1-15 September 2013 Cyber Attacks Timeline

So unfortunately the Summer is nearly gone, but, despite the sadness for the beautiful season fading away, here we are with the usual analysis of what’s happened in September from a Security Information perspective.

The main event for the first half of September is the massive attack against Vodafone Germany, potentially compromising more than 2 million customer records. Actually it was very hard to declare a main event, since even Belgacom performed was on the infosec news, unleashing some information related to a targeted attack, it was victim of. Always on the Cyber Crime front, it’s also worth to mention the failed (luckily) attack against Santander.

Nothing new under the Hacktivism front, that offered a minor revamp of the Syrian Electronic Army, despite the claims of them being dox’ed, some events in Turkey, where the cyber temperature remains hot despite the Summer fading away, and again some small attacks related to Syria and the NSA affair.

As usual, if you want to have an idea of how fragile our data are inside the cyberspace, have a look at the timelines of the main Cyber Attacks in 2011, 2012 and now 2013 (regularly updated). You may also want to have a look at the Cyber Attack Statistics, and follow @paulsparrows on Twitter for the latest updates.

Also, feel free to submit remarkable incidents that in your opinion deserve to be included in the timelines (and charts).

16-31-july-2013-cyber-attacks-timeline1-15-september-2013-cyber-attacks-timeline (more…)

Continue Reading 1-15 September 2013 Cyber Attacks Timeline

16-31 January 2013 Cyber Attacks Timeline

Two Weeks Living Dangerously! I have no other words to describe this second half of January (first two weeks here) that has shown an unprecedented level of attacks! And if a good day starts with the morning, this will be a very troubled year from an information security perspective.

Not only the peaks of DDoS attacks against the US Banks have reached an unstoppable peak, but, most of all, at the end of the month details have been unveiled about a massive cyber-espionage campaign allegedly orchestrated by Chinese hackers against some major US media including The New York Times, The Wall Street Journal, The Washington Post and Bloomberg News.

A very very long list of targets this month, with some high profile victims such as the U.S. Sentencing Commission, whose web site has been hacked twice and turned into an Asteroid game, but also Renault Argentina that suffered 37,000 accounts leaked.

To summarize this month is really impossible, you just have to scroll down the timeline to realize the hacking spree in this January 2013.

If this trend continues, I will have to decrease the frequency of publication…

If you want to have an idea of how fragile our data are inside the cyberspace, have a look at the timelines of the main Cyber Attacks in 2011 and 2012 and the related statistics (regularly updated), and follow @paulsparrows on Twitter for the latest updates.

Also, feel free to submit remarkable incidents that in your opinion deserve to be included in the timelines (and charts). To do so, you can use this form.16-31-january-2013-cyber-attacks-timeline

(more…)

Continue Reading 16-31 January 2013 Cyber Attacks Timeline

December 2011 Cyber Attacks Timeline (Part I)

As usual, here it is my compilation of December Cyber Attacks.

It looks like that Christmas approaching is not stopping hackers who targeted a growing number of  organizations including several security firms (Kaspersky, Nod 32 and Bitdefender) even if in secondary domains and with “simple” defacements.

Cyber chronicles report of Gemnet, another Certification Authority Breached in Holland (is the 12th security incident targeting CAs in 2011) and several massive data breaches targeting Finland (the fifth this year, affecting 16,000 users), online gambling (UB.com affecting 3.5 million of users),  Telco (Telstra, affecting 70,000 users), and gaming, after the well known attacks to Sony, Sega and Nintendo, with Square Enix, which suffered a huge attacks compromising 1,800,000 users (even if it looks like no personal data were affected).

Online Payment services were also targeted by Cybercrookers: a Visa East European processor has been hit by a security breach, but also four Romanian home made hackers have been arrested for a massive credit card fraud affecting 200 restaurants for a total of 80,000 customers who had their data stolen.

As usual, hacktivism was one of the main trends for this first half of the month, which started with a resounding hacking to a Web Server belonging to ACNUR (United Nations Refugees Agency) leaking more than 200 credentials including the one belonging to President Mr. Barack Obama.

But from a mere hactvism perspective, Elections in Russia have been the main trigger as they indirectly generated several cyber events: not only during the election day, in which three web sites (a watchdog and two independent news agencies) were taken down by DDoS attacks, but also in the immediately following days, when a botnet flooded Twitter with Pro Kremlin hashtags, and an independent forum was also taken down by a further DDoS attacks. A trail of events which set a very dangerous precent.

Besides the ACNUR Hack, the Anonymous were also in the spotlight (a quite common occurrence this year) with some sparse attacks targeting several governments including in particular Brazil, inside what is called #OpAmazonia.

Even if not confirmed, it looks like that Anonymous Finland might somehow be related to the above mentioned breach occurred in Finland.

Other interesting events occurred in the first two weeks of December: the 0-day vulnerability affecting Adobe products, immediately exploited by hackers to carry on tailored phishing campaigns and most of hall, a targeted attack to a contractor, Lockheed Martin, but also another occurrence of DNS Cache Poisoning targeting the Republic of Congo domains of Google, Microsoft, Samsung and others.

Last but not least, the controversial GPS Spoofing, which allegedly allowed Iran to capture a U.S. Drone, even the GPS Spoofing on its own does not completely solve the mistery of the capture.

Other victims of the month include Norwich Airport, Coca Cola, and another Law Enforcement Agency (clearusa.org), which is currently unaivalable.

As usual after the page break you find all the references.

(more…)

Continue Reading December 2011 Cyber Attacks Timeline (Part I)

December 2011 Cyber Attacks Timeline (Part II)

This infamous 2011 is nearly gone and here it is the last post for this year concerning the 2011 Cyber Attacks Timeline. As you will soon see from an infosec perspective this month has been characterized by two main events: the LulzXmas with its terrible Stratfor hack (whose effects are still ongoing with the recent release of 860,000 accounts), and an unprecented wave of breaches in China which led to the dump of nearly 88 million of users for a theoretical cost of nearly $19 million (yes the Sony brech is close). For the rest an endless cyberwar between India and Pakistan, some hactivism and (unfortunately) the usual amounts of “minor” breaches and defacement. After the page break you find all the references.

Last but not least… This post is my very personal way to wish you a happy new infosec year.

(more…)

Continue Reading December 2011 Cyber Attacks Timeline (Part II)

January 2012 Cyber Attacks Timeline (Part 2)

Click here for part 1.

The second half of January is gone, and it is undoubtely clear that this month has been characterized by hacktivism and will be remembered for the Mega Upload shutdown. Its direct and indirect aftermaths led to an unprecedented wave of cyber attacks in terms of LOIC-Based DDoS (with a brand new self service approach we will need to get used to), defacements and more hacking initiatives against several Governments and the EU Parliament, all perpetrated under the common umbrella of the opposition to SOPA, PIPA and ACTA. These attacks overshadowed another important Cyber Event: the Middle East Cyberwar (which for the sake of clarity deserved a dedicated series of posts, here Part I and Part II) and several other major breaches (above all Dreamhost and New York State Electric & Gas and Rochester Gas & Electric).

Chronicles also reports a cyber attack to railways, several cyber attacks to universities, a preferred target, and also of a bank robbery in South Africa which allowed the attackers to steal $6.7 million.

Do you think that cyber attacks in this month crossed the line and the Cyber Chessboard will not be the same anymore? It may be, meanwhile do not forget to follow @paulsparrows to get the latest timelines and feel free to support and improve my work with suggeastions and other meaningful events I eventually forgot to mention.

(more…)

Continue Reading January 2012 Cyber Attacks Timeline (Part 2)

February 2012 Cyber Attacks Timeline

Find here February 2012 Cyber Attacks Timelime Part I.

With a small  delay (my apologies but the end of February has been very busy for me and not only for Cybercrooks as you will soon see), here it is the second part of my compilation with the main Cyber Attacks for February 2012.

Easily Predictable, the Hacktivism is still the main concern for System Administrators, in particular for the ones of Stratfor who suffered a huge leak of 5 million of emails.

On the same front, the threats of the Anonymous for the Friday actions have come true and as a matter of fact Law Enforcement Agencies suffered other remarkable breaches in this month: Infragard for the second time and also Interpol (a new entry) that was taken down after the arrest of 25 members of the collective. Anti ACTA protest also continue to shake Europe as also the delicate economical and social situation in Greece.

Last but not least, this month has also seen an unforgettable leak, affecting potentially more than 1.000.000 Youporn users.

As usual, the chart does not include the events related to Middle East Cyber War Timeline, that you may find at this link, as they “deserve” a dedicated timeline.

After the jump you find all the references, follows @paulsparrows for the latest updates on a regular basis and also have a look to the 2012 Cyber Attacks Timeline Master Index.

(more…)

Continue Reading February 2012 Cyber Attacks Timeline

March 2012 Cyber Attacks Timeline (Part II)

First Part: March 2012 Cyber Attacks Timeline (Part I)

It is time for the second part of the March 2012 Cyber Attacks Timeline, a month that will probably be remembered for the breach occurred to Global Payments, a credit card processor, whose aftermath may potentially affect up to 10 million credit card holders belonging, among the others, to Visa and MasterCard.

On the hacktivism front, not even three weeks after the arrest of several LulzSec members, a new hacking crew has appeared whose name, LulzSecReborn, clearly reminds the infamous collective and its Days of Lulz. They entered the scene with a noticeable, albeit discussed, leak: more than 170.000 records from a military dating site.

Other remarkable hacktivism-led cyber attacks include the so called #OpFariseo, a wave of Cyber Attacks targeting websites related to the visit of the Pope in Mexico, and a new cyber attack to PBS. It is also important to notice the debut of the Anonymous in China, a debut characterized by a massive wave of defacements.

Last but not least, among the events of this month there is one which in particular deserves a mention, and is the leak which targeted Vector Inc., a Japanese computer selling firm, potentially affecting more than 260,000 users.

As usual after the jump you will find all the references.

If you want to have an idea of how fragile our data are inside the cyberspace, have a look at the timelines of the main Cyber Attacks in 2011 and 2012 (regularly updated), and follow @pausparrows on Twitter for the latest updates.

(more…)

Continue Reading March 2012 Cyber Attacks Timeline (Part II)

1-15 September 2012 Cyber Attacks Timeline

Here it is the usual compilation for the Cyber Attacks in the first half of September, a period which has apparently confirmed the revamping of hacktivism seen in August.

Several operations such as #OpFreeAssange (in support of Julian Assange), #OpTPB2 against the arrest of The Pirate Bay Co-Founder Gottfrid Svartholm Warg, and #OpIndipendencia in Mexico have characterized the first half of September. Curiously the hacktivists have also characterized this period for a couple of controversial events: the alleged leak of 1 million of UDIDs from FBI (later proven to be fake) and the alleged attack to GoDaddy (later proven to be a network issue, that is the reason why I not even mentioned it in this timeline). Other actions motivated by hacktivists have been carried on by Pro-Syrian hackers.

From a Cyber Crime perspective, there are two events particularly interesting (even if well different): the alleged leak of Mitt Romney’s tax returns and yet another breach against a Bitcoin Exchange (Bitfloor), worthing the equivalent of 250,000 USD which forced the operator to suspend the operations.

If you want to have an idea of how fragile our data are inside the cyberspace, have a look at the timelines of the main Cyber Attacks in 2011 and 2012 and the related statistics (regularly updated), and follow @paulsparrows on Twitter for the latest updates.

Also, feel free to submit remarkable incidents that in your opinion deserve to be included in the timelines (and charts).

(more…)

Continue Reading 1-15 September 2012 Cyber Attacks Timeline