January 2024
U.S. Government Disrupts Volt Typhoon Operation
The U.S. government announced the disruption of a Chinese state-sponsored hacking operation known as Volt Typhoon, which had targeted critical infrastructure in the U.S. for at least five years. This operation was reportedly aimed at gathering intelligence to potentially disrupt U.S. military operations. Wikipedia
Microsoft Breach by Russian-Aligned Hackers
Microsoft disclosed that a Russian-aligned threat actor had breached its systems, accessing email accounts of senior leadership and employees in its legal and cybersecurity teams. The breach was part of a broader campaign targeting U.S. technology companies. CRN
British Library Cyberattack
The British Library suffered a cyberattack that led to significant disruptions in its services. The attack resulted in the theft of internal human resources data, which was later auctioned on the dark web. The Library faced challenges in restoring its digital services, impacting researchers and the public. Wikipedia
PRGX Global Data Breach Settlement
PRGX Global agreed to a $675,000 settlement over a data breach that affected American consumers in April 2022. Affected individuals were notified and had until February 1, 2024, to submit claims for compensation, including credit monitoring and identity theft protection. The Sun
EU Reports Surge in Disruptive Cyberattacks
The European Union Agency for Cybersecurity (ENISA) reported a significant increase in disruptive digital attacks, with incidents doubling in recent months. Many of these attacks were linked to Russian-backed groups, raising concerns about the security of critical infrastructure in the EU. AP News
SEC Implements New Cybersecurity Disclosure Rules
The U.S. Securities and Exchange Commission (SEC) introduced new rules requiring public companies to disclose material cybersecurity incidents within four business days and provide annual reports detailing their cybersecurity strategies and risk management. This move aims to enhance transparency and protect investors. Reuters
TeamViewer Breached by Cozy Bear
German technology company TeamViewer reported a breach by the Russian hacker group Cozy Bear. The attack targeted its corporate IT network, though the company stated that user data and its remote desktop software product were unaffected. Wikipedia
Czech Cybersecurity Agency Reports Record Attacks
Czechia's National Cyber and Security Information Agency reported a record number of cyberattacks in 2023, totaling 262 incidents compared to 146 the previous year. The increase was attributed to repeated waves of Distributed Denial-of-Service (DDoS) attacks. Cybersecurity Review
FBI Disrupts Chinese Hacking Operation
The FBI announced the disruption of a Chinese hacking operation that had targeted critical infrastructure in the U.S. The operation involved the use of a botnet to conceal hacking activities, and the FBI's actions aimed to prevent further exploitation. Wikipedia
Artificial Intelligence in Cybersecurity
The World Economic Forum released its Global Cybersecurity Outlook 2024, highlighting the role of artificial intelligence in both enhancing cybersecurity defenses and posing new threats. The report emphasized the need for global cooperation to address the challenges posed by emerging technologies.
February 2024
Operation Cronos Disrupts LockBit Ransomware Group
A coordinated international law enforcement operation, dubbed Operation Cronos, successfully infiltrated and dismantled the LockBit ransomware group. Authorities seized control of their infrastructure, released decryption tools, and arrested key members, including individuals in Ukraine, Poland, and the United States. Wikipedia
Massive Data Breach Exposes 26 Billion Records
Security researchers uncovered a colossal data breach, referred to as the "Mother of All Breaches," involving approximately 26 billion leaked records. This breach ranks among the largest to date, raising significant concerns about data security and privacy. SWK Technologies
Change Healthcare Cyberattack Disrupts U.S. Healthcare System
On February 21, 2024, Change Healthcare, a major player in the U.S. healthcare sector, suffered a cyberattack that halted electronic payments and medical claims processing. This disruption affected numerous healthcare providers and patients nationwide. Wikipedia
FBI Charges Russian-Israeli Dual National Linked to LockBit
The U.S. Department of Justice charged Rostislav Panev, a Russian-Israeli dual national, for his alleged involvement with the LockBit ransomware group. Panev was arrested in Israel in August and is awaiting extradition to the United States. Reuters
Phobos Ransomware Targets U.S. Organizations
The FBI, CISA, and MS-ISAC released a joint advisory detailing tactics, techniques, and procedures (TTPs) associated with Phobos ransomware variants observed as recently as February 2024. Phobos operates as a ransomware-as-a-service, posing significant threats to U.S. organizations. Cybersecurity Review
Chinese Hackers Target U.S. Critical Infrastructure
Reports emerged that Chinese hackers have been infiltrating U.S. critical infrastructure systems for at least five years, raising alarms about potential espionage and cyber warfare activities. Wikipedia
Russian Cybercrime Group Attacks Scottish Health Board
The Dumfries and Galloway NHS Trust in Scotland was targeted by a ransomware attack attributed to a Russian cybercrime group. The attack resulted in the loss of three terabytes of data, including confidential patient information. The Times
Evolve Bank & Trust Breached, Affecting Financial Partners
Evolve Bank & Trust confirmed a data breach that compromised sensitive information. This incident impacted several financial technology companies, including Affirm Holdings and Wise, highlighting the interconnected risks within the financial sector. MarketWatch
VARTA Battery Manufacturer Halts Production Due to Cyberattack
German battery manufacturer VARTA was forced to halt production across five plants following a cyberattack that affected IT systems and production equipment. The attack underscores the vulnerabilities in the manufacturing sector. TechRadar
Law Enforcement Employs Psychological Tactics Against Cybercriminals
Western law enforcement agencies are increasingly using psychological operations to disrupt cybercriminal activities. These tactics include eroding trust among hackers and sending personalized messages to deter cybercrime. Wired
March 2024
CISA Breach
The Cybersecurity and Infrastructure Security Agency (CISA) experienced a breach, compromising sensitive information and prompting immediate security reviews. Dot Security
International Monetary Fund (IMF) Email Infiltration
The IMF reported unauthorized access to its email systems, raising concerns about the security of international financial institutions.Dot Security
Midnight Blizzard's Attack on Microsoft
The Russian hacking group Midnight Blizzard infiltrated Microsoft's systems, accessing corporate emails and documents, including some source code repositories. Roosho
Ransomware Attack on LoanDepot
LoanDepot, a major U.S. mortgage lender, suffered a ransomware attack, leading to the exposure of personal information of approximately 16.6 million customers. Infosecurity Magazine
Data Breach at Fidelity Investments
Fidelity Investments disclosed a data breach affecting thousands of customers, with potential unauthorized access to sensitive financial information. Wikipedia
AT&T Network Outage
AT&T customers experienced a massive network outage, disrupting phone services across the United States and highlighting vulnerabilities in telecommunications infrastructure. Wikipedia
Bank of America Data Exposure
Bank of America reported a data breach that may have exposed customer information, prompting investigations into the incident. Wikipedia
Cyberattack on Change Healthcare
Change Healthcare, a U.S. health care payment system, was paralyzed by a cyberattack, causing significant disruptions in the health care sector. Wikipedia
Data Breach at IKEA Canada
IKEA Canada confirmed a data breach involving the personal information of approximately 95,000 customers, raising concerns about retail data security. Wikipedia
Cyberattack on Maldives Government Websites
Hackers targeted the Maldives' Home Ministry and other government websites, leading to temporary outages and highlighting geopolitical cyber tensions.
April 2024
Google Pixel Zero-Day Vulnerabilities
Google addressed two critical zero-day vulnerabilities in Pixel devices, exploited by forensic firms to bypass PINs and access stored data. CM Alliance
Ransomware Attack on Omni Hotels
The Daixin ransomware group targeted Omni Hotels, encrypting data and disrupting operations. CM Alliance
SEXi Ransomware Attack on IxMetro
The Chilean hosting provider IxMetro suffered a ransomware attack by the SEXi group, affecting VMware ESXi servers and customer data. CM Alliance
Panera Bread IT Outage
Panera Bread experienced a week-long IT outage due to a ransomware attack, impacting virtual machines and customer services. CM Alliance
AT&T Data Breach
AT&T disclosed a data breach compromising personal information of approximately 70 million customers, including sensitive data like phone numbers and message details. Dot Security
Roku Account Compromise
Roku accounts were compromised, leading to unauthorized access and potential data exposure for users. Dot Security
Cisco Duo Credentials Breach
Credentials for Cisco Duo, a multi-factor authentication service, were compromised, posing risks to organizations relying on its security measures. Dot Security
Hull City Council Cyber Attacks
Hull City Council reported nine cyber attacks over three years, including phishing incidents, resulting in £30,000 in data breach claims. Cybersecurity Review
Data Breach at National Public Data (NPD)
A major data breach at NPD compromised 2.9 billion Social Security records, leading to class-action lawsuits and heightened concerns over personal data security. The Sun
IntelBroker's Breach of Acuity
The hacker group IntelBroker breached Acuity, a U.S. government contractor, accessing confidential information from the Five Eyes intelligence organization and the U.S. military.
May 2024
LockBit Ransomware Group Targeted by Global Law Enforcement
The LockBit ransomware gang faced a coordinated takedown by international law enforcement agencies, including the National Crime Agency and Europol. Authorities seized their infrastructure, source code, and obtained decryption keys to assist victims. Wikipedia
CyberArk's $1.5 Billion Acquisition of Venafi
CyberArk announced its acquisition of Venafi for approximately $1.54 billion, aiming to enhance its cybersecurity offerings, particularly in securing machine identities in cloud environments. Reuters
General Dynamics Information Technology Awarded $185 Million Cybersecurity Contract
GDIT secured a task order worth $185 million to provide cybersecurity services for the U.S. Air Force Civil Engineer Center, focusing on mitigating risks to industrial control systems. The Wall Street Journal
Advance Auto Parts Data Breach
Advance Auto Parts disclosed a data breach involving unauthorized access to a third-party cloud database, potentially exposing sensitive information of current and former employees and job applicants. MarketWatch
Europol Confirms Data Breach
Europol acknowledged a breach of its web portal, confirming that hackers accessed non-operational data, including employee information and source code. The agency emphasized that no operational data was compromised.
Seattle Public Library Ransomware Attack
The Seattle Public Library experienced a ransomware attack that disrupted services, including the wireless network and online catalog, leading to a temporary halt in operations. CM Alliance
OmniVision Data Breach
OmniVision reported a data breach where unauthorized parties accessed personal information from certain systems between September 4 and September 30, 2023, during a ransomware attack. CM Alliance
London Drugs Ransomware Attack
Canadian pharmacy chain London Drugs was targeted by the LockBit ransomware group, which claimed to have stolen data and demanded a ransom. The company refused to pay, stating that customer and primary employee data were not compromised. Wikipedia
Ascension Health System Cybersecurity Breach
Ascension, one of the largest Catholic health systems in the U.S., faced a cyber attack that disrupted clinical operations. The organization notified affected patients and initiated investigations. Yahoo
Final Fantasy Game Servers Hit by DDoS Attacks
Players of the popular video game series Final Fantasy experienced login issues due to multiple Distributed Denial-of-Service (DDoS) attacks targeting the game's servers.
June 2024
LockBit Ransomware Targets U.S. Federal Reserve
The LockBit ransomware group claimed to have stolen 33 terabytes of data from the U.S. Federal Reserve. While initial skepticism existed regarding the authenticity of these claims, the incident underscored the persistent threat of ransomware attacks on critical financial institutions. Xage
Chinese Hackers Exploit Fortinet Vulnerabilities
Chinese hackers were found to have exploited vulnerabilities in Fortinet firewalls, targeting over 20,000 government systems since 2022. This highlighted the ongoing threat of cyber espionage and the critical need for timely patching of known vulnerabilities. Xage
FBI Disrupts Global Botnet
A U.S.-led operation successfully dismantled a large-scale botnet used for cyber attacks, fraud, and other malicious activities. This action demonstrated the effectiveness of international cooperation in combating cybercrime. World Economic Forum
London Hospital Services Disrupted by Cyberattack
A cyberattack targeted a London hospital, leading to significant service disruptions. The incident emphasized the vulnerability of healthcare institutions to cyber threats and the critical need for robust cybersecurity measures in the sector. World Economic Forum
Denmark Raises Cyber Threat Level
Denmark elevated its cyber threat level in response to increased cyber activities targeting critical infrastructure. This move highlighted the escalating cyber threats faced by nations worldwide. World Economic Forum
Hugging Face AI Platform Breached
The AI platform Hugging Face experienced a security breach, raising concerns about the security of AI development platforms and the data they handle. Innovate Cybersecurity
FBI Obtains 7,000 LockBit Decryption Keys
The FBI acquired 7,000 decryption keys from the LockBit ransomware group, aiding in the recovery of data for numerous victims. This development underscored the importance of law enforcement collaboration in combating ransomware. Innovate Cybersecurity
CISA Adds Critical Vulnerabilities to Catalog
The Cybersecurity and Infrastructure Security Agency (CISA) added vulnerabilities in Android Pixel, Microsoft Windows, and Progress Telerik Report Server to its Known Exploited Vulnerabilities (KEV) Catalog, urging organizations to prioritize their remediation. Innovate Cybersecurity
Ransomware Attack Affects Cleveland City Hall
Cleveland City Hall experienced operational disruptions due to a ransomware attack, highlighting the vulnerability of municipal governments to cyber threats. Innovate Cybersecurity
Microsoft Delays Windows Recall Amid Privacy Concerns
Microsoft postponed a planned Windows recall due to privacy and security concerns, reflecting the complexities organizations face in balancing software updates with user privacy.