Time to publish the second timeline of August, covering the
main cyber attacks occurred between the 16th and the 31st.
In this period, I have collected a total of 82 events (including 3 “intruders”
that occurred in the first half of the month but were not included in the
previous one), a number that is essentially in line with the previous timeline.
Probably the most important event of this fortnight is the discovery, made by researchers of Google’s Project Zero, of a chain of malicious websites serving exploits for 14 iOS vulnerabilities, deployed in the wild since September 2016, and purportedly targeting the Uyghur community in the Chinese Xinjiang state (well we are used to Android malware, aren’t we? And this fortnight is no exception).
The time of the mega
breaches never ends, and the unwelcome prize of this timeline goes to Hostinger,
where an attacker obtained an API Key and siphoned the information of up to
potentially 14 million users.
Ransomware confirms to be the plague of this 2019 and the number of targeted organizations (especially in the educational and healthcare sector) continues to increase.
Last but not least,
state-sponsored actors are always active, I have recorded 12 events related to
cyber espionage, whose majority has been carried out by the usual suspects
(China, North Korea, and Iran).
As usual the list is too long to summarize in few lines, and I don’t want to take too much of your time that you could better spend in browsing the timeline, so you have no choice but browse it all, and also share it to spread the concept of risk awareness across the community. Of course feel free to contribute, suggesting noticeable cyber events, and do not forget to follow @paulsparrows on Twitter, or even connect on Linkedin, for the latest updates.
wdt_ID
ID
Date
Author
Target
Description
Attack
Target Class
Attack Class
Country
Link
Tags
1
1
09/08/2019
?
Mid-Valley Behavioral Care Networks (BCN)
Nearly 11,000 Mid-Valley Behavioral Care Networks (BCN) are notified of a potential breach of their data, after a phishing attack on two employee email accounts.
Account Hijacking
Q Human health and social work activities
CC
US
Mid-Valley Behavioral Care Networks, BCN
2
2
12/08/2019
?
Government of Argentina
Hackers leak 700 GB of data obtained from the government of Argentina, including confidential documents, wiretaps and biometric information from the Argentine Federal Police, along with the personal data of police officers.
Unknown
O Public administration and defence, compulsory social security
H
AR
Argentina
3
3
15/08/2019
?
Spotsylvania County
Virginia State Police announces to have recovered part of the money ($600,000) stolen from Spotsylvania County in a phishing attack earlier in July.
Account Hijacking
O Public administration and defence, compulsory social security
CC
US
Spotsylvania County
4
4
16/08/2019
?
23 Texas Government Agencies
A coordinated ransomware attack takes down 23 Government Agencies across Texas.
Malware
O Public administration and defence, compulsory social security
CC
US
Texas, Ransomware
5
5
16/08/2019
?
Multiple Websites
A team of academics from all over the world find malicious scripts that intercept user clicks on 613 of today's most popular websites.
Malicious Script Injection
Y Multiple Industries
CC
>1
Clickjacking
6
6
16/08/2019
?
Android Users
Google removes 85 Android apps from the Google Play Store after researchers from Trend Micro find they were nothing more than adware posing as legitimate software.
Malware
X Individual
CC
>1
Google Trend Micro, Android
7
7
16/08/2019
?
Office 365 users
Microsoft security researchers discover an unusual phishing campaign which employs custom 404 error pages to trick potential victims into handing out their Microsoft credentials.
Account Hijacking
Y Multiple Industries
CC
>1
Microsoft, Office 365
8
8
16/08/2019
?
Michigan Medicine
Michigan Medicine notifies approximately 5,500 patients about a phishing email campaign that may have exposed some of their health information. The attack was discovered between July 9 and July 12.
Account Hijacking
Q Human health and social work activities
CC
US
Michigan Medicine
9
9
16/08/2019
?
Cable One
Cable One Inc. reveals that the compromise of 14 email accounts earlier this year could have affected the personal information of some current and former employees and their family members.
Account Hijacking
J Information and communication
CC
US
Cable One
10
10
17/08/2019
?
Tivoli (My Tivoli)
Tivoli, the popular amusement park in Denmark, reveals that its website was compromised early August and up to a thousand guests had their personal information stolen.
