And after the first one, I can finally publish the second timeline of September covering the main cyber attacks occurred in the second fortnight. In this timeline I have collected a total of 77 events (including 3 that happened in the first part of the month but were included in this timeline because of the time of publication.
What do we want to start from, mega breaches or ransomware? Unfortunately in both cases the timeline is rich of noticeable examples. Ransomware continues to target government organizations, healthcare (in case of Wood Ranch Medical, the company was forced out of business), schools and large manufacturers such as Demant, one of the world’s largest manufacturers of hearing aids that expects to incur losses of up to $95 million as a consequence of the attack, but also Rheinmetall Automotive and Defence Construction Canada.
In terms of mega breaches, the main event of this timeline is the breach suffered by Zynga with more than 218 million records allegedly compromised by an old acquaintance like Gnosticplayers. Other massive breaches include a trove of Brazilian citizens leaked on underground forums (92 million), Lumin PDF (24.3 million), and DoorDash (4.9 million).
The list of cyber espionage campaigns include events carried out by APT10, APT28, Poison Carp, the Tortoiseshell Group against 11 IT providers primarily based in Saudi Arabia (a supply chain attack), and the discovery of on operation targeting Airbus, even in this case via the supply chain.
For the complete list, feel free to browse the entire timeline, and share it to spread the concept of risk awareness across the community. Of course feel free to contribute, suggesting noticeable cyber events, and do not forget to follow @paulsparrows on Twitter, or even connect on Linkedin, for the latest updates.
wdt_ID
ID
Date
Author
Target
Description
Attack
Target Class
Attack Class
Country
Link
Tags
1
1
11/09/2019
?
Travis Central Appraisal
The Travis Central Appraisal District is hit by a ransomware attack.
Malware
L Real estate activities
CC
US
Travis Central Appraisal
2
2
12/09/2019
?
Sarrell Dental
Sarrell Dental notifies almost 400,000 patients after a ransomware attack.
Malware
Q Human health and social work activities
CC
US
Sarrell Dental, ransomware
3
3
12/09/2019
?
Italian companies
A new campaign distributing SLoad (TH-163) is discovered targeting Italian companies.
Malware
Y Multiple Industries
CC
IT
Sload, TH-163
4
4
16/09/2019
?
Lumin PDF
The details of over 24.3 million Lumin PDF users have been shared today on a hacking forum
Exposed MongoDB
M Professional scientific and technical activities
CC
NZ
Lumin PDF
5
5
16/09/2019
?
Users in multiple countries
A new Emotet campaign is detected, targeting Germany, the United Kingdom, Poland, and Italy. The spam campaign also hit the USA, targeting both individuals, business, and government entities.
Malware
X Individual
CC
>1
Emotet
6
6
16/09/2019
?
Nicole Scherzinger Instagram account
The Instagram account of singer-songwriter Nicole Scherzinger is hacked.
Account Hijacking
X Individual
CC
US
Instagram, Nicole Scherzinger
7
7
16/09/2019
?
Yanet García Instagram account
The Instagram account of Yanet García is hacked.
Account Hijacking
X Individual
CC
US
Instagram, Yanet García
8
8
16/09/2019
?
Taxpayers in the U.S.
Researchers from Cofense discover a phishing campaign delivering the Amadey botnet malware to taxpayers in the U.S. through fake income tax refund emails.
Malware
X Individual
CC
US
Cofense, Amadey
9
9
16/09/2019
?
Linux servers
Researchers from Trend Micro discover a new Linux cryptocurrency miner, dubbed Skidmap, that leverages kernel-mode rootkits to evade the detection.
Malware
Y Multiple Industries
CC
>1
Trend Micro, Linux, Skidmap, Crypto
10
10
16/09/2019
?
Facebook users in Iraq
Facebook takes down hundreds of Facebook and Instagram pages and accounts after a campaign was discovered attempting to influence user behavior in Iraq.
Fake Social Network Accounts
O Public administration and defence, compulsory social security
