This month of August will be probably remembered for the massive cache of 1.2 million of password scooped up by the Russian gang Cyber Vor, undoubtedly the most important event that overshadowed all the other activity recorded in these dog days.
Besides this remarkable fact, the Cyber Crime chronicles report, among others, an unprecedented attack technique, aimed to hijack ISP traffic to steal bitcoins, the breach to SuperValu, and the compromising of 60,000 staffers who participated in Tennessee health screening program.
It’s time for the first cyber attacks timeline of July reporting the main cyber events happened (or discovered) during the first half of the month.
In a short summary: if even the number of recorded attacks remains moderate, the most important events of this period are related to Cyber Espionage: eight sophisticated campaigns have been discovered, a number remarkably high for this category.
And here we are with the timelines of the main Cyber Attacks happened during the first half of February.
It is very hard to summarize these days from an Infosec perspective, considering the noticeable number of massive breaches: Kickstarter (potentially 5.6 million of records affected), Forbes (1 million records leaked), Orange (800,000 users impacted) and St. Joseph Health System (400,000 users affected) are the main examples, but they must not overshadow other ‘minor’ events such as the the attack against Bell.ca (‘only’ 40,000 users affected).
It’s time for the summary of the main cyber attacks occurred in the first half of November and reported on the news.
These fifteen days have been particularly troubled from an information security perspective, having left to the records several remarkable breaches: LoyaltyBuild, affecting potentially 1.12 million individuals, CorporateCarOnline.com (850,000 individuals), MacRumors (850,000 individuals) and, last but not least, vBulletin (860,000 users affected). A damage report which appears really devastating.
It’s time for the second part of the June 2013 Cyber Attacks Timeline (first part here).
The last two weeks of June have been characterized by an unusual cyber activity in the Korean Peninsula. In a dramatic escalation of events (coinciding with the 63rd anniversary of the start of the Korean War), both countries have attracted the unwelcome attentions of hacktivists and (alleged) state-sponsored groups, being targeted by a massive wave of Cyber attacks, with the South suffering the worst consequences (a huge amount of records subtracted by the attackers).
Here’s the second part of the April cyber attacks Timeline (Part I at this link)
The most remarkable event of this period has certainly been the breach suffered by Living Social potentially exposing 50 million customers of the e-commerce website. Other illustrious victims of the month include the mobile operator DoCoMo and the online reputation firm Reputation.com.
I know, I am a little late this month. We have just entered May and I was able to publish the first part of the Timeline of April. I will try to maintain the usual rhythm and to be more punctual for the next releases.
Anyway, the first part of April has offered many interesting port with several large scale attacks and massive breaches. The first category includes the Darkleech malware against Apache, and the gigantic brute-force attack against WordPress. The second category includes the attacks against two primary Japanese portals, the FPS War Z, Scribd, Linode, and, most of all Schnucks Markets, targeting potentially 2.4 million users.
Other troubles for system administrators: March is confirming the 2013 dangerous trend with several high profile breaches against industrial, financial and governmental targets.
The first two weeks of March have begun with the breach to Evernote, and continued with (among the others) the third phase of the infamous Operation Ababil, targeting U.S. Banks and an alleged Chinese attack against the Reserve Bank of Australia.
Here it is the usual compilation for the Cyber Attacks in the first half of September, a period which has apparently confirmed the revamping of hacktivism seen in August.
Several operations such as #OpFreeAssange (in support of Julian Assange), #OpTPB2 against the arrest of The Pirate Bay Co-Founder Gottfrid Svartholm Warg, and #OpIndipendencia in Mexico have characterized the first half of September. Curiously the hacktivists have also characterized this period for a couple of controversial events: the alleged leak of 1 million of UDIDs from FBI (later proven to be fake) and the alleged attack to GoDaddy (later proven to be a network issue, that is the reason why I not even mentioned it in this timeline). Other actions motivated by hacktivists have been carried on by Pro-Syrian hackers.