It’s time for the first timeline of May, reporting the main cyber attacks occurred between 1 and 15 May 2015.
The Summer is at the gates, but apparently the nice weather is not stopping the attackers from their intentions: I have recorded 52 attacks, a dramatic turnaround in comparison with April, and a strong indication that the slowing trend of the past couple of months has suffered a sudden stop.
It’ s time to publish the timeline with the main cyber attacks occurred in April 2015 (Part I here).
Despite the number of attacks has shown a decreasing trend, this second part of April will be probably remembered for the Cyber Espionage campaigns, which, in a couple of cases, have successfully hit the White House, a coveted target for Russian hackers. Other remarkable events in this space include the return of APT 28 (Operation Russian Doll) and an operation carried on by Arabic-speaking attackers, targeting Israeli military networks.
Spring is sprung, but unfortunately the nice season is not enough to keep the crooks’ hands off their keyboard, as the growing trend continues, and this first half of April has shown a sustained number of attacks.
The most illustrious victim is Lufthansa, whose frequent-flyers website has been hacked, with the attackers able to harvest miles from the unaware victims. Other noticeable events, always related to cyber crime, include the compromise of Linux Australia, and the discovery of Operation Buhtrap, a campaign targeting Russian banks.
Spring is at the door, and finally the endless winter is coming to an end. I am just wondering if the crooks are starting to enjoy the first rays of sun, given the relatively low level of attacks in the first half of March.
Effectively, for the first time since several months, no massive breaches have been recorded. But don’t get carried away: the second half of March has begun in the worst possible way with the gigantic breach suffered by Premera (definitely a deja vu).
The first half of November is gone, so it’s time for the list of the main cyber attacks occurred during these fifteen days.
Confirming the trend of the last months, the activity has been quite sustained. For sure, the most remarkable attack has targeted the Turkish branch of HSBC, and has affected 2.7 million customers, whose credit cards have been compromised (and apparently the bank has decided not to issue new cards for the impacted users).
It’s time for the second timeline of October (Part I here) covering the main cyber attacks between the 16th and 31st: yet another consistent list confirming the growing trend of the last period.
In particular, in these two weeks the most important events have been spotted inside Cyber Espionage, whose chronicles report, among other, a state-sponsored attack to an unclassified network of the White House, a relevant number of operations (APT 28, Operation Pawn Storm, Operation SMN, Operation DeathClick, a tail of the infamous Sandworm), and even a man-in-the-middle attack against Chinese iCloud users.
Here we go with the first timeline of the main Cyber Attacks happened in October (according to my personal evaluation metric).
Two weeks very active from an information security perspective. The list of attacks is quite long and heterogeneous, with massive breaches (The Snappening and a list of nearly 7.000.000 compromised accounts used to brute-force Dropbox), a rich list of cyber crime and cyber espionage campaigns, a renewed burst of the cyber war between India and Pakistan, and a couple of operations orchestrated by hacktivists.
This month of August will be probably remembered for the massive cache of 1.2 million of password scooped up by the Russian gang Cyber Vor, undoubtedly the most important event that overshadowed all the other activity recorded in these dog days.
Besides this remarkable fact, the Cyber Crime chronicles report, among others, an unprecedented attack technique, aimed to hijack ISP traffic to steal bitcoins, the breach to SuperValu, and the compromising of 60,000 staffers who participated in Tennessee health screening program.
July is gone and hence it’s time, as usual, to summarize the main cyber events happened in the second half of this month (Part I here).
For a strange coincidence this month has shown an unusual number of breaches dating back to several years ago (2010-2012) and reported only now: Catch of The Day, Think W3 Limited, Paddy Power and Lasko are the organizations affected.