City of Hoboken
November 27, 2024
•[ ransomware, malware, government ]
The city of Hoboken shuts down its government offices after an early morning ransomware attack caused widespread issues.
Undisclosed prisons in the U.K.
November 23, 2024
•[ leak, government ]
Confidential prison layouts in the U.K. are leaked onto the dark web.
Human rights groups, private security companies, and state and educational institutions in Central Asia, East Asia, and Europe
November 21, 2024
•[ espionage, malware, government ]
Researchers at Recorded Future identify an ongoing Russia-linked cyber-espionage campaign targeting human rights groups, private security companies, and state and educational institutions in Central Asia, East Asia, and Europe using custom malware.
Minneapolis Park and Recreation Board
November 20, 2024
•[ ransomware, malware, government ]
The RansomHub operation takes credit for a damaging attack on the Minneapolis Park and Recreation Board.
Mexico Legal Affairs Office
November 20, 2024
•[ ransomware, malware, government ]
Mexicos president Claudia Sheinbaum says that the government is investigating an alleged ransomware hack of her administrations legal affairs office after what appeared to be samples of personal information from a database of government employees were posted online.
Undisclosed Law Firm
November 19, 2024
•[ leak, misconfiguration, government ]
A threat actor, who goes online with the name name Altam Beezley, gained access to a computer file shared in a secure link among lawyers whose clients have given damaging testimony related to Matt Gaetz, the former Florida congressman who is President-elect Donald J. Trumps choice to be attorney general.
Town of Webster, New York
November 15, 2024
•[ financial, social, phishing ]
The Town of Webster fell victim to a phishing scam in November 2024, when scammers impersonated a contractor and tricked officials into diverting $520,275.67. Criminal investigation recovered over $300,000, and cyber insurance is expected to cover the remainder. No sensitive or confidential data was compromised.
Kumamoto Prefecture Violence Prevention Movement Promotion Center
November 15, 2024
•[ social, phishing, government ]
The Kumamoto Prefecture Violence Prevention Movement Promotion Center says that 2,500 people who have used its counseling services (which aid with everything from evading extortion to disentangling romantically from Yakuza members) have been impacted by a data breach following a successful phishing attack.
City of Clark Fork
November 15, 2024
•[ social, phishing, government ]
The City of Clark Fork is scammed out of half a million dollars by a man posing as its construction contractor.
Nuclear scientist and senior Israeli officials
November 11, 2024
•[ espionage, government ]
Threat actors believed to be affiliated with Iranian intelligence expose the personal details of a nuclear scientist who worked at the Soreq Nuclear Research Center, and private photos and emails of senior Israeli officials, including a former Defense Ministry director general.
Government Websites and Private Companies in South Korea
November 8, 2024
•[ hack, ddos, government ]
Pro-Russian hacktivists target South Korea with DDoS attacks as North Korea joins the Ukraine war.
Hungary Defense Procurement Agency
November 8, 2024
•[ ransomware, malware, government ]
Hungarian officials confirm to local media that the countrys defense procurement agency (VB) was attacked by an international group of hackers. The INC Ransom group claims responsibility for the attack.
Microlise
November 6, 2024
•[ hack, government ]
A cyberattack on Microlise leaves British prison vans without tracking systems or panic alarms.
Wexford County Register of Deeds
November 5, 2024
•[ cyberattack, data loss, government ]
The Wexford County, Michigan, Register of Deeds office experienced a cyber incident on 2024-11-05. Access was shut off, systems went offline, and a small portion of documents (less than 5%) from a defined time period were not recoverable.
Alaska Division of Retirement and Benefits
November 4, 2024
•[ hack, financial, government ]
The Alaska Division of Retirement and Benefits is hacked and State residents who work in the public sector, have employer contributions to their retirement accounts impacted
At least one undisclosed government and/or tech company
November 4, 2024
•[ state-sponsored, malware, backdoor ]
Government cybersecurity reporting described PRC state-sponsored actors using BRICKSTORM malware to maintain long-term persistence in victim environments, primarily affecting government services/facilities and IT sector organizations. In a documented case, actors accessed a DMZ web server (with a web shell present), moved laterally using service account credentials, copied Active Directory databases, pivoted into VMware vCenter, accessed domain controllers and an ADFS server, and exported cryptographic keys. BRICKSTORM provided stealthy backdoor access for command-and-control and remote operations and was used for persistence from at least April 2024 through at least September 3, 2025. The specific victim organization name was not disclosed in the reporting.
Washington State Administrative Office of the Courts (AOC)
November 3, 2024
•[ hack, government ]
Court systems across Washington are down after officials said "unauthorized activity" was detected on their networks.
Mongolian Ministry of Defense
November 1, 2024
•[ espionage, malware, government ]
Researchers at Recorded Future observe the Chinese state-sponsored group RedDelta targeting Mongolia, Taiwan, Myanmar, Vietnam, and Cambodia with an adapted infection chain to distribute its customized PlugX backdoor.
Housing Authority of the City of Los Angeles
November 1, 2024
•[ ransomware, malware, government ]
The Housing Authority of the City of Los Angeles (HACLA), one of the largest public housing authorities in the United States, confirms that a cyberattack hit its IT network after recent breach claims from the Cactus ransomware gang.
Bucharest City Hall
October 31, 2024
•[ ransomware, malware, government ]
The data of approximately 200,000 citizens of the administrative unit Sector 5 of the city of Bucharest are put up for sale after the City Hall suffers a RansomHub ransomware attack at the end of October.
