It’s time to publish the second timeline of February covering the main cyber attacks occurred in the second half of this month. Despite the 29 days, I have collected a total of 97 events, including 6 falling in previous that slipped away from the first timeline. Definitely a sharp increase compared with the previous ones.
Ransomware continues to characterize this beginning of 2020. Once again, and this is not a surprise, new high-profile targets joined the long list of victims, along with the multiple educational and healthcare institutions that normally populate the timelines. Unfortunately, and this is really sad not only from an infosec perspective, also the number of campaigns exploiting the Coronavirus outbreak is growing in parallel with the expansion of the virus in the real world.
Other interesting events of this timeline, related to cyber crime, include the breach to MGM Resorts (10.6 million users involved), and a huge SIM swapping attack against a cryptovalue investor).
From a Cyber Espionage perspective the most important operations of this timeline are for sure the long lasting campaign carried out during 2019 by an Iranian state-sponsored actor dubbed Fox Kitten, and exploiting the multiple vulnerabilities targeting the main VPN products, and the discovery of a campaign, carried out by APT-C-23, targeting the Israel Defense Force.
And once again, that’s all for the summary. As usual the timeline contains the details that you can browse and share to support my work and spread the risk awareness across the community. And don’t forget to follow @paulsparrows on Twitter, or even connect on Linkedin, for the latest updates.
ID
Date
Author
Target
Description
Attack
Target Class
Attack Class
Country
Link
Tags
1
01/01/1970
?
Grand Est
The Grand Est region is hit with a ransomware attack.
Malware
O Public administration and defence, compulsory social security
CC
FR
Grand Est, ransomware
2
01/01/1970
?
INA Group
A ransomware attack cripples some business operations at INA Group, Croatia's biggest oil company, and its largest petrol station chain.
Malware
D Electricity gas steam and air conditioning supply
CC
HR
INA Group, ransomware
3
01/01/1970
?
BST
A Maze ransomware attack on BST, an accounting firm in December exposes the patient data of Community Care Physicians, a large upstate New York medical group, as well as other clients of the firm.
Malware
K Financial and insurance activities
CC
US
Maze, BST, Community Care Physicians
4
01/01/1970
?
Tennessee Orthopaedic Alliance
Tennessee Orthopaedic Alliance notifies more than 81,000 patients after discovering two employee email accounts had been compromised on October 18, 2019.
Account Hijacking
Q Human health and social work activities
CC
US
Tennessee Orthopaedic Alliance
5
01/01/1970
?
Neebs Gaming YouTube channel
Neebs Gaming, a highly popular YouTube gaming channel is hacked by unidentified crypto scammers, who change its name and banner to Coinbase Pro to collect Bitcoin from its viewers/subscribers.
Account Hijacking
R Arts entertainment and recreation
CC
US
Neebs Gaming, YouTube, Coinbase Pro, Bitcoin
6
01/01/1970
?
Lodi School District
School officials in Lodi are investigating after student data is breached at two different schools: Bear Creek High and Ronald E. McNair High.
Unknown
P Education
CC
US
Lodi School District
7
01/01/1970
Fox Kitten
Companies from the IT, Telecommunication, Oil and Gas, Aviation, Government, and Security sectors
Researchers from ClearSky reveal that Iran's government-backed hacking units have made a top priority last year to exploit VPN bugs to infiltrate and plant backdoors in companies all over the world.
ClearSky, Fox Kitten, CVE-2019-11510, CVE-2018-13379, CVE-2019-1579, CVE-2019-19781
8
01/01/1970
APT-C-23
Israel Defense Force (IDF) soldiers
An IDF’s spokesperson reveals that IDF (Israel Defense Force) and ISA (Israel Security Agency AKA “Shin Bet”) conducted a joint operation to take down a Hamas operation targeting IDF soldiers, dubbed ‘Rebound’.
Targeted Attack
O Public administration and defence, compulsory social security
CE
IL
Israel Defense Force, IDF, APT-C-23, ISA, Israel Security Agency
9
01/01/1970
?
Vulnerable Wordpress sites
Researchers from WebARX reveal the details of a currently exploited vulnerability targeting the ThemeGrill Demo Importer plugin that allows the attackers to completely wipe a Wordpress site.
Wordpress plugins vulnerabilities
Y Multiple Industries
CC
>1
WebARX, ThemeGrill Demo Importer, Wordpress
10
01/01/1970
?
Butler County Community College
Butler County Community College is hit with a ransomware attack.
Malware
P Education
CC
US
Butler County Community College, ransomware
11
01/01/1970
?
ISS World
A ransomware attack hits the major facilities company ISS World, which has half a million employees worldwide.
Malware
N Administrative and support service activities
CC
DK
ISS World
12
01/01/1970
?
More than 80 Turkish companies
Check Point researchers discover an evolving, ongoing malspam campaign targeting more than 80 Turkish companies, distributing the Adwind RAT.
Malicious Spam
Y Multiple Industries
CC
TR
Check Point, Adwind RAT
13
01/01/1970
?
Multiple targets
IBM X-Force Threat Intelligence researchers discover a phishing campaign distributing the Lokibot information stealer malware via emails designed to look like they're sent by the Ministry of Health of the People's Republic of China and containing emergency Coronavirus regulations in English.
Malware
Y Multiple Industries
CC
>1
IBM X-Force, Lokibot, Ministry of Health of the People's Republic of China, Coronavirus, COVID-19
14
01/01/1970
?
Single Individuals
The World Health Organization (WHO) warns of ongoing Coronavirus-themed phishing attacks that impersonate the organization with the end goal of stealing information and delivering malware.
Malicious Spam
X Individual
CC
>1
World Health Organization, WHO, Coronavirus, COVID-19
15
01/01/1970
?
Instagram users in Russia
A large-scale phishing campaign is running on Instagram to bait Russians with a fake presidential decree that promises a lump-sum payment for a citizen to start their own business.
Account Hijacking
X Individual
CC
RU
Instagram
16
01/01/1970
?
Rabun County
The Rabun County is hit with a ransomware attack.
Malware
O Public administration and defence, compulsory social security
CC
US
Rabun County, ransomware
17
01/01/1970
?
East House
East House provide notices of a phishing attack occurred on July 25, 2019.
Account Hijacking
Q Human health and social work activities
CC
US
East House
18
01/01/1970
?
Monroe County Hospital & Clinics
More than 7,000 patients of Monroe County Hospital & Clinics are notified that their personal information may have been leaked in a phishing attack occurred on December 2019.
Account Hijacking
Q Human health and social work activities
CC
US
Monroe County Hospital & Clinics
19
01/01/1970
?
Undisclosed natural gas compression facility
The Cybersecurity and Infrastructure Security Agency (CISA) alerts organizations across all critical U.S. infrastructure sectors about a recent ransomware attack that affected a natural gas compression facility.
Malware
D Electricity gas steam and air conditioning supply
CC
US
Cybersecurity and Infrastructure Security Agency, CISA, ransomware
20
01/01/1970
?
Vulnerable Wordpress sites
Researchers from Wordfence reveal that a zero-day vulnerability in the ThemeREX Addons, a WordPress plugin installed on thousands of sites, is actively exploited by attackers to create user accounts with admin permissions and potentially fully taking over the vulnerable website.
Wordpress plugins vulnerabilities
Y Multiple Industries
CC
>1
Wordfence, ThemeREX Addons, WordPress
21
01/01/1970
?
ProtonVPN users
Researchers from Kaspersky discover a fake ProtonVPN website used since November 2019 to deliver the AZORult information-stealing malware to potential victims in the form of fake ProtonVPN installers.
Malware
X Individual
CC
>1
Kaspersky, ProtonVPN, AZORult
22
01/01/1970
?
Windows users in Italy
Threat actors are distributing the Dharma Ransomware in a new spam campaign targeting Windows users in Italy.
Malware
X Individual
CC
IT
Dharma, Ransomware
23
01/01/1970
?
Government Data Center in Rwanda
A Rwandan data centre that hosts servers related to the country’s government is taken down by hackers.
DDoS
O Public administration and defence, compulsory social security
CC
RW
Rwanda
24
01/01/1970
?
MGM Resorts
The personal details of more than 10.6 million users who stayed at MGM Resorts hotels have been published on a hacking forum this week.
Cloud Misconfiguration
I Accommodation and food service activities
CC
US
MGM Resorts
25
01/01/1970
DRBControl
Gambling companies located in Southeast Asia, Europe and the Middle East
Researchers from Trend Micro and Talent-Jump reveal the details of DRBControl, a criminal organization focused on gambling companies.
Targeted Attack
R Arts entertainment and recreation
CC
>1
Trend Micro, Talent-Jump, DRBControl
26
01/01/1970
Exaggerated Lion
Thousands of U.S. companies
Researchers uncover a new business email compromise (BEC) threat actor, which they call Exaggerated Lion, targeting thousands of U.S. companies with money pilfering scams.
Business Email Compromise
Y Multiple Industries
CC
US
Agari, Exaggerated Lion
27
01/01/1970
?
US Taxpayers
Proofpoint researchers detect the first attacks in theme with the tax season carried out via tax-themed emails with malicious attachments, and legitimate tax-focused websites compromised to deliver malware
Malware
X Individual
CC
US
Proofpoint, Tax
28
01/01/1970
?
Swiss companies
Switzerland’s Reporting and Analysis Centre for Information Assurance (MELANI) warns of ongoing ransomware attacks targeting the systems of Swiss small, medium-sized, and large companies.
Malware
Y Multiple Industries
CC
CH
Switzerland’s Reporting and Analysis Centre for Information Assurance, MELANI, ransomware
29
01/01/1970
?
Multiple targets
Researchers from Prevailion reveal the details of "PHPs Labyrinth", a campaign active since 2017, infecting more than 20,000 WordPress sites via malicious plugins.
Malicious Wordpress plugins
Y Multiple Industries
CC
>1
Prevailion, PHPs Labyrinth, WordPress
30
01/01/1970
?
Multiple targets
Security researcher Marco Ramilli discover a new batch of e-commerce sites compromised by a Magecart attack.
Malicious Script Injection
G Wholesale and retail trade
CC
>1
Marco Ramilli, Magecart.
31
01/01/1970
?
Ministère de l’Éducation et de l’Enseignement Supérieur
The PII of at least 51,400, and possibly as many as 360,000 educators, in Quebec Province are exposed when a malicious actor obtained login credentials to the Ministère de l’Éducation et de l’Enseignement Supérieur network.
Unknown
O Public administration and defence, compulsory social security
CC
CA
Ministère de l’Éducation et de l’Enseignement Supérieur
32
01/01/1970
?
US Bank Customers
Researchers from IBM X-Force discover a new Emotet campaign spread via SMS messages pretending to be from banks and may have ties to the TrickBot trojan.
Malware
K Financial and insurance activities
CC
US
IBM, X-Force, Emotet, TrickBot
33
01/01/1970
?
Maroof International Hospital
Maroof International Hospital is hit with a severe ransomware attack
Malware
Q Human health and social work activities
CC
PK
Maroof International Hospital, ransomware
34
01/01/1970
?
City of Wayne
The city of Wayne is hit with a ransomware attack.
Malware
O Public administration and defence, compulsory social security
CC
US
City of Wayne, ransomware
35
01/01/1970
?
United Regional Health Care System
United Regional Health Care System discloses an incident that occurred last July when someone accessed an employee email account. 2,000 individuals are affected.
Account Hijacking
P Education
CC
US
United Regional Health Care System
36
01/01/1970
?
Defence Information Systems Agency (DISA)
The U.S. Defence Information Systems Agency reveals that Social Security numbers and other personal data in its network may have been compromised between May and July 2019
Unknown
O Public administration and defence, compulsory social security
CC
US
Defence Information Systems Agency, DISA
37
01/01/1970
?
Targets in Southeast Asia
Researchers from Cisco Talos uncover a new campaign, carried out via a remote access tool dubbed ObliqueRAT, focused on targets in Southeast Asia.
Targeted Attack
Y Multiple Industries
CE
>1
Cisco Talos, ObliqueRAT
38
01/01/1970
?
IIT Madras
IIT Madras is hit with the GlobeImposter ransomware.
Malware
P Education
CC
IN
IIT Madras, GlobeImposter, ransomware
39
01/01/1970
?
Nine websites
Security researchers discover a new batch of nine websites infected with malicious JavaScript that steals payment card info from online shoppers.
Malicious Script Injection
G Wholesale and retail trade
CC
>1
Magecart
40
01/01/1970
?
VibrantCare Rehabilitation
VibrantCare Rehabilitation notifies 1,655 patients after an employee’s email account is accessed.
Account Hijacking
Q Human health and social work activities
CC
US
VibrantCare Rehabilitation
41
01/01/1970
?
San Felipe Del Rio CISD
A business email compromise targets the San Felipe Del Rio CISD.
Business Email Compromise
P Education
CC
US
San Felipe Del Rio CISD
42
01/01/1970
?
South Adams Schools district
The South Adams Schools district is hit with a ransomware attack.
Malware
P Education
CC
US
South Adams Schools district, ransomware
43
01/01/1970
?
Android users
Security researchers from Check Point discover a new mobile threat called Haken, hidden in 8 applications.
Malware
X Individual
CC
>1
Check Point, Haken, Joker, Android
44
01/01/1970
Lynx
Slickwraps
Slickwraps suffers a data breach after an individual is able to access their systems and after receiving no response to emails, publicly discloses how the access to the site was gained and the data that was exposed.
Path traversal vulnerability
C Manufacturing
CC
US
Lynx, Slickwraps
45
01/01/1970
?
Reading Municipal Light Department (RMLD)
The Reading Municipal Light Department (RMLD), an electric utility in Massachusetts, announces it was hit by a ransomware attack.
Malware
D Electricity gas steam and air conditioning supply
CC
US
Reading Municipal Light Department, RMLD, ransomware
46
01/01/1970
Pakistan?
Indian diplomats and military personnel in some embassies
Researchers from Cybaze-Yoroi ZLab discover that operation Transparent Tribe, allegedly carried out by Pakistan against Indian targets is back after four years.
Targeted Attack
O Public administration and defence, compulsory social security
CE
IN
Cybaze-Yoroi ZLlab, Operation Transparent Tribe, Pakistan, India
47
01/01/1970
?
Multiple targets
Researchers from Cofense discover an uptick in phishing attempts using a fake and badly created Office 365 credentials update form.
Account Hijacking
Y Multiple Industries
CC
>1
Cofense, Office 365
48
01/01/1970
?
Endeavor Energy Resources
Endeavor Energy Resources notifies employees and dependents after employee fell prey to phishing attack on January 14.
Account Hijacking
D Electricity gas steam and air conditioning supply
CC
US
Endeavor Energy Resources
49
01/01/1970
?
Moses Lake School District
The Moses Lake School District is hit by a ransomware attack.
Malware
P Education
CC
US
Moses Lake School District, ransomware
50
01/01/1970
?
Jackson Public Schools
Jackson Public Schools is hit with a ransomware attack.
Malware
P Education
CC
US
Jackson Public Schools, ransomware
51
01/01/1970
?
Major cryptovalues investor
An unknown investor claims to have lost reported $45 million worth of cryptovalues In a SIM Swapping attack.
Account Hijacking
V Fintech
CC
N/A
SIM Swapping, Crypto
52
01/01/1970
?
Single Individuals
Security research collective MalwareHunterTeam discover a 3-page Coronavirus-themed Microsoft Office document containing malicious macros, pretending to be from the Center for Public Health of the Ministry of Health of Ukraine, and designed to drop a backdoor malware with clipboard stealing, keylogging, and screenshot capabilities.
Malware
X Individual
CC
UA
MalwareHunterTeam, Coronavirus, COVID-19, Center for Public Health of the Ministry of Health of Ukraine
53
01/01/1970
?
Mexico’s economy ministry
Mexico’s economy ministry detects a cyber attack on some of its servers.
Unknown
O Public administration and defence, compulsory social security
CC
MX
Mexico’s economy ministry
54
01/01/1970
?
Prince Edward Island
Prince Edward Island reveals it was hit with a Maze ransomware attack.
Malware
O Public administration and defence, compulsory social security
CC
CA
Prince Edward Island, ransomware, Maze
55
01/01/1970
?
Total Quality Logistics (TQL)
Total Quality Logistics confirms it was the victim of a data breach.
Unknown
N Administrative and support service activities
CC
US
Total Quality Logistics, TQL
56
01/01/1970
?
German PayPal users
According to multiple reports, a critical PayPal vulnerability is behind thefts over recent days from numerous German PayPal users (fraudulent transactions with U.S. stores).
PayPal vulnerability
K Financial and insurance activities
CC
DE
PayPal
57
01/01/1970
Magecart 12
40 websites
Security Researcher Max Kersten publishes a list of 40 websites targeted by the Magecart 12 group.
Malicious Script Injection
G Wholesale and retail trade
CC
>1
Max Kersten, Magecart 12
58
01/01/1970
?
Ordnance Survey
A hacker stole the personal data of 1,000 employees of the Ordnance Survey, the government-owned mapping agency for Britain. The breach occurred on January this year.
Unknown
O Public administration and defence, compulsory social security
CC
UK
Ordnance Survey
59
01/01/1970
?
Multiple targets
Researchers from MalwareHunterTeam discover Mozart, a malware using DNS to communicate with its command and control and evade detection.
Malware
Y Multiple Industries
CC
>1
MalwareHunterTeam, Mozart, DNS
60
01/01/1970
?
Portuguese Banking users.
A new campaign carried out via the Lampion malware in disguise of a DPD email, is discovered targeting Portuguese users.
Malware
K Financial and insurance activities
CC
PT
Lampion, DPD
61
01/01/1970
?
Pacific Specialty Insurance
Pacific Specialty Insurance notifies plan members of a phishing attack that occurred in March, 2019
Account Hijacking
K Financial and insurance activities
CC
US
Pacific Specialty Insurance
62
01/01/1970
?
Grayson County
Grayson County is hit with a ransomware attack.
Malware
O Public administration and defence, compulsory social security
CC
US
Grayson County
63
01/01/1970
?
Transavia
The data of 80,000 Transavia passengers are compromised after a phishing attack.
Account Hijacking
H Transportation and storage
CC
NL
Transavia
64
01/01/1970
?
Transmit Security
Transmit Security is breached after a security researcher contacts some of its customers and reports unauthorized access to the data.
Unknown
M Professional scientific and technical activities
CC
IL
Transmit Security
65
01/01/1970
?
Multiple targets
Google releases a Chrome update to address three security bugs, including CVE-2020-6418, a zero-day vulnerability actively exploited in the wild.
Google Chrome Vulnerability (CVE-2020-6418)
Y Multiple Industries
CC
>1
Google, Chrome, CVE-2020-6418
66
01/01/1970
?
La Salle County
La Salle County is hit with a PwndLocker ransomware attack.
Malware
O Public administration and defence, compulsory social security
CC
US
La Salle County, ransomware, PwndLocker
67
01/01/1970
?
Single Individuals
Researchers from Cybaze/Yoroi ZLab discover a new campaign exploiting the Coronavirus theme to distribute the Remcos RAT.
Malware
X Individual
CC
>1
Cybaze/Yoroi ZLab, Remcos, Coronavirus, COVID-19
68
01/01/1970
?
Reprint Mint
Researchers from Sanguine Security reveal that attackers successfully implanted multiple skimmers, for 30 months on Reprint Mint photo store.
Malicious Script Injection
G Wholesale and retail trade
CC
US
Sanguine Security, Reprint Mint
69
01/01/1970
tonyredball
solarsalvador1234
Vulnerable Wordpress sites
Other Cybercriminals are taking advantage of the security flaws reported recently in popular WordPress plugins (ThemeGrill Demo Importer, Profile Builder, and Duplicator).
NRC Health discloses that it was hit by a ransomware attack that took place on February 11.
Malware
M Professional scientific and technical activities
CC
US
NRC Health, ransomware
71
01/01/1970
?
Undisclosed target
Researchers from Sophos reveal the details of Cloud Snooper, a sophisticated malware hiding in the cloud, probably backed by an advanced state sponsored actor.
Unknown
Z Unknown
CE
N/A
Cloud Snooper, Sophos
72
01/01/1970
Overlake Medical Center & Clinics
Overlake Medical Center & Clinics reveals to have been hit by a phishing attack from Dec. 6 to 9, 2019.
Account Hijacking
Q Human health and social work activities
CC
US
Overlake Medical Center & Clinics
73
01/01/1970
?
Advocate Aurora Health
The personal information of some current and former Advocate Aurora Health employees, including their Social Security numbers and bank accounts, might have been compromised in an email phishing campaign.
Account Hijacking
Q Human health and social work activities
CC
US
Advocate Aurora Health
74
01/01/1970
?
Gadsden Independent School District (GISD)
Gadsden Independent School District (GISD) shuts down its internet and communication systems, after a RYUK ransomware attack.
Malware
P Education
CC
US
Gadsden Independent School District, GISD, ransomware
75
01/01/1970
?
Hutt Valley High School
Hutt Valley High School reveals that it was hit with a cyber attack.
Unknown
P Education
CC
NZ
Hutt Valley High School
76
01/01/1970
?
Clearview AI
Clearview AI discloses to its customers that an intruder “gained unauthorized access” to its list of customers, to the number of user accounts those customers had set up, and to the number of searches its customers have conducted.
Misconfiguration
M Professional scientific and technical activities
CC
US
Clearview AI
77
01/01/1970
?
Bretagne Télécom
Cloud services provider Bretagne Télécom is hacked by the threat actors behind the DoppelPaymer Ransomware using CVE-2019-19781.
Malware
M Professional scientific and technical activities
Rady’s Children’s Hospital notifies patients whose data were accessed via an "open port" on June 2019, and January 2020.
Unknown
Q Human health and social work activities
CC
US
Rady’s Children’s Hospital
83
01/01/1970
?
Barbara Corcoran
Barbara Corcoran, a renowned real-estate broker and business expert, admits she lost $380,000 via a BEC scam.
Business Email Compromise
L Real estate activities
CC
US
Barbara Corcoran
84
01/01/1970
?
Kenneth Cole Productions
The operators behind the Sodinokibi Ransomware (AKA Revil) publish the download links to files containing what they claim is financial and work documents, as well as customers' personal data stolen from Kenneth Cole Productions.
Researchers from Malwarebytes and X-Force discover an ongoing malspam campaign using emails disguised as messages from secret lovers to deliver Nemty Ransomware payloads on the computers of potential victims.
Malware
X Individual
CC
>1
Malwarebytes, IBM X-Force, Nemty, Ransomware
86
01/01/1970
?
Multiple targets
Researchers from Palo Alto discover a new phishing campaign installing the NetSupport Manager RAT via a Fake Norton LifeLock document.
Malicious Spam
Y Multiple Industries
CC
>1
Palo Alto, NetSupport Manager RAT, Norton LifeLock
87
01/01/1970
?
BGR.in
tradinggame.au.com
S3 Production
Hackers share three SQL databases from S3 buckets, one dump belonging to the BGR tech news site in India.
Misconfigured AWS S3 Bucket
Y Multiple Industries
CC
>1
BGR.in,
tradinggame.au.com,
S3 Production
88
01/01/1970
?
Democratic National Committee
The Democratic National Committee warns its presidential candidates to be cautious after Bernie Sanders’ campaign reported that an “impersonator” with a domain registered overseas had posed as one of its staffers and sought conversations with members of at least two other campaigns.
Account Hijacking
S Other service activities
CE
US
Democratic National Committee, Bernie Sanders
89
01/01/1970
?
Jordan Health
Jordan Health is hit with a ransomware attack.
Malware
P Education
CC
US
Jordan Health
90
01/01/1970
?
130,000 Asus routers
An unknown criminal manages to breach as many as 130,000 Asus routers, and sells the access to them for few dollars.
Router vulnerability
Y Multiple Industries
CC
>1
Asus
91
01/01/1970
?
Multiple targets
Researchers from Morphisec discover a widespread campaign using the remote desktop ActiveX control in Word documents to automatically execute on Windows 10 a malware downloader called Ostap adopted by TrickBot for delivery.
Malware
Y Multiple Industries
CC
>1
Morphisec, ActiveX, Word, Windows 10, TrickBot
92
01/01/1970
?
Vulnerable Wordpress sites
Researchers from Defiant discover that attackers took over tens of thousands of WordPress sites by exploiting multiple zero-days in the following plugins: Flexible Checkout Fields for WooCommerce, Async JavaScript, 10Web Map Builder for Google Maps, Modern Events Calendar Lite.
Wordpress plugins vulnerabilities
Y Multiple Industries
CC
>1
Wordpress, Flexible Checkout Fields for WooCommerce, Async JavaScript, 10Web Map Builder for Google Maps, Modern Events Calendar Lite, Defiant
93
01/01/1970
?
Munson Healthcare Group
Munson Healthcare Group discloses that hackers gained access to patient data placed by compromising the email accounts of at least two employees. Patient records were accessed from July 31, 2019, to October 22, 2019, but the breach went undetected until January 16, 2020.
Account Hijacking
Q Human health and social work activities
CC
US
Munson Healthcare Group
94
01/01/1970
?
Epiq Global
Legal services giant Epiq Global is hit by a ransomware attack.
Malware
M Professional scientific and technical activities
CC
US
Epiq Global, ransomware
95
01/01/1970
?
RailWorks Corporation
RailWorks Corporation, one of the leading providers of rail infrastructure solutions in North America, discloses a ransomware attack.
Malware
C Manufacturing
CC
US
RailWorks Corporation, ransomware
96
01/01/1970
?
Vulnerable Apache Tomcat servers
Security researchers detect ongoing scans for Apache Tomcat servers unpatched against the Ghostcat (CVE-2020-1938) vulnerability.
Ghostcat (CVE-2020-1938) vulnerability
Y Multiple Industries
CC
>1
Apache Tomcat, Ghostcat, CVE-2020-1938
97
01/01/1970
?
Loqbox
Fintech startup Loqbox reveals to have suffered an "attack" which potentially revealed its customers' names, postal addresses, dates of birth, email addresses and phone numbers.
The dates are all 01/01/1970 across several months I’m afraid.
Hi there, I can’t seem to access the data on this page and a few others in the early stages of 2020, any ideas why?