About these ads

Archive

Posts Tagged ‘Mexico’

1-15 September 2013 Cyber Attacks Timeline

September 20, 2013 Leave a comment

So unfortunately the Summer is nearly gone, but, despite the sadness for the beautiful season fading away, here we are with the usual analysis of what’s happened in September from a Security Information perspective.

The main event for the first half of September is the massive attack against Vodafone Germany, potentially compromising more than 2 million customer records. Actually it was very hard to declare a main event, since even Belgacom performed was on the infosec news, unleashing some information related to a targeted attack, it was victim of. Always on the Cyber Crime front, it’s also worth to mention the failed (luckily) attack against Santander.

Nothing new under the Hacktivism front, that offered a minor revamp of the Syrian Electronic Army, despite the claims of them being dox’ed, some events in Turkey, where the cyber temperature remains hot despite the Summer fading away, and again some small attacks related to Syria and the NSA affair.

As usual, if you want to have an idea of how fragile our data are inside the cyberspace, have a look at the timelines of the main Cyber Attacks in 2011, 2012 and now 2013 (regularly updated). You may also want to have a look at the Cyber Attack Statistics, and follow @paulsparrows on Twitter for the latest updates.

Also, feel free to submit remarkable incidents that in your opinion deserve to be included in the timelines (and charts).

1-15 September 2013 Cyber Attacks Timeline Read more…

About these ads

16-31 January 2013 Cyber Attacks Timeline

February 7, 2013 1 comment

Two Weeks Living Dangerously! I have no other words to describe this second half of January (first two weeks here) that has shown an unprecedented level of attacks! And if a good day starts with the morning, this will be a very troubled year from an information security perspective.

Not only the peaks of DDoS attacks against the US Banks have reached an unstoppable peak, but, most of all, at the end of the month details have been unveiled about a massive cyber-espionage campaign allegedly orchestrated by Chinese hackers against some major US media including The New York Times, The Wall Street Journal, The Washington Post and Bloomberg News.

A very very long list of targets this month, with some high profile victims such as the U.S. Sentencing Commission, whose web site has been hacked twice and turned into an Asteroid game, but also Renault Argentina that suffered 37,000 accounts leaked.

To summarize this month is really impossible, you just have to scroll down the timeline to realize the hacking spree in this January 2013.

If this trend continues, I will have to decrease the frequency of publication…

If you want to have an idea of how fragile our data are inside the cyberspace, have a look at the timelines of the main Cyber Attacks in 2011 and 2012 and the related statistics (regularly updated), and follow @paulsparrows on Twitter for the latest updates.

Also, feel free to submit remarkable incidents that in your opinion deserve to be included in the timelines (and charts). To do so, you can use this form.

16-31 January 2013 Cyber Attacks Timeline

Read more…

Categories: Cyber Attacks Timeline, Security Tags: , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , ,

1-15 December 2012 Cyber Attacks Timeline

December 17, 2012 2 comments

Christmas is coming quickly, we have just passed the first half of December, and hence it’s time for the first update of the Cyber Attacks Timeline for December.

The Team GhostShell has decided to close the year with a clamorous Cyber Attack, and hence,as part of the project ProjectWhiteFox, has leaked 1.6 million of accounts from several organizations all over the world. This is the most important event for this first part of the month that apparently has shown a decreasing trend. Hacktivists are still focusing their attention (and their keyboards) to Israel, and Cyber Criminals are maybe preparing for the Christmas attacks.

However, the main events of the first half of December, are related to hacktivism, besides the above mentioned cyber attack, it worth to mention the new wave of massive DDoS attacks against US Banks (up to 60 Gbps of peak according to Arbor Networks), but also the leak of a ITU document on the future of Deep Packet Inspection and the attacks in Egypt, Mexico and India.

Last but not least: this two weeks also offered a giant attack to the famous Social Platform Tumblr and also the warning of the Switzerland’s national security agency (NDB) that a huge amount of secrets may have been leaked by a disgruntled IT Administrator.

If you want to have an idea of how fragile our data are inside the cyberspace, have a look at the timelines of the main Cyber Attacks in 2011 and 2012 and the related statistics (regularly updated), and follow @paulsparrows on Twitter for the latest updates.

Also, feel free to submit remarkable incidents that in your opinion deserve to be included in the timelines (and charts). To do so, you can use this form.

1-15 December 2012 Cyber Attack Timeline Read more…

1-15 September 2012 Cyber Attacks Timeline

September 19, 2012 Leave a comment

Here it is the usual compilation for the Cyber Attacks in the first half of September, a period which has apparently confirmed the revamping of hacktivism seen in August.

Several operations such as #OpFreeAssange (in support of Julian Assange), #OpTPB2 against the arrest of The Pirate Bay Co-Founder Gottfrid Svartholm Warg, and #OpIndipendencia in Mexico have characterized the first half of September. Curiously the hacktivists have also characterized this period for a couple of controversial events: the alleged leak of 1 million of UDIDs from FBI (later proven to be fake) and the alleged attack to GoDaddy (later proven to be a network issue, that is the reason why I not even mentioned it in this timeline). Other actions motivated by hacktivists have been carried on by Pro-Syrian hackers.

From a Cyber Crime perspective, there are two events particularly interesting (even if well different): the alleged leak of Mitt Romney’s tax returns and yet another breach against a Bitcoin Exchange (Bitfloor), worthing the equivalent of 250,000 USD which forced the operator to suspend the operations.

If you want to have an idea of how fragile our data are inside the cyberspace, have a look at the timelines of the main Cyber Attacks in 2011 and 2012 and the related statistics (regularly updated), and follow @paulsparrows on Twitter for the latest updates.

Also, feel free to submit remarkable incidents that in your opinion deserve to be included in the timelines (and charts).

Read more…

March 2012 Cyber Attacks Timeline (Part II)

First Part: March 2012 Cyber Attacks Timeline (Part I)

It is time for the second part of the March 2012 Cyber Attacks Timeline, a month that will probably be remembered for the breach occurred to Global Payments, a credit card processor, whose aftermath may potentially affect up to 10 million credit card holders belonging, among the others, to Visa and MasterCard.

On the hacktivism front, not even three weeks after the arrest of several LulzSec members, a new hacking crew has appeared whose name, LulzSecReborn, clearly reminds the infamous collective and its Days of Lulz. They entered the scene with a noticeable, albeit discussed, leak: more than 170.000 records from a military dating site.

Other remarkable hacktivism-led cyber attacks include the so called #OpFariseo, a wave of Cyber Attacks targeting websites related to the visit of the Pope in Mexico, and a new cyber attack to PBS. It is also important to notice the debut of the Anonymous in China, a debut characterized by a massive wave of defacements.

Last but not least, among the events of this month there is one which in particular deserves a mention, and is the leak which targeted Vector Inc., a Japanese computer selling firm, potentially affecting more than 260,000 users.

As usual after the jump you will find all the references.

If you want to have an idea of how fragile our data are inside the cyberspace, have a look at the timelines of the main Cyber Attacks in 2011 and 2012 (regularly updated), and follow @pausparrows on Twitter for the latest updates.

Read more…

February 2012 Cyber Attacks Timeline

March 5, 2012 1 comment

Find here February 2012 Cyber Attacks Timelime Part I.

With a small  delay (my apologies but the end of February has been very busy for me and not only for Cybercrooks as you will soon see), here it is the second part of my compilation with the main Cyber Attacks for February 2012.

Easily Predictable, the Hacktivism is still the main concern for System Administrators, in particular for the ones of Stratfor who suffered a huge leak of 5 million of emails.

On the same front, the threats of the Anonymous for the Friday actions have come true and as a matter of fact Law Enforcement Agencies suffered other remarkable breaches in this month: Infragard for the second time and also Interpol (a new entry) that was taken down after the arrest of 25 members of the collective. Anti ACTA protest also continue to shake Europe as also the delicate economical and social situation in Greece.

Last but not least, this month has also seen an unforgettable leak, affecting potentially more than 1.000.000 Youporn users.

As usual, the chart does not include the events related to Middle East Cyber War Timeline, that you may find at this link, as they “deserve” a dedicated timeline.

After the jump you find all the references, follows @paulsparrows for the latest updates on a regular basis and also have a look to the 2012 Cyber Attacks Timeline Master Index.

Read more…

January 2012 Cyber Attacks Timeline (Part 2)

February 2, 2012 1 comment

Click here for part 1.

The second half of January is gone, and it is undoubtely clear that this month has been characterized by hacktivism and will be remembered for the Mega Upload shutdown. Its direct and indirect aftermaths led to an unprecedented wave of cyber attacks in terms of LOIC-Based DDoS (with a brand new self service approach we will need to get used to), defacements and more hacking initiatives against several Governments and the EU Parliament, all perpetrated under the common umbrella of the opposition to SOPA, PIPA and ACTA. These attacks overshadowed another important Cyber Event: the Middle East Cyberwar (which for the sake of clarity deserved a dedicated series of posts, here Part I and Part II) and several other major breaches (above all Dreamhost and New York State Electric & Gas and Rochester Gas & Electric).

Chronicles also reports a cyber attack to railways, several cyber attacks to universities, a preferred target, and also of a bank robbery in South Africa which allowed the attackers to steal $6.7 million.

Do you think that cyber attacks in this month crossed the line and the Cyber Chessboard will not be the same anymore? It may be, meanwhile do not forget to follow @paulsparrows to get the latest timelines and feel free to support and improve my work with suggeastions and other meaningful events I eventually forgot to mention.

Read more…

Categories: Cyber Attacks Timeline, Cyberwar, Security Tags: , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , ,

December 2011 Cyber Attacks Timeline (Part II)

December 30, 2011 2 comments

This infamous 2011 is nearly gone and here it is the last post for this year concerning the 2011 Cyber Attacks Timeline. As you will soon see from an infosec perspective this month has been characterized by two main events: the LulzXmas with its terrible Stratfor hack (whose effects are still ongoing with the recent release of 860,000 accounts), and an unprecented wave of breaches in China which led to the dump of nearly 88 million of users for a theoretical cost of nearly $19 million (yes the Sony brech is close). For the rest an endless cyberwar between India and Pakistan, some hactivism and (unfortunately) the usual amounts of “minor” breaches and defacement. After the page break you find all the references.

Last but not least… This post is my very personal way to wish you a happy new infosec year.

Read more…

December 2011 Cyber Attacks Timeline (Part I)

December 21, 2011 Leave a comment

As usual, here it is my compilation of December Cyber Attacks.

It looks like that Christmas approaching is not stopping hackers who targeted a growing number of  organizations including several security firms (Kaspersky, Nod 32 and Bitdefender) even if in secondary domains and with “simple” defacements.

Cyber chronicles report of Gemnet, another Certification Authority Breached in Holland (is the 12th security incident targeting CAs in 2011) and several massive data breaches targeting Finland (the fifth this year, affecting 16,000 users), online gambling (UB.com affecting 3.5 million of users),  Telco (Telstra, affecting 70,000 users), and gaming, after the well known attacks to Sony, Sega and Nintendo, with Square Enix, which suffered a huge attacks compromising 1,800,000 users (even if it looks like no personal data were affected).

Online Payment services were also targeted by Cybercrookers: a Visa East European processor has been hit by a security breach, but also four Romanian home made hackers have been arrested for a massive credit card fraud affecting 200 restaurants for a total of 80,000 customers who had their data stolen.

As usual, hacktivism was one of the main trends for this first half of the month, which started with a resounding hacking to a Web Server belonging to ACNUR (United Nations Refugees Agency) leaking more than 200 credentials including the one belonging to President Mr. Barack Obama.

But from a mere hactvism perspective, Elections in Russia have been the main trigger as they indirectly generated several cyber events: not only during the election day, in which three web sites (a watchdog and two independent news agencies) were taken down by DDoS attacks, but also in the immediately following days, when a botnet flooded Twitter with Pro Kremlin hashtags, and an independent forum was also taken down by a further DDoS attacks. A trail of events which set a very dangerous precent.

Besides the ACNUR Hack, the Anonymous were also in the spotlight (a quite common occurrence this year) with some sparse attacks targeting several governments including in particular Brazil, inside what is called #OpAmazonia.

Even if not confirmed, it looks like that Anonymous Finland might somehow be related to the above mentioned breach occurred in Finland.

Other interesting events occurred in the first two weeks of December: the 0-day vulnerability affecting Adobe products, immediately exploited by hackers to carry on tailored phishing campaigns and most of hall, a targeted attack to a contractor, Lockheed Martin, but also another occurrence of DNS Cache Poisoning targeting the Republic of Congo domains of Google, Microsoft, Samsung and others.

Last but not least, the controversial GPS Spoofing, which allegedly allowed Iran to capture a U.S. Drone, even the GPS Spoofing on its own does not completely solve the mistery of the capture.

Other victims of the month include Norwich Airport, Coca Cola, and another Law Enforcement Agency (clearusa.org), which is currently unaivalable.

As usual after the page break you find all the references.

Read more…

Categories: Cyber Attacks Timeline, Cyberwar, Security Tags: , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , ,

November 2011 Cyber Attacks Timeline (Part I)

November 17, 2011 5 comments

Update 12/01/2011: November Cyber Attacks Timeline (Part II)

This first half of November has been very hard for Steam. The Valve Online Gaming Platform suffered a security breach putting at risk a potential sample of 37 million of users and hence wins the crown for the Major Breach of the First Half of November.

Also a sportswear giant like Adidas fell among the victims of cybercriminals, with a “sophisticated attack” targeting 500,000 users.

This month was also hot for the Cold Finland which has suffered two security breaches involving more than 30,000 users (a third breach also happened on November, the 16th, affecting 16,000 users but of course will be reported in the next report).

Two other CAs (KPN and Digicert Sdn Bhd Malaysia, not to be confused with Digicert US-based CA) were compromised. Also F-secure discovered a sample of malware signed with a valid certificate stolen from a Malasyan company.

On a larger scale, after 2 years of hunt, FBI uncovered a huge Botnet in Estonia, which stole $14 million from 4 million users worldwide, while on the other side of the Globe, Brazilian ISPS were targeted by a massive DNS Poisoning attack.

Not even Facebook was safe this month, whose (too) many users were targeted with a malware posting pornographic images on their wall exploiting an Internet Explorer Vulnerability.

As far as hactivism is concerned, the political events in the real world had a predictable echo in the Cyber space, with an attack to Palestine the day after the nation was admitted as a full member of UNESCO.

As a retaliation, some Israeli Government web sites were targeted with a wave of DDoS attacks by the infamous Anonymous hacking group. In any case the Anonymous were active also in other Cyberwar fronts acting a couple of defacements and DDoS (in one case they targeted the Muslim Brotherhood) and were also the authors to one of the two attacks in Finland (the one towards a right-wind party).

A group of Hackers called TeaMp0isoN claimed to have hacked more than 150 Email Id’s of International Foreign Governments even if this statement is controversial.

What is not controversial is the Cyberwar declared against Mexico which was targeted, in November, by a massive waves of Cyber Attacks.

Besides these noticeable events, the month was characterized by many other minor attacks and dumps among which, particularly noticeable are: the attacks to a couple of banks (DDoS and defacements) and Universities (UCLA and Standford hit by data breaches), and the Fox Business Twitter Account Hacking (Oops they did it again!).

The month ends with the first example of malware targeting ambulance.

Please notice that I decided henceforth not to insert attacks targeting a limited amount of users and most of all, claimed without clear evidence: in this month I discovered a claimed fake attack to Italian Police announced recycling old data.

  1. http://www.guardian.co.uk/world/2011/nov/01/palestinians-hit-cyber-attack-unesco
  2. http://www.cyberwarnews.info/2011/11/02/dump-of-steam-accounts/
  3. http://www.symantec.com/content/en/us/enterprise/media/security_response/whitepapers/the_nitro_attacks.pdf
  4. http://thehackernews.com/2011/11/fraud-communities-owned-and-exposed-by.html
  5. http://www.cyberwarnews.info/2011/11/03/opdarknet-official-and-last-release/
  6. http://www.cyberwarnews.info/2011/11/03/accounts-dumped-from-hiphopinstrumental-net/
  7. http://www.cyberwarnews.info/2011/11/03/peru-government-websites-defaced-by-challenges-hackers/
  8. http://nakedsecurity.sophos.com/2011/11/03/another-certificate-authority-issues-dangerous-certficates/
  9. http://www.cyberwarnews.info/2011/11/04/bayareaconnection-net-defaced/
  10. http://www.cyberwarnews.info/2011/11/04/yet-another-pointless-account-dump-hundreds-dumped-from-www-jjs2-com/
  11. http://threatpost.com/en_us/blogs/another-dutch-ca-kpn-stops-issuing-certificates-after-finding-ddos-tool-server-110411
  12. http://thehackernews.com/2011/11/capitalone-bank-taken-down-by-anonymous.html
  13. http://www.networkworld.com/news/2011/110411-hacker-selling-access-to-compromised-252771.html?source=nww_rss
  14. http://www.phiprivacy.net/?p=8227
  15. http://thehackernews.com/2011/11/anonymous-attack-on-israeli-government.html
  16. http://www.itworld.com/security/222033/fake-threat-against-facebook-dwarfs-anonymous-real-attacks-israel-finland-portugal
  17. http://pplware.sapo.pt/informacao/site-freeport-pt-foi-atacado-entre-outros/
  18. http://www.databreaches.net/?p=21359
  19. http://www.itworld.com/security/222033/fake-threat-against-facebook-dwarfs-anonymous-real-attacks-israel-finland-portugal
  20. http://www.yomiuri.co.jp/dy/national/T111105002386.htm
  21. http://www.cyberwarnews.info/2011/11/08/massive-amount-of-accounts-dumped-from-adidas-com/
  22. http://www.theregister.co.uk/2011/11/07/adidas_hack_attack/
  23. http://www.cyberwarnews.info/2011/11/08/massive-amount-of-accounts-dumped-from-adidas-com/
  24. http://thehackernews.com/2011/11/international-foreign-government-e.html
  25. http://www.theregister.co.uk/2011/11/09/teamp0ison_publishes_stupid_password_list/
  26. http://news.softpedia.com/news/16-000-Finns-Affected-by-Data-Breach-232851.shtml
  27. http://nakedsecurity.sophos.com/2011/11/08/anonymous-attacks-el-salvadoran-sites/
  28. http://www.smh.com.au/business/privacy-of-millions-at-mercy-of-a-usb-device-20111107-1n3wm.html
  29. http://thehackernews.com/2011/11/ump-french-political-party-got-hacked.html
  30. http://www.cyberwarnews.info/2011/11/08/premierleaguepool-co-uk-accounts-dumped-by-sen/
  31. http://www.cyberwarnews.info/2011/11/08/60k-accounts-dumped-from-ohmedia-by-teamswastika/
  32. http://www.cyberwarnews.info/2011/11/08/dump-of-accounts-from-beachvolley-se/
  33. http://www.cyberwarnews.info/2011/11/08/khadraglass-com-hacked-and-accounts-dumped-by-inj3ct0r/
  34. http://www.cyberwarnews.info/2011/11/09/scamming-email-account-dumpers-are-surfacing-50k-french-accounts-dumped/
  35. http://thehackernews.com/2011/11/possible-credit-card-theft-in-steam.html
  36. http://www.fbi.gov/news/stories/2011/november/malware_110911/malware_110911
  37. http://www.theregister.co.uk/2011/11/10/it_manager_charges/
  38. http://thehackernews.com/2011/11/bangladesh-supreme-court-website-hacked.html
  39. https://twitter.com/#!/igetroot/status/134865652543520768
  40. http://thehackernews.com/2011/11/operation-brotherhood-shutdown-by.html
  41. http://nakedsecurity.sophos.com/2011/11/14/ambulance-service-disrupted-by-computer-virus-infection/
  42. http://www.cyberwarnews.info/2011/11/12/ucla-department-of-psychology-hacked-by-inj3ct0r/
  43. http://www.ehackingnews.com/2011/11/social-network-site-findfriendzcom.html
  44. http://www.cyberwarnews.info/2011/11/13/dump-of-information-by-inj3ct0r/
  45. http://www.f-secure.com/weblog/archives/00002269.html
  46. http://www.cyberwarnews.info/2011/11/14/dump-of-accounts-from-congress-of-sonora/
  47. http://www.cyberwarnews.info/2011/11/14/2-more-government-dumps-by-metalsoft-team/
  48. http://www.cyberwarnews.info/2011/11/14/another-big-dump-of-accounts-from-sec404-mexican-hackers/
  49. http://www.cyberwarnews.info/2011/11/14/another-mexican-government-congress-hacked-canaldelcongreso-gob-mx/
  50. http://www.cyberwarnews.info/2011/11/14/dump-of-data-from-another-mexican-congress-sinaloa-state-congress/
  51. http://www.cyberwarnews.info/2011/11/14/ministry-of-economy-mexico-hacked-by-sec404/
  52. http://www.cyberwarnews.info/2011/11/14/unit-of-transparency-and-access-to-public-information-website-hacked/
  53. http://www.cyberwarnews.info/2011/11/14/national-commission-of-physical-culture-and-sport-hacked-and-accounts-leaked/
  54. http://nakedsecurity.sophos.com/2011/11/14/hacked-sky-news-twitter-account-james-murdoch-arrested/
  55. http://news.softpedia.com/news/Anonymous-Attacks-Anonymous-For-Being-Trolls-234949.shtml
  56. http://nakedsecurity.sophos.com/2011/11/16/facebook-explains-pornographic-shock-spam-hints-at-browser-vulnerability/
Follow

Get every new post delivered to your Inbox.

Join 2,707 other followers