Last Updated on September 10, 2019

After the Summer break, it’s time to publish the second timeline of July (first part here), covering the main cyber attacks occurred in the second fortnight of the this month. I know I am a little behind schedule, but it really looks like that crooks are relentless, especially during Summer, so the timelines are getting longer and longer and I need more time to compile them: as a matter of fact in this table I have collected 98 events, a sharp increase in comparison with the previous months.

Ransomware is dead, long live ransomware! This is the first comment that came to my mind after looking at the final timeline: ransomware infecton are becoming more and more widespread and damaging: nearly 250,000 people have left without power after the attack targeting City Power in South Africa. And it doesn’t end here: the list of victims is quite long and includes a cloud service provider (iNSYNQ), a museum, a ministry, and numerous schools and local institutions in the US and not only.

98 attacks are really hard to summarize so I encourage you to scroll the entire list, share it and spread the word of security awareness. Of course feel free to contribute, suggesting noticeable cyber events, and do not forget to follow @paulsparrows on Twitter, or even connect on Linkedin, for the latest updates.

wdt_IDIDDateAuthorTargetDescriptionAttackTarget ClassAttack ClassCountryLinkTags
1113/07/2019Ov1ru$SyTechA hacking group under the name 0v1ru$ breaches SyTech, a major FSB contractor, defaces the web site, manages to steal 7.5 terabytes of data, exposing secret FSB project to de-anonymize Tor browsing.UnknownM Professional scientific and technical activitiesHRUFSB, SyTech, Ov1ru$
2215/07/2019?Foodpanda SingaporeThe Foodpanda Singapore Instagram account is hacked.Account HijackingI Accommodation and food service activitiesCCSGFoodpanda Singapore, Instagram
3315/07/2019?Telegram UsersResearchers from Symantec discover an unofficial Telegram app, named MobonoGram 2019 (Android.Fakeyouwon) secretly loading malicious sites.MalwareX IndividualCC>1Symantec, Telegram, MobonoGram, Android.Fakeyouwon
4416/07/2019State-sponsored actorsJoshua WongGoogle warns Hong Kong activist Joshua Wong about government-backed hacking attempts.Account HijackingX IndividualCEHKGoogle, Hong Kong, Joshua Wong
5516/07/2019?SprintUS mobile network operator Sprint says hackers broke into an unknown number of customer accounts via the Samsung.com "add a line" website. The breach occurred on June 22.Account HijackingJ Information and communicationCCUSSprint, Samsung, Add a Line
6616/07/2019?iNSYNQiNSYNQ, a cloud computing provider of virtual desktop environments is down after its servers are infected with ransomware.MalwareJ Information and communicationCCUSiNSYNQ, ransomware
7716/07/2019?American Express usersResearchers from Cofense discover a new evasive phishing campaign targeting corporate and consumer cardholders from American Express.Account HijackingK Financial and insurance activitiesCC>1Cofense, American Express
8816/07/2019?Ricardo RossellóPuerto Rican governor Ricardo Rosselló’s private chat group messages are leaked on Telegram.UnknownO Public administration and defence, compulsory social securityHPRRicardo Rosselló, Telegram
9916/07/2019?University of AlabamaThe University of Alabama discovers a 2009 computer security incident involving a server for Brewer-Porch Children’s Center. The server was accessed by outside hackers who got hold of 1,400 former clients, employees and medical providers.UnknownP EducationCCUSUniversity of Alabama
101017/07/2019Holmium and Mercury (Iran), Thallium (North Korea), Yttrium and Strontium (Russia)Multiple TargetsMicrosoft said that over the past year it notified nearly 10,000 users that they'd been targeted or compromised by nation-state hacking groups.Account HijackingY Multiple IndustriesCE>1Holmium and Mercury, Iran, Thallium, North Korea, Yttrium, Strontium, Russia
IDDateAuthorTargetDescriptionAttackTarget ClassAttack ClassCountryLinkTags

Leave a Reply

This site uses Akismet to reduce spam. Learn how your comment data is processed.