-
Undetermined
March 15, 2022
The developer behind the popular "node-ipc" NPM package released a new tampered version to condemn Russia's invasion of Ukraine. The alterations introduced by its maintainer RIAEvangelist brought about undesirable behavior by targeting users with IP addresses located either in Russia or Belarus, and wiping arbitrary file contents and replacing them with a heart emoji. In a latter release, any time the node-ipc module functionality gets called, it prints to STDOUT a message taken out of the peacenotwar module, as well as places a file on the user's Desktop directory with contents relating to the current war-time situation of Russia and Ukraine.
-
Urgent Team Holdings
March 15, 2022
Urgent Team Holdings notifies 166,601 patients that some of their protected health information may have been obtained by unauthorized individuals in a November 2021 cyberattack.
-
Agave and Hundred Finance
March 15, 2022
A hacker makes off with approximately $11 million in cryptocurrency after using a "re-entrancy" attack on decentralized finance (DeFi) lending protocol applications Agave and Hundred Finance.
-
Parliament of Spain
March 15, 2022
A DDoS attack on the website of the Spanish parliament affected availability of the website.
-
ROSATOM
March 15, 2022
The Anonymous collective claims to have hacked (again) Rosatom, the Russia's state nuclear energy corporation founded by Vladimir Putin himself.
-
Federal Security Service (FSB)
March 15, 2022
•
[ hack, ddos, government ]
The Anonymous collective takes responsibility for taking down top Russian government websites in a series of DDoS attacks. The list of the targets include the official website of the Federal Security Service (FSB), the Stock Exchange, the Analytical Center for the Government of the Russian Federation, and the Ministry of Sport of the Russian Federation.
-
Heriot-Watt University
March 15, 2022
•
[ education ]
Heriot-Watt University in Scotland is hit by a serious security incident.
-
Regional Ministry of Health
March 15, 2022
•
[ hack, misconfiguration, government ]
A hacker dubbed Spielerkid89 remotely accesses a computer belonging to a regional Ministry of Health in Russia, exploiting a VNC Server without authentication
-
RiverKids Pediatric Home Health
March 15, 2022
•
[ hack, phishing, healthcare ]
RiverKids Pediatric Home Health notifies 3,494 patients that some of their protected health information has potentially been viewed or stolen as a result of an email security incident.
-
Ask.FM?
March 14, 2022
•
[ leak, technology ]
A seller called "Data," lists a database on a forum with the data of 350 million users allegedly obtained from Ask.FM.
-
Israel Government web sites
March 14, 2022
•
[ hack, ddos, government ]
Israel's National Cyber Directorate reveals that the country suffered a cyber attack that briefly took down a number of government websites.
-
Newman Regional Health (NRH)
March 14, 2022
•
[ hack, healthcare ]
Newman Regional Health (NRH) notifies 52,224 patients that unauthorized individuals have gained access to certain employee email accounts that contained protected health information.
-
Elevate Services
March 14, 2022
•
[ ransomware, malware, technology ]
Elevate Services, Inc. experienced what appears to have been a ransomware attack that leaked confidential information belonging to certain consumers.
-
Undetermined
March 14, 2022
•
[ hack, malware, finance ]
ESET researchers have uncovered yet another destructive data wiper that was used in attacks against a limited number of organizations in Ukraine. No code similarities to either HermeticWiper or IsaacWiper were identified. There's evidence to suggest that the threat actors behind CaddyWiper infiltrated the target's network before executing the wiper.
-
Law Enforcement Health Benefits Inc. (LEHB)
March 14, 2022
•
[ ransomware, malware, healthcare ]
Law Enforcement Health Benefits Inc. (LEHB) notifies plan members of a September 2021 ransomware attack that impacted over 85,000 individuals.
-
Parker Hannifin
March 14, 2022
The Conti ransomware group leaks several gigabytes of files allegedly stolen from US industrial components giant Parker Hannifin.
-
Viva Air
March 14, 2022
•
[ ransomware, leak, malware ]
The RansomEXX ransomware gand drops leaked data samples on their TOR site.
-
Viva Air
March 14, 2022
•
[ ransomware, malware ]
In March 2022, the now defunct Colombian airline Viva Air suffered a data breach and subsequent ransomware attack. Among a trove of other ransomed data, the incident exposed a log of 2.6M transactions with 932k unique email addresses, physical and IP addresses, names, phone numbers and partial credit card data (last 4 digits).
-
Undetermined
March 13, 2022
•
[ espionage, finance ]
A suspected Russian nation state actor stole data from a nuclear safety organization. "EnergeticBear" compromised this entity in December 2021 and stole data from it from December through mid-March.
-
East Tennessee Children's Hospital (ETCH)
March 13, 2022
•
[ hack, healthcare ]
East Tennessee Children's Hospital is the victim of an information technology security issue
