In February, a ransomware attack was abusing Microsoft Exchange vulnerabilities for gaining initial access. The ransomware group was identified as UNC2596 and malware was detected as COLDDRAW (commonly known as Cuba). Other Major Incidents TA402 threat actor was found using a NimbleMamba implant. The Dridex bot was found spreading the Entropy ransomware. Gamaredon was using spear-phishing emails aimed at Ukrainian organizations. One of the flaws in Apple iOS was used by a surveillance firm, QuaDream. Attacks were observed delivering the Micropsia malware developed by the Arid Viper APT. The National Math and Science Initiative had a security breach. The Internet Society blamed the exposure of personal data on a third-party vendor. The News Corp. was hacked and data was stolen from journalists and employees. A cyber attack had targeted the Oiltanking GmbH Group.