It’s time to publish the second timeline of September (part I here). This timeline confirms the trend of the latest months with 101 events (including 4 occurred outside the considered interval). Needless to say, ransomware continued to dominate the landscape with 30% of the events, and one third of those were indirect aftermaths of the Blackbaud ransomware attack.
Other interesting events related to cyber crime included the hack to KuCoin, a Singapore-based cryptocurrency exchange ($150 million worth stolen), and a global Business Email Compromise campaign, netting the cyber criminals around $15 million.
The cyber espionage front was also quite rich in this timeline with multiple campaigns carried out by well-know threat actors such as APT-28, APT-C-23, Kimsuky, Rampant Kitten, Transparent Tribe, Winnti, BlackTech. The chronicles also reported two noticeable cyber attack against a COVID-19 research facility in Spain, and the British Foreign Ministry.
Cyber warfare was influenced by the US Elections, with the discovery of two disinformation campaigns, while the conflict between Armenia and Azerbaijan was allegedly behind two DDoS attacks against two flght radar services.
As always, all the details are in the timeline. Thanks for sharing it and supporting my work in spreading the risk awareness across the community. Also, don’t forget to follow @paulsparrows on Twitter, or even connect on Linkedin, for the latest updates.
ID
Date
Author
Target
Description
Attack
Target Class
Attack Class
Country
Link
Tags
1
28/08/2020
Kimsuky
28 UN officials, including at least 11 individuals representing six countries of the UN Security Council.
Kimsuky, a hacker group previously associated with the North Korean regime has been spotted launching spear-phishing attacks to compromise officials part of the United Nations Security Council.
Targeted Attack
U Activities of extraterritorial organizations and bodies
CE
N/A
Kimsuky, United Nations
2
31/08/2020
?
Anglicare Sidney
Anglicare Sydney is hit with a ransomware attack and 17GB of its data is transmitted “to a remote location”.
Malware
Q Human health and social work activities
CC
AU
Anglicare Sidney, ransomware
3
10/09/2020
?
SCL Health
SCL Health joins the list of the victims of the Blackbaud ransomware attack.
Malware
Q Human health and social work activities
CC
US
SCL Health, Blackbaud, ransomware
4
14/09/2020
?
Christ Hospital Health Network
The Christ Hospital Health Network notifies its patients of the Blackbaud ransomware security incident.
Malware
Q Human health and social work activities
CC
US
Christ Hospital Health Network, Blackbaud, ransomware
5
16/09/2020
?
Multiple targets
The Dutch National Agency publishes a new alert about a spike of Emotet activity.
Malware
Y Multiple Industries
CC
NL
Emotet
6
16/09/2020
?
Pepperstone
Melbourne-based global derivatives broker Pepperstone is hit by cybercriminals for a second time this year with the personal data of an as-yet-unknown number of customers compromised.
Unknown
K Financial and insurance activities
CC
AU
Pepperstone
7
16/09/2020
?
Floral Park-Bellerose school district
Floral Park-Bellerose school district is hit with ransomware attack
Malware
P Education
CC
US
Floral Park-Bellerose school district, ransomware
8
16/09/2020
?
City of Carmel
City of Carmel’s official city website remains out of service while officials investigate a hacking incident.
Unknown
O Public administration and defence, compulsory social security
CC
US
City of Carmel
9
17/09/2020
Multiple ransomware operators
Educational institutions in the U.K.
The U.K. National Cyber Security Centre (NCSC) issues an alert about a surge in ransomware incidents targeting educational institutions in the U.K.
Malware
P Education
CC
UK
National Cyber Security Centre, NCSC, ransomware
10
17/09/2020
?
Single individuals
Researchers from Trustwave discover a new spam campaign relying on URL obfuscation.
Malicious spam
X Individual
CC
>1
Trustwave
11
18/09/2020
China?
Spanish research centers working on a COVID-19 vaccine
Chinese hackers have stolen information from Spanish research centers working on a COVID-19 vaccine, according to sources familiar with the situation.
Targeted Attack
Q Human health and social work activities
CE
ES
China, COVID-19
12
18/09/2020
Rampant Kitten
Iranian expats and dissidents
Researchers from Check Point reveal an ongoing surveillance operation by Iranian entities that has been targeting Iranian expats and dissidents for years, also using a mobile malware able to steal 2FA codes sent via SMS.
Targeted Attack
X Individual
CE
IR
Check Point, Rampant Kitten, 2FA
13
18/09/2020
?
Multiple targets
At least one network access broker is advertising access to networks of organizations in various regions of the world that use the ManageEngine Desktop Central from Zoho to manage their Windows, Linux, and Mac systems.
Unknown
Y Multiple Industries
CC
>1
ManageEngine Desktop Central, Zoho
14
18/09/2020
?
Children’s Minnesota
Children’s Minnesota reveals to have been hit by the Blackbaud ransomware attack.
Malware
Q Human health and social work activities
CC
US
Children’s Minnesota, Blackbaud, ransomware
15
18/09/2020
?
Allina Health
Allina Health reveals to have been hit by the Blackbaud ransomware attack.
Malware
Q Human health and social work activities
CC
US
Allina Health, Blackbaud, ransomware
16
18/09/2020
?
Regions Hospital
Regions Hospital reveals to have been hit by the Blackbaud ransomware attack.
Malware
Q Human health and social work activities
CC
US
Regions Hospital, Blackbaud, ransomware
17
18/09/2020
?
Gillette Children’s Specialty Healthcare
Gillette Children’s Specialty Healthcare reveals to have been hit by the Blackbaud ransomware attack.
Indian National Informatics Centre (NIC) and Ministry of Electronics and Information Technology
More than 100 computers of the National Informatics Centre (NIC) and the Ministry of Electronics and Information Technology are reportedly compromised after a suspected malware attack.
Malware
O Public administration and defence, compulsory social security
CC
IN
National Informatics Centre, NIC, Ministry of Electronics and Information Technology
19
18/09/2020
?
Mobile Banking users
Researchers from Kaspersky reveal that the posting on Russian underground forums of source code for the Android mobile banking Trojan Cerberus has led to an increase in attacks as well as updates to the malware.
Malware
K Financial and insurance activities
CC
>1
Kaspersky, Cerberus, Android
20
19/09/2020
?
More than 1,000 high-ranking Belarusian police officers
A group of hackers leaks the names and personal details of more than 1,000 high-ranking Belarusian police officers in response to violent police crackdowns against anti-government demonstrations.
Unknown
O Public administration and defence, compulsory social security
H
BY
Belarus
21
19/09/2020
?
Lawrence General Hospital
Lawrence General Hospital suffers a disruptive cybersecurity incident that creates a 36-hours disruption.
Unknown
Q Human health and social work activities
CC
US
Lawrence General Hospital
22
20/09/2020
?
Activision
According to reports, more than 500,000 Activision accounts may have been hacked with login data compromised. However the company denies any compromise.
Unknown
R Arts entertainment and recreation
CC
US
Activision
23
20/09/2020
?
Luxottica
Italy-based eyewear and eyecare giant Luxottica suffers a ransomware attack leading to the shutdown of operations in Italy and China.
Malware
C Manufacturing
CC
IT
Luxottica, ransomware
24
20/09/2020
?
Saint Alphonsus Hospital
Saint Alphonsus Hospital system says some patient and donor information may have been compromised in the Blackbaud ransomware attack.
Malware
Q Human health and social work activities
CC
US
Saint Alphonsus Hospital, Blackbaud, ransomware
25
21/09/2020
?
Multiple targets
Researchers from Microsoft reveal a new Emotet campaign distributing password-protected archives to bypass email security gateways.
Malware
Y Multiple Industries
CC
>1
Microsoft, Emotet
26
21/09/2020
?
ArbiterSports
ArbiterSports, a company that provides software for sports leagues to manage referees and game officials discloses a security incident that impacted around 540,000 of its registered members, when the company was hit by a ransomware attack back in July.
Malware
M Professional scientific and technical activities
CC
US
ArbiterSports, ransomware
27
21/09/2020
?
Texas businesses
Researchers from Abnormal Security reveal the details of a phishing campaign impersonating the Texas Department of State Health Services (DSHS).
Account hijacking
Y Multiple Industries
CC
US
Abnormal Security, Texas Department of State Health Services, DSHS
28
21/09/2020
?
Multiple targets
The Italian National Agency publishes a new alert about a spike of Emotet activity.
Malware
Y Multiple Industries
CC
IT
Emotet
29
21/09/2020
?
Northern Light Health
Northern Light Health notifies patients that it has also been hit by the Blackbaud breach.
Malware
Q Human health and social work activities
CC
US
Northern Light Health, Blackbaud, ransomware
30
21/09/2020
?
St. Clair County
St. Clair County is hit by a cyber attack.
Unknown
O Public administration and defence, compulsory social security
CC
US
St. Clair County
31
21/09/2020
?
Virgin Mobile KSA
Hackers compromise Virgin Mobile's office network in Saudi Arabia, gained access to its email system and an Active Directory domain controller and offered stolen data for sale on private dark web forums.
Unknown
J Information and communication
CC
SA
Virgin Mobile
32
22/09/2020
APT28 AKA Fancy Bear, Sofacy, Sednit, and STRONTIUM
Government body in Azerbaijan and NATO members or other countries involved in NATO exercises
Researchers from QuoIntelligence discover a new campaign carried out by APT28 using the Zebrocy malware.
Targeted Attack
O Public administration and defence, compulsory social security
A mix of social engineering, SIM-swapping, and the use of AnyDesk remote desktop software allows a scammer to empty the bank accounts of at least three victims, stealing the equivalent of $350,000.
Account hijacking
X Individual
CC
HU
AnyDesk
34
22/09/2020
?
Mobile users
Researchers from Avast discover at least three TikTok profiles with more than 350,000 followers, promoting multiple fraudulent mobile apps that generated $500,000 in profit, installed more than 2.4 million times.
Malware
Y Multiple Industries
CC
>1
Avast, TikTok
35
22/09/2020
?
Facebook users
Facebook removes two separate networks from China and Philippines that have covertly spread content concerning hot political topics and propaganda.
Fake Social Networks Accounts
X Individual
CW
>1
Facebook, China, Philippines
36
22/09/2020
LokiBot
Multiple targets
The US Cybersecurity and Infrastructure Security Agency (CISA) warns of a notable increase in the use of LokiBot malware by threat actors since July 2020.
Malware
Y Multiple Industries
CC
US
US Cybersecurity and Infrastructure Security Agency, CISA, LokiBot
37
22/09/2020
?
Nebraska Medicine
Nebraska Medicine suffers a cyber attack.
Unknown
Q Human health and social work activities
CC
US
Nebraska Medicine
38
23/09/2020
?
Multiple targets
Microsoft warns that attackers are actively exploiting the Windows Server Zerologon (CVE-2020-1472) vulnerability.
CVE-2020-1472 Vulnerability
Y Multiple Industries
CC
>1
Microsoft, Zerologon, CVE-2020-1472
39
23/09/2020
RansomExx
Tyler Technologies
Leading government technology services provider Tyler Technologies suffers a RansomExx ransomware attack that disrupts its operations.
Malware
M Professional scientific and technical activities
CC
US
Tyler Technologies, RansomExx, ransomware
40
23/09/2020
?
Multiple targets
Researchers from Group-IB discover a new ransomware group called OldGremlin, targeting large corporate networks using self-made backdoors and file-encrypting malware for the initial and final stages of the attack.
Targeted Attack
Y Multiple Industries
CC
RU
OldGremlin, ransomware, Group-IB
41
23/09/2020
AgeLocker
QNAP NAS devices
QNAP NAS devices are targeted in attacks by the AgeLocker ransomware, which encrypts the device's data, and in some cases, steal files from the victim.
Malware
Y Multiple Industries
CC
>1
QNAP, AgeLocker, ransomware
42
23/09/2020
?
Trinity Health
Trinity Health notifies donors and certain patients to be among the victims of the Blackbaud ransomware attack.
Malware
Q Human health and social work activities
CC
US
Trinity Health, Blackbaud, ransomware
43
23/09/2020
Egregor
Gefco Logistics
Gefco Logistics is hit with a Egregor ransomware attack.
Malware
H Transportation and storage
CC
FR
Gefco Logistics, Egregor, ransomware
44
23/09/2020
Transparent Tribe
Indian defense units and armed forces
Researchers from Quick Heal uncover evidence of Operation Sidecopy, an ongoing cyberespionage campaign against Indian defense units and armed forces personnel at least since 2019 with an aim to steal sensitive information.
Targeted Attack
O Public administration and defence, compulsory social security
CE
IN
Quick Heal, Transparent Tribe, Operation Sidecopy
45
23/09/2020
?
Ukraine National Police
A cyberattack takes down the website of the Ukraine National Police website.
Unknown
O Public administration and defence, compulsory social security
CC
UA
Ukraine National Police
46
24/09/2020
Gadolinium
Organizations in the maritime and health industry, higher education and regional government entities
Microsoft disrupts operations of a nation-state threat group that was using its Azure cloud infrastructure for cyber attacks. The Group has been active for about a decade targeting organizations in the maritime and health industry.
Targeted Attack
Y Multiple Industries
CE
>1
Microsoft, Gadolinium, Azure
47
24/09/2020
Mount Locker
Multiple targets
A new ransomware operation named Mount Locker is underway stealing victims' files before encrypting and then demanding multi-million dollar ransoms.
Malware
Y Multiple Industries
CC
>1
Mount Locker, ransomware
48
24/09/2020
?
Android Users
Google removes this week 17 Android applications from the official Play Store. infected with the Joker (aka Bread) malware.
Malware
X Individual
CC
>1
Google, Android, Joker, Bread
49
24/09/2020
?
Scouts Victoria
Scouts Victoria warns about a phishing incident that occurred in late July and early August.
Account hijacking
S Other service activities
CC
AU
Scouts Victoria
50
24/09/2020
APT28 AKA Fancy Bear, Sofacy, Sednit, and STRONTIUM
Undisclosed Federal Agency
CISA reveals that a hacker has gained access and exfiltrated data from a federal agency.
CVE-2019-11510 Vulnerability
O Public administration and defence, compulsory social security
CE
US
CISA
51
24/09/2020
?
Android Users
Security researchers from ThreatFabric discover Alien, a new strain of Android malware that comes with a wide array of features allowing it to steal credentials from 226 applications.
Malware
X Individual
CC
>1
ThreatFabric, Alien, Android
52
24/09/2020
Russia, China and Vietnam?
Some Hungarian banking and telecommunication services
Magyar Telekom reveals that some Hungarian banking and telecommunication services are briefly disrupted by a powerful cyber attack launched from computer servers in Russia, China and Vietnam.
DDoS
K Financial and insurance activities
CC
HU
Magyar Telekom, Russia, China, Vietnam
53
24/09/2020
?
Washington State
Washington State reveals to have been targeted by a “large-scale, highly sophisticated” nationwide phishing campaign.
Account hijacking
O Public administration and defence, compulsory social security
CE
US
Washington State
54
24/09/2020
?
Mr Bricolage
Mr Bricolage is hit with a ransomware attack.
Malware
G Wholesale and retail trade
CC
FR
Mr Bricolage, ransomware
55
24/09/2020
?
Facebook users
Facebook removes several campaigns carried out by fake Russian accounts ahead of the US presidential election.
Fake Social Networks Accounts
X Individual
CC
US
Facebook
56
24/09/2020
?
Multiple targets
Researchers from Area 1 Security discover a phishing campaign using a bogus GDPR compliance reminder to trick recipients.
Account hijacking
Y Multiple Industries
CC
>1
Area 1 Security, GDPR
57
24/09/2020
?
Stark Summit Ambulance
Stark Summit Ambulance notifies patients and employees of a phishing attack discovered on May 28, 2020.
Account hijacking
Q Human health and social work activities
CC
US
Stark Summit Ambulance
58
25/09/2020
?
Microsoft
The source code for Windows XP SP1 and other versions of the operating system is leaked online.
Unknown
M Professional scientific and technical activities
CC
US
Microsoft, Windows XP SP1
59
25/09/2020
?
Egyptian civil society organizations
Researchers from Amnesty International uncover a new surveillance campaign targeting the Egyptian civil society organizations with a new version of the FinSpy spyware, targeting macOS and Linux users.
Targeted Attack
U Activities of extraterritorial organizations and bodies
CE
EG
Amnesty International, FinSpy, Egypt, macOS, Linux
60
25/09/2020
?
University of Surrey
The University of Surrey is among the victims of the Blackbaud ransomware attack.
Malware
Q Human health and social work activities
CC
UK
University of Surrey, Blackbaud, ransomware
61
25/09/2020
?
ShopBack
ShopBack says that it became aware of an unauthorized access to its systems, occurred few days earlier, which contained customers' personal data. The company is still investigating what data has been compromised.
Unknown
G Wholesale and retail trade
CC
SG
ShopBack
62
25/09/2020
?
Transport Malta
Transport Malta is hit by a cyberattack
Unknown
H Transportation and storage
CC
MT
Transport Malta
63
25/09/2020
?
Montgomery County
Montgomery County’s government networks are taken down for a “data security incident”.
Unknown
O Public administration and defence, compulsory social security
CC
US
Montgomery County
64
25/09/2020
?
Century Specialty Script, LLC
Century Specialty Script, LLC discloses a phishing attack discovered on July 2020.
Account hijacking
N Administrative and support service activities
CC
US
Century Specialty Script, LLC
65
25/09/2020
University of Cumbria
Even the University of Cumbria is hit by the Blackbaud ransomware attack.
Malware
P Education
CC
UK
University of Cumbria, Blackbaud, ransomware
66
26/09/2020
?
Swatch Group
Swiss watchmaker Swatch Group shuts down its IT systems over the weekend after identifying a cyberattack targeting its organization.
Malware
C Manufacturing
CC
CH
Swatch Group, ransomware
67
26/09/2020
?
Arthur J. Gallagher (AJG)
US-based Arthur J. Gallagher (AJG) global insurance brokerage and risk management firm confirms a ransomware attack.
Malware
K Financial and insurance activities
CC
US
Arthur J. Gallagher, AJG, ransomware
68
26/09/2020
?
KuCoin
Singapore-based cryptocurrency exchange KuCoin discloses today a mega hack. In a statement posted on its website, the company confirmed that a threat actor breached its systems and emptied its hot wallets of all funds ($150 million worth).
Unknown
V Fintech
CC
SG
KuCoin, Crypto
69
26/09/2020
?
Stone Refurb
Customers performing online transactions on Stone Refurb have their bank details stolen.
Unknown
G Wholesale and retail trade
CC
UK
Stone Refurb
70
26/09/2020
?
Martin County
The Website of Martin County is hacked and data is stolen.
Unknown
O Public administration and defence, compulsory social security
CC
US
Martin County
71
27/09/2020
Ryuk
Universal Health Services, UHS
Universal Health Services (UHS), a Fortune 500 hospital and healthcare services provider, shuts down systems at healthcare facilities around the US after a Ryuk ransomware attack.
Malware
Q Human health and social work activities
CC
US
Universal Health Services, UHS, Ryuk, ransomware
72
27/09/2020
?
RedDoorz
Budget hotel management and booking services firm RedDoorz says that one of its IT databases suffered a breach last week.
Unknown
I Accommodation and food service activities
CC
SG
RedDoorz
73
27/09/2020
?
DoppelPaymer
The DoppelPaymer ransomware gang leaks the data of South African Judiciary.
Malware
O Public administration and defence, compulsory social security
CC
ZA
DoppelPaymer, South African Judiciary, ransomware
74
28/09/2020
Ragnar Locker
CMA CGM S.A.
CMA CGM S.A., a French maritime transport and logistics giant discloses a Ragnar Locker ransomware attack.
Malware
H Transportation and storage
CC
FR
CMA CGM S.A., Ragnar Locker, ransomware
75
28/09/2020
?
Over 150 organizations -- ranging from law, construction, finance, and retail
The FBI is investigating a global business email compromise (BEC) campaign that has netted cybercriminals at least $15 million in illicit proceeds.
Business Email Compromise
Y Multiple Industries
CC
>1
Mitiga
76
28/09/2020
?
Individuals in the US
The FBI and the CISA issue a joint public service announcement about the threat of disinformation campaigns targeting the 2020 US election.
Fake News/ Social Networks Accounts/Pages
X Individual
CW
US
FBI, CISA, US election
77
28/09/2020
?
Red Funnel
Red Funnel ferry's IT is hit by a 'malicious attack'
Malware
H Transportation and storage
CC
UK
Red Funnel
78
28/09/2020
?
Gulf Coast State College
Some Gulf Coast State College students and employees receive a letter from school officials, about a data breach that took place back between March 31, 2020 and June 3, 2020, when a hacker accessed several employees’ email accounts.
Account hijacking
P Education
CC
US
Gulf Coast State College
79
28/09/2020
?
VOXX International
VOXX International notifies employees and dependents enrolled in their health plan of a ransomware attack.
Malware
C Manufacturing
CC
US
VOXX International, ransomware
80
28/09/2020
?
Recover Our Youth
Recover Our Youth notifies clients and guardians of a data security incident.
Malware
Q Human health and social work activities
CC
US
Recover Our Youth, ransomware
81
29/09/2020
Exorcist 2.0
Multiple targets
The threat actors behind the Exorcist 2.0 ransomware are using malicious advertising to redirect victims to fake software crack sites that distribute their malware.
Malware
Y Multiple Industries
CC
>1
Exorcist 2.0, ransomware
82
29/09/2020
?
Undisclosed Company
An undisclosed company is hit by the first worm phishing campaign.
Account hijacking
Z Unknown
CC
N/A
worm phishing
83
29/09/2020
Palmerworm aka BlackTech
Organizations in the US, Japan, Taiwan and China
Researchers from Broadcom reveal the details of a new campaign targeting several organizations in media, finance, construction and engineering.
Live flight tracking service Plane Finder is hit with a DDoS attack. The attack is possibly linked to Armenia-Azerbaijan conflict.
DDoS
S Other service activities
H
UK
Plane Finder, Armenia, Azerbaijan
85
29/09/2020
?
Flightradar24
Live flight tracking service Flightradar24 is hit with a DDoS attack. The attack is possibly linked to Armenia-Azerbaijan conflict.
DDoS
S Other service activities
H
SE
Flightradar24, Armenia, Azerbaijan
86
29/09/2020
?
Medisys Health Group
The Medisys Health Group and its affiliate Copeman Healthcare report a ransomware data breach involving the personal information of about 60,000 of its clients.
Malware
Q Human health and social work activities
CC
CA
Medisys Health Group, Copeman Healthcare, ransomware
87
29/09/2020
TA2552
Multiple Spanish-speaking targets
Researchers from ProofPoint discover a new campaign by TA2552, using OAuth2 or other token-based authorization methods to access Office 365 accounts, in order to steal users’ contacts and mail.
Account hijacking
Y Multiple Industries
CC
>1
ProofPoint, TA2552, OAuth2, Office 365
88
29/09/2020
?
Lindenhurst School District
Lindenhurst School District is hit by a DDoS attack.
DDoS
P Education
CC
US
Lindenhurst School District
89
29/09/2020
?
Legacy Community Health
Legacy Community Health announces that some of its patients were victims of an email phishing incident.
Account hijacking
Q Human health and social work activities
CC
US
Legacy Community Health
90
29/09/2020
?
People of Praise
The religious group People of Praise reportedly suffers a data breach involving unauthorized access to contact information in the membership directory.
Unknown
S Other service activities
CC
US
People of Praise
91
29/09/2020
?
British Foreign Ministry
The British government is probing a hack carried out on computer systems belonging to the British Foreign Ministry, which resulted in hundreds of files exposing its propaganda operations in Syria being stolen.
Targeted Attack
O Public administration and defence, compulsory social security
CE
UK
British Foreign Ministry, Syria
92
29/09/2020
Winnti
Multiple targets
Researchers from Positive Technologies discover a new activity by the Winnti group carried out via the ShadowPad, a previously unknown Python backdoor.
Targeted Attack
Y Multiple Industries
CE
>1
Positive Technologies, Winnti, ShadowPad, Python
93
30/09/2020
APT-C-23
Targets in the Middle East
Researchers from ESET discover a new Android malware distributed through fake messaging apps like Threema, Telegram, and WeMessage.
Targeted Attack
Y Multiple Industries
CE
>1
ESET, Android, Threema, Telegram, and WeMessage, APT-C-23
94
30/09/2020
simplelive12
Multiple targets
Researchers from Sonatype discover four JavaScript npm packages containing malicious code that collect user details and uploaded the information to a public GitHub page.
Malware
Y Multiple Industries
CC
>1
Sonatype, JavaScript, GitHub, npm
95
30/09/2020
?
Multiple targets
Researchers from Menlo Security discover a phishing campaign aimed at stealing steal corporate Microsoft Office 365 usernames and passwords, targeting a wide range of organizations and using captchas.
Account hijacking
Y Multiple Industries
CC
>1
Menlo Security, Microsoft Office 365, captchas
96
30/09/2020
XDSpy
Governments in Eastern Europe, the Balkans and Russia
Researchers from ESET reveal the details of XDSpy, a previously undisclosed cyber espionage operation targeting several governments in Eastern Europe, the Balkans and Russia.
Targeted Attack
O Public administration and defence, compulsory social security
CE
>1
ESET, XDSpy
97
30/09/2020
?
CloudBees
Users of CloudBees' CodeShip are advised to immediately rotate any keys and other secrets in their pipelines after the DevOps solutions provider discovers a long-lasting data breach.
Unknown
M Professional scientific and technical activities
CC
US
CloudBees, CodeShip
98
30/09/2020
?
Undisclosed North American hospitality merchant
Visa reveals that two North American hospitality merchants were hacked and had their system infected with point-of-sale (POS) malware earlier this year (May and June 2020).
PoS Malware
K Financial and insurance activities
CC
US
Visa
99
30/09/2020
?
Undisclosed North American hospitality merchant
Visa reveals that two North American hospitality merchants were hacked and had their system infected with point-of-sale (POS) malware earlier this year (May and June 2020).
PoS Malware
K Financial and insurance activities
CC
US
Visa
100
30/09/2020
?
Cache Creek Casino Resort
The Cache Creek Casino Resort is shut down by a cyber attack.
Unknown
R Arts entertainment and recreation
CC
US
Cache Creek Casino Resort
101
30/09/2020
?
Pell City
Some customers who pay the city of Pell City have their data breached.
Unknown
O Public administration and defence, compulsory social security
