For a moment I was believing to have gone a couple of months back in time, with the calendar set in the first half of February when @ItsKahuna and @CabinCr3w put in place a long trail of attacks against Law Enforcement Agencies. (Un)Fortunately they left several cyber fingerprints in the crime scene which allowed the LEAs to take their revenge and stop the long line of attacks.
Christmas has just gone and here it is my personal way to wish you a Happy New Year: the second part of my personal chart (first part here) of Main 2011 Cyber Attacks covering the time window from August to November 2011 (December is not yet finished, and featuring remarkable events, so expect an update very soon). This memorable year is nearly over and is time, if you feel nostalgic, to scroll down the second part of the list to review the main Cyber Events that contributed, in my opinion, to change the landscape and the rules of the (information security) game. Many events in this period among whom, IMHO, the most noticeable is the one carried on against Diginotar. Since then our trust in conventional authentication models is not (and will not be) the same anymore.
Halloween has just gone and here it is Part II of the October 2011 Cyber Attacks Timeline covering the second half (15-31) of this month.
From an Information Security Perspective, the 10th month of 2011 has been characterized by Duqu, the brand new Advanced Persistent Threat dubbed “The Sun Of Stuxnet”, whose echo is far from being silent (a brand new 0-day vulnerability targeting Windows Kernel has just been discovered in the Malware Installer). Duqu affected the timeline in two circumstances: not only the malware was discovered, but also an Indian Provider called Web Werks had some servers seized from a Data Center in Mumbai because they were discovered to be involved in the C&C communication of the infected endpoints.
Here it is the complete list of Main Cyber Attacks for July: definitively it looks like the Dog Days did not stop the Cyber Attacks, which have been particularly numerous during August.
Following the trail of July, an attack against PCS Consultants, another U.S Government contractor opened this hot month, even if the controversial shady RAT affair monopolized (and keeps on to monopolize) the infosec landscape (and not only during the first half of the month). Easily predictable nearly every endpoint security vendor (and McAfee competitors) tend to minimize the event considering it only the latest example of RAT based cyber attacks with no particular features (see for instance the comment by Sophos, Kaspersky and Symantec).
Update Sep 2: August 2011 Cyber Attacks Timeline (Complete List)
It looks like the Dog Days did not stop the Cyber Attacks, which have been particularly numerous during August. This is the reason why I decided to divide my traditional collection in two parts. Today it is the turn of the first half covering the interval 1-15 August.
Hard Times for Police Corps all over the world, after the U.S. Law Enforcement Agencies, today it is Brazilian’s Police turn, hacked by LulzSec Brazil, who has disclosed 8 gb of data from what they defined the Pandora’s Box…
August has just begun, but my sixth sense and half tells me this will be another hot month for Information Security…