| 1 | 22/06/2018 | ? | Manitowoc County | Manitowoc County officials release more information about a data breach of a Manitowoc County email account in January, when an employee falls victim of a phishing attack. | Account Hijacking | P Education | CC | US |
| 2 | 26/06/2018 | ? | Linux-Based servers | Researchers from Trend Micro uncover a malware bot that infects Linux-based servers and connected devices with a cryptominer that appears to transfer funds to the operators of a Chinese money-making scam website. | Malware | Y Multiple Industries | CC | >1 |
| 3 | 29/06/2018 | ? | Klook Travel | Klook Travel informs its users about a data breach incident it suffered. The attackers exploited a malicious JS code associated with SOCIAPlus, a third-party tool integrated on the site. | Malicious JS | I Accommodation and food service activities | CC | HK |
| 4 | 29/06/2018 | ? | Hunt Regional Medical Center | Hunt Regional Medical Center notifies patients of a possible breach due to the hack of an employee email occurred on May 1st, 2018. | Account Hijacking | Q Human health and social work activities | CC | US |
| 5 | 01/07/2018 | ? | Trezor | The team behind the Trezor multi-cryptocurrency wallet service discovers a phishing attack against some of its users that took place over the weekend, carried on via DNS poisoning or BGP hijacking. | BGP Poisoning or DNS Hijacking | V Fintech | CC | CZ |
| 6 | 02/07/2018 | ? | Fortnum & Mason | Luxury retailer Fortnum & Mason is the latest big brand to be involved in a significant data breach after the company admits the details of around 23,000 competition and survey participants have been compromised in the wake of the Typeform breach. | Unknown | G Wholesale and retail trade | CC | UK |
| 7 | 02/07/2018 | ? | Whitbread | Whitbread’s online recruitment system has suffered a data breach, affecting a number of the company’s brands including Premier Inn, and the UK outlets of Costa Coffee. The breach is a consequence of the attack to PageUp. | Malware | I Accommodation and food service activities | CC | UK |
| 8 | 02/07/2018 | ? | Fortnite players | Tens of thousands of Fortnite users are infected by malware after downloading a fake cheating app. | Malware | X Individual | CC | >1 |
| 9 | 03/07/2018 | ? | Taiwan Democratic Progressive Party's (DPP) | The Democratic Progressive Party's (DPP) official website is defaced by Chinese hackers and the website is replaced with pictures and words reading "Chinese netizens are supporting Tsai Ing-wen to run for re-election" in simplified Chinese characters. | Defacement | S Other service activities | H | TW |
| 10 | 03/07/2018 | ? | Israeli Military | The Israeli military say it had uncovered a plot by Hamas militants to spy on soldiers by befriending them on social media and then luring them into downloading fake dating applications that gave Hamas access to their smartphones. | Account Hijacking | O Public administration and defence, compulsory social security | CE | IL |
| 11 | 03/07/2018 | ? | Domain Factory | German hosting provider Domain Factory experiences a data breach which has exposed customer data. After an unknown threat actor posts claims that suggest they had managed to compromise the firm's systems and access information, the company launches an investigation and finds the claims to be true and says that customer data "was accessed by an outside party without authorization" on 28 January 2018. | Variant of the dirty cow vulnerability | J Information and communication | CC | DE |
| 12 | 03/07/2018 | Charming Kitten, Newscaster, or Newsbeef. | Single Individuals | ClearSky Security reveals that the malicious actor Charming Kitten, which the company previously exposed, built a phishing website impersonating the company and attempting to spear-phish people interested in reading reports. | Account Hijacking | X Individual | CC | >1 |
| 13 | 03/07/2018 | ? | Single Individuals | Researchers from Cisco Talos discover a new version of Smoke Loader, a malicious application that can be used to load other malware. | Malware | X Individual | CC | >1 |
| 14 | 03/07/2018 | ? | Single Individuals | Researchers at Malwarebytes reveal the details of an operation leveraging shortlinks and traffic distribution system to infect users and mine Monero using the CPN Miner. | Malware | X Individual | CC | >1 |
| 15 | 03/07/2018 | ? | Single Individuals | Researchers from Trend Micro uncover an unusual malicious macro-based malware campaign that modifies infected users' shortcut files so that they secretly download a backdoor program. | Malware | X Individual | CC | >1 |
| 16 | 05/07/2018 | ? | Yatra.com | Online travel booking website Yatra.com is compromised and attackers steal 5 Million user records that include email address & physical addresses, phone numbers & plain text passwords & PINs. The breach happened back in 2013, and it came to light now. | Unknown | I Accommodation and food service activities | CC | IN |
| 17 | 05/07/2018 | ? | MSK Group | MSK Group notifies patients of a data security incident that they discovered on May 7, due to an unauthorized access to certain parts of the network at times over several month. | Unknown | Q Human health and social work activities | CC | US |
| 18 | 06/07/2018 | Chinese Government | Australian National University | China-based hackers have successfully infiltrated the IT systems at the Australian National University, potentially compromising the home of Australia's leading national security college and key defence research projects. | Targeted Attack | P Education | CE | AU |
| 19 | 06/07/2018 | ? | CVE-2018-7600 Vulnerable servers | Researchers from Akamai reveal the details of DrupalGangster, yet another Monero-mining campaign based on XMRig and lukMiner exploiting the Drupalgeddon 2 vulnerability CVE-2018-7600. | Vulnerability (CVE-2018-7600) | Y Multiple Industries | CC | >1 |
| 20 | 06/07/2018 | ? | B&B Hospitality Group | B&B Hospitality Group (B&BHG) announces that it has identified and addressed a payment card security incident that affected nine restaurants in the New York metropolitan area. | PoS Malware | I Accommodation and food service activities | CC | US |
| 21 | 06/07/2018 | ? | VSDC | Research from Qihoo 360 Total Security reveal that hackers have breached the website of VSDC, a popular company that provides free audio and video conversion and editing software. Three different incidents have been recorded during which hackers changed the download links on the VSDC website with links that initiated downloads from servers operated by the attackers. | Malicious Link | J Information and communication | CC | NZ |
| 22 | 06/07/2018 | ? | Lake Oswego School District | Lake Oswego School District warns students about a phishing email after the District Twitter account and an employee email accounts are hacked. | Account Hijacking | P Education | CC | US |
| 23 | 07/07/2018 | ? | Blizzard Entertainment | Blizzard Entertainment is hit by a DDoS attack. Players of Overwatch, Heroes of the Storm, and World of Warcraft are affected. | DDoS | R Arts entertainment and recreation | CC | US |
| 24 | 08/07/2018 | ? | Timehop | Timehop discloses a security breach that has compromised the personal data of 21 million users (essentially its entire user base). Around a fifth of the affected users have also had a phone number that was attached to their account breached in the attack. The breach was discovered on July 4, while the attack was in progress. | Account Hijacking | J Information and communication | CC | US |
| 25 | 08/07/2018 | Gaza Cybergang APT | Institutions across the Middle East, specifically the Palestinian Authority. | Researchers from Check Point reveal the details of Big Bang, an operation carried on by the Gaza Cybergang APT against institutions across the Middle East, specifically the Palestinian Authority. | Targeted Attack | Y Multiple Industries | CE | PS |
| 26 | 09/07/2018 | ? | Bancor | Token creation platform Bancor goes offline following a "security breach" that sees the platform lose millions of dollars worth of cryptocurrency. The company lost roughly $13.5 million in the hack and the value of the coin loses quickly 20%. The breach was carried on via the compromise of the free VPN service Hola. | Account Hijacking | V Fintech | CC | CH |
| 27 | 09/07/2018 | ? | Gas Station in Detroit | Police in Detroit are looking into an apparent hack at a gas station that allowed people to steal more than 600 gallons of gas, valued at over $1,800. Authorities believe the thieves used some sort of remote device to take control of the pump. At least 10 cars filled up for free during that time. | Remote Device? | H Transportation and storage | CC | US |
| 28 | 09/07/2018 | ? | Macy's Inc. | Macy's Inc. warns customers that hackers compromised the login information of some users of the retailer's websites. The suspicious activity took place from April 26 to June 12. A third party obtained valid usernames and passwords through websites not related to macys.com or bloomingdales.com and used those to gain access to customers' accounts. | Account Hijacking | G Wholesale and retail trade | CC | US |
| 29 | 09/07/2018 | BlackTech | Multiple Targets | Researchers from ESET discover a new malware campaign misusing stolen digital certificates from D-Link Corporation and Changing Information Technology. Two different malware families that were misusing the stolen certificate – the Plead malware, a remotely controlled backdoor, and a related password stealer component, allegedly used by the cyberespionage group BlackTech. | Malware | Y Multiple Industries | CE | >1 |
| 30 | 09/07/2018 | Magecart APT | Inbenta Technologies | Researchers from RiskIQ reveal the real extension of the third-party breach that compromised the data of several Ticketmaster UK customers. More than 800 e-commerce sites were compromised. | Malicious Script Injection | N Administrative and support service activities | CC | ES |
| 31 | 10/07/2018 | ? | Arch Linux | Yet another Linux distribution compromised. This time it's up to Arch Linux, which has three downloadable software packages in the AUR, short for Arch User Repository, rebuilt to contain malware. | Malware | J Information and communication | CC | N/A |
| 32 | 10/07/2018 | TEMP.Periscope | Cambodia | Researchers from FireEye reveal a large scale operation from TEMP.Periscope, a Chinese cyber espionage group seeking to monitor the country’s upcoming and contentious July 29 national elections. | Targeted Attack | O Public administration and defence, compulsory social security | CE | KH |
| 33 | 10/07/2018 | ? | U.S. Air Force | Security Firm Recorded Future identifies an attempted sale of what is believed to be highly sensitive U.S. Air Force documents pertaining to the MQ-9 Reaper drone. The attack was carried on via the default FTP authentication credentials in Netgear routers. | Vulnerability in Netgear Routers | O Public administration and defence, compulsory social security | CC | US |
| 34 | 10/07/2018 | ? | Turkish Android users | Researchers from IBM X-Force discover a campaign distributing the Marcher (aka Marcher ExoBot) and BankBot Anubis mobile banking Trojans via malicious apps in Google Play. It’s believed that at least 10,000 people have downloaded the malware. | Malware | X Individual | CC | TR |
| 35 | 10/07/2018 | ? | Career and Technology Education Centers (C-TEC) | Career and Technology Education Centers (C-TEC) reveals it suffered a possible data breach earlier this year that could have exposed individuals' names and Social Security numbers. The breach happened on May 25 when an unauthorized person had access to a private file for several minutes. | Unknown | P Education | CC | US |
| 36 | 10/07/2018 | ? | Cass Regional Medical Center | Cass Regional Medical Center, a Missouri health care center, announces that they have been affected by an undisclosed ransomware. This incident affected their internal communications system and their electronic health record (EHR) system. | Malware | Q Human health and social work activities | CC | US |
| 37 | 11/07/2018 | ? | BP | BP emails about 60,000 people who applied for jobs in its retail stores since 2008 to notify them they could have had their personal information accessed by hackers. The company originally thought about 10,000 applicants' data had been breached. The breach is a consequence of the attack to PageUp. | Malware | D Electricity gas steam and air conditioning supply | CC | UK |
| 38 | 11/07/2018 | ? | Chlorine distillation plant in Ukraine | The Ukrainian Secret Service (SBU) reveals it stopped a cyber-attack with the VPNFilter malware on a chlorine distillation plant in the village of Aulska, in the Dnipropetrovsk region. The SBU accuses Russia of operating the malware and launching the attack. | Malware | D Electricity gas steam and air conditioning supply | CW | UA |
| 39 | 11/07/2018 | ? | Ammyy | Researchers from ESET reveal that on June 13 or 14, the Ammyy website was compromised to serve a malware-tainted version of this otherwise legitimate software bundling the Kasidet trojan. To add an interesting twist to the incident, the attackers tried to hide their malicious activity behind the brand of the ongoing FIFA World Cup. | Malware | J Information and communication | CC | US |
| 40 | 11/07/2018 | ? | Major International Airport | While researching underground hacker marketplaces, researchers from McAfee discover that access linked to security and building automation systems of a major international airport could be bought for only US$10. | Account Hijacking | H Transportation and storage | CC | US |
| 41 | 11/07/2018 | ? | Aviation ID Australia | Aviation ID Australia, the company that issues Aviation Security Identity Cards (ASICs) is hacked and notifies hundreds of people that their ASIC application information may have been stolen. | Unknown | N Administrative and support service activities | CC | AU |
| 42 | 12/07/2018 | ? | Single Individuals | A hacker gains access to a developer's npm account and injects malicious code into eslint-scope, a popular JavaScript library, sub-module of the more famous ESLint, a JavaScript code analysis toolkit. | Malware/Account Hijacking | X Individual | CC | >1 |
| 43 | 12/07/2018 | ? | 13 iPhones in India | Researchers from Cisco Talos identify an unprecedented highly targeted campaign against 13 iPhones which appears to be focused on India. The attacker deployed an open-source mobile device management (MDM) system to control enrolled devices. | Malicious MDM | X Individual | CC | IN |
| 44 | 12/07/2018 | ? | Samsung service centers in Italy | Security researchers from TG Soft discover an ongoing malware campaign targeting Samsung service centers in Italy leveraging the CVE-2017-11882 Office Equation Editor vulnerability. The campaign appears to be the counterparts of attacks that have previously targeted similar electronics service centers in Russia this year. | Targeted Attack | N Administrative and support service activities | CE | IT |
| 45 | 12/07/2018 | ? | Single Individuals | Researchers from Imperva pick up on a spike in SPAM activity directed at sites powered by WordPress, launched by a botnet, with linked sites offered betting services on 2018 FIFA World Cup matches. | Spambot | X Individual | CC | >1 |
| 46 | 12/07/2018 | ? | UMC Physicians (UMCP) | UMC Physicians (UMCP) notifies patients who may have been affected by a recent data breach. On May 18, the UMCP IT team discovered an employee’s email account was hacked on March 15, potentially compromising the personal health information of more than 18,000 patients. | Account Hijacking | Q Human health and social work activities | CC | US |
| 47 | 13/07/2018 | ? | Alive Hospice | Alive Hospice notifies patients whose personal and protected health information were in employee emails that were accessed by an unknown person or persons beginning on December 20, 2017 and again on April 5, 2018 after two employees fell prey to phishing attacks. The attacks were discovered on May 15, 2018. | Account Hijacking | Q Human health and social work activities | CC | US |
| 48 | 13/07/2018 | ? | Billings Clinic | Billings Clinic discloses a breach exposing details of 8,400 patients. The organization detected anomalous activity on one of the employees’ email accounts on May 14, 2018. The investigation revealed the account was compromised while the employee was traveling overseas. | Account Hijacking | Q Human health and social work activities | CC | US |
| 49 | 13/07/2018 | ? | Pennsylvania Department of Health | A government spokesman reveal that the Pennsylvania Department of Health’s birth certificate system was shut down for nearly a week last month after someone hacked into an internal website but did not take or alter citizens records. | Unknown | O Public administration and defence, compulsory social security | CC | US |
| 50 | 14/07/2018 | ? | LabCorp | LabCorp, one of the US largest medical diagnostics companies, investigates a security breach that could have put health records of millions of patients at risk. The company, in a filing with the Securities and Exchange Commission, says it detected “suspicious activities” on its network over the weekend of July 14 and “immediately took certain systems offline as part of its comprehensive response to contain the activity.” | Unknown | Q Human health and social work activities | CC | US |
| 51 | 14/07/2018 | Anonymous | Sant' Andrea Hospital | Hackers from the Anonymous leak the usernames and passwords from 12,000 employees, patients, contractors from the Sant' Andrea Hospital in italy. | SQLi | Q Human health and social work activities | H | IT |
| 52 | 15/07/2018 | ? | League of Legends Philippines' | League of Legends Philippines' confirms an unauthorized modification in their client lobby code resulting in the injection of the Coinhive Monero miner. | Malware | X Individual | CC | PH |
| 53 | 15/07/2018 | APT28 AKA Fancy Bear | Italian Military | Security researchers from the Z-Lab at CSE Cybersec reveal the details of Operation "Roman Holiday" an operation carried on by APT28 (AKA Fancy Bear) and targeting the Italian Military. | Targeted Attack | O Public administration and defence, compulsory social security | CE | IT |
