16-30 November 2013 Cyber Attacks Timeline

It is time for the report of the cyber landscape of the second half of November.

This month will be probably remembered for the discovery of the giant breach targeting Cupid Media and involving potentially 42 million users. However, this was not the only remarkable breach of November: chronicles report of 77,000 customers of Vodafone Island having their details leaked.

Other interesting events involve a brute-force attack to GitHub, forcing several users to change password, and yet another attack against a Bitcoin Wallet (the equivalent of $1 million stole).

Not only Cyber Criminals. Even Hacktivists were particularly active in this period: the attacks of Indonesian hackers against Australian targets continued in the second part of November, as also the mutual defacements between Pakistani and Indian crews. Last but not least, the Anonymous leaked some documents and emails allegedly belonging to the Italian Governor of Lombardy and the details of 40,000 individuals from an Israeli Job search portal.

As usual, if you want to have an idea of how fragile our data are inside the cyberspace, have a look at the timelines of the main Cyber Attacks in 2011, 2012 and now 2013 (regularly updated). You may also want to have a look at the Cyber Attack Statistics, and follow @paulsparrows on Twitter for the latest updates.

Also, feel free to submit remarkable incidents that in your opinion deserve to be included in the timelines (and charts).16-30-november-2013-cyber-attacks-timeline

(more…)

Continue Reading 16-30 November 2013 Cyber Attacks Timeline

1-15 November 2014 Cyber Attacks Timeline

The first half of November is gone, so it’s time for the list of the main cyber attacks occurred during these fifteen days.

Confirming the trend of the last months, the activity has been quite sustained. For sure, the most remarkable attack has targeted the Turkish branch of HSBC, and has affected 2.7 million customers, whose credit cards have been compromised (and apparently the bank has decided not to issue new cards for the impacted users).

Again the operations related to cyber espionage have played an important role: some new campaigns have come to light (for instance Darkhotel), and also several noticeable attacks have been discovered, like the one against the United States Postal Service (600,000 users affected) or the one against the National Oceanographic and Atmospheric Administration.

Even hacktivists have been quite active: the RedHack collective has reemerged from several months in stealth mode (they claim to have deleted 650,000 USD worth 0f electricity power debt), and some hackers claiming to be affiliated to the Anonymous collective have performed similar operations in Italy (in parallel with the delicate social and economical period) and the Philippines.

If you want to have an idea of how fragile our electronic identity is inside the cyberspace, have a look at the timelines of the main Cyber Attacks in 2011, 2012, 2013 and now 2014 (regularly updated). You may also want to have a look at the Cyber Attack Statistics, and follow @paulsparrows on Twitter for the latest updates.

Also, feel free to submit remarkable incidents that in your opinion deserve to be included in the timelines (and charts).1-15-november-2014-cyber-attacks-timeline

(more…)

Continue Reading 1-15 November 2014 Cyber Attacks Timeline

1-15 September 2014 Cyber Attacks Timeline

This month will be probably remembered for the Home Depot breach. Yet another one caused by the same POS malware family that hit Target, with a similar dramatic extension: unfortunately the retailer believes that 56 million of credit cards could have been compromised in this case. After such a similar gigantic breach there is not so much to add as far as Cyber Crime is concerned, as it overshadowed all the rest.

In regards of Hacktivism, this has been a terrible month for Pakistan, which has attracted the unwelcome attentions of hacktivists protesting against the corruption of the government. As a consequence dozens of government sites have been bombarded with DDOS attacks, (with few cases of defacements and leaks).

Nothing particularly important to mention for Cyber Espionage. After the spree of the past months, maybe is time for a break.

If you want to have an idea of how fragile our electronic identity is inside the cyberspace, have a look at the timelines of the main Cyber Attacks in 2011, 2012, 2013 and now 2014 (regularly updated). You may also want to have a look at the Cyber Attack Statistics, and follow @paulsparrows on Twitter for the latest updates.

Also, feel free to submit remarkable incidents that in your opinion deserve to be included in the timelines (and charts).1-15-september-2014-cyber-attacks-timeline1

(more…)

Continue Reading 1-15 September 2014 Cyber Attacks Timeline

1-15 June 2013 Cyber Attacks Timeline

Here it is the first part of the June 2013 Cyber Attacks timeline covering the first half of the month.

This period has been characterized by the protests in Turkey, that, easy predictable, have also influenced the cyber landscape. Many attacks (in several cases even with noticeable impact) have been carried on in name of OpTurkey.

Other noticeable facts include the attacks against the European Police College (14,000 records affected), the Bangladeshi Air Force recruitment website (110,000 credentials affected), and, most of all, against the Danish Police which affected the country’s driver’s license database, social security database, the shared IT system across the Schengen zone, and the e-mail accounts and passwords of 10,000 police officers and tax officials.

Last but not least, the first two weeks of June has brought us yet another high profile cyber-espionage operation, dubbed NetTraveler.

As usual, if you want to have an idea of how fragile our data are inside the cyberspace, have a look at the timelines of the main Cyber Attacks in 2011, 2012 and now 2013 (regularly updated). You may also want to have a look at the Cyber Attack Statistics, and follow @paulsparrows on Twitter for the latest updates.

Also, feel free to submit remarkable incidents that in your opinion deserve to be included in the timelines (and charts).

1-15 June 2013 Cyber Atacks Timeline (more…)

Continue Reading 1-15 June 2013 Cyber Attacks Timeline

1-15 October 2013 Cyber Attacks Timeline

It’s time to review the list of the main cyber attacks happened during the first half of October.

Of course there are few doubts: the breach involving Adobe (compromising the details of 3 million customers and the source code of two products) is for sure the most remarkable event of the month (and probably of the year), and its consequences will likely affect the Infosec landscape for long. In addition it overshadowed all the other events occurred so it is quite hard to summarize the threat landscape of the first 15 days of October.

In a nutshell, these two weeks have brought an unprecedented number of DNS Hijackings and several considerable breaches (however not comparable in size and impact with the one affecting Adobe). At first glance, looks like the number of attacks motivated by Cyber Crime is constantly increasing and leaving behind Hacktivism.

Last but not least, curiously, for this couple of weeks, I did not find any remarkable operations motivated by Cyber Espionage.

As usual, if you want to have an idea of how fragile our data are inside the cyberspace, have a look at the timelines of the main Cyber Attacks in 2011, 2012 and now 2013 (regularly updated). You may also want to have a look at the Cyber Attack Statistics, and follow @paulsparrows on Twitter for the latest updates.

Also, feel free to submit remarkable incidents that in your opinion deserve to be included in the timelines (and charts).

1-15 October 2013 Cyber Attacks Timeline

(more…)

Continue Reading 1-15 October 2013 Cyber Attacks Timeline

1-15 July 2014 Cyber Attacks Timeline

It’s time for the first cyber attacks timeline of July reporting the main cyber events happened (or discovered) during the first half of the month.

In a short summary: if even the number of recorded attacks remains moderate, the most important events of this period are related to Cyber Espionage: eight sophisticated campaigns have been discovered, a number remarkably high for this category.

On the cyber crime front, the most important event of this period is undoubtedly the massive attacks against Boleto, the Brazilian payment system ($ 3.5 billion is the amount of money stolen by the criminals), but also the purported leak of CNET’s database (subsequently offered on sale by the criminals at the symbolic price of 1 Bitcoin) deserves a special mention. Also the African continent is on the spot with the discovery of a repeated fraud against a couple of Nigerian banks.

Nothing particularly remarkable by hacktivists, with the partial exception of the Syrian Electronic Army, back with the Specialty of the House (the account hijacking, this time against the official Twitter account of the Israel Defence Force). The hacktivistic landscape also offered some attacks against Israel, related to the events in Gaza. Nothing particularly relevant so far, but everything suggests that the number of these attacks will dramatically increase in the next timeline.

If you want to have an idea of how fragile our electronic identity is inside the cyberspace, have a look at the timelines of the main Cyber Attacks in 2011, 2012, 2013 and now 2014 (regularly updated). You may also want to have a look at the Cyber Attack Statistics, and follow @paulsparrows on Twitter for the latest updates.

Also, feel free to submit remarkable incidents that in your opinion deserve to be included in the timelines (and charts).

1-15 July 2014 Cyber Attacks Timeline (more…)

Continue Reading 1-15 July 2014 Cyber Attacks Timeline

16-31 July 2014 Cyber Attacks Timeline

July is gone and hence it’s time, as usual, to summarize the main cyber events happened in the second half of this month (Part I here).

For a strange coincidence this month has shown an unusual number of breaches dating back to several years ago (2010-2012) and reported only now: Catch of The Day, Think W3 Limited, Paddy Power and Lasko are the organizations affected.

Looking quickly at Cyber Crime, these two weeks have brought the breach to The Wall Street Journal (by W0rm the same author of the breach to CNET), the disclosure of a failed attempt to disrupt the Nasdaq in 2010, a breach to the website of the European Central Bank, an extensive attack aimed to compromise the Tor Infrastructure, and, last bunt not least, the DHS advisory related to Backokff, a PoS Malware already compromising 600 organizations throughout the U.S.

Moving to Cyber Espionage, this period will be remembered for the Canadian allegations against China, related to a cyber attack against The National Research Council and the possible compromising three Israeli defense contractors responsible for building the “Iron Dome” missile shield program.

Israel was even under the radar of the Hacktivists, who concentrated there their efforts in support of the #OpSaveGaza operation.

If you want to have an idea of how fragile our electronic identity is inside the cyberspace, have a look at the timelines of the main Cyber Attacks in 2011, 2012, 2013 and now 2014 (regularly updated). You may also want to have a look at the Cyber Attack Statistics, and follow @paulsparrows on Twitter for the latest updates.

Also, feel free to submit remarkable incidents that in your opinion deserve to be included in the timelines (and charts).

16-31 July 2014 Cyber Attacks Timeline (more…)

Continue Reading 16-31 July 2014 Cyber Attacks Timeline

16-31 October 2014 Cyber Attacks Timeline

It’s time for the second timeline of October (Part I here) covering the main cyber attacks between the 16th and 31st: yet another consistent list confirming the growing trend of the last period.

In particular, in these two weeks the most important events have been spotted inside Cyber Espionage, whose chronicles report, among other, a state-sponsored attack to an unclassified network of the White House, a relevant number of operations (APT 28, Operation Pawn Storm, Operation SMN, Operation DeathClick, a tail of the infamous Sandworm), and even a man-in-the-middle attack against Chinese iCloud users.

Cybercrime is also on a roll: the trail of attacks against retailers seems unstoppable (Staples is the latest victim), but chronicles also report a massive breach in South Korea, involving Pandora TV and a gigantic SQL Injection attack, driven by CVE-2014-3704, against every unpatched website running Drupal, existing on this desperate planet. There is also space for a little bit of irony, as in case of Sourcebooks, the publisher hacked few days before releasing the latest book of Brian Krebs.

Israel and Ukraine keep on being two hot fronts for Hacktivism, whereas India is again the cradle of  cyberwar, many events event in this months (despite limited to skirmishes involving defacements of governmental and military websites).

If you want to have an idea of how fragile our electronic identity is inside the cyberspace, have a look at the timelines of the main Cyber Attacks in 2011, 2012, 2013 and now 2014 (regularly updated). You may also want to have a look at the Cyber Attack Statistics, and follow @paulsparrows on Twitter for the latest updates.

Also, feel free to submit remarkable incidents that in your opinion deserve to be included in the timelines (and charts).

16-31 October 2014 Cyber Attacks Timeline (more…)

Continue Reading 16-31 October 2014 Cyber Attacks Timeline

16-31 December 2013 Cyber Attacks Timeline

Let’s give the welcome to this new infosec year with the first timeline of 2014 (or better the last of 2013) summarizing the main events occurred in the second half of December 2013.

With no doubt, this holiday season has been characterized by the Target breach, whose size is constantly growing (110 million the number of potential victims according to recent estimates). This massive incident has somehow shadowed another massive breached occurred in Turkey, were Russian hackers have allegedly been able to obtain 54 million citizens’ ID Data. With similar numbers, the 300.000 users potentially affected by the Cyber Attack involving Affinity Gaming appear risible.

Other considerable events include a Christmas Intrusion on a BBC server (with the author possibly selling the backdoor access on the underground) and yet another possible intrusion by Chinese hackers on a US target, specifically the Federal Election Commission.

Nothing particularly significant on the hacktivism front characterized by the consolidated “background noise” of events whose sizes are well far from the levels of the recent years.

As usual, if you want to have an idea of how fragile our data are inside the cyberspace, have a look at the timelines of the main Cyber Attacks in 2011, 2012 and now 2013 (regularly updated). You may also want to have a look at the Cyber Attack Statistics, and follow @paulsparrows on Twitter for the latest updates.

Also, feel free to submit remarkable incidents that in your opinion deserve to be included in the timelines (and charts).

16-31 December 2013 Cyber Attacks Timeline Update2 (more…)

Continue Reading 16-31 December 2013 Cyber Attacks Timeline

16-31 March 2014 Cyber Attacks Timeline

And here we are with the second part of the Cyber Attacks Timeline (first part here).

The prize for the most noticeable breach of the month goes in Korea, where a 31-year-old man has been arrested for infiltrating the account of 25 million users of Never, a local Internet Portal (actually it happened several months ago but was unveiled in this month). Other noticeable events include the trail of attacks against several Universities (Maryland, Auburn, Purdue, Wisconsin-Parkside), the compromising of personal information of 550,000 employees and users of Spec’s, the leak of 158,000 forum users of Boxee.tv and 95,000 users of Cerberus and, finally, a breach targeting the California Department of Motor Vehicles. Last but not least, even the infamous Operation Windigo has deserved a mention in the timeline.

Moving to Hacktivism, chronicles report of a couple of hijackings performed, as usual, by the Syrian Electronic Army, a couple of operations carried on by the Russian Cyber Command and a (probably fake) attack by someone in disguise of Anonymous Ukraine, claiming to to have leaked 7 million Russian Credit Cards. Probably a recycle of old leaks.

As usual, if you want to have an idea of how fragile our data are inside the cyberspace, have a look at the timelines of the main Cyber Attacks in 2011, 2012 and now 2013 (regularly updated). You may also want to have a look at the Cyber Attack Statistics, and follow @paulsparrows on Twitter for the latest updates.

Also, feel free to submit remarkable incidents that in your opinion deserve to be included in the timelines (and charts).

16-31 Mar 2014 Cyber Attacks Timelines (more…)

Continue Reading 16-31 March 2014 Cyber Attacks Timeline