Tibetans and Uyghurs Individuals
December 5, 2024
•[ espionage, malware ]
Researchers at Trend Micro discover a previously undocumented threat activity cluster dubbed Earth Minotaur, leveraging the MOONSHINE exploit kit and an unreported Android-cum-Windows backdoor called DarkNimbus to facilitate long-term surveillance operations targeting Tibetans and Uyghurs.
Multiple Organizations in the Cryptocurrency Space
December 4, 2024
•[ financial, malware, finance ]
The legitimate Solana JavaScript SDK is temporarily compromised in a supply chain attack, backdoored with code to steal cryptocurrency keys and drain wallets.
PIH Health
December 1, 2024
•[ ransomware, malware, healthcare ]
Threat actors claim they stole 17 million patient records from PIH Health, a southern California regional healthcare provider that is still struggling with IT and phone systems outages that have been disrupting patient care since the organization was hit by a ransomware attack on Dec. 1.
Port of Rijeka
November 30, 2024
•[ ransomware, financial, leak ]
The 8Base ransomware group hits Croatias Port of Rijeka, stealing sensitive data, including contracts and accounting info.
Krispy Kreme
November 29, 2024
•[ ransomware, malware, retail ]
US doughnut chain Krispy Kreme reveals it suffered a cyberattack in November that impacted portions of its business operations, including placing online orders. The Play ransomware gang claims responsibility for the attack.
Kurita America
November 29, 2024
•[ ransomware, malware, manufacturing ]
The U.S. subsidiary of Kurita Water, a Japanese water treatment company says ransomware actors have stolen data from systems and encrypted some servers.
Stoli Group USA
November 29, 2024
•[ ransomware, malware, manufacturing ]
Stoli Group's U.S. companies file for bankruptcy following an August ransomware attack and Russian authorities seizing the company's remaining distilleries in the country.
Alder Hey Children’s Hospital
November 28, 2024
•[ ransomware, malware, healthcare ]
Alder Hey Childrens Hospital says it is investigating claims that its systems may have been breached and that patient records and other information was stolen, after the ransomware group INC Ransom adds Alder Hey to its leak site.
Refinadora Costarricense de Petróleo
November 27, 2024
•[ ransomware, malware, energy ]
Refinadora Costarricense de Petrleo (RECOPE), the state-owned energy provider for Costa Rica is hit with a ransomware attack, requiring the company to shift to manual operations and call in help from abroad.
City of Hoboken
November 27, 2024
•[ ransomware, malware, government ]
The city of Hoboken shuts down its government offices after an early morning ransomware attack caused widespread issues.
ENGlobal Corporation
November 25, 2024
•[ ransomware, malware, energy ]
ENGlobal Corporation, a major contractor for the energy industry confirms in a notice to regulators that it is dealing with a ransomware attack that has hindered operations.
Artivion
November 21, 2024
•[ ransomware, malware, manufacturing ]
Artivion, a leading manufacturer of heart surgery medical devices, discloses q ransomware attack that disrupted its operations and forced it to take some systems offline.
Human rights groups, private security companies, and state and educational institutions in Central Asia, East Asia, and Europe
November 21, 2024
•[ espionage, malware, government ]
Researchers at Recorded Future identify an ongoing Russia-linked cyber-espionage campaign targeting human rights groups, private security companies, and state and educational institutions in Central Asia, East Asia, and Europe using custom malware.
Blue Yonder
November 21, 2024
•[ ransomware, malware, technology ]
Supply chain management firm Blue Yonder warns that a ransomware attack caused significant disruption to its services, with the outages impacting grocery store chains in the UK.
Mexico Legal Affairs Office
November 20, 2024
•[ ransomware, malware, government ]
Mexicos president Claudia Sheinbaum says that the government is investigating an alleged ransomware hack of her administrations legal affairs office after what appeared to be samples of personal information from a database of government employees were posted online.
Minneapolis Park and Recreation Board
November 20, 2024
•[ ransomware, malware, government ]
The RansomHub operation takes credit for a damaging attack on the Minneapolis Park and Recreation Board.
35 organizations worldwide
November 18, 2024
•[ ransomware, malware ]
The Akira ransomware-as-a-service gang publishes a record number (35) of new victims to its darknet leak site in a single day.
American Associated Pharmacies
November 18, 2024
•[ ransomware, malware, retail ]
Ransomware group Embargo threatens to publish nearly 1.5 terabytes of data allegedly stolen in an attack on American Associated Pharmacies, a collaborative of 2,000 independent pharmacies.
Manufacturing industry in Pakistan
November 16, 2024
•[ espionage, malware, manufacturing ]
Researchers at Cyble discover a campaign linked to the known APT group DONOT, targeting the manufacturing industry that supports the countrys maritime and defense sectors.
Hungary Defense Procurement Agency
November 8, 2024
•[ ransomware, malware, government ]
Hungarian officials confirm to local media that the countrys defense procurement agency (VB) was attacked by an international group of hackers. The INC Ransom group claims responsibility for the attack.
