About these ads

Archive

Posts Tagged ‘Hacking’

1-15 May 2012 Cyber Attacks Statistics

May 20, 2012 2 comments

As I did in the last month, I have summarized the data collected in my Cyber Attacks Sample for the first half of May, (whose thumbnail is on the right), in order to provide some aggregated statistics. Collected Data have been summarized in three charts representing: Motivations Behind Attacks, Distribution of Targets and Distribution of Attack Techniques. Although the 60 attacks sample does not intend to be comprehensive (and hence the results must be taken with caution), the charts provide a quick overview, which in turn might be useful to identify trends and hopefully to address countermeasures. Apparently the trend is quite (un)stable with Cyber Crime, ranking at number one as the primary motivation for the attacks, and Governments that continue to be the preferred targets for cybercrookers.

As far as Motivations Behind Attacks are concerned, once again Cyber Crime ranks at number one with nearly the 70% of occurrences. Hacktivism is well behind with “only” the 23% followed by Cyber Warfare and Cyber Espionage that triggered singularly the 10% of attacks. If compared with April, the trend shows a growth of Cyber Crime and a corresponding reduction of hacktivism. As far as Cyber Espionage is concerned, particularly interesting om this month have been the Attack to U.K. Ministry Of Defence and to some undisclosed U.S. Natural Gas Companies.

The Distribution of Targets chart confirms that Governments continue to be the preferred targets for Cyber Criminals and Hacktivists with nearly one third (30%) of occurrences. With respect to April, targets belonging to educational sector have gained one position ranking at number two with the 15% of occurrences and before the LEAs which shifted at the third place with the 7% of occurrences. If we sum up military targets to LEAs we have the 12%. In any case the trend is in line with the previous month.

SQL Injection is the number one among Attack Techniques, with the 36% of occurrences taking over, at least in the first two weeks of may, Distributed Denial Of Service, that ranks at number two with the 18%. Summing up the “conclamated” SQLi Attacks with the “uncertain” SQLi Attacks, leads to the surprising result that nearly one attack on two (46%) has been performed exploiting this kind of vulnerability. So definitively run and patch your applications!

If you want to have an idea of how fragile our data are inside the cyberspace, have a look at the timelines of the main Cyber Attacks in 2011 and 2012 (regularly updated), and follow @paulsparrows on Twitter for the latest updates. Also feel free to submit at ppasseri@gmail.com details about Cyber attacks in order to make the timelines even more detailed and meaningful.

Middle East Cyber War Update

Another week of Cyber War in the Middle East…

Another week in which pro Israeli hackers seem to have disappeared, and hence have apparently left the scene to Pro Palestine hackers, although not so many high-profile actions have been reported in this period. The only exception to this schema is represented by Mauritania Hacker Team who dumped 4000 login accounts from Microsoft Israel Dynamics CRM Online website. This action is particularly significant… Not because it targeted a Cloud service, and not even because it targeted a Microsoft Cloud Service, but most of all because on the wake of the multiple dumps performed by Pro Arab hackers against Israel (among which the dump to the Microsoft Cloud Service was only the latest), the Israel’s Justice Ministry has releases guidelines forbidding unnecessary collection of personal national identification numbers. This is the first time in which the aftermath of a Cyber War has direct implications on everyday life.

From this point of view the wars fought on the cyber domain are completely different from the wars fought on the real world… In the cyber battlefield the civilians are the primary targets (since they have their personal data dumped) and not collateral victims…

Read the complete timeline of the Middle East Cyber War at this link and follow @paulsparrows on Twitter for the latest updates.

Read more…

School of Hacktivism

March 2, 2012 2 comments

A like Anonymous

There are really few doubts, this is the most (in)famous hacking collective. There is no new day without a new resounding action. They are Anonymous. They are Legion. They do not forgive. They do not forget. Expect Them.

B like Barrett Brown

Considered one of the early members, Barrett Brown is the alleged spokesperson of Anonymous.

C like Chanology (AKA Project Chanology, AKA Operation Chanology)

A protest movement against the practices of the Church of Scientology by Anonymous. The project (or Operation) was started in response to the Church of Scientology’s attempts to remove material from a highly publicized interview with Scientologist Tom Cruise from the Internet in January 2008 and was followed by DDoS attacks and other actions such as black faxes and prunk calls.

D like DDoS

Distributed Denial of Service (abbreviated DDoS) is the preferred weapon by Hackitivsts, since it does not need particular hacking skills and may also be centrally controlled (with a hive mind who define the target). The preferred tool for perpetrating DDoS attacks is LOIC, although next-gen tools are under development.

E like Encyclopædia Dramatica

A satirical open wiki, launched on December 10, 2004 and defunct on April 14 2011. It is considered one of the sources of inspiration for The Anonymous.[1]

F like Fawkes Guy AKA Fawkes Guido

Guy Fawkes (13 April 1570 – 31 January 1606), also known as Guido Fawkes, belonged to a group of provincial English Catholics who planned the failed Gunpowder Plot, a failed assassination attempt against King James I of England. His stylised mask designed by illustrator David Lloyd and used as a major plot element in the “V for Vendetta“ Comic Book, is the symbol for the Anonymous. The failure of the Gunpowder plot has been commemorated in England since 5 November 1605.

Read more…

Exclusive Infographic: All Cyber Attacks on Military Aviation and Aerospace Industry

February 22, 2012 2 comments

Cross Posted from TheAviationist.

2011 has been an annus horribilis for information security, and aviation has not been an exception to this rule: not only in 2011 the corporate networks of several aviation and aerospace industries have been targeted by digital storms (not a surprise in the so-called hackmageddon) but, above all, last year will be probably remembered for the unwelcome record of two alleged hacking events targeting drones (“alleged” because in the RQ-170 Sentinel downed in Iran episode, several doubts surround the theory according to which GPS hacking could have been the real cause of the crash landing).

But, if Information Security professionals are quite familiar with the idea that military contractors could be primary and preferred targets of the current Cyberwar, as the infographic on the left shows, realizing that malware can be used to target a drone is still considered an isolated episode, and even worse, the idea of a malware targeting, for instance, the multirole Joint Strike Fighter is still something hard to accept.

However, things are about change dramatically. And quickly.

The reason is simple: the latest military and civil airplanes are literally full of electronics, which play a primary role in managing avionics, onboard systems, flight surfaces, communcation equipment and armament.

For instance an F-22 Raptor owns about 1.7 millions od line of codes , an F-35 Joint Strike Fighter about 5.7 millions and a Boeing 787 Dreamliner about 6.5 millions. Everything with some built in code may be exploited, therefore, with plenty of code and much current and future vulnerabilities, one may not rule out a priori that these systems will be targeted with specific tailored or generic malware for Cyberwar, Cybercrime, or even hacktivism purposes.

Unfortunately it looks like the latter hypothesis is closer to reality since too often these systems are managed by standard Windows operating systems, and as a matter of fact a generic malware has proven to be capable to infect the most important U.S. robots flying in Afghanistan, Pakistan, Libya, and Indian Ocean: Predator and Reaper Drones.

As a consequence, it should not be surprising, nor it is a coincidence, that McAfee, Sophos and Trend Micro, three leading players for Endpoint Security, consider the embedded systems as one of the main security concerns for 2012.

Making networks more secure (and personnel more educated) to prevent the leak of mission critical documents and costly project plans (as happened in at least a couple of circumstances) will not be aviation and aerospace industry’s information security challenge; the real challenge will be to embrace the security-by-design paradigm and make secure and malware-proof products ab initio.

While you wait to see if an endpoint security solution becomes available for an F-35, scroll down the image below and enjoy the list of aviation and aerospace related cyber attacks occurred since the very first hack targeting the F-35 Lightning II in 2009.

Of course aviation and aerospace industries are not the only targets for hackers and cybercriminals. So, if you want to have an idea of how fragile our data are inside the cyberspace, have a look at the timelines of the main Cyber Attacks in 2011 and 2012 (regularly updated) at hackmageddon.com. And follow @pausparrows on Twitter for the latest updates.

As usual the references are after the jump…

Read more…

One Year Of Lulz (Part II)

December 26, 2011 1 comment

Christmas has just gone and here it is my personal way to wish you a Happy New Year: the second part of my personal chart (first part here) of Main 2011 Cyber Attacks covering the time window from August to November 2011 (December is not yet finished, and featuring remarkable events, so expect an update very soon). This memorable year is nearly over and is time, if you feel nostalgic, to scroll down the second part of the list to review the main Cyber Events that contributed, in my opinion, to change the landscape and the rules of the (information security) game. Many events in this period among whom, IMHO, the most noticeable is the one carried on against Diginotar. Since then our trust in conventional authentication models is not (and will not be) the same anymore.

Of course this is my personal selection. Suggestions are well accepted and if you need more details about the cyber events in 2011, feel free to consult my 2011 Cyber Attacks Master Index. As usual after the page break you find all the references…

Read more…

December 2011 Cyber Attacks Timeline (Part I)

December 21, 2011 Leave a comment

As usual, here it is my compilation of December Cyber Attacks.

It looks like that Christmas approaching is not stopping hackers who targeted a growing number of  organizations including several security firms (Kaspersky, Nod 32 and Bitdefender) even if in secondary domains and with “simple” defacements.

Cyber chronicles report of Gemnet, another Certification Authority Breached in Holland (is the 12th security incident targeting CAs in 2011) and several massive data breaches targeting Finland (the fifth this year, affecting 16,000 users), online gambling (UB.com affecting 3.5 million of users),  Telco (Telstra, affecting 70,000 users), and gaming, after the well known attacks to Sony, Sega and Nintendo, with Square Enix, which suffered a huge attacks compromising 1,800,000 users (even if it looks like no personal data were affected).

Online Payment services were also targeted by Cybercrookers: a Visa East European processor has been hit by a security breach, but also four Romanian home made hackers have been arrested for a massive credit card fraud affecting 200 restaurants for a total of 80,000 customers who had their data stolen.

As usual, hacktivism was one of the main trends for this first half of the month, which started with a resounding hacking to a Web Server belonging to ACNUR (United Nations Refugees Agency) leaking more than 200 credentials including the one belonging to President Mr. Barack Obama.

But from a mere hactvism perspective, Elections in Russia have been the main trigger as they indirectly generated several cyber events: not only during the election day, in which three web sites (a watchdog and two independent news agencies) were taken down by DDoS attacks, but also in the immediately following days, when a botnet flooded Twitter with Pro Kremlin hashtags, and an independent forum was also taken down by a further DDoS attacks. A trail of events which set a very dangerous precent.

Besides the ACNUR Hack, the Anonymous were also in the spotlight (a quite common occurrence this year) with some sparse attacks targeting several governments including in particular Brazil, inside what is called #OpAmazonia.

Even if not confirmed, it looks like that Anonymous Finland might somehow be related to the above mentioned breach occurred in Finland.

Other interesting events occurred in the first two weeks of December: the 0-day vulnerability affecting Adobe products, immediately exploited by hackers to carry on tailored phishing campaigns and most of hall, a targeted attack to a contractor, Lockheed Martin, but also another occurrence of DNS Cache Poisoning targeting the Republic of Congo domains of Google, Microsoft, Samsung and others.

Last but not least, the controversial GPS Spoofing, which allegedly allowed Iran to capture a U.S. Drone, even the GPS Spoofing on its own does not completely solve the mistery of the capture.

Other victims of the month include Norwich Airport, Coca Cola, and another Law Enforcement Agency (clearusa.org), which is currently unaivalable.

As usual after the page break you find all the references.

Read more…

Categories: Cyber Attacks Timeline, Cyberwar, Security Tags: , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , ,

November 2011 Cyber Attacks Timeline (Part II)

November 30, 2011 Leave a comment

The second half of November has confirmed the trend seen in the previous report covering the first half of the month. The period under examination has confirmed a remarkable increase in Cyber Attacks from both a quality and quantity perspective.

Although the month has been characterized by many small attacks, several remarkable events have really made the difference.

Among the victims of the month, Finland deserves a special mention in this unenviable rank: the second half of the month has confirmed the emerging trend for this country, which suffered in this period two further breaches of huge amounts of personal data, for a global cumulative cost, computed on the whole month, around $25 million.

But Finland was not the only northern European country hit by cybercrookers (maybe the term cyberprofessionals would be more appropriate): Norwegian systems associated with the country’s oil, gas and energy sectors were hit with an APT based cyber attack resulting in a loss of sensitive information including documents, drawings, user names and passwords.

But once again the crown of the most remarkable breach of the month is placed upon the head of South Korea which suffered another huge data dump affecting users of the popular MMORPG “Maple Story” affecting theoretically 13 million of users, nearly the 27% of the Korean population, for an estimated cost of the breach close to $2.8 billion.

The list of affected countries this month includes also 243,089 Nigerian users, victims of the hack of Naijaloaded, a popular forum.

Microsoft has been another victim in this November, with a phishing scam targeting Xbox Live users. Details of the scam are not clear, although each single affected user in U.K. might have lost something between £100 and £200 for a total cost of the breach assimilable to “million of Pounds”.

November will make history for showing for the first time to information security professionals the dangers hidden inside the SCADA universe (and not related to Nuclear Reactors). The echo of Stuxnet and Duqu is still alive, but this month was the the turn of SCADA water pumps, that have suffered a couple of attacks (Springfield and South Houston), the first one allegedly originated from Russia and the second one from a “lonely ranger” who considered the answer from DHS concerning the first incident, too soft and not enough satisfactory. My sixth sense (and one half) tells me that we will need to get more and more used to attacks against SCADA driven facilities.

The Anonymous continued their operations against governments with a brand new occurrence of their Friday Releases, targeting a Special Agent of the CA Department and leaking something like 38,000 emails. Besides from other some sparse “small” operations, the other remarkable action performed by the Anonymous collective involved the hacking of an United Nations (old?) server, that caused personal data of some personnel to be released on the Internet.

November Special mentions are dedicated (for opposite reasons) to HP and AT&T. HP for the issue on their printers discovered by a group of Researchers of Columbia Univerity, which could allow a malicious user to remotely control (and burn) them. AT&T deserved the special mention for the attack, unsuccessful, against the 1% of its 100 million wireless accounts customer base.

In any case, counting also the “minor” attacks of the month, the chart shows a real emergency for data protection issues: schools, e-commerce sites, TVs, government sites, etc. are increasingly becoming targets. Administrators do not show the deserved attention to data protection and maybe also the users are loosing the real perception of how much important is the safeguard of their personal information and how serious the aftermaths of a compromise are.

As usual, references for each single cyber attack are reported below. Have a (nice?) read and most of alle share among your acquaintances the awareness that everyone is virtually at risk.

Related articles

Read more…

Categories: Cyber Attacks Timeline, Security Tags: , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , ,

October 2011 Cyber Attacks Timeline (Part I)

October 16, 2011 2 comments

October has come and here it is, also for this month, the first part of my Cyber Attacks Timeline covering the cyber events occurred in the first half of the current month.

Three events in particular have marked this month: The German Trojan R2-D2 (that is raising many questions and concerns inside the infosec community), the keylogger hitting U.S. Drones and a new cyber attack to Sony involving this time “only” 93,000 accounts (oops! They did it again).

Except for a couple of isolated occurrences (in Austria and UK), the Cyber Attacks by Anonymous and Antisec had a break, maybe because hacktivism efforts are being focused on the #OccupyWallStreet operation that is rapidly spreading all over the World (I wonder why in here in Rome yesterday it has not been possible to have peaceful protests as happened in all the other Capitals). Besides, albeit not directly related with Anonymous, several Syrian log files were leaked showing the control of the Government on the Internet.

Other events of the month: a couple of fashion related websites were hacked, the Cyber-Guerrilla between India and Pakistan was particularly active with the cyber armies of the two nations facing themselves in the cyber space with continual mutual defacements, @SwichSmoke was also particularly active against Venezuela Government Web Sites. Other “minor” leaks were performed by @FailRoot and @ThEhAcKeR12 but one of the victims of the latter was Camber Corporation, an U.S. Contractor.

Anyway, Camber Corporation was not the only targeted Contractor, also Raytheon Corporation (a survivor of the RSA Breach) was targeted with a cloud based spear-phishing campaign, again the attack was thwarted but, in my opinion, has deserved a mention as well. Chronicles also reports of a claimed hack to Infragard (again).

Moreover the aftermaths of the RSA breach are not completely over: this month the security firm’s CEO claimed that a couple of different Cyber Crews, under the flag of an enemy nation (and the suspects were immediately directed to China), are behind the Cyber Attack in March and acted to perform it.

But a very special mention for this month (and the consequent lowly desiderable prize), is undoubtedly deserved by Mr. Oliver Letwin, Her Majesty’s Cabinet Minister, who was caught by The Daily Mirror  in the habit of dumping private correspondence and sensitive documents detailing Al-Qaeda activities and secret service operations into park bins in St James’s Park, Westminster, close to Downing Street. Security, logical and physical, may have many unpredictable implications…

From a technical point of view SQLi and defacements were the most used lethal weapons for this month, even if a massive ASP.NET based attack, targeting 300,000 web sites,  is also worth mentioning.

This Timeline was compiled with Useful Resources by:

And my inclusion criteria do not take into consideration simple defacement attacks (unless they are particularly resounding) or small data leaks.

Last but not least: you may find all the timelines for 2011 in my Master Index. Enjoy the list(s) and share and retweet to encourage me to keep it up2date!

Date Author Description Organization Attack
Oct 1 Neatstuffs

Filmradar.com

NeatStuffs hacks filmradar.com a movie review and information site/community and releases on Mediafire a 6mb txt file containing 95167 accounts with hashed passwords. Estimated cost of the breach is $ 20,365,738.


SQLi?
Oct 2
Venezuela National Statistics Institute

SwichSmoke crew hacks the Venezuela National Statistics Insitute during the 2011 Census.


SQLi?
Oct 2

Camber Corporation (US Contractor)

Once again a US Government contractor is target of cyber crime. This time is the turn of Camber Corporation, targeted by a small hack by @ThEhAcKeR12, which releases 3 admin accounts with encrypted passwords. and admin full name.

  ?
Oct 2

wrestlegame.co.uk

Again @ThEhAcKeR12, this time the crew dumps 1500+ accounts (in encrypted format) and a database from wrestlegame.co.uk. Estimated cost of the breach is around $321,000.

wrestlegame SQLi?
Oct 2
A student arrested few days later
Thailand Prime Minister

Thailand’s Prime Minister, Yingluck Shinawatra, had her Twitter account hacked flooding her followers with a stream of messages criticising her leadership with statements like this: The final post read: “If she can’t even protect her own Twitter account, how can she protect the country?

Account Hacking
Oct 4 Austrian Economy Chamber (WKO)

WKO confirms that its webserver was infiltrated by unidentified cyber criminals. More than 6,000 data sets of customers of the chamber were published on the internet. Although Anonymous Austria leaked the data, they stressed they had not carried out the attack on WKO themselves, but had been provided with the records by someone else, adding that the security leak was exposed by using online search engine Google. Estimated cost of the Breach is around $1,284,000.

  Vulnerability on The Target Platform
Oct 5

funniestvideosonline.com

@ThEhAcKeR12 does not stop here and dumps 3300 accounts from funniestvideosonline.com and are all encrypted passwords. Estimated cost of the Breach is around $706,200.

SQLi?
Oct 5 www.xvidonline.com

@FailRoot hacks and leaks  several accounts from www.xvidonline.com putting the websits offline.

xvidonline.com SQLi?
Oct 5 Optik Fiber Gmail (Claimed)

Optik Fiber releases several gmail accounts claimed to have been hacked via a known security flaw in gmail. It is not sure if this is real or not but it is meaningful as well of the global level of (in)security, real or psychological.

Known Security Flaw in Gmail (N/A)
Oct 5 ? Fashion TV India

Unknown hackers hacks Fashion TV India with the injection tool havij and obtain a list of accounts dumping usernames and passwords in clear text.

SQLi via havij
Oct 6
Syrian Internet Log Files

Internet activists from Telecomix release 54 GB of log files allegedly created by Syrian internet censors between 22 July and 5 August 2011. The data were found on a third party server.

?
Oct 7

unijobs.com.au

An Australian University website that lists jobs is hacked by @BlackHatGhosts and has data dumped, included user logins and passwords.

SQLi?
Oct 7 Several Hackers

Department of Public Enterprises South Africa

Department of Public Enterprises, south Africa is hacked and had its database dumped

SQLi
Oct 7 Same authors above

Ministry of Culture and Tourism, Republic of Indonesia

Another day, another government website hacked, (and its data leaked).

Indonesia SQLi
Oct 7  ? University Of Georgia

The University of Georgia discovers a data file on a publicly available Web server that contained sensitive personnel information on 18,931 members of the faculty and staff employed at the institution in 2002. The file included the social security number, name, date of birth, date of employment, sex, race, home phone number and home address of individuals employed at UGA in 2002. Estimatec Cost of the Breach is around $4,051,234.


Internal Accidental Error
Oct 8 ?
U.S. Military Drones

Wired reports that a computer virus has infected Predator drones and Reaper drones, logging pilots’ keystroke during their fly missions over Afghanistan and other warzones. The virus was detected nearly two weeks ago at the Ground Control System (GCS) at Creech Air Force Base in Nevada and has not prevented drones from flying their missions, showing an unexpected strength so that multiple efforts were necessary to remove it from Creech’s computers.


USB Stick?
Oct 8 German law Author. and Customs Dep.
German Citizens

A very strange (un)lawful Cyber Attack, against German Citizens. Chaos Computer Club discloses a “state malware”: a backdoor Trojan horse capable of spying on online activity and recording Skype internet calls. They declare the malware is used by the German police force. The malware was allegedly installed onto the computer as it passed through customs control at Munich Airport.

Germany Flag
Troian Horse
Oct 9 Turkish Energy Team
Several Government Websites

Turkish Energy Team performs (and keeps on to perform) a massive defacement against several governments websites (in certain cases some sub domains). The list (in continuous growth) is published on Zone-H.

Defacement
Oct 9 MCA-CRB
Other Government Websites

Different Crew, same result: a massive defacement against several governments websites. Also in this case the list (in continuous growth) is published on Zone-H.

Defaced Domains 2 Defacement
Oct 9
justonehost.com

Another Web site hosting company defaced: this time it is the turn of justonehost.com that is hacked by @FailRoot, that also dumps its Database online. The leak contains all users informations, emails, paypals and much more is 11.86mb and has been uploaded to megaupload.


Defacement SQLi
Oct 10
 

Congress of the State of Chihuahua

Another government website hit and leaked by @FailRoot: Congress of the state of Chihuahua Mexico. The leak contains administration usernames and (easy guessable) passwords.

Congreso del Estado de Chihuahua SQLi?
Oct 10 Q!sR QaTaR

Turkish Government Websites

A cybercriminal from Quatar defaces a large number of websites belonging to the Ankara government, leaving them non-operational.

Margent
Oct 10

40 Zimbabwe Government Websites

A crew called ISCN hacks and defaces 40 Zimbabwe government based websites leaving a polical message.

Zimbabwe Defacement
Oct 10
UKGraffiti.com

UKGraffiti is hacked by Anonymous_DR (Anonymous Dominicana) who also dumps usernames, emails and encrypted passwords.


SQLi?
Oct 11 ?
RSA

RSA reveals that it believes two groups, working on behalf of a single nation state, hacked into its servers during the infamous Breach of March and stole information related to the company’s SecurID two-factor authentication products used to attack some defense contractors. Although people are likely to assume that China might have been involved in the attack, they did not reveal the name of the nation involved.

RSA
APT
Oct 11 ?
Sony (Playstation Network, Sony Entertainment Network and Sony Online Entertainment)

Back tho the future! Sony under cyber attack… Again! The Company reports of unauthorized attempts to verify valid user accounts on Playstation Network, Sony Entertainment Network and Sony Online Entertainment. A total of 93,000 accounts have been affected (PSN/SEN: approximately 60,000 accounts; SOE: approximately 33,000). In these cases the attempts succeeded in verifying valid sign-in IDs and passwords, so the accounts were temporalily locked.


SQLi?
Oct 11 ?
blueHOMES.com

Unknown Hackers hack the European property Dealers website blueHOMES.com . About 500,000 Users data claim to be hacked including database with customer passwords in plaintext, full addresses, skype account, and mailboxes of bluehomes. Specified data leaked on pastebin with sample data of some users.


SQLi
Oct 11 ?
Find2Trade.com

Another website hit by Havij. This time is the turn of Find2Trade, an internet portal whose goal is to help small and medium enterprises to reach much higher profits while reducing costs. UserID, email and passwords, which are encrypted, were leaked.


Havij
Oct 12 ?
Raytheon

The U.S. Defense Contractor reveals that it was the victim of a cloud-based attack for the first time, with the incident occurring one week before. Nothing new but the fact that this was the first cloud based attack. The firm usually blocks 1.2 billion attacks a day in addition to four million spam emails each day.


N/A
Oct 12 ? WineHQ

Another Linux Project hacked! Jeremy White, Codeweavers Founder announces that access to the WineHQ database has been compromised. It looks like attackers have used phpMyAdmin to access the WineHQ project’s database and harvest users’ appdb and bugzilla access credentials.

WineHQ SQLi
Oct 13 ?
300,000 Websites

Google reveals another mass infection which affected hundreds of thousands of sites that relied on ASP or ASP.NET: A malicious script got injected into several locations targeting English, German, French and other language speakers surfers.

Asp.Net ASP Vulnerability
Oct 13 ?
Genentech

The biotechnology company suffered a data breach on August, 17 which may have resulted in the theft of information belonging to 3,500 of the million patients who utilize the company’s support programs. Estimated Cost of The Breach is around $750,000

Unlegitimate Access
Oct 14 ?
Chili’s Grill & Bar Restaurant

Ok a Chili Breach is not a big deal, except the fact that the computer server Hackers broke into, is placed at Yokosuka Naval Base. According to Navy officials, hackers stole credit card information and run up erroneous charges.

Credit Card Thieft
Oct 14 ?
Fedora Project

This is not a direct cyber attack but a consequence of the hacks to Linux projects (Kernel.org and Linux). ThreatPost reveals that Fedora Project contacted users to change their password and SSH public key before November 30 to avoid having their accounts marked as inactive.

Fedora Logo N/A
Oct 14
Barinas State, Venezuela

Another dump of sites from @SwichSmoke coming from the state “Barinas” and the government for that state. The release note, in Spanish states that the original password is 123456, fairly lame for a government website.

Barinas SQLi
Oct 14 Vicky Singh
Pakistan Embassy in China

Another episode of the Cyberware between Pakistan and Indian Crew: Vicky Singh defaces the Pakistan Embassy in China.

?
Oct 14 Team Dexter
Contrexx.com

An European Content Management System provider is hacked and has a dump of administration details leaked online.

  N/A
Oct 14 Oct 15 Several Authors
Club Music CPPS

Club Music CPPS is hacked: the leak contains account emails, usernames and decrypted passwords. Note: on Oct 16 the site is still defaced :(

SQLi Defacement
Oct 14
Venezuela National Graduate Advisory Council

Another cyber attack by @SwichSmoke, this time they leak the Venezuela National Graduate Advisory Council and release the leaked data on pastebin.

SQLi
Oct 14 ?
Infragard Atlanta (claimed)

It seems that Infragrad has been hacked again and had a dump of accounts leaked and decrypted even if there is no source or reason or even proof that this is 100% real in anyway. Anyway it still shows that Infragard is still in the eyes of some people. The alleged leak contains emails, usernames, encrypted passwords and the decryption of the password as well.

Infragard N/A
Oct 14 ?
NSEC (Netaji Subhash Engineering College)

The Netaji Subhash Engineering College NSEC is hacked and has a fair amount of member accounts dumped on pastebin. This comes from an unknown source and unknown reasons. The leak contains full user information, emails and passwords in clear text.

SQLi
Oct 14

Chinese Government

Barbaros-DZ hacks over 1,700 sites belonging to the Chinese Government defacing them and leaving a message against the Goverment itself. THe list of the sites is available on Zone-H.

 Defacement
Oct 14

UK Government

Special mention this month for Her Mayesty’s Cabinet Minister Oliver Letwin, who has got himself into hot water, after The Daily Mirror reported him in the habit of dumping private correspondence and sensitive documents detailing Al-Qaeda activities and secret service operations into park bins in St James’s Park, Westminster, close to Downing Street. The documents contained the personal details of the minister’s constituents, including names, phone numbers, email contacts and postal addresses.

UK Flag Defacement
Oct 15 SA3D HaCk3D
16,000+ websites

SA3D HaCk3D shows on Zone-H the results of his work of the past years: a total of 16,000+ websites defaced.

SA3D HaCk3D Defacement
Oct 15 p0xy
iCPPS

For an alleged personal revenge, a hacker called p0xy leaks usernames, emails and hashed passwords from the iCPPS online platform.

icpps SQLi
Oct 15 iolaka
World Miss Photogenic

This time is the turn of a fashion/model based website, which is attacked and suffers a dump of accounts leaked containing 1000+ accounts including usernames, emails and encrypted passwords by iolaka.

SQLi
Oct 15
India Cyber Crime Investigation Cell

Another episode of the Cyber-Guerrilla between India and Pakistan: Pakistani hacker Shadow008 hacks and defaces India’s Most Important website of Cyber cell located at Mumbai.

Defacement
Categories: Cyber Attacks Timeline, Cyberwar, Security Tags: , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , ,
Follow

Get every new post delivered to your Inbox.

Join 2,898 other followers