-
ELTA Hellenic Post
May 5, 2022
•
[ ransomware, malware, government ]
Vice Society encrypts network and threatens to leak data on their dark web portal.
-
Haynes Manuals
May 4, 2022
Vice Society encrypts network and threatens to leak data on their dark web portal.
-
Russian websites managed by government, military, and news organizations.
May 4, 2022
•
[ hack, ddos, government ]
Researchers from Crowdstrike reveal that Docker images with a download count of over 150,000 have been used to run DDoS attacks against a dozen of Russian and Belarusian websites managed by government, military, and news organizations.
-
Heroku
May 4, 2022
•
[ hack, misconfiguration, technology ]
Salesforce-owned Heroku performs a forced password reset on a subset of user accounts. The company admits that the stolen GitHub integration OAuth tokens from last month further led to the compromise of an internal customer database.
-
LLC Capital
May 4, 2022
•
[ leak, finance ]
Anonymous leak a 20.4 GB archive containing 31,990 emails from LLC Capital.
-
MM.Finance
May 4, 2022
•
[ financial, misconfiguration, finance ]
MM.Finance announces that attackers managed to steal $2 million worth of digital assets in a Domain Name System (DNS) attack.
-
PRGX Global Inc.
May 4, 2022
•
[ ransomware, malware, technology ]
Black Basta drops examples of sensitive organizational data on their dark web page demanding payment under threat of publication.
-
Ziedot
May 4, 2022
•
[ hack, ddos, technology ]
A Latvian national news agency and another latvian news organization were hit by DDoS attacks on May 04. This attack was the largest of a spate of attacks that had affected the news agency since the start of the war.
-
Kaiser Permanente
May 4, 2022
•
[ social, phishing, healthcare ]
Kaiser Permanente, one of America's leading not-for-profit health plans and health care providers, recently discloses a data breach that exposed the health information of more than 69,000 individuals when the email of an employee is compromised.
-
National Health System (NHS)
May 4, 2022
Researchers from INKY reveal that for about half a year, work email accounts belonging to over 100 employees of the National Health System (NHS) in the U.K. were used in several phishing campaigns, some aiming to steal Microsoft logins.
-
Asia Pacific University
May 3, 2022
•
[ ransomware, malware, education ]
Vice Society encrypts network and threatens to leak data on their dark web portal.
-
Defense and cybersecurity organizations in the Baltics
May 3, 2022
Google's Threat Analysis Group reveals that the Russian threat actor Turla is targeting defense and cybersecurity organizations in the Baltics via emails distributing malicious documents.
-
Government and defense officials, politicians, NGOs and think tanks, and journalists
May 3, 2022
•
[ espionage, phishing, government ]
Google's Threat Analysis Group reveals that the Russian threat actor Calisto is targeting government and defense officials, politicians, NGOs and think tanks, and journalists via phishing links directly in the email, linking to PDFs and/or DOCs hosted on Google Drive and Microsoft One Drive.
-
Government, military, logistics and manufacturing organizations in Ukraine, Russia and Central Asia
May 3, 2022
Google's Threat Analysis Group reveals that the Chinese threat actor Curious Gorge has remained active against government, military, logistics and manufacturing organizations in Ukraine, Russia and Central Asia.
-
TUI UK
May 3, 2022
•
[ ransomware, malware, technology ]
SNATCH executed exfiltration of data and ransomeware in targeted network. Data presented on dark web "leak site"
-
Allwell Behavioral Health Services
May 3, 2022
•
[ hack, healthcare ]
Allwell Behavioral Health Services announces that a computer system used to store quality assurance information related to the treatment of patients was accessed by an unauthorized individual.
-
Transport for NSW
May 3, 2022
Transport for NSW confirms its Authorised Inspection Scheme (AIS) online application was impacted by a cyber incident in early April.
-
Capsule
May 3, 2022
Capsule, a digital pharmacy, starts notifying 27,486 individuals that some of their protected health information has been exposed in a cyberattack where unauthorized individuals gained access to certain Capsule accounts on April 5, 2022.
-
High risk individuals in Ukraine
May 3, 2022
Google's Threat Analysis Group reveals that the Belarusian threat actor Ghostwriter has resumed its activity of targeting Gmail accounts via credential phishing.
-
Government Agencies of Germany
May 2, 2022
•
[ hack, ddos, government ]
Over several days, the websites of German authorities and ministries have been targeted in a series of DDoS attacks. the targets included the Ministry of Defence, the Bundestag, the Federal Police and several state police authorities.
