Committee on Foreign Investment in the United States (CFIUS)
January 10, 2025
•[ espionage, government ]
Silk Typhoon Chinese state-backed threat actors reportedly breach the Committee on Foreign Investment in the United States (CFIUS), a Treasury Department office that reviews foreign investments for national security risks.
Bank of America
January 10, 2025
•[ leak, finance ]
Bank of America notifies 414 individuals that their names, addresses, phone numbers, passport numbers, Social Security numbers, and their mortgage load numbers might have been compromised in a data breach at an unnamed third-party provider.
Wolf Haldenstein Adler Freeman & Herz
January 10, 2025
•[ leak ]
Wolf Haldenstein Adler Freeman & Herz LLP ("Wolf Haldenstein") a U.S. Law Firm, reports it has suffered a data breach that exposed the personal information of nearly 3.5 million individuals to threat actors.
Slovakian Geodesy, Cartography and Cadastre Office (UGKK)
January 10, 2025
•[ ransomware, malware, government ]
A cyber attack targets the Slovakian Geodesy, Cartography and Cadastre Office (UGKK), which manages land and property data. The agencys systems are shut down, and its physical offices closed following an alleged ransomware attack. According to local media reports, the attackers are demanding millions of euros in ransom.
Swiss Federal Administration
January 10, 2025
•[ hack, government ]
Beeintrchtigt gewesen sind unter anderem die Telefonie, Outlook sowie verschiedene Webseiten und Fachanwendungen des Bundes. Daten seien keine abgeflossen, hiess es vom Bund.
Centre des technologies de l’information de l’État' (CTIE)
January 10, 2025
•[ hack, ddos, government ]
Mehrere von der Regierung betriebene und vom Centre des technologies de linformation de ltat (CTIE) gehostete Internetseiten waren am Freitag zwischen 13:05 und 14:55 Uhr nicht erreichbar. Ursache dafr war eine DDOS-Attacke, die zahlreiche Webseiten lahmlegte, darunter men.public.lu und 112.public.lu. Das besttigte eine Sprecherin des CTIE gegenber dem Tageblatt. Der Angriff habe kurz nach 13 Uhr...
Lifebridge Health
January 10, 2025
•[ hack, phishing, healthcare ]
LifeBridge Health sent letters to patients and families about an email phishing incident that was discovered on Nov. 12.
Crimean Telecom Operators
January 10, 2025
•[ hack, ddos, technology ]
A massive DDoS attack is targeting major fixed-line and mobile network operators in Crimea, according to the Ministry of Internal Policy, Information and Communications... RIA Novosti, January 11, 2025
GroupGreeting[.]com
January 9, 2025
•[ hack, technology ]
Researchers at Malwarebytes discover zqxq, a widespread cyberattack that compromised GroupGreeting[.]com, a popular platform used by major enterprises to send digital greeting cards.
Individual in Linz, Austria
January 9, 2025
•[ financial, phishing ]
Vor neuerlichen Phishing-Attacken ber sogenannte Wiederverkaufsplattformen im Internet warnt die Arbeiterkammer Obersterreich (AK O). Einer Linzerin waren ber einen Trick ihre Kontodaten herausgelockt und rund 8.000 Euro abgebucht worden, ehe sie den Betrug bemerkte.
Scholastic
January 8, 2025
•[ hack, education ]
In January 2025, a data breach of the publishing company Scholastic surfaced. The breach contained 4.2M unique email addresses with many of the records also including name, phone number and physical address.
City of Corvallis (Councilor Paul Schaffer)
January 8, 2025
•[ hack, phishing, government ]
A Corvallis city councilor's email is hacked by a scammer and used to reach nearly 3,500 email addresses in an attempt to steal the recipients' personal information.
Organizations, businesses, and individuals in Japan
January 8, 2025
•[ espionage, government ]
Japan's National Police Agency (NPA) and National Center of Incident Readiness and Strategy for Cybersecurity (NCSC) accuse a China-linked threat actor named MirrorFace of orchestrating a persistent attack campaign targeting organizations, businesses, and individuals in the country since 2019.
Orange Finances
January 8, 2025
•[ financial, hack, finance ]
Orange Finances announces that a threat actor compromised the admin address, upgraded contracts, and transferred funds to their wallet for an estimated loss of more than $840K.
Moby Trade
January 8, 2025
•[ financial, hack, finance ]
Moby Trade is the victim of a $2.5 million hack exploiting a compromised private key. However, a mistake by the attacker allows a whitehat to steal $1.5 million back and return it to the protocol.
Gateshead Council
January 8, 2025
•[ hack, government ]
Gateshead Council suffers a cyber attack.
Excelsior Orthopaedics
January 7, 2025
•[ ransomware, malware, healthcare ]
Excelsior Orthopaedics notifies approximately 357,000 people that their personal and health information was compromised in a data breach resulting from a ransomware attack that came to light in June 2024.
Addison Northwest School District
January 7, 2025
•[ ransomware, education ]
The Addison Northwest School District (ANWSD) suffers a ransomware attack.
United Nations' International Civil Aviation Organization (ICAO)
January 7, 2025
•[ leak, government ]
The United Nations' International Civil Aviation Organization (ICAO) announces it is investigating what it describes as a "reported security incident." 42,000 recruitment application data records are affected.
Laramie County Library System
January 7, 2025
•[ ransomware, malware, education ]
CHEYENNE Early Tuesday morning, the Laramie County Library System was the victim of a ransomware attack that shut down library servers and immobilized most digital services.
