About these ads

Archive

Posts Tagged ‘EL Salvador’

December 2011 Cyber Attacks Timeline (Part II)

December 30, 2011 2 comments

This infamous 2011 is nearly gone and here it is the last post for this year concerning the 2011 Cyber Attacks Timeline. As you will soon see from an infosec perspective this month has been characterized by two main events: the LulzXmas with its terrible Stratfor hack (whose effects are still ongoing with the recent release of 860,000 accounts), and an unprecented wave of breaches in China which led to the dump of nearly 88 million of users for a theoretical cost of nearly $19 million (yes the Sony brech is close). For the rest an endless cyberwar between India and Pakistan, some hactivism and (unfortunately) the usual amounts of “minor” breaches and defacement. After the page break you find all the references.

Last but not least… This post is my very personal way to wish you a happy new infosec year.

Read more…

About these ads
Categories: Cyber Attacks Timeline, Cyberwar, Security Tags: , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , ,

December 2011 Cyber Attacks Timeline (Part I)

December 21, 2011 Leave a comment

As usual, here it is my compilation of December Cyber Attacks.

It looks like that Christmas approaching is not stopping hackers who targeted a growing number of  organizations including several security firms (Kaspersky, Nod 32 and Bitdefender) even if in secondary domains and with “simple” defacements.

Cyber chronicles report of Gemnet, another Certification Authority Breached in Holland (is the 12th security incident targeting CAs in 2011) and several massive data breaches targeting Finland (the fifth this year, affecting 16,000 users), online gambling (UB.com affecting 3.5 million of users),  Telco (Telstra, affecting 70,000 users), and gaming, after the well known attacks to Sony, Sega and Nintendo, with Square Enix, which suffered a huge attacks compromising 1,800,000 users (even if it looks like no personal data were affected).

Online Payment services were also targeted by Cybercrookers: a Visa East European processor has been hit by a security breach, but also four Romanian home made hackers have been arrested for a massive credit card fraud affecting 200 restaurants for a total of 80,000 customers who had their data stolen.

As usual, hacktivism was one of the main trends for this first half of the month, which started with a resounding hacking to a Web Server belonging to ACNUR (United Nations Refugees Agency) leaking more than 200 credentials including the one belonging to President Mr. Barack Obama.

But from a mere hactvism perspective, Elections in Russia have been the main trigger as they indirectly generated several cyber events: not only during the election day, in which three web sites (a watchdog and two independent news agencies) were taken down by DDoS attacks, but also in the immediately following days, when a botnet flooded Twitter with Pro Kremlin hashtags, and an independent forum was also taken down by a further DDoS attacks. A trail of events which set a very dangerous precent.

Besides the ACNUR Hack, the Anonymous were also in the spotlight (a quite common occurrence this year) with some sparse attacks targeting several governments including in particular Brazil, inside what is called #OpAmazonia.

Even if not confirmed, it looks like that Anonymous Finland might somehow be related to the above mentioned breach occurred in Finland.

Other interesting events occurred in the first two weeks of December: the 0-day vulnerability affecting Adobe products, immediately exploited by hackers to carry on tailored phishing campaigns and most of hall, a targeted attack to a contractor, Lockheed Martin, but also another occurrence of DNS Cache Poisoning targeting the Republic of Congo domains of Google, Microsoft, Samsung and others.

Last but not least, the controversial GPS Spoofing, which allegedly allowed Iran to capture a U.S. Drone, even the GPS Spoofing on its own does not completely solve the mistery of the capture.

Other victims of the month include Norwich Airport, Coca Cola, and another Law Enforcement Agency (clearusa.org), which is currently unaivalable.

As usual after the page break you find all the references.

Read more…

Categories: Cyber Attacks Timeline, Cyberwar, Security Tags: , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , ,

November 2011 Cyber Attacks Timeline (Part I)

November 17, 2011 5 comments

Update 12/01/2011: November Cyber Attacks Timeline (Part II)

This first half of November has been very hard for Steam. The Valve Online Gaming Platform suffered a security breach putting at risk a potential sample of 37 million of users and hence wins the crown for the Major Breach of the First Half of November.

Also a sportswear giant like Adidas fell among the victims of cybercriminals, with a “sophisticated attack” targeting 500,000 users.

This month was also hot for the Cold Finland which has suffered two security breaches involving more than 30,000 users (a third breach also happened on November, the 16th, affecting 16,000 users but of course will be reported in the next report).

Two other CAs (KPN and Digicert Sdn Bhd Malaysia, not to be confused with Digicert US-based CA) were compromised. Also F-secure discovered a sample of malware signed with a valid certificate stolen from a Malasyan company.

On a larger scale, after 2 years of hunt, FBI uncovered a huge Botnet in Estonia, which stole $14 million from 4 million users worldwide, while on the other side of the Globe, Brazilian ISPS were targeted by a massive DNS Poisoning attack.

Not even Facebook was safe this month, whose (too) many users were targeted with a malware posting pornographic images on their wall exploiting an Internet Explorer Vulnerability.

As far as hactivism is concerned, the political events in the real world had a predictable echo in the Cyber space, with an attack to Palestine the day after the nation was admitted as a full member of UNESCO.

As a retaliation, some Israeli Government web sites were targeted with a wave of DDoS attacks by the infamous Anonymous hacking group. In any case the Anonymous were active also in other Cyberwar fronts acting a couple of defacements and DDoS (in one case they targeted the Muslim Brotherhood) and were also the authors to one of the two attacks in Finland (the one towards a right-wind party).

A group of Hackers called TeaMp0isoN claimed to have hacked more than 150 Email Id’s of International Foreign Governments even if this statement is controversial.

What is not controversial is the Cyberwar declared against Mexico which was targeted, in November, by a massive waves of Cyber Attacks.

Besides these noticeable events, the month was characterized by many other minor attacks and dumps among which, particularly noticeable are: the attacks to a couple of banks (DDoS and defacements) and Universities (UCLA and Standford hit by data breaches), and the Fox Business Twitter Account Hacking (Oops they did it again!).

The month ends with the first example of malware targeting ambulance.

Please notice that I decided henceforth not to insert attacks targeting a limited amount of users and most of all, claimed without clear evidence: in this month I discovered a claimed fake attack to Italian Police announced recycling old data.

  1. http://www.guardian.co.uk/world/2011/nov/01/palestinians-hit-cyber-attack-unesco
  2. http://www.cyberwarnews.info/2011/11/02/dump-of-steam-accounts/
  3. http://www.symantec.com/content/en/us/enterprise/media/security_response/whitepapers/the_nitro_attacks.pdf
  4. http://thehackernews.com/2011/11/fraud-communities-owned-and-exposed-by.html
  5. http://www.cyberwarnews.info/2011/11/03/opdarknet-official-and-last-release/
  6. http://www.cyberwarnews.info/2011/11/03/accounts-dumped-from-hiphopinstrumental-net/
  7. http://www.cyberwarnews.info/2011/11/03/peru-government-websites-defaced-by-challenges-hackers/
  8. http://nakedsecurity.sophos.com/2011/11/03/another-certificate-authority-issues-dangerous-certficates/
  9. http://www.cyberwarnews.info/2011/11/04/bayareaconnection-net-defaced/
  10. http://www.cyberwarnews.info/2011/11/04/yet-another-pointless-account-dump-hundreds-dumped-from-www-jjs2-com/
  11. http://threatpost.com/en_us/blogs/another-dutch-ca-kpn-stops-issuing-certificates-after-finding-ddos-tool-server-110411
  12. http://thehackernews.com/2011/11/capitalone-bank-taken-down-by-anonymous.html
  13. http://www.networkworld.com/news/2011/110411-hacker-selling-access-to-compromised-252771.html?source=nww_rss
  14. http://www.phiprivacy.net/?p=8227
  15. http://thehackernews.com/2011/11/anonymous-attack-on-israeli-government.html
  16. http://www.itworld.com/security/222033/fake-threat-against-facebook-dwarfs-anonymous-real-attacks-israel-finland-portugal
  17. http://pplware.sapo.pt/informacao/site-freeport-pt-foi-atacado-entre-outros/
  18. http://www.databreaches.net/?p=21359
  19. http://www.itworld.com/security/222033/fake-threat-against-facebook-dwarfs-anonymous-real-attacks-israel-finland-portugal
  20. http://www.yomiuri.co.jp/dy/national/T111105002386.htm
  21. http://www.cyberwarnews.info/2011/11/08/massive-amount-of-accounts-dumped-from-adidas-com/
  22. http://www.theregister.co.uk/2011/11/07/adidas_hack_attack/
  23. http://www.cyberwarnews.info/2011/11/08/massive-amount-of-accounts-dumped-from-adidas-com/
  24. http://thehackernews.com/2011/11/international-foreign-government-e.html
  25. http://www.theregister.co.uk/2011/11/09/teamp0ison_publishes_stupid_password_list/
  26. http://news.softpedia.com/news/16-000-Finns-Affected-by-Data-Breach-232851.shtml
  27. http://nakedsecurity.sophos.com/2011/11/08/anonymous-attacks-el-salvadoran-sites/
  28. http://www.smh.com.au/business/privacy-of-millions-at-mercy-of-a-usb-device-20111107-1n3wm.html
  29. http://thehackernews.com/2011/11/ump-french-political-party-got-hacked.html
  30. http://www.cyberwarnews.info/2011/11/08/premierleaguepool-co-uk-accounts-dumped-by-sen/
  31. http://www.cyberwarnews.info/2011/11/08/60k-accounts-dumped-from-ohmedia-by-teamswastika/
  32. http://www.cyberwarnews.info/2011/11/08/dump-of-accounts-from-beachvolley-se/
  33. http://www.cyberwarnews.info/2011/11/08/khadraglass-com-hacked-and-accounts-dumped-by-inj3ct0r/
  34. http://www.cyberwarnews.info/2011/11/09/scamming-email-account-dumpers-are-surfacing-50k-french-accounts-dumped/
  35. http://thehackernews.com/2011/11/possible-credit-card-theft-in-steam.html
  36. http://www.fbi.gov/news/stories/2011/november/malware_110911/malware_110911
  37. http://www.theregister.co.uk/2011/11/10/it_manager_charges/
  38. http://thehackernews.com/2011/11/bangladesh-supreme-court-website-hacked.html
  39. https://twitter.com/#!/igetroot/status/134865652543520768
  40. http://thehackernews.com/2011/11/operation-brotherhood-shutdown-by.html
  41. http://nakedsecurity.sophos.com/2011/11/14/ambulance-service-disrupted-by-computer-virus-infection/
  42. http://www.cyberwarnews.info/2011/11/12/ucla-department-of-psychology-hacked-by-inj3ct0r/
  43. http://www.ehackingnews.com/2011/11/social-network-site-findfriendzcom.html
  44. http://www.cyberwarnews.info/2011/11/13/dump-of-information-by-inj3ct0r/
  45. http://www.f-secure.com/weblog/archives/00002269.html
  46. http://www.cyberwarnews.info/2011/11/14/dump-of-accounts-from-congress-of-sonora/
  47. http://www.cyberwarnews.info/2011/11/14/2-more-government-dumps-by-metalsoft-team/
  48. http://www.cyberwarnews.info/2011/11/14/another-big-dump-of-accounts-from-sec404-mexican-hackers/
  49. http://www.cyberwarnews.info/2011/11/14/another-mexican-government-congress-hacked-canaldelcongreso-gob-mx/
  50. http://www.cyberwarnews.info/2011/11/14/dump-of-data-from-another-mexican-congress-sinaloa-state-congress/
  51. http://www.cyberwarnews.info/2011/11/14/ministry-of-economy-mexico-hacked-by-sec404/
  52. http://www.cyberwarnews.info/2011/11/14/unit-of-transparency-and-access-to-public-information-website-hacked/
  53. http://www.cyberwarnews.info/2011/11/14/national-commission-of-physical-culture-and-sport-hacked-and-accounts-leaked/
  54. http://nakedsecurity.sophos.com/2011/11/14/hacked-sky-news-twitter-account-james-murdoch-arrested/
  55. http://news.softpedia.com/news/Anonymous-Attacks-Anonymous-For-Being-Trolls-234949.shtml
  56. http://nakedsecurity.sophos.com/2011/11/16/facebook-explains-pornographic-shock-spam-hints-at-browser-vulnerability/
Categories: Cyber Attacks Timeline, Cyberwar, Security Tags: , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , ,
Follow

Get every new post delivered to your Inbox.

Join 1,994 other followers