Views:
4,931
The Election Day is gone and now you are ready to browse the list of the main cyber attacks between 16 and 31 October 2016 (part I here).
The number of attack confirms its decreasing trend, however the impact is still massive. October 21, 2106, the day the internet died. will be remembered for ages, and, besides this event, which is undermining our certainties, the list of the noticeable attacks is quite well populated: Weebly was hit by a massive breach, probably occurred in February 2016 (43 million users), Foursquare is in the list as well (23 million victims from a breach purportedly occurred in December 2013, even if the company did not confirm it), AdultFriendFinder was also hit (again) and 73 million accounts are floating on the dark web, and finally the details of 3.2 million cards belonging to customers of top Indian Banks were also leaked in one of the worst incidents ever.
Other interesting events include the discovery of a long lasting campaign by the infamous APT28 AKA Fancy Bear, (over 1,000 high-profile individuals across the globe between 16 March and 14 September 2015, and the return of Anonymous affiliated hackers.
As usual, if you want to have an idea of how fragile our electronic identity is inside the cyberspace, have a look at the timelines of the main Cyber Attacks in 2011, 2012, 2013, 2014, 2015 and, in a bit, 2016 (regularly updated). You may also want to have a look at the Cyber Attack Statistics that are regularly published, and follow @paulsparrows on Twitter for the latest updates.
Additionally, feel free to submit remarkable incidents that in your opinion deserve to be included in the timelines (and charts), and if useful, you can access the timeline in Google Sheet format: 
ID | Date | Author | Target | Description | Attack | Target Class | Attack Class | Country |
1 | 16/10/2016 | ? | Road Signs | A number of people at the Chicago’s Grand Avenue and Central Avenue intersection witness an unusual message on a construction signboard against the mayor Rahm Emanuel | Unknown | Road Signs | CC | US |
2 | 17/10/2016 | Guccifer 2.0 | Democratic National Committee (DNC) | Guccifer 2.0 is back and leaks new fresh documents relating to the US political system (documents allegedly showing email conversations between DNC employees and Hillary Clinton's presidential campaign staff discussing Donald Trump's position on his tax returns). | Unknown | Org: Political Party | CC | US |
3 | 17/10/2016 | SCUWatch | University of Santa Clara Office of Marketing and Communication (OMC) | A hacker dubbed SCUWatch leaks a trove of internal documents from the Office of Marketing and Communications from the University of Santa Clara. | Unknown | Education | CC | US |
4 | 18/10/2016 | Revolver AKA 1x0123 Peace | AdultFriendFinder | A hacker known as Revolver or 1x0123 claims to have breached into AdultFriendFinder, posting two screenshots that appeared to show he had access to some portion of the website's infrastructure. Another notorious hacker known as Peace also claims to have hacked in, and obtained a database of 73 million users. | Local File Inclusion | Adult Site | CC | US |
5 | 18/10/2016 | ? | RedBus | Online travel giant Ibibo Group-owned ticketing platform RedBus confirms to have been subject to a cyber attack that might have exposed the email addresses of some of its customers. | Unknown | Industry: Tourism | CC | IN |
6 | 19/10/2016 | ? | Axis Bank | Axis Bank, India's third-largest private bank, announces that it was the victim of a cyber-attack, but has managed to stop the intrusion before the hacker stole any funds from customer accounts. | Account Hijacking | Finance | CC | IN |
7 | 20/10/2016 | Unknown Criminals from China? | Several Top Indian Banks | Details of more than 3.2 million cash cards of customers of top Indian banks (Visa, Mastercard, RuPay) have reportedly been stolen in what could be one of the biggest financial data breaches in the country. While it is unclear who is behind the alleged operation, reports suggest that unauthorised transactions can be traced to various locations in China. | Malware | Finance | CC | IN |
8 | 20/10/2016 | ? | Weebly | LeakedSource reveals that the well known San-Francisco based "drag-n-drop" website creator Weebly.com had information on 43 Million users leaked from its main database in February of 2016. | Unknown | Industry: Web Hosting | CC | US |
9 | 20/10/2016 | ? | Foursquare | According to LeakedSource even Foursquare suffered a massive breach (23 Million victims) on December 2013. | Unknown | Social Network | CC | CC |
10 | 20/10/2016 | APT28 | Several Targets | The cyber gang called Sednit, also known by the names Fancy Bear, APT28, Pawn Storm and Sofacy, allegedly believed to be behind the controversial Democratic National Committee DNC hack, is found to have targeted over a 1,000 high-profile individuals across the globe between 16 March and 14 September 2015. | Targeted Attack | >1 | CE | >1 |
11 | 20/10/2016 | ? | Single Individuals in the gaming community | Symantec reveals that malicious actors are abusing Discord, a free VoIP service for gamers to distribute remote access Trojans, as well as infostealers and downloaders. | Malware | Single Individuals | CC | >1 |
12 | 20/10/2016 | FruityArmor | N/A | Kaspersky Lab reveals the details of FruityArmor, a malicious actor exploiting an unpatched Microsoft vulnerability (CVE-2016-3393) in chained attacks. | Targeted Attack | N/A | CE | N/A |
13 | 20/10/2016 | Unknown Nigerian Attackers | San Francisco Exploratorium Museum | The San Francisco Exploratorium Museum admits to have been fallen victim of a Spear Phishing Attack. | Account Hijacking | Org: Science | CC | US |
14 | 21/10/2016 | ? | Dyn DNS | A distributed denial of service attack against Dyn, the dynamic DNS service, affects the availability of dozens of major websites and Internet services this morning, including Twitter and Reddit. | DDoS | Industry: Internet Services | CC | US |
15 | 21/10/2016 | ? | Pakistan Government Officials | Forcepoint reveals the details of BITTER, a cyber espionage campaign targeting Pakistani government officials. | Targeted Attack | Government | CE | PK |
16 | 21/10/2016 | ? | Baystate Health | Baystate Health reveals that about 13,000 patients may have had some of their personal information compromised, due to a “phishing” e-mail that was received by some staff members. | Account Hijacking | Org: Non-Profit | CC | US |
17 | 21/10/2016 | ? | City of Middletown | The city of Middletown reveals that computer hackers gained access to personal information of people who had contact with the Middletown Police Department. | Unknown | Government | CC | US |
18 | 22/10/2016 | ? | StarHub | Singapore telecommunications company StarHub is the target of a DDoS attack (once again carried on flooding the company with bogus DNS queries). | DDoS | Industry: Telco | CC | SG |
19 | 24/10/2016 | ? | StarHub | A new DDoS attack hits the infrastructure of StarHub | DDoS | Industry: Telco | CC | SG |
20 | 24/10/2016 | Syrian Cyber Army | Sever Belgian media news outlets | The Syrian Cyber Army claims responsibility for DDoS attacks against several Belgian media news outlets including De Standaard, Het Nieuwsblad, Gazet van Antwerpen, Het Belang van Limburg, and RTFB. | DDoS | News | H | BE |
21 | 24/10/2016 | ? | DomainTools | DomainTools says it detected an attack against its user management system from an unknown attacker and advises users to change their passwords as a precaution. | Email Harvesting | Industry: Cyber Security | CC | US |
22 | 25/10/2016 | CloudFanta | Single Individuals | Researchers from Netskope spot a variant of a malware campaign dubbed “CloudFanta” which may have been used to steal 26,000 email credentials including addresses, usernames, and passwords. | Malware | Single Individuals | CC | >1 |
23 | 26/10/2016 | ? | Nets | Danish payment processor company Nets advises local banks to block up to 100,000 credit cards on suspicion their security might have been compromised by hackers. | Unknown | Industry: Payment Processor | CC | DK |
24 | 26/10/2016 | Moonlight (AKA Gaza Hacker Team) | Several Targets in Middle East | Vectra Networks reveals the details of the last campaign carried on by the Moonlight (AKA Gaza Hacker Team) collective targeting several targets in Middle East. | Targeted Attack | >1 | CE | >1 |
25 | 27/10/2016 | Anonymous | Several Japanese Companies | The Anonymous resume cyberattacks against Japanese companies, in an apparent protest against the resumption of dolphin and whale hunting in the western Japanese town of Taiji. | DDoS | >1 | H | JP |
26 | 27/10/2016 | Blackgear | Several Japanese Companies | Trend Micro reveals that Blackgear, a cyber-espionage campaign that has historically gone after Taiwanese targets, has now shifted its gaze to its neighboring country, Japan. | Targeted Attack | >1 | CE | JP |
27 | 28/10/2016 | ? | converse.com.au | Converse reveals that the company’s Australian e-commerce site was intercepting payment details for website visitors that made purchases between Sept. 2 and Oct. 12 of this year. | Malware | Industry: Shoes | CC | AU |
28 | 28/10/2016 | CyberHunta | Vladislav Surkov | A Ukrainian group called CyberHunta claims to have hacked into the account of an assistant to presidential aide Vladislav Surkov and uploads more than 2,000 emails. | Account Hijacking | Single Individuals | CE | RU |
29 | 29/10/2016 | Anonymous Poland | Bradley Foundation | Anonymous Poland claims to have hacked the Bradley Foundation and dumps more than 30Gb data including a fake letter of a $150 million donation to Clinton’s campaign. | Unknown | Org: Politics | H | US |
30 | 31/10/2016 | ? | City of Duluth | More than 55,000 Duluth residents receive letters informing them that voter registration lists and other personal information may have been exposed as a result of a phishing attack. | Account Hijacking | Government | CC | US |
Like this:
Like Loading...