Here we go! The second timeline of August 2021 is out (first one here) covering the main cyber attacks occurred in the second fortnight of the same month. And it looks like that the end of Summer led to a decrease in the number of attacks with 78 events, corresponding to the minimum value of the last 12 months. Ransomware continues to dominate the threat landscape, but its percentage dropped to 24.4% (19 out of 78 events) in contrast with 39.6% of the previous fortnight. More ransomware operations have shut down in this period (such as Ragnarok), schools were closed (and the public activity slowed down) in many regions, and maybe the crooks have decided to take a break for the Summer.
A sector that is particularly under attack in this period, is the one of the crypto assets: new multi-million attacks have been recorded targeting Fetch.ai ($2.6 million worth gone with the wind), Liquid ($90 million worth), and Cream Finance ($29 million worth).
Vulnerabilities continue to plague organizations throughout the world, and cyber criminals continue to exploit them: ProxyShell (CVE-2021-34473, CVE-2021-34523, CVE-2021-3120) continues to be among the top targets, but new ones have joined the party such as ProxyToken (CVE-2021-33766), and a new vulnerability targeting Confluence servers (CVE-2021-26084) are just few examples.
Even the cyber espionage front is unusually calm with a number of recorded events considerably lower than what we have been used to during the previous months. APT37 appears to be quite active. This timeline also contains campaigns carried out by Confucius, Siamesekitten, and SparklingGoblin.
Last but not least Iran and Belarus saw the only two attacks motivated by hacktivism, quite resounding in reality: in Iran a hacktivist group dubbed Adalat Ali (Ali’s Justice) breached the internal CCTV system of the Evin prison complex, where in Belarus the Cyber Partisans started to leak documents exposing the government.
Expand for details
ID
Date Reported
Date Occurred
Date Discovered
Author
Target
Description
Attack
Target Class
Attack Class
Country
Link
Tags
1
16/08/2021
Since June 2021
During July 2021
HolesWarm
Vulnerable servers
A new botnet named HolesWarm has been slowly growing since June this year, exploiting more than 20 known vulnerabilities to break into Windows and Linux servers and then deploy cryptocurrency-mining malware.
Multiple Vulnerabilities
Y Multiple Industries
CC
>1
HolesWarm
2
16/08/2021
-
-
?
Tokio Marine Insurance Singapore (TMiS)
Tokio Marine Holdings, a multinational insurance holding company in Japan, announced this week that its Singapore branch, Tokio Marine Insurance Singapore (TMiS), suffered a ransomware attack.
Malware
K Financial and insurance activities
CC
SG
Tokio Marine Holdings, Tokio Marine Insurance Singapore, TMiS, ransomware
3
16/08/2021
Since July 2021
-
LockBit 2.0
Targets in Chile, Italy, Taiwan, UK
Researchers from Trend Micro reveal an increase in LockBit 2.0 ransomware attacks in Chile, Italy, Taiwan, UK.
Malware
Y Multiple Industries
CC
>1
Trend Micro, LockBit 2.0 ransomware
4
16/08/2021
During June 2021
During June 2021
?
Multiple organizations
Researchers discover a new Trickbot campaign distributing Cobalt Strike via a fake 1Password installer.
Malware
Y Multiple Industries
CC
>1
Trickbot, Cobalt Strike, 1Password
5
16/08/2021
-
-
AvosLocker
Moorfields NHS UK & Dubai
AvosLocker claims that they exfiltrated 60 GB of data from “Moorfields NHS UK & Dubai.”
Malware
Q Human health and social work activities
CC
UAE
Moorfields NHS UK & Dubai, AvosLocker, Dubai
6
16/08/2021
6/6/2021
-
?
Fetch.ai
Fetch.ai is hit by a cyber attack and loses $2.6 million worth of its holdings.
Unknown
V Fintech
CC
UK
Fetch.ai
7
17/08/2021
Since May 2021
-
Siamesekitten (AKA Lyceum/Hexane)
IT and communication companies in Israel
Researchers from ClearSky reveal that hackers associated with the Iranian government have focused attack efforts on IT and communication companies in Israel, likely in an attempt to pivot to their real targets.
Targeted Attack
J Information and communication
CE
IL
Siamesekitten, Lyceum, Hexane
8
17/08/2021
From at least late March 2021 until early June 2021
-
APT37 AKA InkySquid, ScarCruft, Ricochet Chollima
North Korean visitors
Researchers from Volexity reveal that the Korean APT InkySquid has breached Daily NK, one of the most popular North Korean-themed news sites on the internet in order to carry out a watering hole attack and infect some of the site’s visitors with malware.
A malware campaign uses a clever captcha prompt to trick users into bypassing browsers warnings to download the Gozi (aka Ursnif) banking trojan.
Malware
X Individual
CC
>1
Captcha, Gozi, Ursnif
10
17/08/2021
-
-
?
Grocery stores, restaurants, and food delivery services
The FBI says that hackers are using credential stuffing attacks to hijack online accounts at grocery stores, restaurants, and food delivery services in order to drain user funds through fraudulent orders and to steal personal or financial data.
Credential Stuffing
I Accommodation and food service activities
CC
US
FBI
11
17/08/2021
-
-
?
Multiple organizations
Researchers from Cato Networks discover a new version of the old Houdini malware now being used to steal device information to subvert access rules that check on the device as well as the user.
Malware
Y Multiple Industries
CC
>1
Cato Networks, Houdini
12
17/08/2021
"Recently"
-
Confucius
Pakistani military
Researchers from Trend Micro observe the Confucius threat group conducting a recent spear-phishing campaign in which attackers used lures related to Pegasus spyware to target Pakistani military.
Targeted Attack
O Public administration and defence, compulsory social security
CE
PK
Trend Micro, Confucius, Pegasus
13
17/08/2021
-
-
?
The Gelre hospital
The Gelre hospital is hit by a phishing attack since three weeks.
Account Takeover
Q Human health and social work activities
CC
NL
The Gelre
14
17/08/2021
Early August
-
?
ENE Systems
ENE Systems is breached and the attackers access the Boston Children’s Hospital.
Unknown
D Electricity gas steam and air conditioning supply
CC
US
ENE Systems, Boston Children’s Hospital
15
17/08/2021
During June 2021
During June 2021
?
Customers of financial institutions in Mexico
Researchers from Cisco Talos discover an ongoing campaign using an updated variant of the "Neurevt" Trojan to target customers of financial institutions in Mexico.
Malware
K Financial and insurance activities
CC
MX
Cisco Talos, Neurevt
16
18/08/2021
"Recently"
-
?
Android users
Researchers from Trend Micro discover eight deceptive mobile apps that masquerade as cryptocurrency cloud mining applications.
Malware
X Individual
CC
>1
Trend Micro, Android
17
18/08/2021
15/12/2020
1/3/2021
Conti
Willdan Group
Willdan Group discloses a data privacy incident, probably a Conti ransomware attack.
Malware
M Professional scientific and technical activities
CC
US
Willdan Group, ransomware, Conti
18
19/08/2021
-
-
?
Liquid
Japan-based cryptocurrency exchange Liquid suspends deposits and withdrawals after attackers compromise its warm wallets. The attackers steal $90 million worth of funds.
Unknown
V Fintech
CC
JP
Liquid
19
19/08/2021
During July 2021
During July 2021
?
Organization in the financial industry
Researchers from Cloudflare reveal that the company detected a DDoS attack earlier this year, peaking at 17.2 million requests per second (rps).
DDoS
K Financial and insurance activities
CC
N/A
Cloudflare
20
19/08/2021
18/8/2021
18/8/2021
?
Realtek-based devices
A Mirai-based botnet now targets a critical vulnerability in the software SDK used by hundreds of thousands of Realtek-based devices, encompassing 200 models from at least 65 vendors, including Asus, Belkin, D-Link, Netgear, Tenda, ZTE, and Zyxel.
Researchers from Microsoft reveal that the Mozi botnet has evolved to "achieve persistence on network gateways manufactured by Netgear, Huawei, and ZTE" by adapting its persistence mechanisms depending on each device's architecture.
Multiple Vulnerabilities
Y Multiple Industries
CC
>1
Mozi, Microsoft
22
19/08/2021
12/8/2021
12/8/2021
Black Kingdom or DEMON
Multiple organizations
Researchers at Abnormal Security identify a campaign that offer people $1 million in bitcoin to install DemonWare ransomware.
Malicious Spam
Y Multiple Industries
CC
>1
DemonWare, Abnormal Security, Black Kingdom, DEMON
23
19/08/2021
Between 20/04/2021 and 24/06/2021
17/6/2021
?
Rockwood School District
Rockwood School District discloses a ransomware incident impacting 77,294 individuals.
Malware
P Education
CC
US
Rockwood School District
24
20/08/2021
Since late July 2021,
Late July 2021,
APT37
Organizations in Russia
Researchers from Malwarebytes identify an ongoing spear phishing campaign pushing Konni RAT to target.
Targeted Attack
Y Multiple Industries
CE
RU
Malwarebytes, Konni RAT, APT37
25
20/08/2021
-
-
LockFile
Multiple organizations
The LockFile gang has started to leverage the recently discovered PetitPotam NTLM relay attack method to take over the Windows domain on various networks worldwide.
PetitPotam NTLM Relay
Y Multiple Industries
CC
>1
LockFile, PetitPotam NTLM relay
26
20/08/2021
-
-
RansomEXX
Lojas Renner
Lojas Renner, Brazil’s largest clothing department store chain, said it suffered a ransomware attack that impacted its IT infrastructure and resulted in the unavailability of some of its systems, including its official web store.
Malware
G Wholesale and retail trade
CC
BR
Lojas Renner, ransomware
27
20/08/2021
During August 2021
During August 2021
?
Single individuals
A new extortion scam is underway that attempts to capitalize on the recent Pegasus iOS spyware attacks to scare people into paying a blackmail demand.
Malicious Spam
X Individual
CC
>1
Pegasus
28
20/08/2021
21/7/2021
21/7/2021
?
Search and Rescue Base at Aoraki/Mount Cook.
The Search and Rescue Base at Aoraki/Mount Cook discloses to have suffered a ransomware attack.
Malware
O Public administration and defence, compulsory social security
CC
NZ
Search and Rescue Base at Aoraki/Mount Cook, ransomware
29
21/08/2021
"Two weeks ago"
-
?
U.S. State Department
The U.S. State Department was recently hit by a cyber attack, with notifications of a possible serious breach made by the Department of Defense Cyber Command
Unknown
O Public administration and defence, compulsory social security
N/A
US
U.S. State Department, Department of Defense Cyber Command
30
21/08/2021
Since July 2021
-
-
Multiple organizations
The U.S. Cybersecurity and Infrastructure Security Agency (CISA) issues an alert to warn of malicious actors actively exploiting the recently disclosed ProxyShell Microsoft Exchange vulnerabilities.
U.S. Cybersecurity and Infrastructure Security Agency, CISA, ProxyShell Microsoft Exchange, CVE-2021-34473,
CVE-2021-34523,
CVE-2021-31207
31
21/08/2021
Since July 2021
-
LockFile
Multiple organizations
A new ransomware gang known as LockFile encrypts Windows domains after hacking into Microsoft Exchange servers using the recently disclosed ProxyShell vulnerabilities.
Almost 2,000 Microsoft Exchange email servers have been hacked over the past two days and infected with backdoors after owners did not install patches for the ProxyShell vulnerabilities
SAC Wireless, a US-based Nokia subsidiary, discloses a data breach following a ransomware attack where Conti operators were able to successfully breach its network, steal data, and encrypt systems.
Malware
C Manufacturing
CC
US
SAC Wireless, Nokia, Conti, ransomware
34
23/08/2021
Since at least November 2020
-
OnePercent Group
US organizations
The Federal Bureau of Investigation (FBI) shares info about a threat actor known as OnePercent Group that has been actively targeting US organizations in ransomware attacks since at least November 2020.
Malware
Y Multiple Industries
CC
US
Federal Bureau of Investigation, FBI, OnePercent Group, ransomware
35
23/08/2021
-
16/7/2021
?
Town of Peterborough
Peterborough, a small New Hampshire town, loses $2.3 million after BEC scammers redirected several bank transfers using forged documents sent to the town's Finance Department staff in multiple email exchanges.
Business Email Compromise
O Public administration and defence, compulsory social security
CC
US
Peterborough
36
23/08/2021
23/8/2021
23/8/2021
?
Single individuals
A UPS phishing campaign utilizes an XSS vulnerability in UPS.com to push fake and malicious 'Invoice' Word documents.
Malware
X Individual
CC
US
UPS, XSS
37
23/08/2021
Since November 2017
-
?
Multiple organizations
Researchers from AT&T Alien Labs discover a cluster of Linux ELF executables, modifications of the open-source PRISM backdoor, called Waterdrop used by multiple threat actors in various campaigns.
Malware
Y Multiple Industries
CC
>1
AT&T Alien Labs, PRISM, Waterdrop
38
24/08/2021
Since February 2021
-
?
Nine Bahraini activists
Researchers at Citizen Lab uncover a new zero-click iMessage exploit used to deploy NSO Group's Pegasus spyware on devices belonging to Bahraini activists.
Targeted Attack
X Individual
CC
BH
Citizen Lab, NSO Group, Pegasus, Bahrain
39
24/08/2021
During the previous week
-
Belarusian Cyber Partisans
Belarusian Police
The Belarusian Cyber Partisans release portions of a huge data trove they say includes some of the country’s most secret police and government databases. The information contains lists of alleged police informants, personal information about top government officials and spies, video footage gathered from police drones and detention centers and secret recordings of phone calls from a government wiretapping system.
Unknown
O Public administration and defence, compulsory social security
H
BY
Belarusian Cyber Partisans
40
24/08/2021
24/8/2021
24/8/2021
Adalat Ali
Evin prison in Tehran
A hacktivist group going by the name of Adalat Ali (Ali’s Justice) breach the internal CCTV system at Evin, a prison complex in Tehran where Iran houses most of its political prisoners, and leak videos showing extensive prisoner abuse.
Unknown
O Public administration and defence, compulsory social security
H
IR
Evin, Tehran
41
24/08/2021
-
-
?
Online petition
OpenSea users are being targeted in an ongoing and aggressive Discord phishing attack to steal cryptocurrency funds and NFTs.
Account Takeover
V Fintech
CC
US
OpenSea, Discord
42
24/08/2021
-
-
?
Android users
Researchers from Kaspersky discover a malicious version of the FMWhatsappWhatsApp mod delivering a Triada trojan payload
Malware
X Individual
CC
>1
Kaspersky, FMWhatsappWhatsApp, Triadatrojan
43
24/08/2021
Since 16/08/2021
-
Multiple threat actors
Multiple organizations
The U.S. Cybersecurity and Infrastructure Security Agency (CISA) releases five new analysis reports detailing malware discovered on compromised Pulse Secure devices.
CVE-2021-22937 Vulnerability
Y Multiple Industries
CC
US
The U.S. Cybersecurity and Infrastructure Security Agency, CISA, CVE-2021-22937
44
24/08/2021
Since May 2020
"Recently"
SparklingGoblin
North American media firms, universities and one computer retailer
ESET researchers discover a new undocumented modular backdoor, SideWalk, being used by an APT group named SparklingGoblin, used during a recent campaign that targeted a computer retail company based in the USA. This backdoor shares multiple similarities with another backdoor used by the group: CROSSWALK.
Targeted Attack
Y Multiple Industries
CE
US
ESE, SideWalk, SparklingGoblin, CROSSWALK
45
24/08/2021
Since July 2021
-
?
Android users in Europe and Australia
The FluBot malware has a resurgence and hits users in Europe and Australia.
Malware
K Financial and insurance activities
CC
>1
FluBot, Android
46
24/08/2021
22/8/2021
22/8/2021
?
ROC Mondriaan
The ROC Mondriaan educational institution in The Hague suffers a major cyber attack.
Unknown
P Education
CC
NL
ROC Mondriaan, The Hague
47
25/08/2021
-
-
?
Undisclosed US financial organization
Research from Bitdefender reveal that FIN8 has breached and backdoored the network of a US financial organization with a new malware known dubbed Sardonic.
Malware
K Financial and insurance activities
CC
US
Bitdefender, FIN8, Sardonic
48
25/08/2021
Since June 2021
-
?
Multiple organizations in the healthcare sector
The FBI releases an alert about the Hive ransomware after attacks on hospital system in Ohio and West Virginia.
Malware
Q Human health and social work activities
CC
US
FBI, Hive, ransomware
49
25/08/2021
30/5/2021
30/5/2021
Vice Society
Town of Rolle
The Swiss town of Rolle acknowledges to have been hit with a ransomware attack.
Malware
O Public administration and defence, compulsory social security
CC
CH
Rolle, ransomware, Vice Society
50
25/08/2021
21/6/2021
-
?
Revere Health
The Personal Identifiable Information (PII) of approximately 12,000 cardiology patients is been exposed in a phishing attack to Revere Health.
Account Takeover
Q Human health and social work activities
CC
US
Revere Health
51
25/08/2021
-
-
?
Kanye West's fans
Researchers from Kaspersky reveal that scammers are already taking advantage of the forthcoming release of Kanye West's latest album "Donda" to distribute malware.
Malware
R Arts entertainment and recreation
CC
>1
Kaspersky, Kanye West, Donda
52
25/08/2021
-
24/6/2021
?
Metro Infectious Disease Consultant (MIDC)
Metro Infectious Disease Consultant notifies 171,740 Individuals of a phishing attack.
Account Takeover
Q Human health and social work activities
CC
US
Metro Infectious Disease Consultant, MIDC
53
26/08/2021
23/8/2021
23/8/2021
LockBit 2.0
Bangkok Airways
Bangkok Airways reveals to have been hit with a LockBit 2.0 ransomware attack.
Malware
H Transportation and storage
CC
TH
Bangkok Airways, LockBit 2.0, ransomware
54
26/08/2021
-
-
?
Organizations using Microsoft 365
Microsoft warns of a widespread credential phishing campaign abuses open redirector links.
Account Takeover
Y Multiple Industries
CC
>1
Microsoft 365
55
26/08/2021
6/8/2021
6/8/2021
?
Eye & Retina Surgeons
A ransomware attack compromises the personal and clinical data of more than 73,000 patients of Eye & Retina Surgeons in Singapore.
Malware
Q Human health and social work activities
CC
SG
Eye & Retina Surgeons, ransomware
56
26/08/2021
-
-
LockBit 2.0
Envision Credit Union
Envision Credit Union is allegedly hit with a LockBit 2.0 ransomware attack.
Malware
K Financial and insurance activities
CC
US
Envision Credit Union, LockBit 2.0, ransomware
57
26/08/2021
-
-
?
Single individuals
A phishing campaign uses the name of Catherine De Bolle, the executive director of the EU’s law enforcement agency Europol.
Account Takeover
X Individual
CC
BE
Catherine De Bolle, Europol.
58
27/08/2021
25/8/2021
25/8/2021
?
Boston Public Library (BPL)
The Boston Public Library (BPL) discloses that its network was hit by a cyberattack, leading to a system-wide technical outage.
Unknown
O Public administration and defence, compulsory social security
CC
US
Boston Public Library, BPL
59
27/08/2021
5/2/2021
During March 2021
Cl0p
Beaumont Health
Beaumont Health joins the list of the victims of the Accellion breach.
Vulnerability
Q Human health and social work activities
CC
US
Beaumont Health, Accellion
60
27/08/2021
5/7/2021
2/8/2021
?
San Andreas Regional Center
A ransomware attack on the San Andreas Regional Center in California leads to the threat actors potentially accessing or obtaining the data od a total of 57,244 patients were notified.
Malware
Q Human health and social work activities
CC
US
San Andreas Regional Center, ransomware
61
27/08/2021
Between 18/06/2021 and 29/06/2021
11/8/2021
?
CareATC
The hack of several employee email accounts at CareATC leads to the potential exposure of protected health information tied to 98,774 patients.
Account Takeover
Q Human health and social work activities
CC
US
CareATC
62
27/08/3021
13/8/2021
13/8/2021
?
Circuit Court of Cook County
The. Circuit Court of Cook County website is taken down after a breach that directed users to an NFL-related website.
Unknown
O Public administration and defence, compulsory social security
CC
US
Circuit Court of Cook County
63
27/08/3021
1/6/2021
28/7/2021
?
Rock Island County
Rock Island County loses $115,000 after a BEC attack.
Business Email Compromise
O Public administration and defence, compulsory social security
CC
US
Rock Island County
64
27/08/3021
21/7/2021
4/8/2021
?
Central Texas Medical Specialists PLLC dba Austin Cancer Centers
Austin Cancer Centers discloses to have suffered a ransomware attack.
Malware
Q Human health and social work activities
CC
US
Central Texas Medical Specialists PLLC, Austin Cancer Centers, ransomware
65
28/08/2021
-
26/8/2021
?
Fujitsu
4GB of data, allegedly from Japanese tech giant Fujitsu is being sold on the dark web by a group called Marketo. The company claims the information "appears related to customers" and not their own systems.
Unknown
C Manufacturing
CC
JP
Fujitsu
66
29/08/2021
-
-
?
Puma
The underground market Marketo claims to have about 1GB of data stolen from Puma that are now auctioned to the highest bidder.
Unknown
G Wholesale and retail trade
CC
DE
Marketo, Puma
67
30/08/2021
Since August 2021 (three weeks earlier)
-
?
Vulnerable Exchange servers.
Attackers are exploiting the ProxyToken vulnerability targeting Microsoft Exchange servers.
CVE-2021-33766 Vulnerability
Y Multiple Industries
CC
>1
ProxyToken, Microsoft Exchange, CVE-2021-33766
68
30/08/2021
-
30/8/2021
?
Cream Finance
Hackers are estimated to have stolen more than $29 million in cryptocurrency assets from Cream Finance, a decentralized finance (DeFi) platform that allows users to loan and speculate on cryptocurrency price variations.
Reentrancy attack
V Fintech
CC
TW
Cream Finance
69
30/08/2021
13/7/2021
13/7/2021
?
DuPage Medical Group (DMG)
DuPage Medical Group (DMG) recently began notifying 655,384 patients that their data was compromised during a cyberattack and network outage in mid-July
Unknown
Q Human health and social work activities
CC
US
DuPage Medical Group (DMG)
70
30/08/2021
26/8/2021
26/8/2021
?
Sault St. Marie Police Service
Sault St. Marie Police Service discloses to have been hit with a ransomware attack.
Malware
O Public administration and defence, compulsory social security
CC
US
Sault St. Marie Police Service, ransomware
71
30/08/2021
"Recently"
"Recently"
?
Multiple organizations
Researchers from Inky uncover a phishing campaign using fake COVID-19 vaccination forms.
Account Takeover
Y Multiple Industries
CC
US
Inky, COVID-19
72
30/08/2021
During December 2020
-
?
Mercy Grace Private Practice
Mercy Grace Private Practice notifies 4,450 patients about a business email compromise attack in December 2020 involving a fraudulent wire transfer.
Business Email Compromise
Q Human health and social work activities
CC
US
Mercy Grace Private Practice
73
31/08/2021
-
-
Multiple threat actors
Exposed Confluence servers
Mass scans for Confluence servers are currently underway, with attackers and professional bug bounty hunters probing Confluence systems for functions vulnerable to CVE-2021-26084 attacks.
CVE-2021-26084 Vulnerability
Y Multiple Industries
CC
>1
Confluence, CVE-2021-26084
74
31/08/2021
-
-
?
Multiple organizations
Researchers from Cisco Talos identify multiple campaigns distributing trojanized versions of the Honeygain proxyware.
Malware
Y Multiple Industries
CC
>1
Cisco Talos, Honeygain
75
31/08/2021
-
-
?
Russian Mobile users
A security researcher discover malicious code inside the firmware of four low-budget push-button mobile phones sold through Russian online stores (DEXP SD2810, Itel it2160, Irbis SF63, and F+ Flip 3).
Malware
X Individual
CC
RU
DEXP SD2810, Itel it2160, Irbis SF63, F+ Flip 3
76
31/08/2021
Between 28/062021 and 07/07/2021
6/8/2021
?
Career Group
Career Group is allegedly hit with a ransomware attack.
Malware
M Professional scientific and technical activities
CC
US
Career Group
77
31/08/2021
30/8/2021
30/8/2021
?
bansky.co.uk
A hacker returns $336,000 to a British collector after he tricked him into buying a fake Banksy NFT advertised through the artist's official website.
Account Takeover
R Arts entertainment and recreation
CC
UK
Bansky
78
31/08/2021
During June 2021
-
?
College and university students
Researchers from Mimecast discover a Nigeria-based cybercriminal group posing as a consulting company, targeting college and university students with work-from-home job offers in phishing emails that aim to have them cash checks for a commission.
Malicious Spam
P Education
CC
US
Mimecast, Nigeria
79
31/08/2021
04-05/08/2021
04-05/08/2021
?
Neuchâtel Cantonal Bank
A cyber attack on the Neuchâtel Cantonal Bank results in the potential theft of around 1,500 email addresses.
Unknown
K Financial and insurance activities
CC
CH
Neuchâtel Cantonal Bank
80
31/08/2021
-
-
?
Users of OpenSea
Users of OpenSea, a marketplace for blockchain-based digital assets, are being targeted by scammers who are impersonating the company's support staff in order to steal digital assets such as cryptocurrency and non-fungible tokens.
Account Takeover
V Fintech
CC
>1
OpenSea
81
31/08/2021
25/03/2021
06/05/2021
?
Town of Deerfield
The town of Deerfield notifies that an unauthorized third party viewed or acquired the personal information of several residents in a March 25 data breach.
Unknown
O Public administration and defence, compulsory social security
CC
US
Town of Deerfield
ID
Date Reported
Date Occurred
Date Discovered
Author
Target
Description
Attack
Target Class
Attack Class
Country
Link
Tags
Enjoy the interactive timeline, and thanks for sharing it, and supporting my work in spreading the risk awareness across the community. Also, don’t forget to follow @paulsparrows on Twitter, or even connect on Linkedin, for the latest updates.
BREACHOMETER
The “Breachometer” compares the current number of events/day with the max and min values recorded in the previous 12 months.
I have aggregated the statistics created from the cyber attacks timelines published in the second quarter of 2023. In total I have collected 1040 events...
After the cyber attacks timelines, it’s time to publish the statistics of June 2023 where I have collected and analyzed 384 events, yet another record number driven...
And finally I have aggregated all the data collected in 2021 from the cyber attacks timelines. In the past year I have collected 2539 events, meaning...
Welcome to the last cyber attacks timeline of 2022! A timeline that marks a sharp decline in the number of recorded events after four consecutive increases…
This blog post lists the main cloud-native threats, that is those cyber events exploiting the cloud in one or more stage of the kill chain. I have collected…
Similarly to what I have done in 2021, I am collecting all the mega breaches (with more than 1 million records leaked). The information is derived from the cyber attacks timelines…
Welcome to the last cyber attacks timeline of 2022! A timeline that marks a sharp decline in the number of recorded events after four consecutive increases…
This blog post lists the main cloud-native threats, that is those cyber events exploiting the cloud in one or more stage of the kill chain. I have collected…
Similarly to what I have done in 2021, I am collecting all the mega breaches (with more than 1 million records leaked). The information is derived from the cyber attacks timelines…