16-31 January 2023 Cyber Attacks Timeline
The second cyber attacks timeline of January 2023 is out. In the second half of the month I collected...
The second cyber attacks timeline of January 2023 is out. In the second half of the month I collected...
In the second timeline of November, I have collected 141 events (corresponding to 9.4 events per day), a value slightly higher than...
Unsurprisingly, the level of cyber activity continued to be quite sustained even during the second half of September. In this timeline...
The first timeline of June 2022 is out. In the first half of the month I collected 109 events, corresponding to an average of 7.27 events/day, in line with the sustained level of activity that is characterizing the latest months. And if...
And even the second timeline of February 2022 is finally out with 92 records that, distributed on 12 days, bring the average number of events per day to 7.07, an increase compared with...
The first timeline of February is here! I am happy to introduce the "Breachometer", a counter that measures how the current timeline stacks up with the values recorded in the previous 12 months.
It's time to catch up with the timelines, so let's go with a new one collecting the main cyber events occurred in the second half of May. In this timeline I have collected "only" 72 events, including 9 occurred in the previous weeks, so definitely a sharp drop in comparison to the numbers we have been used to in the previous weeks, after the beginning of the COVID-19 crisis. Here we are again with the mega breaches...
The first half of November is gone, so it’s time for the list of the main cyber attacks occurred during these fifteen days.
Confirming the trend of the last months, the activity has been quite sustained. For sure, the most remarkable attack has targeted the Turkish branch of HSBC, and has affected 2.7 million customers, whose credit cards have been compromised (and apparently the bank has decided not to issue new cards for the impacted users).
Again the operations related to cyber espionage have played an important role: some new campaigns have come to light (for instance Darkhotel), and also several noticeable attacks have been discovered, like the one against the United States Postal Service (600,000 users affected) or the one against the National Oceanographic and Atmospheric Administration.
Even hacktivists have been quite active: the RedHack collective has reemerged from several months in stealth mode (they claim to have deleted 650,000 USD worth 0f electricity power debt), and some hackers claiming to be affiliated to the Anonymous collective have performed similar operations in Italy (in parallel with the delicate social and economical period) and the Philippines.
If you want to have an idea of how fragile our electronic identity is inside the cyberspace, have a look at the timelines of the main Cyber Attacks in 2011, 2012, 2013 and now 2014 (regularly updated). You may also want to have a look at the Cyber Attack Statistics, and follow @paulsparrows on Twitter for the latest updates.
Also, feel free to submit remarkable incidents that in your opinion deserve to be included in the timelines (and charts).
Here we go with the first timeline of the main Cyber Attacks happened in October (according to my personal evaluation metric).
Two weeks very active from an information security perspective. The list of attacks is quite long and heterogeneous, with massive breaches (The Snappening and a list of nearly 7.000.000 compromised accounts used to brute-force Dropbox), a rich list of cyber crime and cyber espionage campaigns, a renewed burst of the cyber war between India and Pakistan, and a couple of operations orchestrated by hacktivists.
Digging into Cyber Crime, besides the two above quoted events, we find the Mac.BackDoor.iWorm, a widespread botnet targeting OS X, and trapping 17,000 devices. The list continues with a purported attack against Yahoo, initially believed to be orchestrated exploiting the infamous Shellshock vulnerability, the ATM malware Tyupkin, supposed to have been used for stealing millions of bucks from 50 ATMs in Eastern Europe and Russia, a breach against Kmart, and, last but not least, other two (and a half) waves of leaked photos from the Snappening.
Scrolling down the Cyber Espionage events, we cannot help but notice a similar abundance of operations with a widespread usage of 0-day vulnerabilities. Just to mention several names: Sandworm, Hurricane Panda, and even an old acquaintance like Nitro.
India and Pakistan were very busy in the Cyber Space, with defacements and leaks against a wide range of mutual targets like also the Anonymous, who kicked off #OPHK, against China and in support of Hong Kong protesters.
If you want to have an idea of how fragile our electronic identity is inside the cyberspace, have a look at the timelines of the main Cyber Attacks in 2011, 2012, 2013 and now 2014 (regularly updated). You may also want to have a look at the Cyber Attack Statistics, and follow @paulsparrows on Twitter for the latest updates.
Also, feel free to submit remarkable incidents that in your opinion deserve to be included in the timelines (and charts).
It’s time for the second timeline of October (Part I here) covering the main cyber attacks between the 16th and 31st: yet another consistent list confirming the growing trend of the last period.
In particular, in these two weeks the most important events have been spotted inside Cyber Espionage, whose chronicles report, among other, a state-sponsored attack to an unclassified network of the White House, a relevant number of operations (APT 28, Operation Pawn Storm, Operation SMN, Operation DeathClick, a tail of the infamous Sandworm), and even a man-in-the-middle attack against Chinese iCloud users.
Cybercrime is also on a roll: the trail of attacks against retailers seems unstoppable (Staples is the latest victim), but chronicles also report a massive breach in South Korea, involving Pandora TV and a gigantic SQL Injection attack, driven by CVE-2014-3704, against every unpatched website running Drupal, existing on this desperate planet. There is also space for a little bit of irony, as in case of Sourcebooks, the publisher hacked few days before releasing the latest book of Brian Krebs.
Israel and Ukraine keep on being two hot fronts for Hacktivism, whereas India is again the cradle of cyberwar, many events event in this months (despite limited to skirmishes involving defacements of governmental and military websites).
If you want to have an idea of how fragile our electronic identity is inside the cyberspace, have a look at the timelines of the main Cyber Attacks in 2011, 2012, 2013 and now 2014 (regularly updated). You may also want to have a look at the Cyber Attack Statistics, and follow @paulsparrows on Twitter for the latest updates.
Also, feel free to submit remarkable incidents that in your opinion deserve to be included in the timelines (and charts).