Phishing Watchdog – Stay Safe with Instant Alerts

 

Phishing Watchdog


 

PhishProtection.com “Phishing Watchdog” Is A Timeline of All Major Phishing Attacks Reported As They Breakout

 

An Updated Feed of All Significant Phishing Attacks

This is a comprehensive and frequently updated resource page that lists all the significant Phishing Attacks as they are discovered and happen online. Each attack is summarized here with links to further information about each attack. The list below is updated instantly with threat details as soon as the attack is verified to be authentic.

 

 

Brazilian insurance giant Porto Seguro hit by cyberattack

15th October 2021 | Target: Porto Seguro | Reported Here

And the cases of virtual attacks targeting companies continue to rise, with Porto Seguro being the most recent organization to be hit by one of these crimes. Due to the scam, the service channels and in some systems of the insurance company have been unstable since Thursday

Porto Seguro


 

[above via Clare People post] 

 

Acer confirms second cyberattack in 2021

14th October 2021 | Target: Acer | Reported Here

The second Acer cyberattack, this 2021 is now confirmed after involved hackers themselves shared that they have access to the computer manufacturer’s servers.

Network cables are plugged in a server room on November 10, 2014 in New York City. U.S. President Barack Obama called on the Federal Communications Commission to implement a strict policy of net neutrality and to oppose content providers in restricting bandwith to customers.

This detail was announced after the ransomware attack back in March, which also targeted Acer. The cybercriminals claimed that they breached the offices of the giant tech firm in India in the second week of October.


 

[above via Tech Times post] Update 1   

 

Olympus US systems hit by cyberattack over the weekend

12th October 2021 | Target: Olympus Corporation | Reported Here

Researchers say that BrewDog exposed the personally identifiable information (PII) of roughly 200,000 shareholders for the best part of 18 months.

According to PenTestPartners, BrewDog “declined to inform their shareholders and asked not to be named” in the research revealing the security flaw.

Olympus


 

[above via Zdnet post] Update 1 / Update 2 

 

BrewDog exposed data for over 200,000 shareholders and customers

8th October 2021 | Target: BrewDog | Reported Here

Researchers say that BrewDog exposed the personally identifiable information (PII) of roughly 200,000 shareholders for the best part of 18 months.

According to PenTestPartners, BrewDog “declined to inform their shareholders and asked not to be named” in the research revealing the security flaw.

BrewDog data breach


 

[above via Zdnet post] Update 1 / Update 2 

 

Vidar Stealer Returns and Has a New Target: Mastodon

7th October 2021 | Target: Mastodon | Reported Here

Vidar stealer is back and has a new target: this time, the Mastodon social media network is being abused in a fresh malicious campaign. The goal is C2 configuration achievement without being noticed.

Mastodon


 

[above via Heimdal Security post] Update 1 / Update 2 

 

Twitch Confirms Massive Data Breach

6th October 2021 | Target: Twitch, TV network | Reported Here

Twitch, the popular if frequently controversial Amazon-owned streaming service with 30 million daily visitors, confirmed reports on Wednesday that a breach had taken place after data, including possibly its entire source code and other sensitive company information, was leaked online.

Twitch confirms data breach


 

[above via Forbes post] Update 1 / Update 2 

 

Sandhills online machinery markets shut down by ransomware attack

2nd October 2021 | Target: Sandhills | Reported Here

Popular online auction bidding sites for farm equipment and farmland were the victim of a recent ransomware attack. As a result, sites such as TractorHouse, EquipmentFacts, AuctionTime and HiBid have been offline since Friday.

Over the weekend, the Lincoln Journal Star confirmed Sandhills Global, which hosts various online auction websites, was the target of a ransomware attack.

Sandhills Global


 

[above via The Packer post] Update 1 / Update 2 

 

Hydra malware targets customers of Germany’s second largest bank

1st October 2021 | Target: Commerzbank | Reported Here

Experts warn of a malware campaign targeting European e-banking platform users with the Hydra banking trojan. According to malware researchers from the MalwareHunterTeam and Cyble, the new campaign mainly impacted the customers of Commerzbank, Germany’s second-largest bank. Hydra is an Android Banking Bot that has been active at least since early 2019.


 

[above via Security-Affairs post] 

 

Hackers Compromise Bitcoin.org Website, Promoting Giveaway Scam

23rd September 2021 | Target: Bitcoin.org | Reported Here

Bitcoin.org, one of the first websites about Bitcoin (BTC), has been hacked by online scammers and down as of the time of writing.

Cobra, Bitcoin.org’s anonymous curator, announced on Sept. 23 that Bitcoin.org was compromised, with hackers managing to put up a scam notice on the site.

“Looks like Bitcoin.org got hacked and the entire site replaced with a scam asking for free Bitcoin. Do not send funds to that address,” Bitcoin developer Matt Corallo reported on Twitter.


 

[above via Coin-Telegraph post] Update 1 / Update 2 

 

Marketron Hit With Cyberattack. Virtually All Of Its Systems Are Offline.

20th September 2021 | Target: Marketron Broadcast Solutions | Reported Here

BlackMatter ransomware gang over the weekend hit Marketron, a business software solutions provider that serves more than 6,000 customers in the media industry.

Marketron provides cloud-based revenue and traffic management tools for broadcast and media organizations. It specializes in revenue management and audience engagement, handling advertising revenue of $5 billion every year.

Marketron


 

[above via Bleeping Computer post] Update 1

 

Horizon House notifying patients of ransomware attack in March

20th September 2021 | Target: Horizon House, Inc | Reported Here

Data breaches at two American mental healthcare providers may have exposed thousands of individuals’ personal health information (PHI).

Horizon House, Inc., which is in Philadelphia, Pennsylvania, warned that 27,823 people might have been impacted by a cyber-attack that took place in the late winter.

The mental health and residential treatment services provider detected suspicious activity on its IT network on March 5. An investigation revealed that the healthcare provider’s IT system had been infected with ransomware.


 

[above via Infosecurity Magazine post]

 

US Eye-Care Providers Report Data Breaches

20th September 2021 | Target: Simon Eye Management | Reported Here

Simon Eye, a US chain of optometry clinics, has reported a data breach potentially impacting more than 144,000 individuals.

The possible compromise of sensitive personal data arose from unauthorized access to employee email accounts over a seven-day period between May 12-18, 2021, according to a data breach notice on the Simon Eye website.

Simon Eye said the attackers “attempted to engage in wire transfer and invoice manipulation attacks against the company, none of which were successful”.

simon eye management


 

[above via PortSwigger post] Update 1

 

New Cooperative hit by $5.9M BlackMatter ransomware attack

20th September 2021 | Target: New Cooperative | Reported Here

U.S. farmers cooperative NEW Cooperative has suffered a BlackMatter ransomware attack demanding $5.9 million not to leak stolen data and provide a decryptor.

NEW Cooperative is a farmer’s feed and grain cooperative with over sixty locations throughout Iowa.

In a weekend ransomware attack, the threat actors demand a 5.9 million dollar ransom, which will increase to $11.8 million if a ransom is not paid in five days.

These ransom demands are a starting point for negotiations and usually lead to significantly smaller payments if a victim decides to pay.

New Cooperative


 

[above via Bleeping Computer post] Update 1 / Update 2 

 

Republican Governors Association was hacked earlier this year

16th September 2021 | Target: Republican Governors Association (RGA) | Reported Here

The Republican Governors Association (RGA) revealed in data breach notification letters sent last week that its servers were breached during an extensive Microsoft Exchange hacking campaign that hit organizations worldwide in March 2021.

RGA is a US political organization and a tax-exempt 527 group that provides Republican candidates with the campaign resources needed to get elected as governors across the country.

Republican Governors Association (RGA)


 

[above via Bleeping Computer post] Update 1 / Update 2

 

Customer Care Giant TTEC Hit By Ransomware

15th September 2021 | Target: TTEC | Reported Here

US customer experience technology giant TTEC has announced a “cybersecurity incident”, confirming to employees that it was hit with ransomware.

The company, with nearly 61,000 employees and billions in annual revenue, sent a message to employees this week warning them not to click on a link titled “!RA!G!N!A!R!” according to KrebsonSecurity. The message indicates that the prolific Ragnar Locker ransomware group may have launched the attack or someone trying to impersonate them.

TeleTech


 

[above via Zdnet post] Update 1

 

Ransomware scammers target artists with fake Krita revenue deals

14th September 2021 | Target: Krita | Reported Here

The Krita digital painting application is currently being targeted by ransomware authors. Available on Steam and other platforms, it’s a powerful tool with a very cheap purchase price and great reviews. A perfect bit of bait to start reeling in potential victims, in other words.

Krita art


 

[above via Malware Bytes post] Update 1

 

MyRepublic discloses data breach exposing government ID cards

10th September 2021 | Target: MyRepublic | Reported Here

MyRepublic says almost 80,000 of its mobile subscribers in Singapore have had their personal data compromised, following a security breach on a third-party data storage platform. The affected system had contained identity verification documents needed for mobile services registration, including scanned copies of national identity cards and residential addresses of foreign residents.

The “unauthorised data access” incident was uncovered on August 29 and the relevant authorities had been informed of the breach, said MyRepublic in a statement Friday.

MyRepublic


 

[above via Zdnet post] Update 1 / Update 2

 

Howard University Hit by a Ransomware Attack

7th September 2021 | Target: Howard University | Reported Here

Howard University, one of the largest historically Black schools in the United States, canceled classes Tuesday after a ransomware attack.

The attack shut down the campus Wi-Fi, and nonessential employees were instructed to not report to work, the university announced Monday. In-person classes will resume Wednesday, but online classes remain canceled until at least Thursday.

Howard University


 

[above via CNBC post] Update 1 / Update 2

 

Jenkins project discloses security breach

6th September 2021 | Target: Jenkins Software | Reported Here

In a statement, Jenkins documentation officer Mark Waite explained that the affected server was taken offline and the team is investigating the impact of the issue.

“At this time we have no reason to believe that any Jenkins releases, plugins, or source code have been affected. Thus far in our investigation, we have learned that the Confluence CVE-2021-26084 exploit was used to install what we believe was a Monero miner in the container running the service,” Waite wrote.

Jenkins


 

[above via Zdnet post] Update 1

 

Student, Teacher Personal Information Taken in Dallas ISD Data Theft

2nd September 2021 | Target: Dallas ISD | Reported Here

The Dallas Independent School District says they learned of a data breach about a month ago that affects former and current students, alumni, parents, and district employees.

In an FAQ on their website, the district said someone downloaded data from their server and temporarily stored it on an encrypted cloud storage site. The district said the data have since been removed from that site and that there is no evidence it was otherwise accessed, disseminated, or sold but that they cannot be sure the data has not been shared publicly until a forensic analysis is completed.

Dallas Independent School


 

[above via NBCDFW post] Update 1

 

DuPage Medical Group notifying 600,000 patients about a data breach

30th August 2021 | Target: Dupage Medical Group | Reported Here

DuPage Medical Group experienced a security breach that reportedly may affect 600,000 patients, the group announced Aug. 30. Now, the medical group, Illinois’ largest independent physician group, is mailing letters to notify patients of the cyberattack.

The unauthorized use occurred between July 12-13 and caused a network outage. On Aug. 17, after an investigation by cyber forensic specialists, the medical group determined patient information may have been reached by “unauthorized actors.”

DuPage Medical Group


 

[above via Chicago Tribune post] Update 1

 

LockBit Gang to Publish 103GB of Bangkok Air Customer Data

30th August 2021 | Target: Bangkok Airways | Reported Here

The LockBit ransomware gang has apparently struck again, having purportedly stolen 103GB worth of files from Bangkok Airways and promising to release them tomorrow, on Tuesday.

A Dark Web intelligence firm calling itself DarkTracer (apparently a separate intel firm than the better-known DarkTrace) tweeted a screen capture of a countdown clock from LockBit 2.0 that, as of Friday, showed four and a half days left. “LockBit ransomware gang has announced Bangkok Airways on the victim list,” DarkTracer tweeted. “It announced that 103GB of compressed files will be released.”

Bangkok Airways


 

[above via Threat Post post] Update 1 / Update 2 

 

Boston Public Library discloses cyberattack

27th August 2021 | Target: Boston Public Library | Reported Here

The Boston Public Library said Friday that it is experiencing “a systemwide technical outage” after being targeted by a cyberattack.

“On Wednesday morning, 8/25, the Boston Public Library experienced a systemwide technical outage due to a cybersecurity attack, pausing public computer and public printing services, as well as some online resources,” the library said in a statement. “Affected systems were taken offline immediately, and proactive steps were taken to isolate the problem and shutdown network communication. There is currently no evidence that sensitive employee or patron data has been disclosed.”

Boston Public Library


 

[above via NBC Boston post] Update 1

 

New Hampshire town loses $2.3 million to overseas scammers

24th August 2021 | Target: Peterborough, Hampshire | Reported Here

The town of Peterborough, New Hampshire, said Monday that it has lost $2.3 million in taxpayer dollars as the result of a cyberattack.

“It pains us to inform the residents and taxpayers of Peterborough that, like so many other towns and cities, we have fallen victim to an internet-based crime that has defrauded our taxpayers of $2.3m,” Select Board Chairman Tyler Ward and Town Administrator Nicole MacStay said in a press release posted to Facebook.


 

[above via NBC Boston post] Update 1 / Update 2

 

Chase bank accidentally leaked customer info to other customers

17th August 2021 | Target: Chase bank | Reported Here

New York City-based JPMorgan Chase Bank has admitted that a technical bug on its online banking website and app led to the accidental leak of customer data… to other customers.

Incidents of customer data breaches have been on the rise over the past year, alongside numerous instances of organized, targeted cyberattacks affecting organizations big, small, and in-between. Many incidents came about as bad actors, emboldened by the lack of data security on many platforms and targeting go-between service providers, orchestrated cyber intrusions that have ended up affecting thousands of businesses globally.

Chase bank


 

[above via Techhq post]

 

Data Breach at Georgia Health System

11th August 2021 | Target: Georgia Health System | Reported Here

A ransomware attack on one of southeast Georgia’s largest healthcare systems exposed both staff and patients’ protected health information (PHI.)

St. Joseph’s/Candler (SJ/C) announced on August 10 that it experienced “a data security incident that may have resulted in unauthorized access to patient and employee information,” according to a press release.

The Georgia-based healthcare system, which has 116 service locations across the state, identified suspicious activity in its network on June 17, 2021, according to the press release

Georgia Health System


 

[above via Health IT Security post]