It’s time to publish the second timeline of October, covering the main cyber attacks occurred in the second half of the month (plus a couple that fell out of my radar during the first one). Of course, as always, you can find the first timeline here.
Ukraine continues to be a training field for Cyberwar: the same gang behind NotPetya (or Netya) is believed to be also behind Bad Rabbit, a new ransomware campaign that hit the country (and other ones primarily situated in East Europe) with a modus operandi close to the previous destructive campaign.
Another important event of this fortnight is a breach that dates back to 2013, but whose real extent was never revealed until now. I am talking about Microsoft: some formers employees admitted that the attackers (allegedly belonging to the Wild Neutron gang) that hit the company back then, were able to access an internal database used for tracking bugs.
Let’s move to Malaysia for yet another massive breach where roughly 46.2 million mobile phone numbers belonging to some telcos and mobile virtual network operators have been leaked online.
Another important event is the attack to Appleby, a law firm in Bermuda, that had a list of super rich customers leaked. The political consequences of this attack will last for long.
If we focus on Cyber Espionage, the infamous APT28 (AKA Fancy Bear) is back with two campaigns, one exploiting CVE-2017-11292 and, ironically, a second one exploiting a malicious document in disguise of a flyer relating to the Cyber Conflict U.S. Conference organized by NATO’s Cooperative Cyber Defence Centre of Excellence (CCDCOE).
And while North Korea is allegedly behind the attack against Daewoo Shipbuilding & Marine Engineering, detected in April last year, other noticeable cyber espionage campaigns include BlackOasis, Hacker’s Door (a blast from the past), and Leviathan.
Last but not least the turmoil in Catalonia woke up the Anonymous from their shadow…
As usual scroll down the whole list for all the events happened in this fortnight. And if you want to have an idea of how fragile our electronic identity is inside the cyberspace, have a look at the timelines of the main Cyber Attacks in 2011, 2012, 2013, 2014, 2015 and 2016 (regularly updated). You may also want to have a look at the Cyber Attack Statistics that are regularly published, and follow @paulsparrows on Twitter for the latest updates.