After the Summer break, it’s time to publish the second timeline of July (first part here), covering the main cyber attacks occurred in the second fortnight of the this month. I know I am a little behind schedule, but it really looks like that crooks are relentless, especially during Summer, so the timelines are getting longer and longer and I need more time to compile them: as a matter of fact in this table I have collected 98 events, a sharp increase in comparison with the previous months.
Ransomware is dead, long live ransomware! This is the first comment that came to my mind after looking at the final timeline: ransomware infecton are becoming more and more widespread and damaging: nearly 250,000 people have left without power after the attack targeting City Power in South Africa. And it doesn’t end here: the list of victims is quite long and includes a cloud service provider (iNSYNQ), a museum, a ministry, and numerous schools and local institutions in the US and not only.
98 attacks are really hard to summarize so I encourage you to scroll the entire list, share it and spread the word of security awareness. Of course feel free to contribute, suggesting noticeable cyber events, and do not forget to follow @paulsparrows on Twitter, or even connect on Linkedin, for the latest updates.
wdt_ID
ID
Date
Author
Target
Description
Attack
Target Class
Attack Class
Country
Link
Tags
1
1
13/07/2019
Ov1ru$
SyTech
A hacking group under the name 0v1ru$ breaches SyTech, a major FSB contractor, defaces the web site, manages to steal 7.5 terabytes of data, exposing secret FSB project to de-anonymize Tor browsing.
Unknown
M Professional scientific and technical activities
H
RU
FSB, SyTech, Ov1ru$
2
2
15/07/2019
?
Foodpanda Singapore
The Foodpanda Singapore Instagram account is hacked.
Account Hijacking
I Accommodation and food service activities
CC
SG
Foodpanda Singapore, Instagram
3
3
15/07/2019
?
Telegram Users
Researchers from Symantec discover an unofficial Telegram app, named MobonoGram 2019 (Android.Fakeyouwon) secretly loading malicious sites.
Google warns Hong Kong activist Joshua Wong about government-backed hacking attempts.
Account Hijacking
X Individual
CE
HK
Google, Hong Kong, Joshua Wong
5
5
16/07/2019
?
Sprint
US mobile network operator Sprint says hackers broke into an unknown number of customer accounts via the Samsung.com "add a line" website. The breach occurred on June 22.
Account Hijacking
J Information and communication
CC
US
Sprint, Samsung, Add a Line
6
6
16/07/2019
?
iNSYNQ
iNSYNQ, a cloud computing provider of virtual desktop environments is down after its servers are infected with ransomware.
Malware
J Information and communication
CC
US
iNSYNQ, ransomware
7
7
16/07/2019
?
American Express users
Researchers from Cofense discover a new evasive phishing campaign targeting corporate and consumer cardholders from American Express.
Account Hijacking
K Financial and insurance activities
CC
>1
Cofense, American Express
8
8
16/07/2019
?
Ricardo Rosselló
Puerto Rican governor Ricardo Rosselló’s private chat group messages are leaked on Telegram.
Unknown
O Public administration and defence, compulsory social security
H
PR
Ricardo Rosselló, Telegram
9
9
16/07/2019
?
University of Alabama
The University of Alabama discovers a 2009 computer security incident involving a server for Brewer-Porch Children’s Center. The server was accessed by outside hackers who got hold of 1,400 former clients, employees and medical providers.
Unknown
P Education
CC
US
University of Alabama
10
10
17/07/2019
Holmium and Mercury (Iran), Thallium (North Korea), Yttrium and Strontium (Russia)
Multiple Targets
Microsoft said that over the past year it notified nearly 10,000 users that they'd been targeted or compromised by nation-state hacking groups.
Account Hijacking
Y Multiple Industries
CE
>1
Holmium and Mercury, Iran, Thallium, North Korea, Yttrium, Strontium, Russia