Phishing Watchdog – Stay Safe with Instant Alerts

 

Phishing Watchdog


 

PhishProtection.com “Phishing Watchdog” Is A Timeline of All Major Phishing Attacks Reported As They Breakout

 

An Updated Feed of All Significant Phishing Attacks

This is a comprehensive and frequently updated resource page that lists all the significant Phishing Attacks as they are discovered and happen online. Each attack is summarized here with links to further information about each attack. The list below is updated instantly with threat details as soon as the attack is verified to be authentic.

 

 

US clothing supplier Pro Wrestling Tees hit by data breach

23rd December 2021 | Target: Pro Wrestling Tees | Reported Here

Pro Wrestling Tees, which sells t-shirts designed by professional wrestlers, has discovered that some customers’ credit card numbers have been compromised in a data breach, according to a notification seen by The Daily Swig.

A letter apparently sent to potentially impacted customers from the Chicago-based company indicates that a malware-related compromise of customer names and payment card data came to light on November 1.

protection from data breaches


 

[above via Bleeping Computer post] Update 1

 

Global IT services provider Inetum hit by ransomware attack

24th December 2021 | Target: Inetum | Reported Here

Less than a week before the Christmas holiday, French IT services company Inetum Group was hit by a ransomware attack that had a limited impact on the business and its customers.

Inetum is active in more than 26 countries, providing digital services to companies in various sectors: aerospace and defense, banking, automotive, energy and utilities, healthcare, insurance, retail, public sector, transportation, telecom and media.

malware and ransomware protection


 

[above via Security Affairs post] Update 1

 

Microsoft: Khonsari ransomware hits self-hosted Minecraft servers

16th December 2021 | Target: Minecraft servers | Reported Here

Microsoft urges admins of self-hosted Minecraft servers to upgrade to the latest release to defend against Khonsari ransomware attacks exploiting the critical Log4Shell security vulnerability.

Mojang Studios, the Swedish video game developer behind Minecraft, released an emergency security update last week to address the bug tracked as CVE-2021-44228 in the Apache Log4j Java logging library(used by the game’s Java Edition client and multiplayer servers).

prevent from phishing


 

[above via CRN post] Update 1

 

Monongalia Health System, Inc. Investigates and Addresses Data Security Incident

21st December 2021 | Target: Monongalia Health System, Inc. | Reported Here

Monongalia Health System, Inc., and its affiliated hospitals, Monongalia County General Hospital Company and Stonewall Jackson Memorial Hospital Company (collectively, “Mon Health”), announced that it recently investigated and addressed an email phishing incident, and is now notifying individuals, including patients, providers, employees, and contractors, whose information may have been involved.

phishing definition


 

[above via ZNet post] Update 1

 

Ubisoft discloses security breach impacting Just Dance gamer data

20th December 2021 | Target: Ubisoft | Reported Here

French video game maker Ubisoft said today that a misconfiguration in its IT infrastructure exposed gamer data for players of its Just Dance video game series.

The company is currently notifying all impacted users via email after disclosing the breach earlier today in a community forum post.

what is phishing


 

[above via ZNet post] Update 1

 

Credit card info of 1.8 million people stolen from sports gear sites

17th December 2021 | Target: Sports gear sites | Reported Here

Four affiliated online sports gear sites have disclosed a cyberattack where threat actors stole credit cards for 1,813,224 customers.

While not much is known about the attack, a law firm representing the four websites stated that personal information and credit card information, including full CVV, were stolen on October 1st, 2021.

protection from phishing


 

[above via Secure Reading post] Update 1

 

Belgian defense ministry hit by cyberattack

20th December 2021 | Target: Belgium | Reported Here

Belgium’s ministry of defense confirmed on Monday it had been hit by a cyberattack.

Hackers exploited a vulnerability in software called Log4j, which was discovered earlier in December, a ministry spokesperson told local media. The ministry uncovered the attack last Thursday.

Cybersecurity officials across the world have rushed to patch the Log4j vulnerability over the past week. The glitch has affected a long list of software firms including Amazon and Microsoft.

protection against phishing


 

[above via ZNet post] Update 1

 

Billion-dollar natural gas supplier Superior Plus hit with ransomware

14th December 2021 | Target: Superior Plus | Reported Here

Superior Plus, the number one propane distributor in Canada and number five distributor in the U.S., has reported a ransomware incident. It’s the second security incident involving a top company in the propane business in the last six months.

Superior reported having discovered the breach on December 12. The company’s announcement does not mention when the attackers originally gained access to its systems.

phishing definition


 

[above via Forbes post] Update 1, Update 2

 

McMenamins was hit by a ransomware attack. Here’s who is affected

16th December 2021 | Target: McMenamins | Reported Here

Portland brewery and hotel chain McMenamins suffered a Conti ransomware attack over the weekend that disrupted the company’s operations.

McMenamins is a popular chain of restaurants, pubs, breweries, and hotels located in Oregon and Washington.

The ransomware attack occurred over the weekend, on December 12th, with sources telling BleepingComputer that the Conti gang conducted it.

what is phishing


 

[above via Bleeping Computer post]  

 

 

Hellmann hit by cyber attack

9th December 2021 | Target: Hellmann | Reported Here

Hellmann Worldwide Logistics has been hit by a cyber attack that has impacted operations.

On December 9, the German logistics services company said external security specialists are working on restoring operations, but it is currently unable to confirm whether any data has been leaked.

prevent phishing


 

[above via ZDNet post]  Update 1, Update 2

 

 

South Australian government employee data taken in Frontier Software ransomware attack

10th December 2021 | Target: South Australian government | Reported Here

South Australia Treasurer Rob Lucas said on Friday that state government employee data has been exfiltrated as part of a ransomware attack on payroll provider Frontier Software.

Lucas said the company has informed government that some of the data have been published online, with at least 38,000 employees and up to 80,000 government employees possibly having their data accessed.

prevent phishing


 

[above via ITNews post]  Update 1, Update 2

 

 

Volvo confirms it was hit by security breach

10th December 2021 | Target: Volvo | Reported Here

Swedish car giant Volvo has confirmed it has suffered a security breach, with internal company data thought to have been affected.

In a statement, the company said that it had “become aware that one of its file repositories has been illegally accessed by a third party.”

Volvo says an initial investigation into the breach suggests that “a limited amount” of company’s R&D information has been stolen, and that this could have an effect on its overall operations.

protection from phishing


 

[above via Tech Crunch post]  Update 1, Update 2

 

 

New Cerber ransomware targets Confluence and GitLab servers

7th December 2021 | Target: GitLab servers | Reported Here

Cerber ransomware is back, as a new ransomware family adopts the old name and targets Atlassian Confluence and GitLab servers using remote code execution vulnerabilities.

As ransomware began picking up pace in 2016, a new Cerber ransomware operation emerged that quickly became one of the most prolific gangs at the time. However, its activity slowly tapered off until it disappeared at the end of 2019.

protection from ransomware


 

[above via Cyware post]  Update 1

 

 

FBI: Cuba ransomware group hit 49 critical infrastructure organizations

6th December 2021 | Target: Infrastructure Sectors | Reported Here

Last Friday, the FBI released a new notice regarding the Cuba ransomware, stating that a threat group has attacked 49 entities spanning five different critical infrastructure sectors. The FBI also noted that the group has likely made at least $43.9 million in ransom payments. The threat group deploying the Hancitor malware is targeting enterprises in the financial, government, healthcare, manufacturing, and information technology sectors. The Hancitor malware is used to gain entry into Windows systems and is a loader known for dropping or executing Remote Access Trojans (RATs).

ramsonware protection


 

[above via PCMag post]  Update 1

 

 

Cyberattack forces supermarket Spar to close some stores

6th December 2021 | Target: Spar | Reported Here

More than 300 branches of the convenience store chain Spar in the north of England have been hit by a cyberattack, forcing many of them to close.

The attack hit the company’s computer systems, causing a “total IT outage” that has prevented staff from taking card payments and locked them out of emails.

Some branches of the chain, one of the few places to buy groceries in many remote communities, are accepting cash but the rest have been forced to close entirely.


 

[above via BBC post]  Update 1, Update 2

 

 

BitMart says it will compensate victims of $196 million hack and restore trading

5th December 2021 | Target: BitMart | Reported Here

Crypto trading platform Bitmart says it will use its own money to reimburse victims of a large-scale security breach, in which hackers took as much as $196 million.

Bitmart claims hackers withdrew about $150 million in assets. However, blockchain security and data analytics firm Peckshield, which first publicized the hack, estimates that the loss is closer to $200 million. CNBC reached out to Bitmart to ask about the multimillion dollar discrepancy, but the exchange declined to comment on this point.

phishing protection for cryptocurrency


 

[above via Zdnet post]  Update 1

 

 

The virus attack on Nordic Choice Hotels’ IT systems

6th December 2021 | Target: Nordic Choice Hotels | Reported Here

In the wake of the virus attack on the night of 2 December, Nordic Choice Hotels has over the weekend worked to map the extent of the virus attack on the IT systems.

On the night of 2 December, Nordic Choice Hotels was hit by a virus attack on our IT systems. The virus infected systems for bookings, check-in and check-out, as well as payment solutions. After the incident, we have worked around the clock with internal and external resources to get an overview of the extent of the event, as well as restore the systems so that the operation of the hotels can return to normal.

virus attack on Nordic Choice Hotels


 

[above via Bleeping Computer post]  Update 1

 

 

Panasonic discloses data breach after network hack

29th November 2021 | Target: Panasonic | Reported Here

Japanese tech giant Panasonic has confirmed a data breach after hackers gained access to its internal network.

Panasonic said in a press release dated November 26 that its network was “illegally accessed by a third party” on November 11 and that “some data on a file server had been accessed during the intrusion.” However, when reached, Panasonic spokesperson Dannea DeLisser confirmed that the breach began on June 22 and ended on November 3 — and that the unauthorized access was first detected on November 11.

Panasonic data breach


 

[above via Techcrunch post]  Update 1, Update 2

 

IKEA email systems hit by ongoing cyberattack

26th November 2021 | Target: IKEA | Reported Here

Ikea is reportedly reeling under an ongoing cyberattack perpetrated through phishing emails sent via compromised Microsoft Exchange servers.

According to BleepingComputer, the homeware giany is alerting its employees of the campaign conducted through the classic reply-all email chain attack.

Ikea email reply attack


 

[above via Techradar post]  Update 1

 

More than 500,000 Utahns’ sensitive information possibly hacked

18th November 2021 | Target: Utah | Reported Here

Utah Imaging Associates (UIA), a Utah-based radiology center, has announced a data breach affecting 582,170 people after their personal information was exposed.

According to the data breach notification sent to affected individuals, the security incident was discovered on September 4, 2021, and was remediated on the same day.

Utah medical center breach


 

[above via Bleeping Computer post]  Update 1

 

GoDaddy Security Breach Exposes 1.2 million WordPress Users’ Data

17th November 2021 | Target: GoDaddy | Reported Here

Customer information including email addresses, account numbers and passwords related to more than one million GoDaddy users was exposed in a data breach, the company said Monday in a regulatory filing.

According to the web hosting company’s Securities and Exchange Commission notification, the breach affected users of WordPress, a web-based content management system used by bloggers and websites. The systems were first compromised on Sept. 6 when an unauthorized person used a stolen password to gain access, but the breach wasn’t discovered until Nov. 17.


 

[above via c|net post]  Bleeping Computer

 

Costco discloses data breach after finding credit card skimmer

12th November 2021 | Target: Costco | Reported Here

Costco customers at four of the retailer’s Chicago-area warehouses may have had their payment information compromised after employees discovered five card-skimming devices during routine PIN pad inspections at the end of August.

“We promptly removed the skimmers, notified law enforcement, and engaged a forensics firm to analyze the devices,” A Costco spokesperson told FOX Business in a statement. “It appears that these skimmers had the ability to capture information on the magnetic stripe of a payment card, including name, card number, expiration date, and CVV.”


 

[above via Fox Business post]  Update 1

 

Stor-a-File hit by ransomware after crooks target SolarWinds Serv-U FTP software

10th November 2021 | Target: Stor-a-File | Reported Here

Stor-а-File, а British dаtа cаpture аnd storаge compаny, suffered а rаnsomwаre аttаck in Аugust thаt exploited аn unpаtched instаnce of SolаrWinds’ Serv-U FTP softwаre.

The compаny informed its clients аbout the September аttаck, аnd told The Register thаt it refused to pаy. We understаnd some dаtа hаs been leаked by rаnsomwаre criminаls on а Tor blog.

Stor-a-File hit by ransomware


 

[above via Blackweb Security post]  

 

Electronics retail giant MediaMarkt hit by ransomware attack

8th November 2021 | Target: MediaMarkt | Reported Here

MediaMarkt and its stores have been hit by a large-scale cyber-attack. The electronics retailer’s international computer systems are said to have been ‘held hostage’ by a ransomware attack.

Everything encrypted

MediaMarkt employees were told this morning not to use the computers in the stores. They have become the victim of a cyber-attack. This also applies to the Dutch, Belgian and German stores. The staff is asked to disconnect the cash registers from the Internet and not to restart the systems, RTL Nieuws reports.


 

[above via Retail Detail post]  Update 1

 

Robinhood discloses data breach impacting 7 million customers

8th November 2021 | Target: Robinhood | Reported Here

Robinhood Markets on Monday afternoon disclosed an unauthorized party obtained access to personal information for nearly one-quarter of the company’s nearly 20 million users, marking one of the biggest security breaches ever for the popular online brokerage.


 

[above via Forbes post]  Update 1 / Update 2

 

UK Labour Party discloses data breach after ransomware attack

3rd November 2021 | Target: UK Labour Party | Reported Here

The Labour Party has been affected by a “cyber incident” involving its members’ data.

Labour said it was told on 29 October that it had been affected by the event by a third party firm that handled membership data on its behalf.

As a result, “a significant quantity” of party data was “rendered inaccessible on their systems”.


 

[above via BBC post]  Update 1 Update 2

 

Canadian province health care system disrupted by cyberattack

1st November 2021 | Target: N.L. health-care system | Reported Here

The Canadian province of Newfoundland and Labrador has suffered a cyberattack that has led to severe disruption to healthcare providers and hospitals.

The attack took place on October 30th, causing regional health systems to shut down their networks and cancel thousands of medical appointments. This outage affected health systems in Central Health, Eastern Health, Western Health, and the Labrador-Grenfell Regional Health authorities.


 

[above via Bleeping Computer post]  Update 1

 

Suspected Iranian hack hits Israeli LGBT site

30th October 2021 | Target: LGBTQ Apps & Sites | Reported Here

The hacker group “Black Shadow” has leaked data from various Israeli companies, such as LGBTQ dating app “Atraf”, Dan bus company and tour booking company Pegasus on Saturday night.
Earlier in the day, they leaked data from the Kavim bus app after previous threats. “They did not contact us …So first data is here,” the group said on Telegram, affixing a photo of what appeared to be a database of Israeli citizens’ personal information. “If you do not contact us, (sic) it will be more,” added the group.


 

[above via J Post post]  Update 1 / Update 2 

 

Fullerton Health vendor hit by hackers, exposing customer data

26th October 2021 | Target: Fullerton Health | Reported Here

“Fullerton Health confirms that its own IT network, systems and databases have not been accessed or breached,” it added.

In a statement, Agape said it discovered on Oct 19 that client information was compromised due to “unauthorised access by a malicious third party”.


 

[above via Channel News Asia post]  Update 1

 

Brazilian insurance giant Porto Seguro hit by cyberattack

15th October 2021 | Target: Porto Seguro | Reported Here

And the cases of virtual attacks targeting companies continue to rise, with Porto Seguro being the most recent organization to be hit by one of these crimes. Due to the scam, the service channels and in some systems of the insurance company have been unstable since Thursday

Porto Seguro


 

[above via Clare People post] 

 

Acer confirms second cyberattack in 2021

14th October 2021 | Target: Acer | Reported Here

The second Acer cyberattack, this 2021 is now confirmed after involved hackers themselves shared that they have access to the computer manufacturer’s servers.

Network cables are plugged in a server room on November 10, 2014 in New York City. U.S. President Barack Obama called on the Federal Communications Commission to implement a strict policy of net neutrality and to oppose content providers in restricting bandwith to customers.

This detail was announced after the ransomware attack back in March, which also targeted Acer. The cybercriminals claimed that they breached the offices of the giant tech firm in India in the second week of October.


 

[above via Tech Times post] Update 1   

 

Olympus US systems hit by cyberattack over the weekend

12th October 2021 | Target: Olympus Corporation | Reported Here

Researchers say that BrewDog exposed the personally identifiable information (PII) of roughly 200,000 shareholders for the best part of 18 months.

According to PenTestPartners, BrewDog “declined to inform their shareholders and asked not to be named” in the research revealing the security flaw.

Olympus


 

[above via Zdnet post] Update 1 / Update 2 

 

BrewDog exposed data for over 200,000 shareholders and customers

8th October 2021 | Target: BrewDog | Reported Here

Researchers say that BrewDog exposed the personally identifiable information (PII) of roughly 200,000 shareholders for the best part of 18 months.

According to PenTestPartners, BrewDog “declined to inform their shareholders and asked not to be named” in the research revealing the security flaw.

BrewDog data breach


 

[above via Zdnet post] Update 1 / Update 2 

 

Vidar Stealer Returns and Has a New Target: Mastodon

7th October 2021 | Target: Mastodon | Reported Here

Vidar stealer is back and has a new target: this time, the Mastodon social media network is being abused in a fresh malicious campaign. The goal is C2 configuration achievement without being noticed.

Mastodon


 

[above via Heimdal Security post] Update 1 / Update 2 

 

Twitch Confirms Massive Data Breach

6th October 2021 | Target: Twitch, TV network | Reported Here

Twitch, the popular if frequently controversial Amazon-owned streaming service with 30 million daily visitors, confirmed reports on Wednesday that a breach had taken place after data, including possibly its entire source code and other sensitive company information, was leaked online.

Twitch confirms data breach


 

[above via Forbes post] Update 1 / Update 2