It’s time to publish the second timeline of September (part I here). This timeline confirms the trend of the latest months with 101 events (including 4 occurred outside the considered interval). Needless to say, ransomware continued to dominate the landscape with 30% of the events, and one third of those were indirect aftermaths of the Blackbaud ransomware attack.
Other interesting events related to cyber crime included the hack to KuCoin, a Singapore-based cryptocurrency exchange ($150 million worth stolen), and a global Business Email Compromise campaign, netting the cyber criminals around $15 million.
The cyber espionage front was also quite rich in this timeline with multiple campaigns carried out by well-know threat actors such as APT-28, APT-C-23, Kimsuky, Rampant Kitten, Transparent Tribe, Winnti, BlackTech. The chronicles also reported two noticeable cyber attack against a COVID-19 research facility in Spain, and the British Foreign Ministry.
Cyber warfare was influenced by the US Elections, with the discovery of two disinformation campaigns, while the conflict between Armenia and Azerbaijan was allegedly behind two DDoS attacks against two flght radar services.
As always, all the details are in the timeline. Thanks for sharing it and supporting my work in spreading the risk awareness across the community. Also, don’t forget to follow @paulsparrows on Twitter, or even connect on Linkedin, for the latest updates.
ID
Date
Author
Target
Description
Attack
Target Class
Attack Class
Country
Link
Tags
1
01/01/1970
Kimsuky
28 UN officials, including at least 11 individuals representing six countries of the UN Security Council.
Kimsuky, a hacker group previously associated with the North Korean regime has been spotted launching spear-phishing attacks to compromise officials part of the United Nations Security Council.
Targeted Attack
U Activities of extraterritorial organizations and bodies
CE
N/A
Kimsuky, United Nations
2
01/01/1970
?
Anglicare Sidney
Anglicare Sydney is hit with a ransomware attack and 17GB of its data is transmitted “to a remote location”.
Malware
Q Human health and social work activities
CC
AU
Anglicare Sidney, ransomware
3
09/10/2020
?
SCL Health
SCL Health joins the list of the victims of the Blackbaud ransomware attack.
Malware
Q Human health and social work activities
CC
US
SCL Health, Blackbaud, ransomware
4
01/01/1970
?
Christ Hospital Health Network
The Christ Hospital Health Network notifies its patients of the Blackbaud ransomware security incident.
Malware
Q Human health and social work activities
CC
US
Christ Hospital Health Network, Blackbaud, ransomware
5
01/01/1970
?
Multiple targets
The Dutch National Agency publishes a new alert about a spike of Emotet activity.
Malware
Y Multiple Industries
CC
NL
Emotet
6
01/01/1970
?
Pepperstone
Melbourne-based global derivatives broker Pepperstone is hit by cybercriminals for a second time this year with the personal data of an as-yet-unknown number of customers compromised.
Unknown
K Financial and insurance activities
CC
AU
Pepperstone
7
01/01/1970
?
Floral Park-Bellerose school district
Floral Park-Bellerose school district is hit with ransomware attack
Malware
P Education
CC
US
Floral Park-Bellerose school district, ransomware
8
01/01/1970
?
City of Carmel
City of Carmel’s official city website remains out of service while officials investigate a hacking incident.
Unknown
O Public administration and defence, compulsory social security
CC
US
City of Carmel
9
01/01/1970
Multiple ransomware operators
Educational institutions in the U.K.
The U.K. National Cyber Security Centre (NCSC) issues an alert about a surge in ransomware incidents targeting educational institutions in the U.K.
Malware
P Education
CC
UK
National Cyber Security Centre, NCSC, ransomware
10
01/01/1970
?
Single individuals
Researchers from Trustwave discover a new spam campaign relying on URL obfuscation.
Malicious spam
X Individual
CC
>1
Trustwave
11
01/01/1970
China?
Spanish research centers working on a COVID-19 vaccine
Chinese hackers have stolen information from Spanish research centers working on a COVID-19 vaccine, according to sources familiar with the situation.
Targeted Attack
Q Human health and social work activities
CE
ES
China, COVID-19
12
01/01/1970
Rampant Kitten
Iranian expats and dissidents
Researchers from Check Point reveal an ongoing surveillance operation by Iranian entities that has been targeting Iranian expats and dissidents for years, also using a mobile malware able to steal 2FA codes sent via SMS.
Targeted Attack
X Individual
CE
IR
Check Point, Rampant Kitten, 2FA
13
01/01/1970
?
Multiple targets
At least one network access broker is advertising access to networks of organizations in various regions of the world that use the ManageEngine Desktop Central from Zoho to manage their Windows, Linux, and Mac systems.
Unknown
Y Multiple Industries
CC
>1
ManageEngine Desktop Central, Zoho
14
01/01/1970
?
Children’s Minnesota
Children’s Minnesota reveals to have been hit by the Blackbaud ransomware attack.
Malware
Q Human health and social work activities
CC
US
Children’s Minnesota, Blackbaud, ransomware
15
01/01/1970
?
Allina Health
Allina Health reveals to have been hit by the Blackbaud ransomware attack.
Malware
Q Human health and social work activities
CC
US
Allina Health, Blackbaud, ransomware
16
01/01/1970
?
Regions Hospital
Regions Hospital reveals to have been hit by the Blackbaud ransomware attack.
Malware
Q Human health and social work activities
CC
US
Regions Hospital, Blackbaud, ransomware
17
01/01/1970
?
Gillette Children’s Specialty Healthcare
Gillette Children’s Specialty Healthcare reveals to have been hit by the Blackbaud ransomware attack.
Indian National Informatics Centre (NIC) and Ministry of Electronics and Information Technology
More than 100 computers of the National Informatics Centre (NIC) and the Ministry of Electronics and Information Technology are reportedly compromised after a suspected malware attack.
Malware
O Public administration and defence, compulsory social security
CC
IN
National Informatics Centre, NIC, Ministry of Electronics and Information Technology
19
01/01/1970
?
Mobile Banking users
Researchers from Kaspersky reveal that the posting on Russian underground forums of source code for the Android mobile banking Trojan Cerberus has led to an increase in attacks as well as updates to the malware.
Malware
K Financial and insurance activities
CC
>1
Kaspersky, Cerberus, Android
20
01/01/1970
?
More than 1,000 high-ranking Belarusian police officers
A group of hackers leaks the names and personal details of more than 1,000 high-ranking Belarusian police officers in response to violent police crackdowns against anti-government demonstrations.
Unknown
O Public administration and defence, compulsory social security
H
BY
Belarus
21
01/01/1970
?
Lawrence General Hospital
Lawrence General Hospital suffers a disruptive cybersecurity incident that creates a 36-hours disruption.
Unknown
Q Human health and social work activities
CC
US
Lawrence General Hospital
22
01/01/1970
?
Activision
According to reports, more than 500,000 Activision accounts may have been hacked with login data compromised. However the company denies any compromise.
Unknown
R Arts entertainment and recreation
CC
US
Activision
23
01/01/1970
?
Luxottica
Italy-based eyewear and eyecare giant Luxottica suffers a ransomware attack leading to the shutdown of operations in Italy and China.
Malware
C Manufacturing
CC
IT
Luxottica, ransomware
24
01/01/1970
?
Saint Alphonsus Hospital
Saint Alphonsus Hospital system says some patient and donor information may have been compromised in the Blackbaud ransomware attack.
Malware
Q Human health and social work activities
CC
US
Saint Alphonsus Hospital, Blackbaud, ransomware
25
01/01/1970
?
Multiple targets
Researchers from Microsoft reveal a new Emotet campaign distributing password-protected archives to bypass email security gateways.
Malware
Y Multiple Industries
CC
>1
Microsoft, Emotet
26
01/01/1970
?
ArbiterSports
ArbiterSports, a company that provides software for sports leagues to manage referees and game officials discloses a security incident that impacted around 540,000 of its registered members, when the company was hit by a ransomware attack back in July.
Malware
M Professional scientific and technical activities
CC
US
ArbiterSports, ransomware
27
01/01/1970
?
Texas businesses
Researchers from Abnormal Security reveal the details of a phishing campaign impersonating the Texas Department of State Health Services (DSHS).
Account hijacking
Y Multiple Industries
CC
US
Abnormal Security, Texas Department of State Health Services, DSHS
28
01/01/1970
?
Multiple targets
The Italian National Agency publishes a new alert about a spike of Emotet activity.
Malware
Y Multiple Industries
CC
IT
Emotet
29
01/01/1970
?
Northern Light Health
Northern Light Health notifies patients that it has also been hit by the Blackbaud breach.
Malware
Q Human health and social work activities
CC
US
Northern Light Health, Blackbaud, ransomware
30
01/01/1970
?
St. Clair County
St. Clair County is hit by a cyber attack.
Unknown
O Public administration and defence, compulsory social security
CC
US
St. Clair County
31
01/01/1970
?
Virgin Mobile KSA
Hackers compromise Virgin Mobile's office network in Saudi Arabia, gained access to its email system and an Active Directory domain controller and offered stolen data for sale on private dark web forums.
Unknown
J Information and communication
CC
SA
Virgin Mobile
32
01/01/1970
APT28 AKA Fancy Bear, Sofacy, Sednit, and STRONTIUM
Government body in Azerbaijan and NATO members or other countries involved in NATO exercises
Researchers from QuoIntelligence discover a new campaign carried out by APT28 using the Zebrocy malware.
Targeted Attack
O Public administration and defence, compulsory social security
A mix of social engineering, SIM-swapping, and the use of AnyDesk remote desktop software allows a scammer to empty the bank accounts of at least three victims, stealing the equivalent of $350,000.
Account hijacking
X Individual
CC
HU
AnyDesk
34
01/01/1970
?
Mobile users
Researchers from Avast discover at least three TikTok profiles with more than 350,000 followers, promoting multiple fraudulent mobile apps that generated $500,000 in profit, installed more than 2.4 million times.
Malware
Y Multiple Industries
CC
>1
Avast, TikTok
35
01/01/1970
?
Facebook users
Facebook removes two separate networks from China and Philippines that have covertly spread content concerning hot political topics and propaganda.
Fake Social Networks Accounts
X Individual
CW
>1
Facebook, China, Philippines
36
01/01/1970
LokiBot
Multiple targets
The US Cybersecurity and Infrastructure Security Agency (CISA) warns of a notable increase in the use of LokiBot malware by threat actors since July 2020.
Malware
Y Multiple Industries
CC
US
US Cybersecurity and Infrastructure Security Agency, CISA, LokiBot
37
01/01/1970
?
Nebraska Medicine
Nebraska Medicine suffers a cyber attack.
Unknown
Q Human health and social work activities
CC
US
Nebraska Medicine
38
01/01/1970
?
Multiple targets
Microsoft warns that attackers are actively exploiting the Windows Server Zerologon (CVE-2020-1472) vulnerability.
CVE-2020-1472 Vulnerability
Y Multiple Industries
CC
>1
Microsoft, Zerologon, CVE-2020-1472
39
01/01/1970
RansomExx
Tyler Technologies
Leading government technology services provider Tyler Technologies suffers a RansomExx ransomware attack that disrupts its operations.
Malware
M Professional scientific and technical activities
CC
US
Tyler Technologies, RansomExx, ransomware
40
01/01/1970
?
Multiple targets
Researchers from Group-IB discover a new ransomware group called OldGremlin, targeting large corporate networks using self-made backdoors and file-encrypting malware for the initial and final stages of the attack.
Targeted Attack
Y Multiple Industries
CC
RU
OldGremlin, ransomware, Group-IB
41
01/01/1970
AgeLocker
QNAP NAS devices
QNAP NAS devices are targeted in attacks by the AgeLocker ransomware, which encrypts the device's data, and in some cases, steal files from the victim.
Malware
Y Multiple Industries
CC
>1
QNAP, AgeLocker, ransomware
42
01/01/1970
?
Trinity Health
Trinity Health notifies donors and certain patients to be among the victims of the Blackbaud ransomware attack.
Malware
Q Human health and social work activities
CC
US
Trinity Health, Blackbaud, ransomware
43
01/01/1970
Egregor
Gefco Logistics
Gefco Logistics is hit with a Egregor ransomware attack.
Malware
H Transportation and storage
CC
FR
Gefco Logistics, Egregor, ransomware
44
01/01/1970
Transparent Tribe
Indian defense units and armed forces
Researchers from Quick Heal uncover evidence of Operation Sidecopy, an ongoing cyberespionage campaign against Indian defense units and armed forces personnel at least since 2019 with an aim to steal sensitive information.
Targeted Attack
O Public administration and defence, compulsory social security
CE
IN
Quick Heal, Transparent Tribe, Operation Sidecopy
45
01/01/1970
?
Ukraine National Police
A cyberattack takes down the website of the Ukraine National Police website.
Unknown
O Public administration and defence, compulsory social security
CC
UA
Ukraine National Police
46
01/01/1970
Gadolinium
Organizations in the maritime and health industry, higher education and regional government entities
Microsoft disrupts operations of a nation-state threat group that was using its Azure cloud infrastructure for cyber attacks. The Group has been active for about a decade targeting organizations in the maritime and health industry.
Targeted Attack
Y Multiple Industries
CE
>1
Microsoft, Gadolinium, Azure
47
01/01/1970
Mount Locker
Multiple targets
A new ransomware operation named Mount Locker is underway stealing victims' files before encrypting and then demanding multi-million dollar ransoms.
Malware
Y Multiple Industries
CC
>1
Mount Locker, ransomware
48
01/01/1970
?
Android Users
Google removes this week 17 Android applications from the official Play Store. infected with the Joker (aka Bread) malware.
Malware
X Individual
CC
>1
Google, Android, Joker, Bread
49
01/01/1970
?
Scouts Victoria
Scouts Victoria warns about a phishing incident that occurred in late July and early August.
Account hijacking
S Other service activities
CC
AU
Scouts Victoria
50
01/01/1970
APT28 AKA Fancy Bear, Sofacy, Sednit, and STRONTIUM
Undisclosed Federal Agency
CISA reveals that a hacker has gained access and exfiltrated data from a federal agency.
CVE-2019-11510 Vulnerability
O Public administration and defence, compulsory social security
CE
US
CISA
51
01/01/1970
?
Android Users
Security researchers from ThreatFabric discover Alien, a new strain of Android malware that comes with a wide array of features allowing it to steal credentials from 226 applications.
Malware
X Individual
CC
>1
ThreatFabric, Alien, Android
52
01/01/1970
Russia, China and Vietnam?
Some Hungarian banking and telecommunication services
Magyar Telekom reveals that some Hungarian banking and telecommunication services are briefly disrupted by a powerful cyber attack launched from computer servers in Russia, China and Vietnam.
DDoS
K Financial and insurance activities
CC
HU
Magyar Telekom, Russia, China, Vietnam
53
01/01/1970
?
Washington State
Washington State reveals to have been targeted by a “large-scale, highly sophisticated” nationwide phishing campaign.
Account hijacking
O Public administration and defence, compulsory social security
CE
US
Washington State
54
01/01/1970
?
Mr Bricolage
Mr Bricolage is hit with a ransomware attack.
Malware
G Wholesale and retail trade
CC
FR
Mr Bricolage, ransomware
55
01/01/1970
?
Facebook users
Facebook removes several campaigns carried out by fake Russian accounts ahead of the US presidential election.
Fake Social Networks Accounts
X Individual
CC
US
Facebook
56
01/01/1970
?
Multiple targets
Researchers from Area 1 Security discover a phishing campaign using a bogus GDPR compliance reminder to trick recipients.
Account hijacking
Y Multiple Industries
CC
>1
Area 1 Security, GDPR
57
01/01/1970
?
Stark Summit Ambulance
Stark Summit Ambulance notifies patients and employees of a phishing attack discovered on May 28, 2020.
Account hijacking
Q Human health and social work activities
CC
US
Stark Summit Ambulance
58
01/01/1970
?
Microsoft
The source code for Windows XP SP1 and other versions of the operating system is leaked online.
Unknown
M Professional scientific and technical activities
CC
US
Microsoft, Windows XP SP1
59
01/01/1970
?
Egyptian civil society organizations
Researchers from Amnesty International uncover a new surveillance campaign targeting the Egyptian civil society organizations with a new version of the FinSpy spyware, targeting macOS and Linux users.
Targeted Attack
U Activities of extraterritorial organizations and bodies
CE
EG
Amnesty International, FinSpy, Egypt, macOS, Linux
60
01/01/1970
?
University of Surrey
The University of Surrey is among the victims of the Blackbaud ransomware attack.
Malware
Q Human health and social work activities
CC
UK
University of Surrey, Blackbaud, ransomware
61
01/01/1970
?
ShopBack
ShopBack says that it became aware of an unauthorized access to its systems, occurred few days earlier, which contained customers' personal data. The company is still investigating what data has been compromised.
Unknown
G Wholesale and retail trade
CC
SG
ShopBack
62
01/01/1970
?
Transport Malta
Transport Malta is hit by a cyberattack
Unknown
H Transportation and storage
CC
MT
Transport Malta
63
01/01/1970
?
Montgomery County
Montgomery County’s government networks are taken down for a “data security incident”.
Unknown
O Public administration and defence, compulsory social security
CC
US
Montgomery County
64
01/01/1970
?
Century Specialty Script, LLC
Century Specialty Script, LLC discloses a phishing attack discovered on July 2020.
Account hijacking
N Administrative and support service activities
CC
US
Century Specialty Script, LLC
65
01/01/1970
University of Cumbria
Even the University of Cumbria is hit by the Blackbaud ransomware attack.
Malware
P Education
CC
UK
University of Cumbria, Blackbaud, ransomware
66
01/01/1970
?
Swatch Group
Swiss watchmaker Swatch Group shuts down its IT systems over the weekend after identifying a cyberattack targeting its organization.
Malware
C Manufacturing
CC
CH
Swatch Group, ransomware
67
01/01/1970
?
Arthur J. Gallagher (AJG)
US-based Arthur J. Gallagher (AJG) global insurance brokerage and risk management firm confirms a ransomware attack.
Malware
K Financial and insurance activities
CC
US
Arthur J. Gallagher, AJG, ransomware
68
01/01/1970
?
KuCoin
Singapore-based cryptocurrency exchange KuCoin discloses today a mega hack. In a statement posted on its website, the company confirmed that a threat actor breached its systems and emptied its hot wallets of all funds ($150 million worth).
Unknown
V Fintech
CC
SG
KuCoin, Crypto
69
01/01/1970
?
Stone Refurb
Customers performing online transactions on Stone Refurb have their bank details stolen.
Unknown
G Wholesale and retail trade
CC
UK
Stone Refurb
70
01/01/1970
?
Martin County
The Website of Martin County is hacked and data is stolen.
Unknown
O Public administration and defence, compulsory social security
CC
US
Martin County
71
01/01/1970
Ryuk
Universal Health Services, UHS
Universal Health Services (UHS), a Fortune 500 hospital and healthcare services provider, shuts down systems at healthcare facilities around the US after a Ryuk ransomware attack.
Malware
Q Human health and social work activities
CC
US
Universal Health Services, UHS, Ryuk, ransomware
72
01/01/1970
?
RedDoorz
Budget hotel management and booking services firm RedDoorz says that one of its IT databases suffered a breach last week.
Unknown
I Accommodation and food service activities
CC
SG
RedDoorz
73
01/01/1970
?
DoppelPaymer
The DoppelPaymer ransomware gang leaks the data of South African Judiciary.
Malware
O Public administration and defence, compulsory social security
CC
ZA
DoppelPaymer, South African Judiciary, ransomware
74
01/01/1970
Ragnar Locker
CMA CGM S.A.
CMA CGM S.A., a French maritime transport and logistics giant discloses a Ragnar Locker ransomware attack.
Malware
H Transportation and storage
CC
FR
CMA CGM S.A., Ragnar Locker, ransomware
75
01/01/1970
?
Over 150 organizations -- ranging from law, construction, finance, and retail
The FBI is investigating a global business email compromise (BEC) campaign that has netted cybercriminals at least $15 million in illicit proceeds.
Business Email Compromise
Y Multiple Industries
CC
>1
Mitiga
76
01/01/1970
?
Individuals in the US
The FBI and the CISA issue a joint public service announcement about the threat of disinformation campaigns targeting the 2020 US election.
Fake News/ Social Networks Accounts/Pages
X Individual
CW
US
FBI, CISA, US election
77
01/01/1970
?
Red Funnel
Red Funnel ferry's IT is hit by a 'malicious attack'
Malware
H Transportation and storage
CC
UK
Red Funnel
78
01/01/1970
?
Gulf Coast State College
Some Gulf Coast State College students and employees receive a letter from school officials, about a data breach that took place back between March 31, 2020 and June 3, 2020, when a hacker accessed several employees’ email accounts.
Account hijacking
P Education
CC
US
Gulf Coast State College
79
01/01/1970
?
VOXX International
VOXX International notifies employees and dependents enrolled in their health plan of a ransomware attack.
Malware
C Manufacturing
CC
US
VOXX International, ransomware
80
01/01/1970
?
Recover Our Youth
Recover Our Youth notifies clients and guardians of a data security incident.
Malware
Q Human health and social work activities
CC
US
Recover Our Youth, ransomware
81
01/01/1970
Exorcist 2.0
Multiple targets
The threat actors behind the Exorcist 2.0 ransomware are using malicious advertising to redirect victims to fake software crack sites that distribute their malware.
Malware
Y Multiple Industries
CC
>1
Exorcist 2.0, ransomware
82
01/01/1970
?
Undisclosed Company
An undisclosed company is hit by the first worm phishing campaign.
Account hijacking
Z Unknown
CC
N/A
worm phishing
83
01/01/1970
Palmerworm aka BlackTech
Organizations in the US, Japan, Taiwan and China
Researchers from Broadcom reveal the details of a new campaign targeting several organizations in media, finance, construction and engineering.
Live flight tracking service Plane Finder is hit with a DDoS attack. The attack is possibly linked to Armenia-Azerbaijan conflict.
DDoS
S Other service activities
H
UK
Plane Finder, Armenia, Azerbaijan
85
01/01/1970
?
Flightradar24
Live flight tracking service Flightradar24 is hit with a DDoS attack. The attack is possibly linked to Armenia-Azerbaijan conflict.
DDoS
S Other service activities
H
SE
Flightradar24, Armenia, Azerbaijan
86
01/01/1970
?
Medisys Health Group
The Medisys Health Group and its affiliate Copeman Healthcare report a ransomware data breach involving the personal information of about 60,000 of its clients.
Malware
Q Human health and social work activities
CC
CA
Medisys Health Group, Copeman Healthcare, ransomware
87
01/01/1970
TA2552
Multiple Spanish-speaking targets
Researchers from ProofPoint discover a new campaign by TA2552, using OAuth2 or other token-based authorization methods to access Office 365 accounts, in order to steal users’ contacts and mail.
Account hijacking
Y Multiple Industries
CC
>1
ProofPoint, TA2552, OAuth2, Office 365
88
01/01/1970
?
Lindenhurst School District
Lindenhurst School District is hit by a DDoS attack.
DDoS
P Education
CC
US
Lindenhurst School District
89
01/01/1970
?
Legacy Community Health
Legacy Community Health announces that some of its patients were victims of an email phishing incident.
Account hijacking
Q Human health and social work activities
CC
US
Legacy Community Health
90
01/01/1970
?
People of Praise
The religious group People of Praise reportedly suffers a data breach involving unauthorized access to contact information in the membership directory.
Unknown
S Other service activities
CC
US
People of Praise
91
01/01/1970
?
British Foreign Ministry
The British government is probing a hack carried out on computer systems belonging to the British Foreign Ministry, which resulted in hundreds of files exposing its propaganda operations in Syria being stolen.
Targeted Attack
O Public administration and defence, compulsory social security
CE
UK
British Foreign Ministry, Syria
92
01/01/1970
Winnti
Multiple targets
Researchers from Positive Technologies discover a new activity by the Winnti group carried out via the ShadowPad, a previously unknown Python backdoor.
Targeted Attack
Y Multiple Industries
CE
>1
Positive Technologies, Winnti, ShadowPad, Python
93
01/01/1970
APT-C-23
Targets in the Middle East
Researchers from ESET discover a new Android malware distributed through fake messaging apps like Threema, Telegram, and WeMessage.
Targeted Attack
Y Multiple Industries
CE
>1
ESET, Android, Threema, Telegram, and WeMessage, APT-C-23
94
01/01/1970
simplelive12
Multiple targets
Researchers from Sonatype discover four JavaScript npm packages containing malicious code that collect user details and uploaded the information to a public GitHub page.
Malware
Y Multiple Industries
CC
>1
Sonatype, JavaScript, GitHub, npm
95
01/01/1970
?
Multiple targets
Researchers from Menlo Security discover a phishing campaign aimed at stealing steal corporate Microsoft Office 365 usernames and passwords, targeting a wide range of organizations and using captchas.
Account hijacking
Y Multiple Industries
CC
>1
Menlo Security, Microsoft Office 365, captchas
96
01/01/1970
XDSpy
Governments in Eastern Europe, the Balkans and Russia
Researchers from ESET reveal the details of XDSpy, a previously undisclosed cyber espionage operation targeting several governments in Eastern Europe, the Balkans and Russia.
Targeted Attack
O Public administration and defence, compulsory social security
CE
>1
ESET, XDSpy
97
01/01/1970
?
CloudBees
Users of CloudBees' CodeShip are advised to immediately rotate any keys and other secrets in their pipelines after the DevOps solutions provider discovers a long-lasting data breach.
Unknown
M Professional scientific and technical activities
CC
US
CloudBees, CodeShip
98
01/01/1970
?
Undisclosed North American hospitality merchant
Visa reveals that two North American hospitality merchants were hacked and had their system infected with point-of-sale (POS) malware earlier this year (May and June 2020).
PoS Malware
K Financial and insurance activities
CC
US
Visa
99
01/01/1970
?
Undisclosed North American hospitality merchant
Visa reveals that two North American hospitality merchants were hacked and had their system infected with point-of-sale (POS) malware earlier this year (May and June 2020).
PoS Malware
K Financial and insurance activities
CC
US
Visa
100
01/01/1970
?
Cache Creek Casino Resort
The Cache Creek Casino Resort is shut down by a cyber attack.
Unknown
R Arts entertainment and recreation
CC
US
Cache Creek Casino Resort
101
01/01/1970
?
Pell City
Some customers who pay the city of Pell City have their data breached.
Unknown
O Public administration and defence, compulsory social security