ask ada icon

Ask Ada

BETA

Gen-AI
Powered

Attack Research Database

The cyberattacks and the cloud incidents have been creating massive damage to the organization’s confidential and credible information. Learn more about the latest attacks and the associated ransom costs.

attack research hero

Did you Know?

According to the latest IBM cloud attack report – Each cloud attack on an average costs $3.92M

Total Exposed Attacks in 2024 Costed

~$1.72B

Attack Research

Attack Type

May 8, 2024

Change Healthcare Ransomware Attack

A DDoS attack by Anonymous Sudan targeted over 300 web domains and 177,000 IP addresses, disrupting major public service websites.

Security Intelligence Sign in circle

ATTACK COST

$1.6 billion

May 7, 2024

UK Ministry of Defence Payroll Hack

Personal data of nearly 270,000 current and former staff members, including identities, bank details, and addresses, were exposed due to a hack on the payroll system managed by SSCL.

Reuters Sign in circle

ATTACK COST

270K PII Disclosed

April 18, 2024

Kubernetes RCE Attack

Microsoft discovered critical vulnerabilities in OpenMetadata versions 1.2.4 and 1.3.1, exploited by attackers to execute remote code on Kubernetes clusters. These vulnerabilities allowed hackers to gain access to vulnerable environments and deploy cryptocurrency mining malware.

Petri Sign in circle

ATTACK COST

Not disclosed

April 17, 2024

Supply Chain Attack

A sophisticated attack targeting the Kubernetes supply chain, where attackers injected malicious code into container images used by various organizations. This code allowed attackers to access deployment configurations and sensitive data.

BleepingComputer Sign in circle

ATTACK COST

$2 million

March 11, 2024

French State DDoS Attack

A DDoS attack by Anonymous Sudan targeted over 300 web domains and 177,000 IP addresses, disrupting major public service websites.

France 24 Sign in circle

ATTACK COST

Not disclosed

March 2024

Rhysida Ransomware

MarineMax (luxury yacht dealer and boating lifestyle brand) earnings reports, balance sheets, bank account wire transfers, customer databases, and other financial documents compromised

Blog from Cybernews Sign in circle

ATTACK COST

15BTC
(roughly $919k)

March 2024

Medusa Ransomware

Illinois’ Monmouth College system were compromised giving access to info like driver’s licenses and ID cards among a host of other information

Blog from Record Media Sign in circle

ATTACK COST

$500k

February 4, 2024

Container Escape Vulnerability

Attackers exploited a container escape vulnerability within the Kubernetes environment of a healthcare provider, gaining access to host systems and compromising patient data. The vulnerability allowed attackers to break out of the container and execute commands on the host operating system.

Cybernews Sign in circle

ATTACK COST

$5 million

February 22, 26 & 28, 2024

BlackCat Ransomware

6TB of data stolen from Change Healthcare's network belonging to "thousands of healthcare providers, insurance providers, pharmacies, etc.”

Blog from BleepingComputer Sign in circle

ATTACK COST

$22 million

February 11, 2024

Hipocrate Information System (HIS)

Ransomware attack forces 100 Romanian hospitals to go offline

Blog from CM-Alliance Sign in circle

ATTACK COST

3.5 BTC
(roughly $167k)

January 2024

Sophisticated state-sponsored attackers believed to be based out of North Korea

Orbit Chain's balance went from $115M to $29M instantly

Blog from BleepingComputer Sign in circle

ATTACK COST

$86 million

November 15, 2023

DarkBeam Misconfiguration

A misconfigured Elasticsearch and Kibana interface exposed 3.8 billion data records, including user emails and passwords, making them vulnerable to phishing campaigns.

Cyber News Sign in circle

ATTACK COST

Not disclosed

November 16, 2023

Zimbra Zero-Day

A zero-day vulnerability in the Zimbra Collaboration Suite was exploited to gain unauthorized access to email accounts, leading to data theft and espionage.

SecurityWeek Sign in circle

ATTACK COST

Not disclosed

November 1, 2023

ICMR Data Breach

The personal data of 815 million Indian residents was compromised, including names, ages, genders, addresses, passport numbers, and Aadhaar numbers.

Times of India Sign in circle

ATTACK COST

Not disclosed

October 6, 2023

23andMe Credential Stuffing Attack

Credential stuffing attacks resulted in the leakage of data from 20 million genetic profiles. Initial leaks included data on Ashkenazi Jews, with subsequent leaks affecting UK and German residents.

23andMe Sign in circle

ATTACK COST

Not disclosed

September 2023

Scattered Spider

Guest info (social security number and passport number) stolen

Blog from Inzone Insurance Sign in circle

ATTACK COST

$100 million hit to
the Q3 revenue

August 9, 2023

Cryptocurrency Mining Attack

Aqua Security uncovered that misconfigurations in Kubernetes clusters led to significant security breaches. Attackers exploited these misconfigurations to deploy cryptocurrency mining operations within compromised clusters.

The New Stack Sign in circle

ATTACK COST

Not disclosed

August 5, 2023

Salesforce Zero-Day Exploited to Phish Facebook Credentials

Guardio researchers detected cyberattackers sending targeted phishing emails with @salesforce.com addresses using the legitimate Salesforce infrastructure. An investigation revealed that they were able to exploit a Salesforce email-validation flaw to hide behind the domain's trusted status with users and email protections alike.

Dark Reading Sign in circle

ATTACK COST

Not disclosed

June 28, 2023

MOVEit Transfer Zero-Day

Exploited a zero-day vulnerability in the MOVEit Transfer software, compromising sensitive data transfers and resulting in large-scale data breaches.

Forbes Sign in circle

ATTACK COST

Not disclosed

December 10, 2022

Log4Shell

This zero-day vulnerability in the Apache Log4j library allowed attackers to execute arbitrary code on affected systems. It compromised critical infrastructure, including cloud services, financial institutions, and government agencies.

Wired Sign in circle

ATTACK COST

Not disclosed

April 20, 2022

Spring4Shell

This zero-day vulnerability in the Spring Framework allowed attackers to execute remote code on affected servers. It was exploited to deploy malware and gain unauthorized access to sensitive information.

CSO Online Sign in circle

ATTACK COST

Not disclosed

September 2, 2021

QakBot attacks with Windows zero-day (CVE-2024-30051)

In early April 2024, researchers discovered a new zero-day vulnerability (CVE-2024-30051) in the Windows Desktop Window Manager (DWM). The vulnerability allows for privilege escalation to gain system privileges. It was found while investigating a previous zero-day (CVE-2023-36033). By mid-April, an exploit for CVE-2024-30051 was detected being used in conjunction with QakBot malware and potentially by multiple threat actors. Microsoft released a patch for this vulnerability on May 14, 2024, as part of Patch Tuesday.

Kaspersky Sign in circle

ATTACK COST

Not disclosed

Zero Day Attacks cost $3.9M on average

why accuknox logo
Marketplace Icon

4+

Marketplace Listings

Regions Icon

7+

Regions

Compliance Icon

33+

Compliance Coverage

Integration Icon

37+

Integrations Support

Ready to get started?

According to the latest IBM cloud attack report - Each cloud attack on an average costs $3.92M

Total Exposed Attacks in 2024 Costed

~$1.72 Billion
Talk to Us