And here we go with the first timeline of October. In this fortnight I have collected 87 events, that is quite an important number. However what is strange, is that this timeline also collects six events occurred in September plus one (the Egyptian campaign uncovered by Amnesty International) in March (I know it’s my fault I completely missed it.
Curiously, this timeline contains two campaigns targeting the aviation industry: Turbine Panda, a massive operation against contractors allegedly aimed fill the technological gap of China in this sector, and Avivore, an additional campaign against European industries in the same sector. This are just the classical tip of the iceberg since there are multiple cyber espionage campaign in this timeline, with some old acquaintances such as Turla and APT35 AKA Charming Kitten and other actors like APT17, PKPLUG and Attor.
Ransomware continues to devastate hospitals local governments, end educational institutions. Only in Alabama and Australia ten hospitals have been hit and some of them forced to turn patients away. Other noticeable victims include Pilz, Pitney Bowes, TrialWorks, the city of Jerez de la Frontera in Spain and the Groupe M6 in France.
For the complete list, feel free to browse the entire timeline, and share it to support my work and spread the concept of risk awareness across the community. Of course feel free to contribute, suggesting noticeable cyber events, and do not forget to follow @paulsparrows on Twitter, or even connect on Linkedin, for the latest updates.
wdt_ID
ID
Date
Author
Target
Description
Attack
Target Class
Attack Class
Country
Link
Tags
1
1
06/03/2019
Egypt’s General Intelligence Service
Egyptian civil rights activists and journalists
Amnesty International discovers a wave of attacks, likely originated from government-backed bodies, starting from early January 2019 and targeting the email accounts of several Egyptian human rights defenders, media and civil society organizations
Account Hijacking
X Individual
CE
EG
Amnesty International
2
2
17/09/2019
?
Multiple targets
The Federal Bureau of Investigation (FBI) sends a security advisory to private industry partners about the rising threat of attacks against organizations and their employees that can bypass MFA.
Account Hijacking
Y Multiple Industries
CC
US
The US Federal Bureau of Investigation, FBI, MFA
3
3
17/09/2019
?
Kent State University
Kent State University announces over 3,000 student emails has been hacked the week before, as a result of credential harvesting.
Account Hijacking
P Education
CC
US
Kent State
4
4
25/09/2019
?
US, Italian, and Japanese users
Researchers from Confiant discover OSX/Tarmac, a new malware was distributed to macOS users via online malvertising campaigns.
Malware
X Individual
CC
US
IT
JP
Confiant, OSX/Tarmac, macOS
5
5
27/09/2019
?
Cancer Treatment Centers of America at Southeastern Regional Medical Center
Cancer Treatment Centers of America at Southeastern Regional Medical Center notifies of a phishing incident, potentially impacting 4,559 patients.
Account Hijacking
Q Human health and social work activities
CC
US
Cancer Treatment Centers of America at Southeastern Regional Medical Center
6
6
27/09/2019
?
Catholic Health Initiative (CHI) at Lakeside Hospital
The CHI Health clinic at Lakeside Hospital informs patients that their personal information may have been exposed during a ransomware incident, occurred Aug. 1.
Malware
Q Human health and social work activities
CC
US
Catholic Health Initiative, CHI, Lakeside Hospital, ransomware
7
7
30/09/2019
?
Bradford City Hall
Bradford City Hall suffers a ransomware attack.
Malware
O Public administration and defence, compulsory social security
CC
US
Bradford City Hall, ransomware
8
8
01/10/2019
?
US petroleum industry
Researchers from Netskope discover a campaign against the US petroleum industry carried out via a new Adwind Remote Access Trojan (RAT) variant.
Targeted Attack
D Electricity gas steam and air conditioning supply
CE
US
Netskope, Adwind
9
9
01/10/2019
?
DCH Regional Medical Center in Tuscaloosa
DCH Regional Medical Center in Tuscaloosa is paralyzed by a Ryuk ransomware attack and forced to turn away patients.
Malware
Q Human health and social work activities
CC
US
DCH Regional Medical Center, ransomware, Ryuk
10
10
01/10/2019
?
Voatz, West Virginia's mobile voting app
The FBI is investigating after someone allegedly tried to hack into Voatz, West Virginia's mobile voting app during the 2018 midterm elections.
Unknown
O Public administration and defence, compulsory social security