It’s time to publish the first timeline of September, covering the main cyber attacks occurred between September 1st and September 15th (plus some August events that were disclosed in September, so could not appear in the previous timeline).
I collected 51 entries for September alone. Easily predictable, the numbers are growing compared to August: crooks are back in business after the Summer break.
This fortnight has been characterized by the breach occurred to British Airways where 380,000 transactions were compromised Unfortunately the Magecart gang, the malicious actors behind this attack, were quite active in September: they also hit Feedify (and some more targets that will appear in the next timeline).
State-sponsored actors were also quite active in this period: Goblin Panda and APT10 (China), OilRig and Domestic Kitten (Iran), are only some of the malicious actors belonging to this category that appear in the timeline. But also organized crime kept the pace: FIN6 hit PoS Systems across the United States and Europe with malware, whereas the Cobalt gang was quite creative targeting bank customers in Russia and Romania, and unprotected MongoDB instances.
And, last but not least, Cryptovalues are always on the spot: attackers took advantage of two vulnerabilities in the EOS blockchain and made off with $24,000 from DEOSGames and $200,000 from EOSBet.
My advice is always the same: read the timeline from the top to the bottom (and share it!). And if you want, you may also have a look at the timelines of the main Cyber Attacks in 2011, 2012, 2013, 2014, 2015, 2016, 2017 and now 2018 (regularly updated… Hopefully!). And do not forget the Cyber Attack Statistics that are regularly published, and follow @paulsparrows on Twitter for the latest updates.
Last but not least, feel free to submit remarkable incidents that in your opinion deserve to be included in the timelines (and charts), and please notice that, starting from this month, it is possible to download the raw data directly from the tools above the table. You may always ask for the raw data, but please do not forget to include a short presentation and the purpose of the project. I am not supposed to accept requests without any details.
|wdt_ID||ID||Date||Author||Target||Description||Attack||Target Class||Attack Class||Country||Link||Tags|
|ID||Date||Author||Target||Description||Attack||Target Class||Attack Class||Country||Link||Tags|