 | 27/02/2018 | ? | Single Individuals | Researcher from cybersecurity firm Morphisec reveal the details of a new campaign carried on via spam messages delivering a malicious Word document. The document attempts to exploit an Adobe Flash Player bug (CVE-2018-4878) to let the attackers take control of the infected machines. | Malware | X Individual | CC | >1 |
| 55 | 27/02/2018 | ? | Wordpress, Joomla and CodeIgniter websites | Security researchers from SiteLock warn WordPress and Joomla admins of a sneaky new malware strain masquerading as legitimate ionCube files. The malware, dubbed ionCube Malware creates backdoors on vulnerable websites. The malware has been found on over 800 sites. | Malware | Y Multiple Industries | CC | >1 |
| 56 | 27/02/2018 | ? | Tim Hortons | A computer virus is suspected of crashing cash registers at over 1,000 Tim Hortons coffee and donuts fast food restaurants. | Malware | I Accommodation and food service activities | CC | CA |
| 57 | 27/02/2018 | ? | FastHealth | FastHealth reveals that in mid-August 2017, an unauthorized party gained access to their web server and obtained patient data. | Unknown | Q Human health and social work activities | CC | US |
| 58 | 28/02/2018 | ? | Financial Services Information Sharing and Analysis Center (FS-ISAC) | The Financial Services Information Sharing and Analysis Center (FS-ISAC), an industry forum for sharing data about critical cybersecurity threats facing the banking and finance industries, reveals that a successful phishing attack on one of its employees was used to launch additional phishing attacks against FS-ISAC members. | Account Hijacking | U Activities of extraterritorial organizations and bodies | CC | US |
| 59 | 28/02/2018 | APT28 AKA Fancy Bear | Various German government agencies | According to a report issued by the German news agency dpa, malicious actors from APT28 AKA Fancy Bear infiltrated several German government agencies for more than a year. | Targeted Attack | O Public administration and defence, compulsory social security | CE | DE |
| 60 | 28/02/2018 | APT28 AKA Fancy Bear | Undisclosed North American and European foreign ministry agency | And nearly in contemporary, researchers from Palo Alto Networks reveal that the same attackers from APT28 targeted a North American and European foreign ministry agency. | Targeted Attack | O Public administration and defence, compulsory social security | CE | N/A |
| 61 | 28/02/2018 | ? | GitHub | GitHub suvives the largest DDoS attack recorded (so far), reching a stunning 1.35 terabits/sec. leveraging memcached servers. | DDoS | J Information and communication | CC | US |
| 62 | 28/02/2018 | ? | Undiclosed Brazilian public sector management school. | Researchers from Cisco Talos identify two different versions of a RAT, dubbed CannibalRAT, written entirely in Python, impacting users of a Brazilian public sector management school. | Targeted Attack | P Education | CC | BR |
| 63 | 28/02/2018 | Chafer | Entities across the Middle East | Researchers from Symantec reveal the detalils of an Iranian hacking outfit, dubbed Chafer, previously focused on domestic surveillance, expanding its scope and cyber arsenal to target entities across the Middle East. | Targeted Attack | Y Multiple Industries | CC | >1 |
| 64 | 28/02/2018 | ? | Single Individuals | Researchers from Malwarebytes reveal the details of a malvertising campaign using decoy websites pushing cryptocurrencies and to redirect users to the RIG exploit kit. | Malvertising | X Individual | CC | >1 |
| 65 | 28/02/2018 | ? | rTorrent Client users | Researchers from F5 detect an attack actively exploiting the rTorrent client through a previously undisclosed misconfiguration vulnerability on XML-RPC for deploying a Monero (XMR) crypto-miner operation. | Malware | X Individual | CC | >1 |
| 66 | 28/02/2018 | ? | Single Individuals | A bulk breach dump is discovered totaling over 3.4 billion credentials. | Unknown | X Individual | CC | >1 |
