And with this post I finally publish the second timeline of October (the first one is here) covering the main cyber attacks occurred in the second half (plus a couple of events that occurred in September but where not included in the previous timeline). For the records in this second fortnight I have collected 75 events.
As usual the timeline is rich of events, some of them with huge implications, and I really don’t know where to start from. In terms of Cyber Crime, BEC scammers are continuously raising the bar: the American subsidiary of Nikkei has lost roughly $29 millions after an employee transferred the money to a bank account under the control of the attackers. The city of Ocala suffered the same fate, but with “minor” consequences, “only” $742,000 redirected to the scammers’ bank account. Other important events include the breach to Web.com, the discovery of more than 1.3 million Indian payment card details up for sale, a breach to Unicredit, and a massive DDoS attack crippling AWS.
And while ransomware gangs are always extremely active (the City of Johannesburg is the most important victim of this timeline), the cyber espionage front is equally hot: APT29 were back after an apparent break, APT 28, APT41, and Turla are always extremely active, CCleaner has suffered another compromise attempt from alleged Chinese threat actors, and the Czech Republic has unearthed an alleged cyber espionage plot from Russia.
For the complete list, you need to browse the entire timeline, and don’t forget to share it to support my work and spread the concept of risk awareness across the community. Of course feel free to contribute, suggesting noticeable cyber events, and do not forget to follow @paulsparrows on Twitter, or even connect on Linkedin, for the latest updates.
|ID||Date||Author||Target||Description||Attack||Target Class||Attack Class||Country||Link||Tags|
|Date||Author||Target||Attack||Target Class||Attack Class||Country||Link||Tags|