For many of you the Christmas break is over. In order to help you to keep up with the Information Security Landscape I have prepared the following wrap-up where I have collected several news in pills that I found particularly interesting during the past two weeks. They are not necessarily related to breaches (which, of course, you will find in the forthcoming Cyber Attack Timeline) but include general news that had a certain impact inside the community.
The second timeline of December will be published in few days, but In the meantime, after hopefully enjoying the new layout of the blog, if you want to know the most devastating events of 2015, you can browse the galleries dedicated to the Top 20 hacks in terms of compromised users and the Top 10 in terms of stolen money.
|31 Dec||The worst way to close 2015… Or to enter 2016? Microsoft failed to warn victims of Chinese email hack
According to former Microsoft employees, Microsoft experts concluded several years ago that Chinese authorities had hacked into more than a thousand Hotmail email accounts, targeting international leaders of China’s Tibetan and Uighur minorities in particular, but it decided not to tell the victims, allowing the hackers to continue their campaign.
|31 Dec||Database configuration issues expose 191 million voter records
Researcher Chris Vickery uncovers a database sitting on the Web containing various pieces of personal information related to 191 million American citizens registered to vote (300 Gb). The data appears to date back to 2000. The researchers point the finger to NationBuilder, a se
|27 Dec||The Anonymous claim to have foiled an Islamic State terror attack on Italy
Boundaries between real and virtual world are increasingly crossing. Anonymous hackers claim to have foiled an Islamic State terror attack on Italy after beefing up operations in the wake of the Paris atrocities. Further details reveal that the attack was allegedly supposed to hit Florence (at least according to a chat fragment).
|25 Dec||Steam confirms info on 34K users likely exposed in Christmas Day DoS attack
Yes, I was one of those users trying to buy a gift on Steam during the Christmas Day, and I immediately realized that something was terribly wrong. A blunder on the caching configuration has made some users seeing Steam Store pages generated for other users. Why a change in production during Christmas day? The indirect aftermath of a DDoS attack, targeting Steam Early Christmas morning (Pacific Standard Time).
|24 Dec||Ukraine blames Russian malware for power outages in the country
The fears of attacks against critical infrastructures become real! The Ukrainian government blames Christmas Eve power outages in the Western Ukraine on attacks by Russia. According to the Security Service of Ukraine, malware has been found in the networks of some utilities. Moreover, the malware intrusions coincided with a “non-stop telephone flood at utility plants’ technical support departments”.
|23 Dec||Australian government tells citizens to turn off two-factor authentication when going abroad
The Australian government has repeatedly called for citizens to turn off two-factor authentication (2FA) at its main digital government portal when they are abroad. Apparently a quite strange and incomprehensible advise, given that users are normally more exposed when connecting from untrusted connections.
|22 Dec||New Malware Hit 230,000 Per Day in 2015, Report says
A new report from Panda Labs claims that the number of malware samples discovered per day has set a new record, hitting the remarkable number of 230,000 units and the number will grow in 2016. Another blow for signature-based technologies. However Panda’s prediction of a rise in new malware is not in line with the predictions of some of its rivals, who see malware growth slowing. Kaspersky Lab said earlier this month, for example, that the volume of new malware it discovered in 2015 dropped by 15,000—from 325,000 in 2014 to 310,000.
|22 Dec||Human behaviour still the biggest threat to company security?
Seriously? I never would have though. A report from Nuix, a security intelligence and information management technology company, finds that there’s a greater focus on insider threats since the first report was conducted in 2014. Nothing new under the sun…
|19 Dec||Dam(n)! Iranian Hackers Infiltrated New York Dam in 2013
The Wall Street Journal reports that Iranian hackers penetrated the online control system of a New York dam in 2013. Apparently hackers gained access to the dam through a cellular modem. Critical infrastructures are becoming a coveted and easy target!
|19 Dec||Hello Kitty… Bye Bye 3.3 Million Records… (19 Dec)
Definitely the worst way to start the Christmas Week! Chris Vickery discovers a leaked database of more than 3.3 million user accounts for Sanriotown.com and other Sanrio-owned websites like hellokitty.com and mymelody.com.
|17 Dec||Ouch! Drug Cartels Are Hacking US Border Patrol Drones (17 Dec)
It looks like that GPS Spoofing and GPS Jamming is now the last weapon used by drug traffickers to stop Drones. Unfortunately the UAVs used by local law enforcement agencies do not have the countermeasures used by military devices, and criminals have immediately learned how to take advantage from this.