City of Columbus
July 18, 2024
•[ ransomware, malware, government ]
The City of Columbus, Ohio, says it's investigating whether personal data was stolen in a ransomware attack that disrupted the City's services. The attackers claimed to have stolen 6.5 terabytes of data, including personal information such as names, addresses, dates of birth, Social Security numbers, bank account details, and driver's license information of approximately 500,000 residents.
Taiwanese government-affiliated research institute
July 15, 2024
•[ espionage, malware, government ]
Researchers from Cisco Talos reveal that a Taiwanese government-affiliated research institute that specializes in computing and associated technologies was breached by the nation-state threat actors APT41 with ties to China, through a variety of backdoors and post-compromise tools like ShadowPad and Cobalt Strike.
At least five Macau government websites
July 11, 2024
•[ hack, ddos, government ]
At least five Macau government websites are knocked offline by suspected foreign hackers for almost an hour.
Clay County
July 11, 2024
•[ ransomware, malware, government ]
Clay County, Indiana files a local disaster declaration following a ransomware attack.
The Heritage Foundation
July 11, 2024
•[ hack, government ]
The hacktivist group SiegedSec claims responsibility for a data breach at the Heritage Foundation, stealing details of a potentially controversial Project 2025.
Monroe County
July 8, 2024
•[ ransomware, malware, government ]
Monroe County is hit with a BlackSuit ransomware attack.
Solano County
July 3, 2024
•[ ransomware, malware, government ]
Nearly three months after a ransomware attack disrupted phone lines, computer services and Wi-Fi across Solano County's public libraries, systems are still down.
Hellenic Cadastre (Greek Land Registry Agency)
July 1, 2024
•[ leak, government ]
The Land Registry agency in Greece announces that it suffered a limited-scope data breach following a wave of 400 cyberattacks targeting its IT infrastructure with the attackers able to steal steal 1.2 GB of data.
Multiple U.S. defense contractors
July 1, 2024
•[ espionage, malware, government ]
Between July 2024 and July 2025, the Chinese state-linked group RedNovember, operating under the Ministry of State Security (MSS), conducted an espionage campaign exploiting internet-facing network devices and Outlook Web Access systems to infiltrate at least two U.S. defense contractors. Attackers deployed the Go-based backdoor Pantegana, Cobalt Strike, and SparkRAT for reconnaissance and persistence, exfiltrating sensitive defense-related data.
Indonesia's Temporary National Data Center
June 24, 2024
•[ ransomware, malware, government ]
The Indonesian National Cyber and Encryption Agency (BSSN) reveals that the Brain Cipher ransomware disrupted the Temporary National Data Center server, affecting the operations of 210 government institutions, including immigration services at Soekarno-Hatta International Airport.
Japan Aerospace Exploration Agency (JAXA)
June 21, 2024
•[ hack, government ]
The Japanese space agency JAXA has been hit by a series of cyberattacks since it reported a cyber incident during November 2023.
Traverse City
June 12, 2024
•[ ransomware, malware, government ]
Traverse City is hit with a ransomware attack and shuts down the IT infrastructure.
City of Cleveland
June 11, 2024
•[ ransomware, malware, government ]
The City of Cleveland, Ohio, is currently dealing with a cyberattack that has forced it to take citizen-facing services offline, including the public offices and facilities at Erieview and the City Hall. Few days later the city confirms a ransomware attack.
Various election-related sites and two political parties in the Netherlands
June 6, 2024
•[ hack, ddos, government ]
Researchers from Cloudflare report to have mitigated at least three distributed denial of service (DDoS) attack waves on various election-related sites in the Netherlands, as well as several political parties; PVV (Party for Freedom) and FvD (Forum for Democracy). The hacktivist group known as 'HackNeT' took responsibility for the attacks.
Dubai Municipality
June 5, 2024
•[ leak, government ]
Daixin Team adds the Dubai Municipality to its dark web leak site.
Town of Arlington
June 5, 2024
•[ financial, phishing, government ]
The town of Arlington discloses that it had lost nearly $446,000 in a monthslong business email compromise (BEC) scam.
Ukrainian civil service officials and military personnel
June 4, 2024
•[ espionage, malware, government ]
The Computer Emergency Response Team of Ukraine (CERT-UA) warns of a campaign targeting Ukrainian civil service officials and military personnel via the DarkCrystal RAT delivered through Signal.
Germany's Christian Democratic Union
June 1, 2024
•[ hack, misconfiguration, government ]
Germany's Christian Democratic Union (CDU), the country's leading opposition party, is hit by a major cyberattack and has taken parts of its IT-infrastructure off the grid as a precautionary measure. According to sources, the attackers exploited the CVE-2024-24919 Check Point vulnerability.
Government of Turks and Caicos
June 1, 2024
•[ ransomware, malware, government ]
The government of Turks and Caicos says is making progress in its recovery from a recent ransomware attack that has caused widespread issues on the islands.
Polish Press Agency
May 31, 2024
•[ espionage, government ]
Polish prosecutors investigate a suspected Russian cyberattack on the countrys state news agency Polish Press Agency (PAP) spreading disinformation with fake news claiming the countrys authorities had announced a partial mobilization of 200,000 men who were to be sent to fight in a war in Ukraine.
