Nuclear scientist and senior Israeli officials
November 11, 2024
•[ espionage, government ]
Threat actors believed to be affiliated with Iranian intelligence expose the personal details of a nuclear scientist who worked at the Soreq Nuclear Research Center, and private photos and emails of senior Israeli officials, including a former Defense Ministry director general.
Hungary Defense Procurement Agency
November 8, 2024
•[ ransomware, malware, government ]
Hungarian officials confirm to local media that the countrys defense procurement agency (VB) was attacked by an international group of hackers. The INC Ransom group claims responsibility for the attack.
Government Websites and Private Companies in South Korea
November 8, 2024
•[ hack, ddos, government ]
Pro-Russian hacktivists target South Korea with DDoS attacks as North Korea joins the Ukraine war.
Microlise
November 6, 2024
•[ hack, government ]
A cyberattack on Microlise leaves British prison vans without tracking systems or panic alarms.
Wexford County Register of Deeds
November 5, 2024
•[ cyberattack, data loss, government ]
The Wexford County, Michigan, Register of Deeds office experienced a cyber incident on 2024-11-05. Access was shut off, systems went offline, and a small portion of documents (less than 5%) from a defined time period were not recoverable.
Alaska Division of Retirement and Benefits
November 4, 2024
•[ hack, financial, government ]
The Alaska Division of Retirement and Benefits is hacked and State residents who work in the public sector, have employer contributions to their retirement accounts impacted
At least one undisclosed government and/or tech company
November 4, 2024
•[ state-sponsored, malware, backdoor ]
Government cybersecurity reporting described PRC state-sponsored actors using BRICKSTORM malware to maintain long-term persistence in victim environments, primarily affecting government services/facilities and IT sector organizations. In a documented case, actors accessed a DMZ web server (with a web shell present), moved laterally using service account credentials, copied Active Directory databases, pivoted into VMware vCenter, accessed domain controllers and an ADFS server, and exported cryptographic keys. BRICKSTORM provided stealthy backdoor access for command-and-control and remote operations and was used for persistence from at least April 2024 through at least September 3, 2025. The specific victim organization name was not disclosed in the reporting.
Washington State Administrative Office of the Courts (AOC)
November 3, 2024
•[ hack, government ]
Court systems across Washington are down after officials said "unauthorized activity" was detected on their networks.
Housing Authority of the City of Los Angeles
November 1, 2024
•[ ransomware, malware, government ]
The Housing Authority of the City of Los Angeles (HACLA), one of the largest public housing authorities in the United States, confirms that a cyberattack hit its IT network after recent breach claims from the Cactus ransomware gang.
Mongolian Ministry of Defense
November 1, 2024
•[ espionage, malware, government ]
Researchers at Recorded Future observe the Chinese state-sponsored group RedDelta targeting Mongolia, Taiwan, Myanmar, Vietnam, and Cambodia with an adapted infection chain to distribute its customized PlugX backdoor.
Bucharest City Hall
October 31, 2024
•[ ransomware, malware, government ]
The data of approximately 200,000 citizens of the administrative unit Sector 5 of the city of Bucharest are put up for sale after the City Hall suffers a RansomHub ransomware attack at the end of October.
City of Sheboygan
October 31, 2024
•[ ransomware, government ]
Threat actors demand a ransom from officials in the city of Sheboygan, after launching an attack that caused network issues.
Tver Administration's Network
October 29, 2024
•[ hack, malware, government ]
A group with the moniker of Ukrainian Cyber Alliance claims to have taken down the Tver administration's network and to have wiped out dozens of virtual machines, backup storage, websites, email, and hundreds of workstations.
San Joaquin County Superior Court
October 28, 2024
•[ hack, government ]
The San Joaquin County Superior Court says that nearly all of its digital services are knocked offline due to a cyberattack.
Sensitive government and police databases in Italy
October 25, 2024
•[ hack, espionage, government ]
Four people are arrested in Italy after a business intelligence company called Equalize is accused of hacking sensitive government and police databases to create dossiers for its clients.
U.S. Government
October 24, 2024
•[ financial, government ]
A threat actor appears to have stolen approximately $20 million in stablecoins and ETH from wallets belonging to the U.S. Government.
City of Coppell
October 23, 2024
•[ ransomware, malware, government ]
The RansomHub operation takes credit for a damaging attack on the city of Coppell, Texas.
Cyprus’ critical infrastructure and government websites
October 18, 2024
•[ hack, government ]
Cyprus critical infrastructure and government websites are targeted in a series of coordinated cyberattacks claimed by several pro-Palestine hacker groups.
Westmoreland County
October 16, 2024
•[ social, phishing, government ]
Municipal Authority of Westmoreland County officials say the water and sewer utility has recovered more than $826,000 that was stolen in what it called a vendor impersonator scheme.
Japan's ruling Liberal Democratic Party (LDP)
October 15, 2024
•[ hack, ddos, government ]
Japan's ruling Liberal Democratic Party (LDP) reports that a cyberattack temporarily disrupted its website, coinciding with the start of the countrys general election campaign.
