It’s time to publish the second interactive timeline of January 2021 covering the main cyber attacks occurred in the second half of this month (you can find the first timeline here).
In this timeline, I have collected 81 events, confirming a slow start for the new year (but you need to consider that this period is still characterized by the massive Orion supply-chain attack that has hit multiple organizations worldwide and was counted as a single operation in the timelines.
Besides the above-mentioned operation, ransomware continues to characterize the threat landscape with nearly 29% of the total events (23 out of 80), but the real number could be even bigger since in some cases, the impacted organizations remain vague on the nature of the threat, mentioning a generic “disruption”.
And besides ransomware, the timeline is rich of multiple events spanning the different areas of cyber crime, cyber warfare, and cyber espionage (including an operation targeting security researchers).
Enjoy the interactive timeline, and thanks for sharing it, and supporting my work in spreading the risk awareness across the community. Also, don’t forget to follow @paulsparrows on Twitter, or even connect on Linkedin, for the latest updates.
ID
Date Reported
Date Occurred
Date Discovered
Author
Target
Description
Attack
Target Class
Attack Class
Country
Link
Tags
1
14/01/2021
-
-
Russian, Iranian and Chinese influence actors
United States
The FBI, Department of Homeland Security and eight other agencies warns that "Russian, Iranian and Chinese influence actors are exploiting the U.S. Capitol siege to amplify narratives in furtherance of their policy interest amid the presidential transition.
Fake Websites/Social Network accounts
O Public administration and defence, compulsory social security
CW
US
FBI, Department of Homeland Security, Russia, Iran, China, U.S. Capitol siege
2
15/01/2021
15/1/2021
15/1/2021
?
Atlanta synagogue The Temple
The Atlanta synagogue The Temple is disrupted by a cyber attack.
DDoS
S Other service activities
CC
US
The Temple
3
16/01/2021
16/1/2021
16/1/2021
?
OpenWRT
The OpenWRT forum, a large community of enthusiasts of alternative, open-source operating systems for routers, announced a data breach.
Account Takeover
S Other service activities
CC
N/A
OpenWRT
4
16/01/2021
16/1/2021
16/1/2021
DeroHE
IObit
Windows utility developer IObit is hacked to perform a widespread attack to distribute the strange DeroHE ransomware to its forum members.
Malware
M Professional scientific and technical activities
CC
US
IObit, DeroHE, ransomware
5
16/01/2021
-
-
?
Wentworth golf and country club
The prestigious Wentworth golf and country club warns its 4000 members that their personal details may have fallen into the hands of hackers following a ransomware attack.
Malware
R Arts entertainment and recreation
CC
UK
Wentworth golf and country club, ransomware
6
17/01/2021
17/1/2021
17/1/2021
>
CHwapi Hospital
The CHwapi Hospital in Belgium is hit with a Windows BitLocker attack where threat actors claim to have encrypted 40 servers and 100 TB of data.
Windows Bit locker
Q Human health and social work activities
CC
BE
CHwapi Hospital, Windows BitLocker
7
18/01/2021
-
-
?
Capital Economics
Researchers from Cyble discover a leak of 500K+ records of C-level people from Capital Economics on a Russian-speaking forum.
SQLi
M Professional scientific and technical activities
CC
US
Capital Economics, Cyble
8
18/01/2021
-
-
?
Okanogan County
The Okanogan County is hit with a cyber attack.
Unknown
O Public administration and defence, compulsory social security
CC
US
Okanogan County
9
19/01/2021
-
-
StellarParticle (AKA UNC2452, Dark Halo)
Malwarebytes
Cybersecurity firm Malwarebytes confirms that the threat actor behind the SolarWinds supply-chain attack were able to gain access to some company emails.
Cloud Account Takeover
M Professional scientific and technical activities
CE
US
StellarParticle, UNC2452, Dark Halo, Malwarebytes
10
19/01/2021
From January 8, 2021
From January 8, 2021
FreakOut
Vulnerable Linux servers
Researchers from Check Point discover an active malicious campaign, currently targeting Linux devices running software with critical vulnerabilities.
FreakOut, Check Point, CVE-2021-3007, CVE-2020-7961, CVE-2020-28188
11
19/01/2021
-
-
?
Vulnerable SAP servers
Researchers from Onapsis detect automated probes for servers containing CVE-2020-6207, a severe vulnerability in SAP, a week after a working exploit was published online.
CVE-2020-6207 Vulnerability
Y Multiple Industries
CC
>1
Onapsis, CVE-2020-6207, SAP
12
19/01/2021
-
-
ALTDOS
Bangladesh Export Import Company Limited (BEXIMCO)
Hackers from ALTDOS claim to have successfully attacked BEXIMCO.
Unknown
N Administrative and support service activities
CC
BD
Bangladesh Export Import Company Limited, BEXIMCO
13
19/01/2021
-
5/1/2021
?
Diponegoro University (pak.undip.ac.id)
The Diponegoro University (pak.undip.ac.id) admits that there have been several attempts to breach its servers after 125,000 student's data is leaked.
Unknown
P Education
CC
ID
Diponegoro University, pak.undip.ac.id
14
19/01/2021
During May 2019
-
Ryuk
Salem Clinic and the Oregon Heart Center
Salem Clinic and the Oregon Heart Center notify patients that their protected health information was exposed during a May 2019 ransomware attack targeting their mailing service provider.
Malware
Q Human health and social work activities
CC
US
Salem Clinic, Oregon Heart Center, Ryuk, ransomware
15
20/01/2021
-
-
ShinyHunters
Pixlr
ShinyHunters share a database that he claims was stolen from Pixlr while he breached the 123rf stock photo site. Pixlr and 123rf are both owned by the same company, Inmagine.
Cloud misconfiguration
S Other service activities
CC
US
ShinyHunters, Pixlr, 123rf, Inmagine
16
20/01/2021
-
-
?
Multiple targets
An advisory from Netscout reveals that Windows Remote Desktop Protocol (RDP) servers are now being abused by DDoS-for-hire services to amplify Distributed Denial of Service (DDoS) attacks.
DDoS
Y Multiple Industries
CC
>1
Netscout, Remote Desktop Protocol, RDP
17
20/01/2021
-
Early December 2020
?
More than 10 Demand Side Platforms (DSP), primarily Europe-based
Researchers from Media Trust reveal the details of LuckyBoy-3PC, a malvertising campaign deploying cloaking and obfuscation technologies.
Malvertising
S Other service activities
CC
>1
Media Trust, LuckyBoy-3PC
18
20/01/2021
-
-
?
Telecom, healthcare, energy and manufacturing companies
Researchers from Proofpoint discover a campaign sending thousands of messages using Google Forms to target retail, telecom, healthcare, energy and manufacturing companies in an apparent reconnaissance campaign to launch future business email compromises (BECs).
Business Email Compromise
Y Multiple Industries
CC
>1
Proofpoint, Google Forms
19
20/01/2021
Since November 2020
-
Nefilim
Colliers International Group
Colliers International Group, a Canadian real estate services firm, acknowledges that it suffered a cyberattack last November
Malware
L Real estate activities
CC
CA
Colliers International Group, ransomware, Nefilim
20
20/01/2021
10/8/2020
Between 05/08/2020 and 17/08/2020
?
Einstein Healthcare Network
Einstein Healthcare Network announces that it began mailing letters to patients whose information may have been involved in a data security incident involving unauthorized access to employees’ email accounts.
Account Takeover
Q Human health and social work activities
CC
US
Einstein Healthcare Network
21
20/01/2021
Earlier in January 2021
-
?
Ucar
The vehicle rental company Ucar reveals that it had been the target of ransomware earlier this year.
Malware
H Transportation and storage
CC
FR
Ucar, ransomware
22
20/01/2021
During the Holiday season
-
?
Butler County Sheriff's Office
The Butler County Sheriff's Office reveals to have been hit by a malware attack during the holiday season.
Malware
O Public administration and defence, compulsory social security
CC
US
Butler County Sheriff, ransomware
23
20/01/2021
16/01/2021
16/01/2021
CursedGrabber
Discord users
Researchers from Sonatype discover a new campaign carried out via three malicious npm packages distribiting the CursedGrabber malware.
Malware
X Individual
CC
>1
Sonatype, CursedGrabber,npm
24
21/01/2021
Since August 2020
-
?
Multiple targets
Researchers from Check Point and Otorio reveal the details of a massive phishing campaign targeting thousands of organizations worldwide. However the attackers forget to protect their loot and let Google share the stolen passwords for public searches.
Account Takeover
Y Multiple Industries
CC
>1
Check Point, Otorio, Google
25
21/01/2021
Since October 2020
-
?
QNAP devices
QNAP urges customers to secure their network-attached storage (NAS) devices against Dovecat, an ongoing malware campaign that infects and exploits them to mine bitcoin.
Misconfiguration (weak password)
Y Multiple Industries
CC
>1
QNAP, Dovecat
26
21/01/2021
-
-
?
Android users
A new malware spreads through Whatsapp auto-replies to any messaging conversations using a malicious link that leads to a fake Huawei app.
Malware
X Individual
CC
>1
Android, Whatsapp, Huawei
27
21/01/2021
-
-
?
Goods and Services Tax Network (GSTN)
The Goods and Services Tax Network (GSTN) announces a possible cyber attack with a cryptic tweet.
Unknown
O Public administration and defence, compulsory social security
CC
IN
Goods and Services Tax Network, GSTN
28
21/01/2021
-
22/12/2020
?
Breast Care Specialists
Breast Care Specialists take their systems offline after a cyberattack exposed patients' personal and medical information
Unknown
Q Human health and social work activities
CC
US
Breast Care Specialists
29
22/01/2021
-
20/1/2021
ShinyHunters
Bonobos
Bonobos men's clothing store suffers a massive data breach exposing millions of customers' personal information after a 70GB cloud backup of their database is downloaded and shared.
Cloud misconfiguration
G Wholesale and retail trade
CC
US
Bonobos, ShinyHunters
30
22/01/2021
-
-
?
Sonicwall
Security hardware manufacturer SonicWall issues an urgent security notice about threat actors exploiting a zero-day vulnerability in their VPN products to perform attacks on their internal systems.
0-Day vulnerability
C Manufacturing
CC
US
SonicWall
31
22/01/2021
-
-
?
UK Students
Some of the laptops given out in England to support vulnerable children home-schooling during lockdown contain the Gamarue malware
Malware
P Education
CC
UK
Gamarue
32
22/01/2021
-
14/1/2021
?
MyFreeCams
A hacker is selling a database with login details for two million high-paying users of the MyFreeCams adult video streaming and chat service.
SQLi
R Arts entertainment and recreation
CC
US
MyFreeCams
33
22/01/2021
4/1/2021
6/1/2021
?
USCellular
Mobile network operator USCellular suffers a data breach after hackers gained access to its CRM and viewed customers' accounts.
Malware
J Information and communication
CC
US
USCellular
34
22/01/2021
Since early 2019
-
?
Enterprise-level apps running on Linux systems
Researchers from Zscaler reveal the details of the DreamBus botnet, a Linux-based malware family targeting a wide collection of apps, such as PostgreSQL, Redis, Hadoop YARN, Apache Spark, HashiCorp Consul, SaltStack, and the SSH service.
The7stars, an important London ad agency falls victim of a Clop ransomware attack.
Malware
M Professional scientific and technical activities
CC
UK
The7stars, Clop, ransomware
36
22/01/2021
21/01/2021
21/01/2021
?
Department of Vienne
The Department of Vienne is hit with a ransomware attack.
Malware
O Public administration and defence, compulsory social security
CC
FR
Department of Vienne, ransomware
37
22/01/2021
-
-
?
Santander Mexico
A database belonging to Santander Mexico is put on sale on an underground market. 1 million records are leaked.
Unknown
K Financial and insurance activities
CC
MX
Santander
38
22/01/2021
-
-
?
BBVA Mexico
A database belonging to BBVA Mexico is put on sale on an underground market. 3 million records are leaked.
Unknown
K Financial and insurance activities
CC
MX
BBVA
39
22/01/2021
-
-
?
IMSS
A database belonging to IMSS, a Mexican marketing firm, is put on sale on an underground market. 42 million records are leaked.
Unknown
M Professional scientific and technical activities
CC
MX
IMSS
40
22/01/2021
-
-
?
Serasa
The personal information of 220 million users in Brazil, belonging to Serasa (an Experian company) is leaked in the dark web.
Unknown
K Financial and insurance activities
CC
BR
Serasa, Experian
41
23/01/2021
15/01/2021
-
?
Australian Securities and Investments Commission (ASIC)
The Australian Securities and Investments Commission (ASIC) reveals that one of its servers has been accessed by an unknown threat actor exploiting a vulnerability in the Accellion file transfer platform.
Vulnerability
O Public administration and defence, compulsory social security
CC
AU
Australian Securities and Investments Commission, ASIC), Accellion
42
23/01/2021
Between 16/01/2021 and 17/01/2021
-
?
City of Montmagne
The city of Montmagne is hit with a ransomware attack.
Malware
O Public administration and defence, compulsory social security
CC
CA
City of Montmagne, ransomware
43
23/01/2021
-
-
?
Undisclosed French Travel Agency
An undisclosed French travel agency has its data leaked. 1.4 million records are exposed.
Unknown
R Arts entertainment and recreation
CC
FR
Undisclosed French Travel Agency
44
23/01/2021
During October 2020
-
?
Vidal Group
The website of the bealthcare provider Vidal.fr is taken down after a threat actor leaks some data allegededly stolen on October 2020.
Unknown
Q Human health and social work activities
CC
FR
Vidal Group, Vidal.fr
45
23/01/2021
-
-
?
CDiscount
A database belonging to the French retailer CDiscount is put on sale in the Black Market.
Unknown
G Wholesale and retail trade
CC
FR
CDiscount
46
24/01/2021
-
-
Avaddon
Undisclosed target
An undisclosed victim of the Avaddon ransomware gang suffers a DDoS attack after refusing to pay.
>1 (Malware, DDoS)
Z Unknown
CC
N/A
Avaddon
47
24/01/2021
-
23/1/2021
ShinyHunters
Buyucoin
ShinyHunters leaks the stolen database for Indian cryptocurrency exchange Buyucoin on a hacking forum for free.
Unknown
V Fintech
CC
IN
ShinyHunters, Buyucoin
48
24/01/2021
-
-
ShinyHunters
MeetMindful
ShinyHunters leaks the details of more than 2.28 million users registered on MeetMindful.com.
Cloud misconfiguration
S Other service activities
CC
US
ShinyHunters, MeetMindful
49
25/01/2021
Mid-2020
-
ZINC
Security researchers from multiple countries
Researchers from Google (and few days later from Microsoft) reveal the details of a North Korean government-backed hacking group, targeting security researchers who focus on vulnerability and exploit development via social networks, disclosed Google tonight.
Targeted Attack
X Individual
CE
>1
Google, Microsoft, North Korea, ZINC
50
25/01/2021
-
-
?
Palfinger
Austria-based crane manufacturer Palfinger informs customers that its IT infrastructure suffered serious disruptions as a result of an “ongoing global cyber attack.” The company confirms the nature of the attack as ransomware
Malware
C Manufacturing
CC
AU
Palfinger, ransomware
51
25/01/2021
-
23/1/2021
?
WestRock
American packaging giant WestRock informed customers that it was recently targeted in a ransomware attack that impacted both IT and OT systems.
Malware
C Manufacturing
CC
AU
WestRock, ransomware
52
25/01/2021
23/1/2021
23/01/2021
DeroHE
IObit
Over the weekend, the ransomware actors from DeroHE hack again the IObit forums to display a message demanding that IObit pay them $100,000 in DERO or the attacks would continue.
Malware
M Professional scientific and technical activities
CC
US
IObit, DeroHE, ransomware
53
25/01/2021
25/01/2021
25/01/2021
?
Single individuals in the UK
An active phishing campaign pretends to be from the UK's National Health Service (NHS), alerting recipients that they are eligible to receive the COVID-19 vaccine.
Account Takeover
X Individual
CC
UK
National Health Service, NHS, COVID-19, vaccine
54
25/01/2021
23/01/2021
-
?
Georgetown County
Georgetown County says the county’s computer network “suffered a major infrastructure breach over the weekend.” Most of the county’s electronic systems, including emails, are impacted.
Unknown
O Public administration and defence, compulsory social security
CC
US
Georgetown County
55
25/01/2021
Since May 2020
-
?
High-ranking company executives
Researchers from Trend Micro reveal the details of an ongoing phishing campaign delivering fake Office 365 password expiration reports that managed to compromise tens of C-Suite email accounts to date.
Account Takeover
Y Multiple Industries
CC
>1
Trend Micro, Office 365
56
25/01/2021
-
-
?
Android users in Italy
Researchers from AddressIntel discover a new Android malware dubbed Oscorp targeting Italian users.
Malware
X Individual
CC
IT
AddressIntel, Android, Oscorp
57
25/01/2021
25/01/2021
25/01/2021
?
Tennessee Wesleyan University
Tennessee Wesleyan University is hit with a ransomware attack.
Malware
P Education
CC
US
Tennessee Wesleyan University, ransomware
58
26/01/2021
14/01/2021
-
REvil AKA Sodinokibi
Dairy Farm Group
Pan-Asian retail chain operator Dairy Farm Group is attacked by the REvil ransomware operation. The attackers claim to have demanded a $30 million ransom.
Malware
G Wholesale and retail trade
CC
HK
Dairy Farm Group, REvil ransomware, Sodinokibi
59
26/01/2021
-
-
Nemty
Undisclosed target
Researchers from Sophos reveal the details of a Nemty ransomware attack carried out exploiting the ghost account of a deceased administrator.
Malware
Z Unknown
CC
N/A
Sophos, Nemty, ransomware
60
26/01/2021
-
-
?
Unknown target(s)
Apple releases security updates for iOS to patch three zero-day vulnerabilities exploited in the wild.
Researchers from Abnormal Security discover two business email compromise (BEC) attack techniques that exploit a Microsoft 365 “read receipt” message loophole to evade auto-remediation of a malicious email.
Business Email Compromise
Z Unknown
CC
NA
Abnormal Security, Microsoft 365
62
26/01/2021
-
-
?
Undisclosed company
Researchers from Abnormal Security discover two business email compromise (BEC) attack techniques that exploit a Microsoft 365 “out of office” message loophole to evade auto-remediation of a malicious email.
Business Email Compromise
Z Unknown
CC
NA
Abnormal Security, Microsoft 365
63
26/01/2021
Starting from late October 2020
-
?
Single individuals
Researchers from Proofpoint discover a new strain of DanaBot distributed through pirated software keys.
Malware
X Individual
CC
>1
Proofpoint, DanaBot
64
26/01/2021
Starting from December 2020
-
?
Single individuals in the Americas and Europe
Researchers from FireEye discover a phishing campaign spoofing the DHL's delivery service, and using encrypted Telegram channel to exfiltrate data.
Account Takeover
X Individual
CC
>1
FireEye, DHL, Telegram
65
27/01/2021
-
-
TeamTNT
Exposed Linux servers
AT&T Alien Labs security researchers discover a new variant of the Black-T Linux crypto-mining malware using open-source tools to evade detection.
Cloud misconfiguration
Y Multiple Industries
CC
>1
AT&T Alien Labs, Black-T, Linux, TeamTNT
66
27/01/2021
-
-
?
Multiple targets
Researchers from RiskIQ reveal the details of LogoKit, a novel phishing toolkit that changes logos and text on a phishing page in real-time to adapt to targeted victims.
Account Takeover
Y Multiple Industries
CC
>1
RiskIQ, LogoKit
67
27/01/2021
14/12/2021
-
?
The Woodland Trust
The Woodland Trust confirms that it was hit with a cyberattack describing the incident as "sophisticated" and "high level" – and it has taken many services offline.
Unknown
Q Human health and social work activities
CC
UK
The Woodland Trust
68
27/01/2021
27/1/2021
27/1/2021
?
Municipality of Balneário Camboriú
The Municipality of Balneário Camboriú is hit with a ransomware attack.
Malware
O Public administration and defence, compulsory social security
CC
BR
Municipality of Balneário Camboriú, ransomware
69
27/01/2021
-
-
?
Single individuals in the UK
The National Crime Agency and Financial Conduct Authority warn that the number of "clone firm" scams has significantly increased during the COVID-19 pandemic.
Account Takeover
X Individual
CC
UK
National Crime Agency, NCA, Financial Conduct Authority, COVID-19
70
28/01/2021
-
Early 2020
Volatile Cedar AKA Lebanese Cedar
More than 250 Oracle and Atlassian servers belonging mainly to organizations providing mobile communications and internet-based services.
Researchers from ClearSky Security reveal that Volatile Cedar, an advanced hacker group believed to be connected to the Lebanese Hezbollah Cyber Unit, has been silently attacking companies around the world in espionage operations.
CVE-2019-3396, CVE-2019-11581, and CVE-2012-3152 vulnerabilities
Vulnerable instances of Apache ActiveMQ, Oracle WebLogic, and Redis
Researchers from Palo Alto Networks discover a new campaign by the financially-motivated Rocke group, using a new piece of cryptojacking malware called Pro-Ocean to target vulnerable instances of Apache ActiveMQ, Oracle WebLogic, and Redis.
The UK Research and Innovation (UKRI) is hit with a ransomware incident that encrypted data and impacted two of its services, one offering information to subscribers and the platform for peer review of various parts of the agency.
Malware
O Public administration and defence, compulsory social security
CC
UK
UK Research and Innovation, UKRI, ransomware
73
28/01/2021
-
-
?
Crisp Regional Health Services
Crisp Regional Health Services is the victim of a ransomware attack.
Malware
Q Human health and social work activities
CC
US
Crisp Regional Health Services, ransomware
74
28/01/2021
26/01/2021
26/01/2021
?
Peel District School Board
Peel District School Board is hit with a ransomware attack.
Malware
P Education
CC
US
Peel District School Board, ransomware
75
28/01/2021
23/01/2021
23/01/2021
?
Council Rock High School
Students and staff members from Council Rock High School receive several offensive emails after a student's email is hacked.
Account Takeover
P Education
CC
US
Council Rock High School
76
28/01/2021
27/01/2021
27/01/2021
?
Wimberley Independent School District
An email filled with racial slurs goes out to about 500 middle- and high school students of the Wimberley Independent School District.
Account Takeover
P Education
CC
US
Wimberley Independent School District
77
28/01/2021
5/1/2021
5/1/2021
?
Granite Wellness Center
Granite Wellness Center is hit with a ransomware attack.
Malware
Q Human health and social work activities
CC
US
Granite Wellness Center
78
28/01/2021
1/12/2020
-
?
Hashes.org
The database of hashes.org is lealed online
Unknown
S Other service activities
CC
NA
Hashes.org
79
29/01/2021
Late December 2020
25/1/2021
?
Washington's State Auditor office
Washington's State Auditor Office suffers a data breach that exposes the personal information in 1.6 million employment claims after a threat actor exploited a vulnerability in a secure file transfer service from Accellion.
Vulnerability
O Public administration and defence, compulsory social security
CC
US
Washington's State Auditor Office, Accellion
80
29/01/2021
Early January 2021
-
Trickbot
Legal and insurance verticals in North America
Researchers from Menlo Security discover a new Trickbot campaign targeting legal and insurance verticals in North America.
Malware
K Financial and insurance activities
CC
US
Menlo Security, Trickbot
81
29/01/2021
Early December 2020
Early December 2020
?
Belgian Government
Social media research group Graphika exposes a network of 14 Twitter accounts that engaged in a coordinated campaign to criticize the Belgian government's plan to ban Huawei from supplying 5G equipment to local telecommunications providers.
Fake Websites/Social Network accounts
O Public administration and defence, compulsory social security
CW
BE
Graphika, Twitter, Huawei
82
29/01/2021
-
-
Vovalex
Multiple targets
A new ransomware called Vovalex and written in D, is being distributed through pirated software that impersonates popular Windows utilities, such as CCleaner.
Malware
Y Multiple Industries
CC
>1
Vovalex, Ransomware, D
83
29/01/2021
-
-
?
Multiple targets
Researchers from Abnormal Security discover a phishing campaign impersonating a Small Business Administration (SBA) lender for the Paycheck Protection Program (PPP) loan during the COVID-19 crisis.
Account Takeover
Y Multiple Industries
CC
US
Abnormal Security, Small Business Administration, SBA, Paycheck Protection Program, PPP, COVID-19
84
29/01/2021
24/11/2020
04/12/2020
?
Ramsey County
Ramsey County informs clients of the Family Health Division program that the hackers may have accessed personal data after the ransomware incident that hit Netgain back in December.
Malware
O Public administration and defence, compulsory social security
CC
US
Ramsey County, Family Health Division, Netgain, ransomware
85
29/01/2021
26/01/2021
26/01/2021
Turkish hackers
Miss England
The Instagram account of the Miss England beauty pageant is hijacked by Turkish hackers.
Account Takeover
R Arts entertainment and recreation
CC
UK
Miss England
86
29/01/2021
29/01/2021
29/01/2021
?
Premier Tech
Premier Tech is disrupted by a cyber attack.
Unknown
C Manufacturing
CC
CA
Premier Tech
87
29/01/2021
Between November 2013 and 09/12/2020
09/12/2020
?
Florida Healthy Kids Corporation
Florida Healthy Kids Corporation posted a notice about an incident in their website attributed to Jelly Bean Communications Design
M Professional scientific and technical activities
CC
US
The Richards Group
90
30/01/2021
-
29/01/2021
?
Single individuals
A malicious Home Depot advertising campaign is redirecting Google search visitors to tech support scams.
Malicious Google search ads
X Individual
CC
US
Home Depot
91
30/01/2021
-
-
?
British Mensa
British Mensa, the society for people with high IQs, suffers a hack on its website that results in the theft of members’ personal data.
Unknown
S Other service activities
CC
UK
British Mensa
92
31/01/2021
31/01/2021
31/01/2021
?
Multiple targets
Researchers from NCC Group reveal that the 0-day targeting the Sonicwall devices is currently exploited in the wild.
0-Day vulnerability
Y Multiple Industries
CC
>1
NCC Group, Sonicwall
93
31/01/2021
-
-
Babuk Locker
Serco
Serco, one of the companies involved in the NHS Test and Trace operations, confirms it has been hit by a ransomware attack.
Malware
M Professional scientific and technical activities
CC
UK
Serco, NHS, COVID-19, ransomware, Babuk Locker
94
31/01/2021
-
-
?
Victor Central School District
The Victor Central School District is hit with a malware attack.
Malware
P Education
CC
US
Victor Central School District, ransomware
95
31/01/2021
-
-
?
Raychat
Raychat, a popular Iranian business and social messenger, exposes its entire database (267M+ accounts w/ names, emails, passwords, metadata, encrypted chats etc.), which is then destroyed by a bot attack.
Misconfiguration
S Other service activities
CC
IR
Raychat
ID
Date Reported
Date Occurred
Date Discovered
Author
Target
Description
Attack
Target Class
Attack Class
Country
Link
Tags
The “Breachometer” compares the current number of events with the max and min values recorded in the previous 24 timelines (correspondingly to roughly one year)
Pingback: Veille Cyber N322 – 15 février 2021 |