July 2024

Global IT Outage Caused by Faulty Software Update

On July 19, 2024, a defective software update from cybersecurity firm CrowdStrike led to a massive IT outage, affecting approximately 8.5 million Microsoft Windows systems worldwide. This incident disrupted critical services, including airlines, hospitals, and financial institutions, marking it as one of the largest IT outages in history. Wikipedia

Massive Password Leak – 'RockYou2024'

A compilation of nearly 10 billion unique plaintext passwords, dubbed "RockYou2024," was leaked on a popular hacking forum. This dataset amalgamated passwords from thousands of previous breaches, creating an unprecedented repository of compromised credentials. Skyhigh Security

LockBit Ransomware Targets Fintech Industry

The notorious LockBit ransomware group launched an attack on a major fintech company, exposing significant security risks within the financial technology sector. This incident underscored the vulnerabilities in the fintech industry and the growing threat of ransomware attacks. Illumio

Data Breach at Evolve Bank & Trust

Evolve Bank & Trust experienced a data breach that impacted several of its clients, including Affirm Holdings and Wise. The breach compromised customer data, highlighting the risks associated with third-party service providers. MarketWatch

CrowdStrike CEO Addresses Global Outage

Following the July 19 IT outage, CrowdStrike CEO George Kurtz publicly apologized for the incident. He acknowledged the company's responsibility and outlined steps to prevent future occurrences, including improved testing of updates and gradual release strategies. New York Post

BianLian Ransomware Attack on Insula Group

The Australian IT services company, Insula Group, confirmed a ransomware attack by the BianLian group. The attackers claimed to have stolen 400 gigabytes of data, including unreleased projects and sensitive information, emphasizing the persistent threat of ransomware in the IT services sector. CM Alliance

Data Breach at Prudential Financial

Prudential Financial disclosed a data breach that affected nearly 2.6 million individuals, a significant increase from the initially reported 36,545. This breach highlighted the complexities in assessing the full extent of data breaches and the importance of accurate reporting. MarketWatch

Roll20 Platform Data Breach

The online tabletop role-playing game platform, Roll20, disclosed a data breach on July 3, 2024. The breach compromised user data, underscoring the need for robust security measures in online gaming platforms. Wikipedia

CDK Global Cyberattack Disrupts Auto Supply Chain

CDK Global, a provider of technology solutions for the automotive industry, suffered a cyberattack that disrupted operations across the auto supply chain, including dealerships, repair shops, and parts suppliers. This attack highlighted the vulnerabilities in the automotive sector's digital infrastructure. MarketWatch

China's Cyber Espionage Campaigns Intensify

In July 2024, government agencies from eight nations, including the National Security Agency and Cybersecurity and Infrastructure Security Agency, released a joint advisory on APT40, a Chinese state-sponsored hacking group. The advisory warned of increased cyber espionage activities targeting critical infrastructure, emphasizing the ongoing threat from state-sponsored cyber actors.

August 2024

Microsoft's Critical Patch for Zero-Click RCE Vulnerability

Microsoft addressed a critical zero-click remote code execution (RCE) vulnerability in the TCP/IP stack, identified as CVE-2024-38063. This flaw affected all Windows systems with IPv6 enabled and posed a high risk of exploitation, necessitating immediate patch application to prevent potential attacks. Cognisys

Chinese Hackers Target U.S. Telecommunications

The Washington Post reported that Chinese state-backed hackers, operating under the group Salt Typhoon, compromised major U.S. internet service providers, including AT&T, Verizon, Lumen Technologies, and T-Mobile. This breach enabled extensive surveillance of U.S. officials and critical infrastructure. Wikipedia

Iranian Hackers Breach U.S. Presidential Campaigns

Iranian hackers, identified as APT42, targeted U.S. presidential campaigns, including those of Donald Trump and Kamala Harris. They employed sophisticated phishing techniques to steal data, raising concerns about foreign interference in the electoral process. Le Monde

CrowdStrike-Induced IT Outage

A faulty update from cybersecurity firm CrowdStrike caused a global IT outage, affecting approximately 8.5 million Windows devices. This incident disrupted operations across various industries, including airlines and healthcare, highlighting the risks associated with reliance on single-vendor security solutions. Reuters

Play Ransomware Targets Microchip Technology

The Play ransomware group claimed responsibility for a cyber attack on Microchip Technology, stealing confidential data, including budget, payroll, and accounting information. This attack underscored the ongoing threat of ransomware to critical technology companies. CM Alliance

U.S. Government Disrupts Chinese Botnet

The U.S. government took control of a network of hacked internet routers and devices, known as a botnet, used by Chinese hackers to conceal attacks on critical infrastructure. This action aimed to mitigate the threat posed by the People's Republic of China to U.S. infrastructure. Wikipedia

Delta Air Lines Faces Legal Action Over IT Outage

Delta Air Lines pursued legal claims against CrowdStrike and Microsoft following the July IT outage that led to mass flight cancellations and significant financial losses, estimated at least $500 million. Reuters

U.S. Presidential Campaigns Targeted by Iranian Hackers

Iranian hackers, identified as APT42, targeted U.S. presidential campaigns, including those of Donald Trump and Kamala Harris. They employed sophisticated phishing techniques to steal data, raising concerns about foreign interference in the electoral process. Le Monde

Kaspersky Uncovers 'DuneQuixote' Malware Campaign

Kaspersky revealed 'DuneQuixote,' a stealthy malware campaign targeting intellectual property in the technology and energy sectors. The malware used custom-built exploits and fileless techniques to evade detection, highlighting the evolving sophistication of cyber threats. Wikipedia

U.S. Government Forms Emergency Team to Address Chinese Espionage Hack

In response to the Chinese espionage hack targeting U.S. telecommunications, the White House formed an emergency team to address the breach and mitigate its impact on national security. Wikipedia

September 2024

China-Linked Hackers Target U.S. Telecommunications

Hackers associated with China's Ministry of State Security, known as Salt Typhoon, infiltrated major U.S. internet service providers, including AT&T, Verizon, and T-Mobile. This breach allowed unauthorized access to sensitive communications, raising national security concerns. Wikipedia

FBI Disrupts Chinese Cyber Operation

The FBI announced the disruption of a Chinese cyber operation targeting critical U.S. infrastructure. This action underscores the escalating cyber espionage activities attributed to China. Wikipedia

Microsoft's Security Overhaul

Microsoft unveiled its largest-ever security transformation, the Secure Future Initiative (SFI). This comprehensive overhaul includes employing 34,000 engineers dedicated to enhancing security measures across the company's platforms. The Verge

RansomHub Group's Escalating Attacks

The RansomHub group intensified its cybercrime activities, claiming over 200 victims in September. Targeting both private and critical sectors, RansomHub's actions highlight the growing threat of ransomware attacks. Bitdefender

Data Breach at Charles Darwin School

Charles Darwin School in Bromley, UK, was forced to close due to a cyber attack. The incident raised concerns about the security of educational institutions and the potential exposure of sensitive data. CM Alliance

Kadokawa Corporation's Data Leak

Japanese media giant Kadokawa Corporation faced a data leak following a ransomware attack by the BlackSuit group. The breach compromised sensitive information, including unreleased content, affecting the company's operations. CM Alliance

Kawasaki's European Operations Disrupted

Kawasaki's European arm experienced operational disruptions due to a cyber attack claimed by the RansomHub group. The attack resulted in the temporary isolation of company servers, impacting business continuity. CM Alliance

Ivanti Cloud Services Appliance Vulnerability

A critical vulnerability (CVE-2024-8963) was discovered in Ivanti Cloud Services Appliance, allowing unauthorized administrative access. This flaw exposed systems to potential attacks, emphasizing the need for timely patching. TrueFort

Transport for London Cyber Attack

Transport for London (TfL) suffered a cyber attack, leading to the arrest of a 17-year-old suspect. TfL warned that some customer data could have been accessed, highlighting vulnerabilities in public transportation systems. World Economic Forum

Global Survey Reveals Widespread Cyber Victimization

A global survey by Yubico found that nearly 45% of employed adults worldwide have fallen victim to a cyberattack or scam, compromising personal information such as banking or email accounts. The survey underscores the pervasive nature of cyber threats affecting individuals globally.

October 2024

China-Linked Hackers Target U.S. Telecommunications

The U.S. government revealed that Chinese hackers, operating under the moniker "Salt Typhoon," had infiltrated major U.S. internet service providers, including AT&T, Verizon, Lumen Technologies, and T-Mobile. This breach enabled extensive surveillance of U.S. officials and critical infrastructure. Wikipedia

Ransomware Attack on UMC Health System

The Texas-based UMC Health System suffered a ransomware attack, leading to the diversion of patients to other facilities. The attack disrupted operations, highlighting vulnerabilities in healthcare cybersecurity. CM Alliance

Data Breach at Community Clinic of Maui

The Community Clinic of Maui disclosed a data breach affecting over 123,000 individuals. The breach, attributed to the LockBit ransomware group, compromised sensitive patient information. CM Alliance

Dutch Police Network Breached

The Dutch government acknowledged a cyberattack that accessed work-related contact details of all Dutch police officers. The attack was attributed to a foreign state actor, underscoring the risks to law enforcement agencies. CM Alliance

Red Barrels Studio Hacked

Red Barrels, the developer behind the "Outlast" series, reported a cyberattack resulting in the theft of source code and 1.8 TB of data. The breach is expected to delay future projects. CM Alliance

MoneyGram Cyberattack

MoneyGram disclosed a cyberattack that led to the temporary shutdown of its systems. While the company did not attribute the attack to a specific group, the incident highlights the ongoing threat to financial services. CM Alliance

Cyprus Government Websites Targeted

Hackers attempted to breach several Cypriot government websites, including those of Hermes Airports, the Electricity Authority of Cyprus, and the Bank of Cyprus. While the attacks were unsuccessful, they prompted heightened cybersecurity measures. Wikipedia

Internet Archive DDoS Attacks

The Internet Archive experienced a series of distributed denial-of-service (DDoS) attacks, causing intermittent service outages. The attacks disrupted access to the Wayback Machine and other digital preservation services. Wikipedia

SEC Enforcement Actions on Cybersecurity Disclosures

The U.S. Securities and Exchange Commission (SEC) announced enforcement actions against companies for misleading disclosures related to cybersecurity incidents. The actions emphasize the importance of accurate and timely reporting of cyber events. Reuters

Former Officials Propose Cybersecurity Plan

A bipartisan group of former federal officials released a plan with around 40 recommendations for the next U.S. administration to address cybersecurity issues. The plan includes actions to enhance national cyber resilience and protect critical infrastructure. 

November 2024

iLearningEngines Reports $250,000 Theft

Artificial intelligence company iLearningEngines disclosed that hackers breached its network, stealing a $250,000 wire payment, potentially impacting the firm's financial stability. CM Alliance

City of Columbus, Ohio, Data Breach

A ransomware attack on Columbus, Ohio, compromised the personal information of over 500,000 residents. The Rhysida ransomware group claimed responsibility, alleging the theft of 6.5 terabytes of data, including emergency services information. CM Alliance

Schneider Electric's HellCat Ransomware Attack

Schneider Electric confirmed a cyber attack by the HellCat ransomware gang, which accessed its Atlassian Jira system, stealing approximately 40GB of project data and user information. The attackers demanded a $125,000 ransom to prevent data leakage. CM Alliance

Memorial Hospital and Manor Ransomware Incident

Memorial Hospital and Manor in Bainbridge, Georgia, suffered a ransomware attack by the Embargo ransomware group, disrupting access to electronic health records and threatening to leak 1.15 terabytes of data. CM Alliance

Newpark Resources Faces Ransomware Disruptions

Texas-based oilfield supplier Newpark Resources reported a ransomware attack on October 29, affecting internal information systems and causing disruptions in operations, including financial and operating reporting systems. CM Alliance

City of Sheboygan, Wisconsin, Cyber Attack

The city of Sheboygan experienced a cyber attack in late October, leading to technology outages. Hackers gained unauthorized access to the city's network and demanded a ransom, prompting cooperation with law enforcement. CM Alliance

Blue Yonder's Ransomware Attack Affects Retailers

Supply chain technology provider Blue Yonder suffered a ransomware attack, impacting major retailers like Morrisons, Amway, Anheuser-Busch, Dole, and Gap. The company worked to recover from the incident, which disrupted operations for its clients. CM Alliance

Hoboken, New Jersey, Government Offices Shut Down

Hoboken city officials closed government offices, including city hall and local courts, following a ransomware attack that caused widespread service disruptions ahead of the Thanksgiving holiday. CM Alliance

RansomHub Gang Targets Texas City and Minneapolis Agency

The RansomHub gang claimed responsibility for cyber attacks on the city of Coppell, Texas, and the Minneapolis Park and Recreation Board, highlighting the ongoing threat to municipal governments. CM Alliance

France's Ministry of Labor and Employment Data Breach

France's Ministry of Labor and Employment reported a cyber attack suspected to have compromised data of young individuals seeking employment, raising concerns about the security of governmental data.

December 2024

FBI and CISA Warn Against Using SMS for Two-Factor Authentication

Following a significant telecom breach, the FBI and the Cybersecurity and Infrastructure Security Agency (CISA) have advised against using text messages for two-factor authentication. They recommend switching to encrypted messaging platforms like Signal or WhatsApp, or using authentication apps, FIDO authentication, and passkeys for enhanced security. New York Post

US Considers Ban on Chinese-Made TP-Link Routers Over Hacking Concerns

The U.S. government is contemplating a ban on TP-Link, a Chinese manufacturer of home internet routers, due to national security risks associated with cyberattacks. Investigations suggest that TP-Link's products have vulnerabilities exploited by hackers, potentially compromising users' security. New York Post

Mystery Drone Sightings Lead to FAA Ban Despite No Detected Threats

The Federal Aviation Administration (FAA) has imposed a 30-day drone ban over critical sites in New Jersey and New York following mysterious drone sightings, although no threats have been detected. This action underscores concerns about unauthorized drone activities near sensitive areas. Wired

Trump's Transition Team Raises Cybersecurity Concerns Over Use of Private Emails

Federal officials have expressed concerns about the security of sensitive information as Donald Trump's transition team opts to use private emails and devices instead of government-supported communications. This approach raises fears of potential foreign hacking attempts and complicates the transition process. Politico

Cybersecurity Expert Avoids Jail After Hacking Hunt Officials

Abi Waddell, a cybersecurity specialist, hacked into various accounts of hunt officials to expose illegal hunting activities. She handed over personal information of hunt members to animal rights activists, resulting in some members receiving threats and harassment. Despite causing considerable distress to her victims, Waddell avoided jail time primarily because of her caregiving responsibilities. The Times

Krispy Kreme Reports Cyberattack Impacting Business Operations

Krispy Kreme Inc. reported an IT systems breach, causing significant impacts on its business operations, including disruptions to online ordering in parts of the U.S. The company is working with cybersecurity experts to investigate and contain the breach, which poses ongoing threats. MarketWatch

Okta's Q3 Earnings Exceed Expectations Amidst Cybersecurity Challenges

Cybersecurity firm Okta reported Q3 earnings and revenue that surpassed expectations, with a 52% increase in adjusted earnings per share and a 14% rise in revenues. Despite recent cyber incidents, Okta's performance indicates resilience in the cybersecurity sector. Investors

China's 'Salt Typhoon' Hack Compromises US Telecommunications

Chinese government hackers have compromised global telecommunications infrastructure in a massive espionage campaign affecting dozens of countries, including the U.S. The ongoing 'Salt Typhoon' campaign has breached at least eight U.S. telecommunications firms, accessing cellphone metadata and unencrypted text messages. The Wall Street Journal

FAA Imposes Drone Ban Over Critical Sites Amid Unexplained Sightings

The Federal Aviation Administration (FAA) has imposed a 30-day drone ban over critical sites in New Jersey and New York following mysterious drone sightings, although no threats have been detected. This action underscores concerns about unauthorized drone activities near sensitive areas. Wired

UK's National Cyber Security Centre Warns of Increased Vulnerability

Richard Horne, CEO of the UK's National Cyber Security Centre (NCSC), warned that Britain is increasingly vulnerable to cyberattacks and complacent about the threats posed by hackers. He emphasized that national defenses have not kept pace with the rise in hostile activity from countries like Russia and China.