Here’s the first timeline of August, covering the main cyber attacks occurred in the first half of the eighth month of this troubled 2019. Even if we haven’t achieved the same level of July, the temperature of the infosec thermometer continues to be quite high, since in this timeline I have collected 77 events.
So, where do we start from? Probably from the mega breaches that have characterized this timeline, for example CafePress (a staggering number of 23 million accounts compromised), or StockX (6.8 million records stolen), or even the discovery of one million card details put on sale online in South Korea.
And if the mega breaches are the unwelcome novelty of this fortnight, ransomware continues to be on a roll, as a matter of fact it’s really impossible to enumerate the list of the victims in the public administration and healthcare space, and if that’s not enough, a new variant of the MegaCortex ransomware has been discovered with ransom demands as high as $5.8 million.
And while an attempt was detected to implant malware inside the AT&T network, social media continue to be the playground for misinformation campaigns, and this fortnight is no exception as two campaigns engaging in coordinated inauthentic behavior have been taken down by Facebook.
Last but not least this timeline also sports some remarkable cyber espionage events: maybe the most remarkable is the one targeting three US utilities in the US, but also APT28 is always on the spot with an original campaign abusing IoT devices. Other noticeable entries include Hexane (focused in the oil and gas industry in the Middle East), Machete (targeting the Venezuelan Army), and a new wave of attacks from Cloud Atlas.
As usual the list is too long to summarize in few lines, and I don’t want to take too much of your time that you could better spend in reading the timeline, so you have no choice but browse it all, and also share it to spread the concept of risk awareness across the community. Of course feel free to contribute, suggesting noticeable cyber events, and do not forget to follow @paulsparrows on Twitter, or even connect on Linkedin, for the latest updates.
|wdt_ID||ID||Date||Author||Target||Description||Attack||Target Class||Attack Class||Country||Link||Tags|
|ID||Date||Attack||Target Class||Attack Class||Country||Tags|