Kenton County School District
December 20, 2024
•[ social, phishing, education ]
Personal data from current and former students in Kenton County School District are compromised in a phishing scheme.
Boone County School District
December 19, 2024
•[ social, phishing, education ]
Personal data from current and former students in Boone County School District are compromised in a phishing scheme.
Military personnel in Ukraine
December 18, 2024
•[ social, malware, government ]
The Computer Emergency Response Team of Ukraine (CERT-UA) discloses that a threat actor tracked as UAC-0125 is leveraging Cloudflare Workers to trick military personnel in the country into downloading malware disguised as Army+, a mobile app that was introduced by the Ministry of Defence back in August 2024 in an effort to make the armed forces go paperless.
"Tony" (undisclosed crypto investor)
December 18, 2024
•[ social, phishing, finance ]
A scammer impersonating Google manages to phish 45 bitcoins approximately $4,725,000 at todays value from Tony, a 42-year-old professional from northern California.
Kaiser Permanente employees
December 15, 2024
•[ social, malware, healthcare ]
Researchers at Malwarebytes detect a malicious campaign targeting Kaiser Permanente employees via Google Search Ads.
Ukrainian Defense Companies and Security and Defense Forces
December 7, 2024
•[ social, phishing, government ]
The Computer Emergency Response Team of Ukraine (CERT-UA) discover a series of phishing emails targeting Ukrainian defense companies and security and defense forces with a fake NATO standards conference. Some recipients opened the phishing emails execiting the malicious RAR attachments.
Crypto users in Linkedin
November 22, 2024
•[ financial, social, finance ]
Researchers at Microsoft reveal that the North Korea-linked threat actor known as Sapphire Sleet is estimated to have stolen more than $10 million worth of cryptocurrency as part of social engineering campaigns orchestrated over a six-month period.
City of Clark Fork
November 15, 2024
•[ social, phishing, government ]
The City of Clark Fork is scammed out of half a million dollars by a man posing as its construction contractor.
Kumamoto Prefecture Violence Prevention Movement Promotion Center
November 15, 2024
•[ social, phishing, government ]
The Kumamoto Prefecture Violence Prevention Movement Promotion Center says that 2,500 people who have used its counseling services (which aid with everything from evading extortion to disentangling romantically from Yakuza members) have been impacted by a data breach following a successful phishing attack.
Social
October 18, 2024
•[ financial, misconfiguration, finance ]
Tapioca DAO suffers a $4.5 million exploit after an attacker compromised its native token's vesting contract.
Westmoreland County
October 16, 2024
•[ social, phishing, government ]
Municipal Authority of Westmoreland County officials say the water and sewer utility has recovered more than $826,000 that was stolen in what it called a vendor impersonator scheme.
General Dynamics
October 10, 2024
•[ social, phishing, manufacturing ]
Aerospace and defense giant General Dynamics says threat actors compromised dozens of employee benefits accounts after a successful phishing campaign targeting its personnel.
OpenAI's press account on X
September 23, 2024
•[ financial, social, finance ]
Crypto scammers hijack OpenAI Newsroom, OpenAI's press account on X, formerly Twitter, to advertise a nonexistent token $OPENAI.
Individuals in South Korea
September 2, 2024
•[ social ]
Telegram removes 25 pieces of deepfake pornographic materials, after South Korean police investigates its role in deepfake-powered sex crimes targeting victims in the country.
Locata
July 29, 2024
•[ social, phishing, technology ]
A cyber attack on software company Locata spreads across councils across Greater Manchester, leaving thousands of residents vulnerable to a phishing scam.
The Ambulatory Surgery Center of Westchester
June 26, 2024
•[ social, phishing, healthcare ]
The Mount Kisco Surgery Center LLC d/b/a The Ambulatory Surgery Center of Westchester ("ASCW") discloses a security breach after the compromise of an employee's email.
1,899 victims in Singapore
June 14, 2024
•[ financial, hack, malware ]
A Singapore police-led law enforcement operation dismantles a regional cybercrime ring that carried out malware-enabled scams to steal tens of millions of dollars from victims since 2023.
Official Microsoft India account on X (formerly Twitter)
June 3, 2024
•[ financial, hack, phishing ]
The official Microsoft India account on X (formerly Twitter), with over 211,000 followers, is hijacked by cryptocurrency scammers to impersonate Roaring Kitty, the handle used by notorious meme stock trader Keith Gill.
Adam Griffin
May 6, 2024
•[ social, phishing, finance ]
Adam Griffin, a crypto investor is robbed of nearly $500,000 in cryptocurrencies after a scammer called using a real Google phone number to warn his Gmail account was being hacked, sent email security alerts directly from google.com, and ultimately seized control over the account by convincing him to click yes to a Google prompt on his mobile device.
Atrium Health
April 29, 2024
•[ social, phishing, healthcare ]
Atrium Health sends notifications to patients who may have been impacted by a malicious email sent to employees in April, through which an unauthorized third party gained access to a group of employees emails.
