PhishProtection.com “Phishing Watchdog” Is A Timeline of All Major Phishing Attacks Reported As They Breakout
An Updated Feed of All Significant Phishing Attacks
This is a comprehensive and frequently updated resource page that lists all the significant Phishing Attacks as they are discovered and happen online. Each attack is summarized here with links to further information about each attack. The list below is updated instantly with threat details as soon as the attack is verified to be authentic.
Nobel Foundation site hit by DDoS attack
26th January 2022 | Target: Nobel Foundation | Reported Here
Nobel Foundation and the Norwegian Nobel Institute, have disclosed a cyberattack on their infrastructure, aimed at disrupting the live stream of the award ceremony held last month.
This is specifically a DDoS attack, as noted by the Nobel community, and the ones behind this incident are not known as of now. But, there’s speculation that state-backed hackers can possibly be the perpetrators, considering the allegations against the Nobel team for biased decisions since the past.
DeadBolt ransomware targets QNAP devices
25th January 2022 | Target: QNAP Devices | Reported Here
DeadBolt ransomware is targeting QNAP NAS devices worldwide, its operators claim the availability of a zero-day exploit that allows them to encrypt the content of the infected systems.
Once encrypted the content of the device, the ransomware appends .deadbolt extension to the name of the excerpted files and deface the login page of the QNAP NAS to display the following message
Canada’s foreign affairs department hit with cyberattack
25th January 2022 | Target: Canada’s foreign affairs department | Reported Here
Canada’s foreign affairs department was hit with a cyberattack last week, according to the Treasury Board of Canada.
The hack of Global Affairs Canada, the government entity responsible for diplomatic and global relations, occurred on Wednesday
Indonesia’s central bank confirms ransomware attack
20th January 2022 | Target: Indonesia Central bank | Reported Here
Bank Indonesia (BI), the central bank of the Republic of Indonesia, has confirmed today that a ransomware attack hit its networks last month.
A Bank Indonesia spokesperson also told BleepingComputer the attack took place last month and that the bank’s operations are not disrupted after the incident.
Crypto.com confirms $35M lost in cyber attack
19th January 2022 | Target: Crypto.com | Reported Here
Crypto.com has confirmed that a multi-million dollar cyber attack led to the compromise of around 400 of its customer accounts. Although, the company’s CEO stresses that customer funds are not at risk.
With regards to daily trading volume, Crypto.com is reportedly the world’s third-largest cryptocurrency trading platform “on a mission to accelerate the world’s transition to cryptocurrency.”
Red Cross cyberattack exposes data of 515,000 people
19th January 2022 | Target: Red Cross| Reported Here
A cyberattack on a Red Cross contactor has led to the theft of personal data for more than 515,000 people in ‘Restoring Family Links,’ a program that helps reunite families separated by war, disaster, and migration.
The announcement comes from the International Committee of the Red Cross (ICRC), which states that the data was compiled by at least 60 different Red Cross and Red Crescent National Societies worldwide.
Moncler confirms data breach after ransomware attack
19th January 2022 | Target: Moncler | Reported Here
Italian luxury down jacket maker Moncler (MONC.MI) said that key data on its customers was safe following a cyber attack it suffered last year, after some data was released on the dark web on Tuesday.
Updating on a hacking incident that hit the group in December, Moncler said some data obtained from the company had been released on Tuesday after the luxury group rejected a ransom demand.
Goodwill discloses data breach
14th January 2022 | Target: ShopGoodwill Platform | Reported Here
Nonprofit organization Goodwill has started notifying users of its ShopGoodwill.com e-commerce platform that their personal information was compromised as a result of a cybersecurity breach.
The notice sent out by Goodwill via email was obtained by Australian researcher Troy Hunt, who runs the Have I Been Pwned data breach notification service.
Hensoldt confirms Lorenz ransomware attack
14th January 2022 | Target: Hensoldt | Reported Here
Hensoldt, a multinational defense contractor, confirmed that some of its UK subsidiary’s systems were infected with Lorenz ransomware. It’s been active since April last year and hit multiple organizations worldwide demanding hundreds of thousands of dollars in ransoms to the victims.
Lorenz operators also implement double-extortion model by stealing data before encrypting it and threatening them if the victim doesn’t pay the ransom. Ransom demands have been quite high, between $500.000 and $700.000.
Maryland Confirms Ransomware Attack at Health Agency
13th January 2022 | Target: Maryland Department of Health| Reported Here
ANNAPOLIS, Md. (AP) — The disruption of Maryland’s reporting of COVID-19 data last month was caused by a ransomware attack, state officials said Wednesday.
Chip Stewart, the state’s chief information security officer, said the state has not paid extortion demands for the attack, which began on Dec. 4.
Cyber-Thieves Raid Grass Valley
10th January 2022 | Target: Grass Valley | Reported Here
A cyber-attack on a city in California has resulted in the exfiltration of personal and financial data belonging to vendors, city employees, and their spouses.
A data security incident notice published by the City of Grass Valley states that an unknown attacker was able to access some of the city’s IT systems for four months last year.
EA confirms dozens of high-profile FIFA accounts hacked
7th January 2022 | Target: FIFA 22 | Reported Here
EA has confirmed reports that a number of FIFA 22 accounts have been hacked via phishing techniques.
In a statement, published on the official FIFA 22 website, the publisher admits that these hackers used threats and other social engineering methods to exploit the customer service team and bypass two-factor authentication.
Hackers take over diplomat’s email, target Russian deputy minister
6th January 2022 | Target: Russian Ministry Of Foreign Affairs | Reported Here
Hackers believed to work for the North Korean government have compromised the email account of a staff member of Russia’s Ministry of Foreign Affairs (MID) and deployed spear-phishing attacks against the country’s diplomats in other regions.
One of the targets was Sergey Alexeyevich Ryabko, the deputy foreign minister for the Russian Federation, among other things responsible for bilateral relations with North and South America.
FinalSite has suffered a ransomware attack
6th January 2022 | Target: FinalSite | Reported Here
A ransomware attack on software provider Finalsite has affected the websites of about 5,000 schools, most of them in the US, a Finalsite spokesperson told CNN Friday.
About 8,000 schools — including boarding schools, high schools and colleges —worldwide use Connecticut-based Finalsite’s software for their websites and public communications, according to Finalsite.
Honda and Acura cars have been hit with a Year 2022 bug
5th January 2022 | Target: Honda and Acura | Reported Here
Honda and Acura cars have been hit with a 2022 year bug, aka Y2K22, which resets the navigation system clock to January 1, 2002, with no way to change it.
From January 1, the date on the Acura and Honda navigation systems would automatically change to January 1, 2002, with the time being reset to 12:00, 2:00, 4:00 or other times. depending on the model or possibly the region the car is located.
Saltzer Health Says Patient Data Exposed in Cyberattack
4th January 2022 | Target: Saltzer Health | Reported Here
Hospitals and outpatient facilities, both large and small, continue to be the targets of healthcare data breaches, placing additional strain on an already overworked sector.
The new year began with the announcement of a protected health information (PHI) breach and data exfiltration at Broward Health, impacting 1.3 million individuals. Clinical data technology vendor Ciox Health recently reported a breach that impacted 32 healthcare organizations across the country.
Have I Been Pwned warns of DatPiff data breach
4th January 2022 | Target: DatPiff | Reported Here
The account credentials and emails of almost 7.5m users of the mixtape hosting service DatPiff have been made available to download for free on a popular hacking forum.
First launched in 2005, DatPiff has over 15m users though the service also allows unregistered users to download or upload samples for free.
Broward Health discloses data breach affecting 1.3 million people
3rd January 2022 | Target: Broward Health | Reported Here
This weekend, the Broward Health hospital system notified more than 1.3 million patients and staff members that their personal information was involved in a data breach that started on October 15.
In a statement on Saturday, the Florida hospital system said that in addition to names, addresses and phone numbers, Social Security numbers, bank account information and medical history data was included in the breach.