Governments and armed forces, think tanks, academic researchers, and Ukrainian entities
October 1, 2024
•[ espionage, malware, government ]
Researchers at Trend Micro reveal the details of a campaign carried out by the Russia-linked APT29 threat actor, leveraging malicious Remote Desktop Protocol (RDP) configuration files.
Rafic Hariri International Airport
September 28, 2024
•[ hack, government ]
The Israeli cyber army allegedly hacks into the control tower of the Rafic Hariri International Airport in Beirut, and threatens an Iranian civilian plane attempting to land, forcing it to return.
National Dutch police (Politie)
September 27, 2024
•[ espionage, government ]
The National Dutch police (Politie) says that a state actor was likely behind a data breach detected the previous week.
Senator Ben Cardin
September 26, 2024
•[ espionage, phishing, government ]
An advanced deepfake operation targets Sen. Ben Cardin, the Democratic chair of the Senate Foreign Relations Committee, who is involved in a Zoom conversation with a fake Dymtro Kuleba, the former Ukrainian Minister of Foreign Affairs.
19 stations, including London Cannon Street, London Bridge, Charing Cross, Clapham Junction, Euston, King’s Cross, Liverpool Street, Paddington, Victoria, Waterloo, Reading, Guildford, Manchester Piccadilly, Liverpool Lime Street, Birmingham New Street, Leeds, Bristol Temple Meads, Edinburgh Waverley, Glasgow Central
September 26, 2024
•[ hack, misconfiguration, government ]
U.K. transport officials and police say they are investigating a cyber-security incident that hit the public Wi-Fi networks at the countrys biggest railway stations and displayed an anti-Islam message in the login page.
Suburb of Richardson
September 25, 2024
•[ ransomware, malware, government ]
Richardson, a large Dallas suburb is dealing with a ransomware attack that has required help from the FBI to resolve.
Multiple Ukrainian government and municipal organizations
September 25, 2024
•[ vulnerability, phishing, malware ]
A zero-day vulnerability in 7-Zip (CVE-2025-0411) was exploited beginning September 25, 2024, by undetermined Russian-speaking cybercriminal actors via phishing and homoglyph-lure archives. Trend Micro and SecurityWeek confirmed at least nine Ukrainian government and public-service entities (including the Ministry of Justice, Kyiv Public Transportation, and water-utility systems) were compromised. The campaign delivered SmokeLoader malware through malicious archives bypassing Windows Mark-of-the-Web protections.
Kuwait’s Health Ministry
September 25, 2024
•[ cyberattack, healthcare, system outage ]
The Kuwaits Health Ministry is recovering from a cyberattack that took down systems at several of the countrys hospitals, as well as the countrys Sahel healthcare app.
City of Pleasanton
September 24, 2024
•[ ransomware, malware, government ]
The City of Pleasanton in California is hit with a Valencia ransomware attack. The threat actor claims to have stolen 283GB of sensitive information.
Water utility in Arkansas City
September 24, 2024
•[ hack, government ]
Arkansas City, a small city in Cowley County, Kansas, is forced to switch its water treatment facility to manual operations over the weekend to contain a cyberattack detected on Sunday morning.
U.S. Capitol
September 24, 2024
•[ leak, government ]
The personal information of over 3,000 congressional staffers is leaked on the dark web following a major breach on the U.S. Capitol.
Houston Housing Authority
September 22, 2024
•[ ransomware, malware, government ]
The Houston Housing Authority falls victim of a ransomware attack.
Dozens of Austrian websites
September 20, 2024
•[ hack, ddos, government ]
The Pro-Russia groups NoName057(16) and OverFlame claim responsibility for disrupting dozens of Austrian websites ahead of the country's general election later this month.
Marin Housing Authority
September 15, 2024
•[ financial, government ]
Threat actors steal $950,000 that was earmarked for the rehabilitation of public housing in Marin City, from the Marin Housing Authority.
Osnovanie
September 13, 2024
•[ hack, government ]
Threat actors from Ukraine claim to have compromised the infrastructure of the agency that certifies digital signatures in Russia, known as Osnovanie ("Foundation" in Russian), and defaces its websites.
Pacific Islands Forum Secretariat
September 12, 2024
•[ espionage, hack, government ]
Chinese state-sponsored hackers are reportedly suspected of compromising the networks of the Pacific Islands Forum (PIF) Secretariat, a regional diplomatic body based in Fiji.
Instituto Nacional de Deportes de Chile
September 12, 2024
•[ hack, government ]
In September 2024, the Instituto Nacional de Deportes de Chile (Chile's National Sports Institute) suffered a data breach. The incident exposed 1.7M rows of data with 320k unique email addresses alongside names, dates of birth, genders and bcrypt password hashes. The newest records in the data date back to August 2022, suggesting the breach may be of an older data set.
Local and central government institutions in Poland
September 9, 2024
•[ espionage, government ]
Polish security services reveal to have neutralized a sabotage operation orchestrated by Russia and Belarus that aimed to destabilise Poland, penetrating local and central government institutions with the goal to extort information, to blackmail individuals and institutions and to wage a de facto cyberwar.
Tewkesbury Borough Council
September 5, 2024
•[ hack, government ]
The Tewkesbury Borough Council shouts down its systems following a cyber attack.
Transport for London
September 2, 2024
•[ hack, government ]
Transport for London (TfL), the city's transport authority, is investigating an ongoing cyberattack.
