Here we go with the first timeline of September, containing the main cyber attacks occurred in the first half of the month (plus a few of additional ones occurred outside this interval). The number of events continues to be quite high, and the amount of ransomware attacks has reached a new record: 46 events out of 104, corresponding to 44.2%. Two factors have probably contributed to this number: the start of the new school year with a fresh wave of cyber attacks against educational institutions, but also a growing number of organizations revealing to have their data leaked in the wake of the Blackbaud breach.
Another important element characterizing this timeline is the discovery of two massive operations carried out by the Magecart umbrella targeting a total of nearly 4,000 sites. The business of credit card skimmers is always flourishing if we also consider that another similar campaign was unveiled: a JavaScript skimmer dubbed Baka.
The last mention, among cybercrime-driven events, is for the theft of $7.5 million from the Jewish Federation of Greater Washington, stolen and funneled into international accounts.
The Cyber Espionage front is equally quite active. The most noteworthy events are probably the attack against the Norwegian parliament (allegedly carried out by Russian actors), and the discovery of new campaigns carried out by APT28 (Russia), APT31 (China), and Rocket Kitten (Iran), targeting organizations and individuals involved in this year’s U.S. presidential election.
No more time for the summary. All the details are in the timeline. Once again, thanks for sharing it and supporting my work in spreading the risk awareness across the community. Also, don’t forget to follow @paulsparrows on Twitter, or even connect on Linkedin, for the latest updates.
ID
Date
Author
Target
Description
Attack
Target Class
Attack Class
Country
Link
Tags
1
01/01/1970
?
Somerset Berkley Regional High School
Somerset Berkley Regional High School is hit with a ransomware attack
Malware
P Education
CC
US
Somerset Berkley Regional High School, ransomware
2
01/01/1970
DoppelPaymer
Newcastle University
The Newcastle University is hit with a DoppelPaymer ransomware attack.
Malware
P Education
CC
UK
Newcastle University, DoppelPaymer, ransomware
3
01/01/1970
?
Multiple targets
Visa issues a warning regarding a new JavaScript e-commerce skimmer known as Baka that will remove itself from memory after exfiltrating stolen data.
Malicious Script Injection
G Wholesale and retail trade
CC
>1
Visa, JavaScript, Baka
4
01/01/1970
?
Northumbria University
Northumbria University is also hit with a ransomware attack.
Malware
P Education
CC
UK
Northumbria University, ransomware
5
09/01/2020
Russia?
Norwegian Parliament (Stortinget)
Attackers compromise a limited number of email accounts of Norwegian Parliament (Stortinget) representatives and employees. Fingers are pointed to Russia
Targeted Attack
O Public administration and defence, compulsory social security
CE
NO
Norwegian Parliament, Stortinget, Russia
6
09/01/2020
RansomExx AKA Defray
SoftServe
Ukrainian software developer and IT services provider SoftServe suffers a RansomExx ransomware attack
Malware
M Professional scientific and technical activities
CC
UA
SoftServe, RansomExx, Defray
7
09/01/2020
ProLock
Multiple targets
The FBI issues a second warning to alert US companies of ProLock ransomware operators stealing data from compromised networks before encrypting their victims' systems.
Malware
Y Multiple Industries
CC
US
FBI, ProLock, ransomware
8
09/01/2020
?
Warner Music Group (WMG)
Warner Music Group (WMG) discloses a data breach affecting customers' personal and financial information after several of its US-based e-commerce stores were hacked in April 2020 in what looks like a Magecart attack.
Malicious Script Injection
R Arts entertainment and recreation
CC
US
Warner Music Group, WMG, Magecart
9
09/01/2020
?
Vulnerable Wordpress sites
Researchers from Wordfence reveal that hackers are actively exploiting a critical RCE vulnerability that allows to upload scripts and execute arbitrary code on WordPress sites running vulnerable File Manager plugin versions.
Wordpress plugin vulnerability
Y Multiple Industries
CC
>1
Wordfence, File Manager
10
09/01/2020
?
Multiple targets
Researchers from Malwarebytes analyze a new credit card skimmer exfiltrating data via Telegram.
Malicious Script Injection
G Wholesale and retail trade
CC
>1
Malwarebytes, Telegram, Magecart
11
09/01/2020
Epic Manchego
Companies all over the world
Researchers from NVISO Labs reveal the details of Epic Manchego, a malware gang, active since June, targeting companies all over the world with phishing emails that carry a malicious Excel document.
Malware
Y Multiple Industries
CC
>1
NVISO Labs, Epic Manchego, Excel
12
09/01/2020
Russia?
Facebook and Twitter users
Facebook and Twitter remove social media accounts for a news organization going by the name of PeaceData, which they linked to Russia's state propaganda efforts.
Fake Social Network Accounts/Pages
X Individual
CW
>1
Facebook, Twitter, PeaceData, Russia
13
09/01/2020
?
Catholic Health
Catholic Health joins the list of the entities hit with the Blackbaud breach.
Malware
Q Human health and social work activities
CC
US
Catholic Health, Blackbaud, ransomware
14
09/01/2020
?
Roswell Park Alliance Foundation
Even the Roswell Park Alliance Foundation is hit by the Blackbaud breach.
Malware
Q Human health and social work activities
CC
US
Roswell Park Alliance Foundation, Blackbaud, ransomware
15
09/01/2020
?
Several million American voters
A database containing several million American voters’ personal information appears on the Russian dark web.
Unknown
Z Unknown
CC
US
American voters
16
09/01/2020
?
Bykea
Unidentified hackers successfully infiltrate and delete the entire database of Bykea, a Pakistan-based vehicle for hire and delivery company.
Unknown
H Transportation and storage
CC
PK
Bykea
17
09/01/2020
?
Georgian Ministry of Health
Hackers break into the Georgian Ministry of Health to steal data on the Russian nerve agent Novichok
Targeted Attack
O Public administration and defence, compulsory social security
CE
GE
Georgian Ministry of Health
18
09/01/2020
?
Canadian Ministry of Justice
The Canadian Ministry of Justice is hit with an Emotet attack.
Malware
O Public administration and defence, compulsory social security
CC
CA
Canadian Ministry of Justice, Emotet
19
09/01/2020
?
Mansfield City Schools
The Mansfield City Schools District is hit with a cyber attack.
Unknown
P Education
CC
US
Mansfield City Schools
20
09/01/2020
?
St. Louis County
The St. Louis County website goes down without notice after a cyber attack.
Unknown
O Public administration and defence, compulsory social security
CC
US
St. Louis County
21
09/02/2020
?
Cryptocurrency users in the Czech Republic and Slovakia
Researchers from ESET discover KryptoCibule, a new malware family focused on getting as much cryptocurrency as possible from its victims.
Malware
V Fintech
CC
>1
ESET, KryptoCibule, Crypto
22
09/02/2020
?
Multiple targets
Researchers from Tencent discover MrbMiner, a malware targeting vulnerable exposed Microsoft MSSQL servers.
Malware
Y Multiple Industries
CC
>1
Tencent, MrbMiner, Microsoft MSSQL
23
09/02/2020
?
K7Maths
A leak from K7Maths, an online service providing school e-learning solutions, causes the compromise of the personal details of more than one million students, teachers, and staff.
Misconfiguration
P Education
CC
AU
K7Maths
24
09/02/2020
?
Hartford School District
The Hartford School District in Connecticut postpones the first day of school after a ransomware attack.
Malware
P Education
CC
US
Hartford School District, ransomware
25
09/02/2020
Belarusians government?
Belarusians attending anti-government protests
Google removes from the Play Sore NEXTA LIVE, an Android used to collect personal information from Belarusians attending anti-government protests.
Malware
X Individual
CE
BY
Google, Play Sore NEXTA LIVE, Android
26
09/02/2020
?
Meteorological Service of New Zealand (Metservice)
The Meteorological Service of New Zealand (Metservice) is hit with a DDoS attack.
DDoS
O Public administration and defence, compulsory social security
CC
NZ
Meteorological Service of New Zealand, Metservice
27
09/02/2020
TA413
European diplomatic entities and the Tibetan community
Researchers from Proofpoint reveal the details of a new campaign targeting European diplomatic entities and the Tibetan community with the Sepulcher malware.
Targeted Attack
Y Multiple Industries
CE
>1
TA413, Sepulcher, Proofpoint
28
09/02/2020
?
Jewish Federation of Greater Washington
The Jewish Federation of Greater Washington reports a hack that stole $7.5 million from its endowment fund and funneled the money into international accounts.
Account Hijacking
S Other service activities
CC
US
Jewish Federation of Greater Washington
29
09/02/2020
?
Multiple targets
Researchers from RiskIQ reveal the details of Inter, a Magecart Skimming Tool affecting more than 1,500 Sites.
Malicious Script Injection
G Wholesale and retail trade
CC
>1
RiskIQ, Inter, Magecart
30
09/02/2020
?
Multiple targets
Researchers from Sophos discover a new phishing campaign using Sharepoint and OneNote to avoid detection.
Account Hijacking
Y Multiple Industries
CC
>1
Sophos, Sharepoint, OneNote
31
09/03/2020
John Wick
Twitter account of Indian Prime Minister Narendra Modi
The Twitter account of Indian Prime Minister Narendra Modi is hacked.
Account Hijacking
X Individual
CC
IN
Twitter, Narendra Modi, John Wick
32
09/03/2020
Evilnum
Financial tech organizations
Researchers from Cybereason unveil the latest campaign by Evilnum, using a Python RAT dubbed PyVil RAT.
Targeted Attack
K Financial and insurance activities
CC
>1
Cybereason, Evilnum, Python, PyVil RAT
33
09/03/2020
John Wick
India's CNN-News18
A hacking group claims to have breached India's CNN-News18 news site to use it to refute claims that they hacked PayTM Mall
Unknown
J Information and communication
CC
IN
John Wick, CNN-News18
34
09/03/2020
?
Maynooth University
Maynooth University is hit with a ransomware attack.
Malware
P Education
CC
IE
Maynooth University, ransomware
35
09/03/2020
?
Multiple targets
Researchers from Cofense discover a new phishing campaign, using the company's home page to disguise the attack and trick potential victims into providing login credentials.
Account Hijacking
Y Multiple Industries
CC
>1
Cofense
36
09/03/2020
Salfram
Multiple targets
Researchers from Cisco Talos discover multiple "Salfram" campaigns use, distributing multiple payloads, including ZLoader, SmokeLoader, and AveMaria.
The Sverdlovsk Regional Clinical Center suffers a ransomware attack.
Malware
Q Human health and social work activities
CC
RU
Sverdlovsk Regional Clinical Center, ransomware
38
09/03/2020
?
Roper St. Francis Healthcare
Roper St. Francis Healthcare notifies 6,000 patients of a phishing incident.
Account Hijacking
Q Human health and social work activities
CC
US
Roper St. Francis Healthcare
39
09/03/2020
?
Oregon State University
Oregon State University announces that personal information of some students and faculty may have been exposed during a recent IT security incident.
Unknown
P Education
CC
US
Oregon State University
40
09/04/2020
?
Lloyds Bank customers
Lloyds Bank customers are targeted by a sophisticated email and SMS messaging phishing campaign.
Account Hijacking
K Financial and insurance activities
CC
UK
Lloyds Bank
41
09/04/2020
?
Essex Region Conservation Authority (ERCA)
The Essex Region Conservation Authority (ERCA) loses $300,00 to a phishing scam
Account Hijacking
O Public administration and defence, compulsory social security
CC
CA
Essex Region Conservation Authority, ERCA
42
09/04/2020
?
University Tor Vergata
The University Tor Vergata in Rome is hit with a ransomware attack.
Malware
P Education
CC
IT
The University Tor Vergata, ransomware
43
09/04/2020
?
Cygilant
Cygilant, a threat detection cybersecurity company, confirms a ransomware attack.
Malware
M Professional scientific and technical activities
CC
US
Cygilant, ransomware
44
09/04/2020
?
University of Missouri
Even the personal information from donors to the University of Missouri's four campuses was stolen during the Blackbaud data breach.
Malware
P Education
CC
US
University of Missouri, Blackbaud
45
09/06/2020
Netwalker
Equinix
Data center and colocation giant Equinix is hit with a Netwalker ransomware attack. Threat actors demand $4.5 million for a decryptor and to prevent the release of stolen data.
Malware
M Professional scientific and technical activities
CC
US
Equinix, Netwalker, ransomware
46
09/06/2020
?
Tower Semiconductors
Tower Semiconductors is hit with a ransomware attack.
Malware
C Manufacturing
CC
IL
Tower Semiconductors, ransomware
47
09/07/2020
Sodinokibi (AKA REvil)
Banco Estado
Banco Estado, one of Chile's three biggest banks, is forced to shut down all branches following a ransomware attack that took place over the weekend.
Malware
K Financial and insurance activities
CC
CL
Banco Estado, ransomware, Sodinokibi, Revil
48
09/07/2020
Netwalker
K-Electric
K-Electric, the sole electricity provider for Karachi, Pakistan, suffers a Netwalker ransomware attack that leads to the disruption of billing and online services.
Malware
D Electricity gas steam and air conditioning supply
CC
PK
K-Electric, Netwalker, ransomware
49
09/07/2020
?
Private sector and public administration entities
The French national cyber-security agency publishes an alert warning of a surge in Emotet attacks targeting the private sector and public administration entities throughout the country.
Malware
Y Multiple Industries
CC
FR
Emotet
50
09/07/2020
?
Entities in Japan
Even the cyber-security agency from Japan publishes an alert warning about an uptick in Emotet attacks.
Malware
Y Multiple Industries
CC
JP
Emotet
51
09/07/2020
?
Entities in New Zealand
And finally, even the cyber-security agency from New Zealand publishes an alert warning about an uptick in Emotet attacks.
Malware
Y Multiple Industries
CC
NZ
Emotet
52
09/08/2020
TeamTNT
Undisclosed Target
Researchers from Intezer discover a new operation by TeamTNT, abusing Weave Scope, a trusted tool which gives the user full access to their cloud environment.
Cloud misconfiguration
Z Unknown
CC
N/A
Intezer. TeamTNT, Weave Scope
53
09/08/2020
?
NorthShore Health System
NorthShore Health System says the personal information of 348,000 people was compromised in the Blackbaud breach.
Malware
Q Human health and social work activities
CC
US
NorthShore Health System, Blackbaud, ransomware
54
09/08/2020
?
Single Individuals
Researchers from Zscaler discover a new Android spyware campaign pushing a fake “Pro” version of the TikTok app.
Malware
X Individual
CC
US
Zscaler, Android, TikTok
55
09/08/2020
?
College of Nurses of Ontario (CNO)
The College of Nurses of Ontario suffers a ransomware attack.
Malware
Q Human health and social work activities
CC
CA
College of Nurses of Ontario, ransomware, CNO
56
09/08/2020
Maze
Toledo Public Schools
The Toledo Public Schools district is hit with a Maze ransomware attack.
Malware
P Education
CC
US
The Toledo Public Schools, Maze, ransomware
57
09/08/2020
?
Somerset Hills School District
The Somerset Hills School District is hit with a ransomware attack.
Malware
P Education
CC
US
The Somerset Hills School District, ransomware
58
09/08/2020
?
Roper St. Francis Healthcare
Roper St. Francis Healthcare notifies 93,000 involved in the Blackbaud ransomware incident.
Malware
Q Human health and social work activities
CC
US
Roper St. Francis Healthcare, Blackbaud, ransomware
59
09/08/2020
?
Pickens County School District
The Pickens County School District is hit with a DDoS attack.
DDoS
P Education
CC
US
Pickens County School District
60
09/09/2020
?
Development Bank of Seychelles (DBS)
The Development Bank of Seychelles (DBS) is hit by ransomware
Malware
K Financial and insurance activities
CC
SC
Development Bank of Seychelles, ransomware
61
09/09/2020
?
ETERBASE
ETERBASE, a Bratislava-based cryptocurrency exchange, discloses a security breach. The exchange says hackers breached its internal network and stole cryptocurrency funds worth $5.4 million.
Unknown
V Fintech
CC
SK
ETERBASE, Crypto
62
09/09/2020
?
Multiple targets
Researchers from Cofense and KnowBe4 discover a creative phishing campaign using an email template pretending to be a reminder to complete the security awareness training from KnowBe4 itself.
Account Hijacking
Y Multiple Industries
CC
>1
Cofense, KnowBe4
63
09/09/2020
Malsmoke
adult-themed websites users
Researchers from Malwarebytes reveal the details of Malsmoke, a cybercrime group busy over the past months, to place malicious ads on adult-themed websites in order to redirect users to exploit kits and infect them with malware.
Malvertising
X Individual
CC
>1
Malwarebytes, Malsmoke
64
09/09/2020
?
Guthrie Clinic
Guthrie Clinic is also hit by the Blackbaud data breach and 92,064 patients are affected.
Malware
Q Human health and social work activities
CC
US
Guthrie Clinic, Blackbaud, ransomware
65
09/09/2020
?
China’s UK Ambassador Twitter account.
The China’s UK Ambassador, Liu Xiaoming, Twitter account is apparently hacked.
Account Hijacking
X Individual
CC
CN
China, UK Ambassador, Liu Xiaoming, Twitter
66
09/09/2020
?
Inova Health Systems
Inova Health Systems notifies customers that it was hit by the ransomware attack through Blackbaud.
Malware
Q Human health and social work activities
CC
US
Inova Health Systems, Blackbaud, ransomware
67
09/09/2020
Zeppelin
Multiple targets
Researchers from Juniper discover a fresh wave of attacks carried out via the Zeppelin ransomware.
Malware
Y Multiple Industries
CC
>1
Zeppelin, ransomware
68
09/09/2020
?
Twitter users
Researchers from First Look Media reveal the details of a Twitter phishing campaign using the same text from the recent Twitter hacking incident.
Account Hijacking
X Individual
CC
>1
First Look Media reveal the details, Twitter
69
09/09/2020
?
Trinity Area School District
Trinity Area School District has a virtual classroom hijacked by an unknown hacker.
Account Hijacking
P Education
CC
US
Trinity Area School District
70
09/09/2020
?
Saraburi Hospital
The Saraburi Hospital is hit with a ransomware attack.
Organizations and individuals involved in this year's U.S. presidential election
Microsoft reveals that Nation state-sponsored hacking groups operating from Russia, China, and Iran are targeting organizations and individuals involved in this year's U.S. presidential election according to Microsoft.
The University Hospital Düsseldorf (UKD) suffers a ransomware attack, leading to the death of a person in a life-threatening condition. The attack occurred successfully exploiting the Citrix ADC CVE-2019-19781 vulnerability.
Malware
Q Human health and social work activities
CC
DE
University Hospital Düsseldorf, UKD, ransomware, Citrix ADC, CVE-2019-19781
73
09/10/2020
?
SegurCaixa Adeslas
SegurCaixa Adeslas is hit with a ransomware attack.
Malware
K Financial and insurance activities
CC
ES
SegurCaixa Adeslas, ransomware
74
09/10/2020
?
Senior executive at a top American company
Researchers from Armorblox discover a targeted phishing campaign performing real-time check of stolen domain logins.
Account Hijacking
Z Unknown
CC
US
Armorblox, Active Directory
75
09/10/2020
?
Multiple targets
Researchers from ESET discover a new threat dubbed CDRThief targeting a specific Voice over IP system (VOS2009/3000) to steal call data records (CDR) from telephone exchange equipment.
Malware
Y Multiple Industries
CC
>1
ESET, CDRThief, VOS2009/3000
76
09/10/2020
?
California Employment Development Department
The California Employment Development Department reveals that cyber criminals have been collecting credentials from breaches worldwide to fraudulently collect California unemployment benefits.
Account Hijacking
O Public administration and defence, compulsory social security
CC
US
California Employment Development Department
77
09/10/2020
?
Fort Dodge Community School District
Fort Dodge Community School District is hit with a ransomware attack.
Malware
P Education
CC
US
Fort Dodge Community School District, ransomware
78
09/11/2020
?
Nuvance Health
Nuvance Health is also hit by the Blackbaud ransomware attack.
Malware
Q Human health and social work activities
CC
US
Nuvance Health, Blackbaud
79
09/11/2020
Maze
Fairfax County Public Schools (FCPS)
Fairfax County Public Schools (FCPS) is hit by a Maze ransomware attack.
Malware
P Education
CC
US
Fairfax County Public Schools, FCPS
80
09/11/2020
Sodinokibi (AKA REvil)
Artech Information Systems
Artech Information Systems, one of the largest US IT staffing companies, discloses a ransomware attack that affected some of its systems during early January 2020.
Malware
M Professional scientific and technical activities
CC
US
Artech Information Systems, ransomware, Sodinokibi, Revil
81
09/11/2020
Conti
Millstone Township School District
The Conti ransomware gang leaks the data of the Millstone Township School District.
Malware
P Education
CC
US
Conti, ransomware, Millstone Township School District
82
09/11/2020
Maze
CU Collections
CU Collections reveals to have been hit with a cyber attack on February 2020.
Unknown
K Financial and insurance activities
CC
US
CU Collections, Maze, ransomware
83
09/11/2020
?
Chesterfield County Public Schools
Chesterfield County Public Schools' virtual classrooms are hijacked by unknown individuals.
Account Hijacking
P Education
CC
US
Chesterfield County Public Schools
84
09/11/2020
?
Enloe Medical Center
Enloe Medical Center notifies donors and patients of the ransomware incident that Blackbaud disclosed in July.
Malware
Q Human health and social work activities
CC
US
Enloe Medical Center, ransomware, Blackbaud
85
09/12/2020
SunCrypt
University Hospital New Jersey (UHNJ)
University Hospital New Jersey (UHNJ suffers a massive 48,000 document data breach after a the SunCrypt ransomware operators attack them and leak the stolen data.
Malware
Q Human health and social work activities
CC
US
University Hospital New Jersey, UHNJ, SunCrypt, ransomware
86
09/12/2020
?
1,904 Magento stores
Researchers from Sanguine Security (Sansec) detected 1,904 Magento stores that were compromised over the last four days.
Malicious Script Injection
G Wholesale and retail trade
CC
>1
Sanguine Security, Sansec, Magento
87
09/12/2020
?
Veiligheidsregio Noord- en Oost-Gelderland (VNOG)
the Veiligheidsregio Noord- en Oost-Gelderland region is hit with a ransomware attack.
Malware
P Education
CC
NL
Veiligheidsregio Noord- en Oost-Gelderland, VNOG, ransomware
88
01/01/1970
?
Guilford Technical Community College
Guilford Technical Community College is hit with ransomware.
Malware
P Education
CC
US
Guilford Technical Community College, ransomware
89
01/01/1970
?
Staples
Staples informs some of its customers that data related to their orders has been accessed without authorization.
CVE-2019-11510 Vulnerability?
G Wholesale and retail trade
CC
US
Staples, CVE-2019-11510
90
01/01/1970
RansomExx AKA Defray
IPG Photonics
IPG Photonics, a leading U.S. developer of fiber lasers for cutting, welding, medical use, and laser weaponry suffers a RansomExx ransomware attack.
Malware
C Manufacturing
CC
US
IPG Photonics, RansomExx, ransomware
91
01/01/1970
China-sponsored hackers
Government agencies in the US
The US government CISA issues an advisory on China-sponsored hackers attacking government agencies through vulnerabilities in Microsoft Exchange, Citrix, Pulse, and F5 devices and servers.
O Public administration and defence, compulsory social security
CE
US
CISA, Microsoft Exchange, Citrix, Pulse, F5,CVE-2020-5902, CVE-2019-19781,
CVE-2019-11510,
CVE-2020-0688
92
01/01/1970
?
U.S. Department of Veterans Affairs (VA
The U.S. Department of Veterans Affairs (VA) suffers a data breach leading to the exposure of personal information for over 46,000 veterans, after attackers breached their systems to steal payments earmarked for health care providers who provided treatment to veterans.
Account Hijacking
O Public administration and defence, compulsory social security
CC
US
U.S. Department of Veterans Affairs (VA
93
01/01/1970
?
US financial sector
The FBI sends a private security alert to the US financial sector, warning organizations about the increasing number of credential stuffing attacks.
Credential Stuffing
K Financial and insurance activities
CC
US
FBI
94
01/01/1970
Threat actors affiliated with the Chinese Ministry of State Security
U.S. government agencies
The CISA reveal that threat actors affiliated with the Chinese Ministry of State Security (MSS) continue to target U.S. government agencies.
Targeted Attack
O Public administration and defence, compulsory social security
CE
US
CISA, China
95
01/01/1970
?
Tutanota
Encrypted email service Tutanota continues to be hit by DDoS attacks.
DDoS
M Professional scientific and technical activities
CC
DE
Tutanota
96
01/01/1970
Conti
Fourth District Court of Louisiana
The Fourth District Court of Louisiana is hit with a Conti ransomware attack.
Malware
O Public administration and defence, compulsory social security
CC
US
Fourth District Court of Louisiana, Conti, ransomware
97
01/01/1970
LockBit
Yaskawa Electric Corporation
Operators of the LockBit ransomware gang leak the data of Yaskawa Electric Corporation
Malware
C Manufacturing
CC
JP
LockBit, ransomware, Yaskawa Electric Corporation
98
01/01/1970
LockBit
Overseas Express Shipping Company
Operators of the LockBit ransomware gang leak the data of Overseas Express Shipping Company
Malware
H Transportation and storage
CC
KR
LockBit, ransomware, Overseas Express Shipping Company
99
01/01/1970
?
Floral Park-Bellerose school district
Floral Park-Bellerose school district is hit with a ransomware attack.
Malware
P Education
CC
US
Floral Park-Bellerose school district, ransomware
100
01/01/1970
Iranian hackers from an unnamed APT
IT, government, healthcare, financial, and insurance organizations in the United States
According to a CISA’s report, Iranian hackers from an unnamed APT group are employing several known web shells, in attacks on IT, government, healthcare, financial, and insurance organizations across the United States.
Targeted Attack
Y Multiple Industries
CC
>1
CISA, Iran
101
01/01/1970
?
Newhall School District
The Newhall School District is hit with a ransomware attack
Malware
P Education
CC
US
Newhall School District, ransomware
102
01/01/1970
RedDelta
Catholic Institutions
Researchers from Recorded Future reveal that the China-linked threat group RedDelta has continued to launch cyberattacks against Catholic institutions since May 2020.
Targeted Attack
U Activities of extraterritorial organizations and bodies
CE
VA
Recorded Future, China, Vatican
103
01/01/1970
?
Skidmore-Tynan Independent School District
The Skidmore-Tynan Independent School District is hit with a ransomware attack,
Malware
P Education
CC
US
Skidmore-Tynan Independent School District, ransomware
104
01/01/1970
?
Jekyll Island Authority
Jekyll Island Authority is hit with a ransomware attack.
Malware
O Public administration and defence, compulsory social security
Thanks for producing these graphs, some very interesting data. I’m looking to use this data within my university studies and was hoping to get a csv containing all the data from 2011 – Present. This would be a great help.
Hi Paolo,
Thanks for producing these graphs, some very interesting data. I’m looking to use this data within my university studies and was hoping to get a csv containing all the data from 2011 – Present. This would be a great help.
Thanks in advance.
Sure thing! I am giving you access to the raw data! Good Luck!
Pingback: Veille Cyber N307 – 02 novembre 2020 |