Tag Archives: XSS

1-15 June 2014 Cyber Attacks Timeline

It just looks like attackers are enjoying the beginning of the Summer, since the first half of June confirms the decreasing trends.

The controversial 2014 World Cup has revived the hacktivists, and in particular the Anonymous collective who kicked off the Operation OpWorldCup, targeting Brazilian Governmental institutions and Sponsors of the World Cup.

read more

1-15 March 2013 Cyber Attacks Timeline

Other troubles for system administrators: March is confirming the 2013 dangerous trend with several high profile breaches against industrial, financial and governmental targets.

The first two weeks of March have begun with the breach to Evernote, and continued with (among the others) the third phase of the infamous Operation Ababil, targeting U.S. Banks and an alleged Chinese attack against the Reserve Bank of Australia.

read more

1-15 January 2013 Cyber Attacks Timeline

So here we are with the first Cyber Attacks Timeline for 2013 covering the first half of January.

Apparently the new year has begun with an intense activity by Cyber Crooks. Hacktivists and Cyber Criminals had many time to spend in front of their keyboards during the holiday break, and as a consequence the number of breaches with more than 10.000 accounts compromised is incredibly high. WWF China, the City of Steubenville, Ohio and The German Chamber of Commerce are only three examples of institutions that suffered massive breaches during the beginning of this year.

read more

1-15 December 2012 Cyber Attacks Timeline

Christmas is coming quickly, we have just passed the first half of December, and hence it’s time for the first update of the Cyber Attacks Timeline for December.

The Team GhostShell has decided to close the year with a clamorous Cyber Attack, and hence,as part of the project ProjectWhiteFox, has leaked 1.6 million of accounts from several organizations all over the world. This is the most important event for this first part of the month that apparently has shown a decreasing trend. Hacktivists are still focusing their attention (and their keyboards) to Israel, and Cyber Criminals are maybe preparing for the Christmas attacks.

read more

January 2012 Cyber Attacks Timeline (Part 2)

Click here for part 1.

The second half of January is gone, and it is undoubtely clear that this month has been characterized by hacktivism and will be remembered for the Mega Upload shutdown. Its direct and indirect aftermaths led to an unprecedented wave of cyber attacks in terms of LOIC-Based DDoS (with a brand new self service approach we will need to get used to), defacements and more hacking initiatives against several Governments and the EU Parliament, all perpetrated under the common umbrella of the opposition to SOPA, PIPA and ACTA. These attacks overshadowed another important Cyber Event: the Middle East Cyberwar (which for the sake of clarity deserved a dedicated series of posts, here Part I and Part II) and several other major breaches (above all Dreamhost and New York State Electric & Gas and Rochester Gas & Electric).

read more

Cross-Site Scripting in svendita… All’Android Market

Per un giorno mi ero ripromesso di non parlare dei problemi di sicurezza dell’Androide ma non ce l’ho fatta… Non si sono ancora sopite del tutto le polemiche relative al modello di sicurezza dell’Android Market (io invece mi ero quasi sopito) che oggi è trapelata la notizia di una grave vulnerabilità di tipo XSS esistente, dalla sua origine, nella versione Web dell’Android Market. Prima della sua scoperta da parte di Jon Oberheide (ricercatore di sicurezza non nuovo a questo genere di scoperte), la vulnerabilità  in questione era sfruttabile inserendo codice malevolo  all’interno del campo “Description” nella finestra di pubblicazione delle applicazioni.... Read More