1-15 October 2019 Cyber Attacks Timeline

And here we go with the first timeline of October. In this fortnight I have collected 87 events, that is quite an important number. However what is strange, is that this timeline also collects six events occurred in September plus one (the Egyptian campaign uncovered by Amnesty International) in March (I know it’s my fault I completely missed it.

Curiously, this timeline contains two campaigns targeting the aviation industry: Turbine Panda, a massive operation against contractors allegedly aimed fill the technological gap of China in this sector, and Avivore, an additional campaign against European industries in the same sector. This are just the classical tip of the iceberg since there are multiple cyber espionage campaign in this timeline, with some old acquaintances such as Turla and APT35 AKA Charming Kitten and other actors like APT17, PKPLUG and Attor.

Ransomware continues to devastate hospitals local governments, end educational institutions. Only in Alabama and Australia ten hospitals have been hit and some of them forced to turn patients away. Other noticeable victims include Pilz, Pitney Bowes, TrialWorks, the city of Jerez de la Frontera in Spain and the Groupe M6 in France.

For the complete list, feel free to browse the entire timeline, and share it to support my work and spread the concept of risk awareness across the community. Of course feel free to contribute, suggesting noticeable cyber events, and do not forget to follow @paulsparrows on Twitter, or even connect on Linkedin, for the latest updates.

wdt_ID ID Date Author Target Description Attack Target Class Attack Class Country Link Tags
1 1 06/03/2019 Egypt’s General Intelligence Service Egyptian civil rights activists and journalists Amnesty International discovers a wave of attacks, likely originated from government-backed bodies, starting from early January 2019 and targeting the email accounts of several Egyptian human rights defenders, media and civil society organizations Account Hijacking X Individual CE EG Amnesty International
2 2 17/09/2019 ? Multiple targets The Federal Bureau of Investigation (FBI) sends a security advisory to private industry partners about the rising threat of attacks against organizations and their employees that can bypass MFA. Account Hijacking Y Multiple Industries CC US The US Federal Bureau of Investigation, FBI, MFA
3 3 17/09/2019 ? Kent State University Kent State University announces over 3,000 student emails has been hacked the week before, as a result of credential harvesting. Account Hijacking P Education CC US Kent State
4 4 25/09/2019 ? US, Italian, and Japanese users Researchers from Confiant discover OSX/Tarmac, a new malware was distributed to macOS users via online malvertising campaigns. Malware X Individual CC US IT JP Confiant, OSX/Tarmac, macOS
5 5 27/09/2019 ? Cancer Treatment Centers of America at Southeastern Regional Medical Center Cancer Treatment Centers of America at Southeastern Regional Medical Center notifies of a phishing incident, potentially impacting 4,559 patients. Account Hijacking Q Human health and social work activities CC US Cancer Treatment Centers of America at Southeastern Regional Medical Center
6 6 27/09/2019 ? Catholic Health Initiative (CHI) at Lakeside Hospital The CHI Health clinic at Lakeside Hospital informs patients that their personal information may have been exposed during a ransomware incident, occurred Aug. 1. Malware Q Human health and social work activities CC US Catholic Health Initiative, CHI, Lakeside Hospital, ransomware
7 7 30/09/2019 ? Bradford City Hall Bradford City Hall suffers a ransomware attack. Malware O Public administration and defence, compulsory social security CC US Bradford City Hall, ransomware
8 8 01/10/2019 ? US petroleum industry Researchers from Netskope discover a campaign against the US petroleum industry carried out via a new Adwind Remote Access Trojan (RAT) variant. Targeted Attack D Electricity gas steam and air conditioning supply CE US Netskope, Adwind
9 9 01/10/2019 ? DCH Regional Medical Center in Tuscaloosa DCH Regional Medical Center in Tuscaloosa is paralyzed by a Ryuk ransomware attack and forced to turn away patients. Malware Q Human health and social work activities CC US DCH Regional Medical Center, ransomware, Ryuk
10 10 01/10/2019 ? Voatz, West Virginia's mobile voting app The FBI is investigating after someone allegedly tried to hack into Voatz, West Virginia's mobile voting app during the 2018 midterm elections. Unknown O Public administration and defence, compulsory social security CC US FBI, West Virginia, Voatz
ID Date Author Target Description Attack Target Class Attack Class Country Link Tags

Leave a Reply

Your email address will not be published. Required fields are marked *

This site uses Akismet to reduce spam. Learn how your comment data is processed.

%d bloggers like this: