It’s time to publish the second timeline of November, covering the main cyber attacks occurred between November 16 and November 30, plus a few events occurred in November that I missed in the previous timeline.
Autumn seems to be particularly inspiring for crooks, as the level of activity continues to be quite high (I collected 61 events in total, of which 57 happened in the second half of November): quite a long list of events, overshadowed by the massive breach occurred to the Marriott SPG Rewards program, that saw nearly 500 million records compromised since 2014 (and unsurprisingly the fingers are pointed to China). Other massive breaches in this period include: Atrium Health (data of 2.65 million patients compromised), Knuddles.de (1.8 million users compromised and one of the first examples of a fine under GDPR), and High Tail Hall (in this case “only” half a million subscribers had their data stolen).
Banks (in particular the Russian ones in November) are always an appealing target: in particular two groups (MoneyTaker and Silence) wer quite active against them.
In the meantime, state sponsored actors were equally quite active in this fortnight: APT29 was back after some months of silence, the Hades (the group behind the Olympic Destroyer malware) was also back, while APT28 confirms to be a constant threat, like APT32, the Lazarus Group, and MuddyWater.
And despite hacktivists haven’t confirmed the same rage of the first half of the month, there are many other interesting events to browse, so the timeline is at your disposal for a complete view of the threat landscape (and also share it!).
The timelines of the main Cyber Attacks in 2011, 2012, 2013, 2014, 2015, 2016, 2017 and now 2018 are also available, and do not forget the Cyber Attack Statistics, and follow @paulsparrows on Twitter for the latest updates.
|wdt_ID||ID||Date||Author||Target||Description||Attack||Target Class||Attack Class||Country||Link||Tags|
|ID||Date||Author||Target||Description||Attack||Target Class||Attack Class||Country||Link||Tags|