This first half of July will be long remembered for the Infosec Professionals: undoubtedly the dramatic Hacking Team leak has characterized this fortnight and has written one of the most controversial pages of the Infosec Annals. Security researchers and activists are still digging into the trove of documents (and 0-days) siphoned from the Italian company, and this story, that is unveiling new details every day, is far from being completed.... Read More
Great news! With this article, I have decided to change the timeline, moving from a static infographic-style format, to a tabular format, which allows to sort, filter and search for specific items inside the timeline.... Read More
It’s time for the first timeline of May, reporting the main cyber attacks occurred between 1 and 15 May 2015.
The Summer is at the gates, but apparently the nice weather is not stopping the attackers from their intentions: I have recorded 52 attacks, a dramatic turnaround in comparison with April, and a strong indication that the slowing trend of the past couple of months has suffered a sudden stop.
Despite still related to December 2014, here is the first timeline for 2015 covering the main events occurred between the 16th and 31st December 2014 (first part here).
No doubt, this Christmas will be remembered for the unwelcome surprise of the DDoS attack performed by the infamous Lizard Squad against the online services of Sony and Microsoft. An attack that has shattered the dreams of many players, just few minutes after unwrapping their brand new consoles under the Christmas Tree. However, the light that burns twice as bright burns half as long, and inevitably two members of the collective have allegedly been arrested (not before having attempted a Sybil Attack against Tor).
For the Infosec professionals, this troubled 2014 will be remembered for the trail of gigantic breaches unleashed nearly exactly one year ago, when the real outcome of the infamous Target breach became to emerge. The real extent of the breach was yet to be known, like also the fact that it would not have been an isolated case, but just the beginning of a nightmare.
And finally we can complete the September 2014 Cyber Attacks Timeline (Part I here), with the second part covering the most important events between the 16th and the 30th.
A very fruitful month for Cyber Criminals, since there are several events that will be remembered. For sure the Shellshock vulnerability will spoil the troubled sleeps of many System Administrators. In any case this is not the only remarkable event, the chronicles report of an (un)expected tail of the Celebrity Leak scandal (the so-called Fappening), with other two rounds of leaked pictures occurred on the 20th and the 26th, and a couple of massive breaches against TripAdvisor subsidiary Viator (1.4 million users affected) and Japan Airlines (750,000 users affected). Last but not least, it is also worthwhile to mention the group of teen hackers charged for hacking into Microsoft, the US Army and several game companies, stealing $100 million in Intellectual Property, and the so-called Operation Harkonnen, the longest cyber crime campaign ever.
And here we are with the second part of the Cyber Attacks Timeline (first part here).
The prize for the most noticeable breach of the month goes in Korea, where a 31-year-old man has been arrested for infiltrating the account of 25 million users of Never, a local Internet Portal (actually it happened several months ago but was unveiled in this month). Other noticeable events include the trail of attacks against several Universities (Maryland, Auburn, Purdue, Wisconsin-Parkside), the compromising of personal information of 550,000 employees and users of Spec’s, the leak of 158,000 forum users of Boxee.tv and 95,000 users of Cerberus and, finally, a breach targeting the California Department of Motor Vehicles. Last but not least, even the infamous Operation Windigo has deserved a mention in the timeline.
It’s time for the Cyber Attacks Timeline for the first half of January 2014. I wish we had a better start for this Infosec year. Not even a month has passed (actually this timeline covers the first two weeks) and we have already seen several massive breaches (Snapchat) and other resounding events, maybe less relevant from a mere numeric perspective, but equally meaningful for the high profile of the victims involved (Microsoft).
It is time for the report of the cyber landscape of the second half of November.
This month will be probably remembered for the discovery of the giant breach targeting Cupid Media and involving potentially 42 million users. However, this was not the only remarkable breach of November: chronicles report of 77,000 customers of Vodafone Island having their details leaked.
First part here: 1-15 March 2013 Cyber Attacks Timeline
March is gone and hence it is time to analyze the events that characterized the past month.
Two events in particular gained the first pages of the magazines: the wiper malware in Korea and the DDoS attack against Spamhaus that, maybe exaggerating, has been defined the “biggest attack in history”.