NASA | Hackmageddon.com

1-15 January 2013 Cyber Attacks Timeline

January 17, 2013 Paolo Passeri 4 comments

So here we are with the first Cyber Attacks Timeline for 2013 covering the first half of January.

Apparently the new year has begun with an intense activity by Cyber Crooks. Hacktivists and Cyber Criminals had many time to spend in front of their keyboards during the holiday break, and as a consequence the number of breaches with more than 10.000 accounts compromised is incredibly high. WWF China, the City of Steubenville, Ohio and The German Chamber of Commerce are only three examples of institutions that suffered massive breaches during the beginning of this year.

But the massive breaches are not the only remarkable events of this period: the waves of DDoS Attacks against US banks continued (and promise to extend also in the next weeks), Kaspersky Lab discovered a new massive Cyber Espionage Campaign dubbed “Red October”, and also the Japan Farm Ministry was hit by yet another Cyber Attack, allegedly originating from China…

If this is only the beginning… 2013 promises to be pretty much troubled for system administrators…

If you want to have an idea of how fragile our data are inside the cyberspace, have a look at the timelines of the main Cyber Attacks in 2011 and 2012 and the related statistics (regularly updated), and follow @paulsparrows on Twitter for the latest updates.

Also, feel free to submit remarkable incidents that in your opinion deserve to be included in the timelines (and charts). To do so, you can use this form.

About these ads

Categories: Cyber Attacks Timeline, Security Tags: #AntiSec, #OpLeak, 2013, 53Bank, @AnonTitan, @AnonVoldemort, @anon_4freedom, @Anon_Acid, @DarkWebGoons, @Dysomnia_, @INST1NCT_, @irBreShiE, @Maxn3y, @OfficalNull, @RexMundi_Anon, @ThisIsGameOver, @XTnR3v0LT, Aaron Swartz, afca.gov.sa, africasia.com, ahk.de, Al-Qaeda, Ally Financial, Anonymous, AnonymousTitan, aoifeonline.com, Association of Irish Festival Events, atlantaperforms.biz, Bangladesh, BB&T, Blackmail, BoredGames.com, BreShiE, Capcom, Capital One, Capstone Turbine Corporation, Charles Schumer, Chile, China, COG, cotlook.com, csc.edu.sa, customs.gov.ye, CVE-2012-4792, Cyber Attack, Cyber Attacks, D35M0ND142, DarkWeb Goons, Debian, Defacement, Denial-of-service attack, dhs.gov, DOJ, Drake International, Durar Shamiya, Dysomnia, ejercito.cl, ejercito.mil.pe, eldorar.com, fibank.bg, Fifth Third, Fifth Third Bank, forensicexperts.in, France, G.O.D., Game Over, gdms.gov.sa, gdmw.gov.sa, German Chamber of Commerce, Godzilla, gov.ai, Hacktivism, HSBC, Human Mind Cracker, India, Indonesia, insight.mastercard.com, INST1NCT, Izz ad-Din al Qassam Cyber Fighters, January, Japan, Jefferson County Sheriff, jeffersoncountysheriff.com, Jember Hacker Team, jncasr.ac.in, JokerCracker, Justice.gov, Kaspersky, Kaspersky Lab, Kinros Tasiast, kinrosstasiast.mr, LulzSec Peru, maff.go.jp, Mastercard, MaX0xf, Maxney, mic.gov.sa, mic.org.sa, miestukarai.lt, mindefensa.gob.ve, MIT, Moin, NASA, nationalsecurity.lk, NaziGods, nitdgp.ac.in, NullCrew, OccupySteubenville, Ohio, Operation Ababil 2, OpFuckMohammad, OpIndia, OpRollRedRoll, OpSlaughterHouse, pakistanarmy.gov.pk, Panasonic, Peru, Philippines, Phone Hacking, PNC, police.ac.be, PoliceOne.com, presidensby.info, psmpq.org.sa, Python, Red October, Redhack, Rex Mundi, safous.gov.sa, Saudi Arabia, SEPO, servicehistorique.sga.defense.gouv.fr, SlixMe, SQL Injection, SQLi, Sri Lanka, Steubenville, SunTrust, Susilo Bambang Yudhoyono, Syrian Electronic Army, th3inf1d3l, The Saudi Ministry of Defense: moda.gov.sa, ThreatPost, Timeline, Tranzeo, tranzeo.com, Turkey, Turkish Ajan Group, Ubisoft, UNC, UNC Lineberger Comprehensive Cancer Center, University of North Carolina, Uplay, US Department Of Homeland Security, veterans.msstate.edu, Voldem0rt, Watering Hole Attack, Wells Fargo, Wiki, womvegas.com, WWF, wwfchina.org, Xl3gi0n hackers, XSS, YÖK, Zaxby’s, ZionsBank

October 2012 Cyber Attacks Timeline

November 2, 2012 Paolo Passeri Leave a comment

Click here for the first part covering the Cyber Attacks from 1 to 15 October 2012.

Here is the timeline for the main Cyber Attacks in October 2012. A month that has been characterized by hacktivism and also by several remarkable cyber crime operations.

For sure the next days will be hard for taxpayers of South Carolina, whose Department of Revenue has been targeted by foreign hackers able to access records of 3.6 million of individuals. But hard days are going to come also for banks: not only the trail of DDoS attack against U.S. Banks has continued even in the second half of the month (although different groups took credit for them), but also, on the cyber crime front, Citigroup has lost 1 million of bucks because of a loophole exploited by a ring of 13 individuals. Different motivations, same lesson: bank security needs a dramatic improvement.

Moving to hactkivism, nothing new under the sun. The pale sun of October has enlightened several operations targeting governments (Greece and Italy above all, to reflect the delicate situation of these two countries) and organization all over the world…

As usual after the jump you will find all the references.

Also, feel free to submit remarkable incidents that in your opinion deserve to be included in the timelines (and charts).

May 2012 Cyber Attacks Timeline (Part II)

June 4, 2012 Paolo Passeri Leave a comment

As usual, here it is the second part of the Cyber Attacks Timeline for the month of May 2012: a month particularly rich of Cyber Events. As you will probably know, the Flame malware has monopolized the attention, deserving the most attention from the Information Security Professional.

Nevertheless the scene has offered many interesting events, among which it worths to mention the breach of 123,000 federal employees records, the breach affecting University of Nebraska, and, last but not least, the breach against WHCMS (which, as we will soon see, has proved to be fatal for its author).

The hacktivist front is still hot and preannounces another hot summer. On the other hand the authors of several remarkable cyber-criminal actions are probably going to leave the scene: the long trail of arrests made by Law Enforcement Agencies against hackers has continued in this month and has hence led to the arrest of Cosmo, the leader of the infamous group UGNazi, which claimed to be the author of the Cyber Attack against WHCMS.

In your opinion are the arrests against hackers really going to stop the growing number of Cyber Attacks (acting as a deterrent)?

If you want to have an idea of how fragile our data are inside the cyberspace, have a look at the timelines of the main Cyber Attacks in 2011 and 2012 (regularly updated), and follow @paulsparrows on Twitter for the latest updates.

After the jump you find all the references, and at this link the first part covering 1-15 May.

Categories: Cyber Attacks Timeline, Security Tags: #DoktorBass, #FTPFriday, #MMM, #OpJailer, #OpLeveson, #OpLithChild, 123-reg.co.uk, @AnonNyre, @AnonymousSinn, @CosmoTheGod, @EcecusHxc, @k0detec, @nrtnz, @opindia_back, @planethacks, @rwandanhackers, @s3rverexe, @TheWikiBoat, @Vizi0, abcis.ca, Account Hijacking, Al-Qaeda, Alaska Large Structures, Alone Hacker, alphaunmannedsystems.com, altrec.com, American Advertising Federation, American Express, ANONDOG1, AnonTeenUSA, Anonymous, ANTIJEST, APT, Association of British Columbia Land Surveyors, ATeam, AZ.nl, BERRI, Bharatiya Janata Party, BitTorrent, bjs.ojp.usdoj.gov, Bureau of Justice Statistics, bzpower.net, Canada, CERT-In, Chicago Police Department, China, CISPA, Comcast, CrySyS Lab, Cyber Attacks Timeline, Cyber Crime, Cyber Warriors Team, Cyberwar, CyberZeist, DDoS, Defacement, dflvwclub.de, Distributed Denial Of Service, djartsgames.ca, eapolice.com, ECS Tuning, Education Ministry, eeas.europa.eu, EEKDAKAT, emcshoppe.co.uk, European External Action Service, EvilShad0w, Felix Roque, Flame, FOOLISH, GameArena, gamearena.com.au, gamereplays.org, Glade County, gladessheriff.org, GOGOBEANANON, gridironstrategies.com, Habbo Hotel, Hacktivism, Hillary Rodham Clinton, Hopsin, hyundai, IBM, ico.gov.uk, ilink.ph, India, Information Commissioner's Office, Iran, irimo.ir, iwacu1.com, Joseph Roque, Kaspersky Lab, kogler-natursteinwerk.at, Kosova Hacker Security, Law Enforcement, Mail Mayhem Monday, marionso.com, Metro Goldwyn Mayer, MyBB.com, NASA, NATO, NEURON, Norton-Z, NRAO, NRTN-Z, opm.gov, owegopolice.org, Palestinian Authority, pharmacist.com, Pizza Patron, Pizza Por Favor, PMDB do Maranhão, pmdbma.com.br, Quebec Liberal Party, rbi.org.in, recallroque.com, Reliance, Ronin Concepts Security Elite Ltd, roninconcepts.co.uk, Security, Serco, sex06.nl, sierracounty.ws, Social Engineering, solarimpulse.com, Soup.io, SQL Injection, SQLi, SSL, Stanford, Stanford University, teamskeet.com, Telstra, The Pirate Bay, Thrift Savings Plan, tmprotection.com, toplaughs.com, Torrent, U.S. Office of Personnel Management, uabonline.org, UGNazi, Union Of Arab Banks, University Of Nebraska, University of Thessaly, USAFIS, usafis.org, Voyager Mobile, w3schools.in, wafa.ps, West New York, WHMCS, whmcs.com, Wikileaks, Xception Code, you-r!-k@n

May 2012 Cyber Attacks Timeline (Part I)

May 17, 2012 Paolo Passeri 1 comment

Update June 4 2012: May 2012 Cyber Attacks Timeline (Part II)

As usual here it is the timeline of the Main Cyber Attacks occurred in May (at least according to my evaluation criteria).

This first half of the month has seen the arrival of a new hacking collective, “The Unknowns”, who has performed an impressive trail of attacks during the first days of May, targeting Space Agencies, Universities, and several other organizations. Although these events appear to be closer to cyber crime actions rather than hactivistim-driven attacks, they have not been the most remarkable ones of these days: as a matter of fact chronicles report of a massive breach at the Hangzhou Dianzi University, targeting approximately 150.000 acccounts.

As far as hacktivism is concerned, this first half of May has confirmed the constant trend of DDoS attacks targeting high profile websites such as SOCA and CIA (once again) and the Supreme Court in retaliation for the U.K. extradition laws.

Interesting to mention is also an alleged Cyber Espionage campaign targeting networks belonging to US natural gas pipeline companies.

Categories: Cyber Attacks Timeline, Security Tags: #AnonymousNepal, #OpTrialAtHome, #TeamGhostShell, @DeadMellox, @Reckz0r, @s3rverexe, @_Echel0n, Account Hacking, Albanian Office for Copyright, Amnesty International, Anonymous, APT, Arizona State Legislature, Atlanta, Australian Government, Bahrain, Bitcoin, Bitcoinica, Central Intelligence Agency, Christian Science Monitor, CIA, Computer crime, Cyber Espionage, Cyberwarfare, DAMT, DDoS, Denial-of-service attack, Department of Education, Distributed Denial Of Service, DMT, президент.рф, ed.gov, Elantis, ESA, eUKHost, French ministry of Defense, friendping.com, fxtraders.eu, Gh0st, Gobernacion del Huila, Google, GoSt, Hangzhou Dianzi University, Harvard, INSS, ISL Incorporating Services, isWinker, joinnlvpd.com, Jonathan Shaw, Kosova Hacker’s Security, kremlin.ru, Le4ky, Malsec, Malware, Mark Ruffalo, MI6, Ministry of Education Lifelong Learning and Religion, mod.uk, NASA, National Film Board of Canada, North Las Vegas Police Department, Opening Ceremony, OTE, Panasonic, Panpacific University, Pastebin, Plaxo, Poison Ivy, RAT, Redhack, Renault, Sempra.com, SOCA, Solgryn.org, Sony, SQL Injection, SQLi, Supreme Court, Team Dig7ta, TeaMp0isoN, Thai Royal Navy, The Avengers, The Best YoVille Hackers, The Pirate Bay, The Unknowns, The Unknows, Theresa May, Twitter, U.K. Ministry of Defence, U.K. Supreme Court, UGNazi, unb.ca, United Nations World Health Organization, University of Arkansas, University of Maine, University of New Brunswick, University Of New Mexico, UrduHack, Virgin Media, Washington Military Department, Websense, York County, YoVille, Zynga

April 2012 Cyber Attacks Timeline (Part II)

May 3, 2012 Paolo Passeri 2 comments

Here the first part covering the cyber attacks from 1 to 15 April.

April is over and here it is the second half of the Cyber Attacks Timeline covering the time period spanning from 16 to 30 april 2012.

The last two weeks of this month have been characterized by several remarkable events (at least for the newspapers), such as the #OpBahrain which unleashed a trail of attacks from the Anonymous against websites related to the Formula 1 GP in Bahrain. Other noticeable events triggered by hacktivism include several DDoS attacks against CIA, MI6, Department of Justice, and a couple of Law Enforcement Agencies which continue to be a preferred target for hackers.

On the Cyber Crime front (still the major apparent motivation for the attacks) this month reports, among the events, a breach to Nissan and other DDoS attacks against the District of Columbia, the State of Washington and Nasdaq (I would not define them just motivated by hacktivism). Other events include a couple of 0-day vulnerabilities targeting popular e-mail services and affecting potentially million of users.

Last but not least, April has brought a new cyber attack to Iran crude oil industry, despite, so far, there are no clear evidences of a new Stuxnet-like Cyber Attack. This is not the only episode targeting Iran which also suffered 3 million of banks accounts compromised.

For the chronicle I decided to insert in the timeline also the breach to the game publisher Cryptic Studios. Although it happened in 2010 (sic) it was discovered only few days ago…

Categories: Cyber Attacks Timeline, Security Tags: #OpAap, #OpBahrain, #OpTrialAtHome, @5orrow, @EvilSecurity, @Havittaja, Account Hijacking, Al Arabiya, AlQaedaSec, Andy Palmer, Anonymous, AOL Mail, Bahrain, Berrien County Sheriff's Department, boxun.com, California State University San Marcos, CIA, CoD3X, Cryptic Studios, CsGameServers, Cyber Attacks Timeline, Cyber Crime, Cyberwarfare, dc.gov, Defacement, Denial-of-service attack, Department of Justice, District of Columbia, DOJ, El Emara, f1-racers.net, Formula 1, French Minister of Budget, Government, Greece's Finance Ministry, Hacksoft, Hotmail, International Police Association, IPA, Iran, Khosrow Zarefarid, La Nueva Casa de Amigos Eye Clinic, Lake County Sheriff's Office, Law enforcement agency, LCSO.org, LEA, Lebanon, live-timing.formula1.com, LulzSec Peru, Matt Weaver, MI6, NASA, Nasdaq, Nissan, Noticaribe, nyc.gov, palermo.edu, Pastie.org, Political Economy Research Institute, Raise Your Voice, SQL Injection, SQLi, Stichting Brein, Stuxnet, SweDreamz.com, Team Dig7tal, Team GhostShell, Texas Department of Transportation, Three Rivers Park District, Trinidad and Tobago, Twitter, Two Plus Two, UGNazi, UK2.NET, University of Arkansas, University of Houston College of Optometry, University of Massachusetts, University of Palermo, wa.gov, Yahoo!, Zscaler

March 2012 Cyber Attacks Timeline (Part II)

April 2, 2012 Paolo Passeri Leave a comment

First Part: March 2012 Cyber Attacks Timeline (Part I)

It is time for the second part of the March 2012 Cyber Attacks Timeline, a month that will probably be remembered for the breach occurred to Global Payments, a credit card processor, whose aftermath may potentially affect up to 10 million credit card holders belonging, among the others, to Visa and MasterCard.

On the hacktivism front, not even three weeks after the arrest of several LulzSec members, a new hacking crew has appeared whose name, LulzSecReborn, clearly reminds the infamous collective and its Days of Lulz. They entered the scene with a noticeable, albeit discussed, leak: more than 170.000 records from a military dating site.

Other remarkable hacktivism-led cyber attacks include the so called #OpFariseo, a wave of Cyber Attacks targeting websites related to the visit of the Pope in Mexico, and a new cyber attack to PBS. It is also important to notice the debut of the Anonymous in China, a debut characterized by a massive wave of defacements.

Last but not least, among the events of this month there is one which in particular deserves a mention, and is the leak which targeted Vector Inc., a Japanese computer selling firm, potentially affecting more than 260,000 users.

As usual after the jump you will find all the references.

Categories: Cyber Attacks Timeline, Cyberwar, Security Tags: #freetibet, #GlobalRevolution, #OpCorrupcionMexico, #SailingSaturday, #tibet, @anonopshispano, @AnonymousChina, @AnonymouysWiki, @Black Jester, @Black_J3StEr, @s3rverexe, @SONLCS, @ur0b0r0x, adultinsider.com, Anonymous Hispano, benedictomexico.mx, BlackJester, Bot, Canada, casamexico.mx, CBS, CECOM, CenturyLink, China, colmic.tv, CSS Corp, csscorp.com, Cyberwarfare, Data Leak, DDoS, Distributed Denial Of Service, emniyetyurdu.pol.tr, ESingles, Fox, Global Payments, guanajuato.gob.mx, HackerClaus Team, hacks e-ring.pl, Hong Kong, ipa-australiapolice.com.au, Japan, Justin Bieber, Le0n B3lm0nt, Leak, LulzSec, LulzSecReborn, LUN4T1C0, mace.ac.in, Mastercard, mediaportal.ro, Mexico, Michael McFaul, MilitarySingles.com, minimins.com, NASA, National Capital Planning Commission, ncpc.gov, NDP, NTV, NU.nl, Pastebin, PBS, PBS.org, peruanosonline.com, pgr.gob.mx, Police Association of Australia, Pope, Pope Benedict XVI, Procuradurìa General De La Repùblica, Qwest Communications International, Redhack, rondell.kiev.ua, Russia, S3rver.exe, Sinowal, Skatteverket, Skeptical Science, Softbank, Sony, SQL Injection, SQLi, Twitter, Unauthorized Access, US Army Communications and Electronics Command, Vector Inc, Visa, Warner Bros, Warner Music Group, waveneywholesale.com, Worm, xdev @ b4lc4nh4ck, ZCompany Hacking Crew, ZHC Miscreant

February 2012 Cyber Attacks Timeline (Part I)

February 16, 2012 Paolo Passeri 1 comment

February 2012 brings a new domain for my blog (it’s just a hackmaggedon) and confirms the trend of January with a constant and unprecedented increase in number and complexity of the events. Driven by the echo of the ACTA movement, the Anonymous have performed a massive wave of attacks, resuming the old habits of targeting Law Enforcement agencies. From this point of view, this month has registered several remarkable events among which the hacking of a conf call between the FBI and Scotland Yard and the takedown of the Homeland Security and the CIA Web sites.

The Hacktivism front has been very hot as well, with attacks in Europe and Syria (with the presidential e-mail hacked) and even against United Nations (once again) and NASDAQ Stock Exchange.

Scroll down the list and enjoy to discover the (too) many illustrious victims including Intel, Microsoft, Foxconn and Philips. After the jump you find all the references and do not forget to follow @paulsparrows for the latest updates. Also have a look to the Middle East Cyberwar Timeline, and the master indexes for 2011 and 2012 Cyber Attacks.

Addendum: of course it is impossible to keep count of the huge amount of sites attacked or defaced as an aftermath of the Anti ACTA movements. In any case I suggest you a couple of links that mat be really helpful:

List of all vulnerable websites attacked by anonymous Part II (updated daily) (via cylaw.info)
List of Websites Hacked, Defaced & Taken Down By Anonymous (via valuewalk.com)

Categories: Cyber Attacks Timeline, Cyberwar, Security Tags: #AntiSec, #FFF, #OpChina, #OpMexico, #OpNigeria, #OpPiggyBank, #SuperLeakSunday, #W0rmer, @AgentAnonHacker, @alsa7rx, @Anonw0rmer, @Codeinesec, @d4op, @EgyptAnonops, @Herxode, @ItsKahuna, @LulzFinancial, @LulzPirate, @OccupyAllSt, @r00tw0rm, @RevolutionSec, @SwaggSec, @_TeaMp0isoN, ACTA, Alabama, Alabama Department of Public Safety, Alarabiya, Anonymous, Anonymous Mexico, Appke, Bank of America, Bashar al-Assad, Boston Policy Department News, Brazzers, Burlington, CabinCr3w, China, Chinese Government Trade, CIA, Combined Systems, Cryptome, Daily Mail, Dallas Police, DDoS, Defacement, Devil’s Café, DHS, Digital Tornado, Distributed Denial Of Service, DreamHost, Economic Development Administration, Egypt, Epoch, Evil Shadow Team, FBI, Federal Bureau of Investigation, FFFriday, Fiat, Foxconn, Gossip Girl, Greece, Hacktivism, Haditha, Hax.r00t, Hijacking, Homeland Security, Horde, iepct, IFPI, IKN, India, Intel, ITCA, iTunes, KPN, L0NGwave99, LatinHackteam, Law enforcement agency, macforbeginners.com, McDonald, Mexican Chamber of Mines, Microsoft, Mobile Police Department, Morocco, NASA, Nasdaq, Nigeria, NOAA, Nortel, Nortel Networks, Operation Digital Tornado, OpIreland, Pakistan, Philips, PIPA, Prophon, puckett & faraj, Romania, Saadi, Salt Lake City Policy Department, Scotland Yard, SECTOR404cl, SOPA, SQLi, Super Bowl, Sweden, Syracuse Police, Syria, TeamPoison, Texas, Texas Department of Public Safety, Texas Police Association, Ticketweb, Toyota, Turkey, Turkey Cyber Army, United Nations, United States Census Bureau, Venezuela, West Virginia Chiefs of Police Association, Westboro Baptist Church, Wisconsin Chiefs of Police Association, xdev @ b4lc4nh4ck

January 2012 Cyber Attacks Timeline (Part 2)

February 2, 2012 Paolo Passeri 1 comment

Click here for part 1.

The second half of January is gone, and it is undoubtely clear that this month has been characterized by hacktivism and will be remembered for the Mega Upload shutdown. Its direct and indirect aftermaths led to an unprecedented wave of cyber attacks in terms of LOIC-Based DDoS (with a brand new self service approach we will need to get used to), defacements and more hacking initiatives against several Governments and the EU Parliament, all perpetrated under the common umbrella of the opposition to SOPA, PIPA and ACTA. These attacks overshadowed another important Cyber Event: the Middle East Cyberwar (which for the sake of clarity deserved a dedicated series of posts, here Part I and Part II) and several other major breaches (above all Dreamhost and New York State Electric & Gas and Rochester Gas & Electric).

Chronicles also reports a cyber attack to railways, several cyber attacks to universities, a preferred target, and also of a bank robbery in South Africa which allowed the attackers to steal $6.7 million.

Do you think that cyber attacks in this month crossed the line and the Cyber Chessboard will not be the same anymore? It may be, meanwhile do not forget to follow @paulsparrows to get the latest timelines and feel free to support and improve my work with suggeastions and other meaningful events I eventually forgot to mention.

Categories: Cyber Attacks Timeline, Cyberwar, Security Tags: #AntiSec, #opeurope, #OpFreePalestine, #OpMegaUpload, #OpPiggyBank, #OpUFC, 2012 Cyber Attacks Timeline, @Abs0luti0n_, @als7rx, @anon_4freedom, @b4lc3nh4ck, @b4lc4nh4ck, @d4op, @Havittaja, @ItsKahuna, @psykonx, @s3rverexe, @theevilc0de, ACTA, Al Jazeera, Anonymous, Anonymous Brasil, Arab World, Arizona State University, ASU, Azerbaijan, “#OP XSS, Banco Bradesco SA, Belgian Anti Piracy Federation, blogs.aljazeera.com, bmwmoa.org, bradesco.com.br, Brazil, Breach, Broadcast Music Inc, C'Seven Booter, CabinCr3w, CBS, China, Chriss1001, Chrissdod.com, Chung Yuam Christian University, Cross-Site Scripting, Cyber Attacks Timeline, D35M0ND142, DarkDevilz, DDoS, Defacement, Department of Justice, DGASPCGR, Dinelson, Distributed Denial Of Service, DNS Hijacking, DreamHost, Euronet Worldwide Inc, European Parliament, Federal Bureau of Investigation, finance.gov.ie, Find2Trade.com, Foothill college, FTC’s federal online security, gente.com.ar, Ghana, giustizia.it, Goshen Hospital, Grindr, Hacker, hacktivists, HADOPI, Harvard Medical School, HaxOr, Horia Hulubei National Institute of Physics and Nuclear Engineering, Indiana University, Ireland, Israel, italia.gov.it, Italian Ministry of Justice, Jaguar Hacker, jdcc.edu, Jefferson Davis Community, Just10time.com, justice.ie, Justin Bieber, justinbieberweb.com, Kazakhstan Embassy, LulzSecItaly, Mega Upload, Megaupload, Mexico, Middle East, Motion Picture Association of America, MPAA, MSUpdater, MSUpdater Trojan, NASA, Nepal Telecommunications Authority, Netlinx, New York State Electric & Gas, New York State Public Service Commission, ninewinds.co.in, nipne.ro, Northwest Rail, nta.gov.np, NuevaOrden, NYSEG, oksportsandfitness.com, onguardonline.gov, OpIreland, Pak Cyber Combat Squad, Panasonic, Pastebin, Paula Fernandes, PCSS, PIPA, Poland, Recording Industry Association of America, RG&E, RIAA, Rochester Gas and Electric, Romanian Social Services and Child protection Agency, rpghry.cz, Saccafrazi, SCADA, Sector 404, sellpal.co.uk, Senate of Michigan, senate.mi.gov, SEPO, Sexyono.com, SOPA, South African Postbank, SQL Injection, SQLi, STK, Sykipot, Symantec, T3Rr0r, TeamHav0k, The Colbert Report, The Daily Show, The White House, Trojan, TryMedia, U.S. Copyright Office, UFC, Ufc.com, Ultimate Fighting Championship, ULTRA-DJ, Universal Music, Universalmusic.pt, University Of Washington, VGP, Videogamesplus.ca, Vivendi, Wallace College, Wallace.edu, Warner Music Group, Washington.edu, Websoftdownload.com, wikispaces, WordPress, Xboxliveclans.com, xdev, XSS, ZCompany Hacking Crew

December 2011 Cyber Attacks Timeline (Part II)

December 30, 2011 Paolo Passeri 2 comments

This infamous 2011 is nearly gone and here it is the last post for this year concerning the 2011 Cyber Attacks Timeline. As you will soon see from an infosec perspective this month has been characterized by two main events: the LulzXmas with its terrible Stratfor hack (whose effects are still ongoing with the recent release of 860,000 accounts), and an unprecented wave of breaches in China which led to the dump of nearly 88 million of users for a theoretical cost of nearly $19 million (yes the Sony brech is close). For the rest an endless cyberwar between India and Pakistan, some hactivism and (unfortunately) the usual amounts of “minor” breaches and defacement. After the page break you find all the references.

Last but not least… This post is my very personal way to wish you a happy new infosec year.

Categories: Cyber Attacks Timeline, Cyberwar, Security Tags: #AntiSec, #OpFreePalestine, 178.com, 2011 Cyber Attacks Timeline, 7k7k.com, @DestructiveSec, @OpLatinoAmerica, @stramble, @Thorwed, @_T0x1c, @_TeaMp0isoN, Abhaxas, Advanced Persistent Threat, Amnesty International, Anonymous, APT, Asus, Biclopsgames, Bullshouse, Butler Schein Animal Health, Campus100.in, Care2, China, China Software Developed Network, CIA, Colombia, CopSeek, CSDN, D157UR83D, D35M0ND142, Data Breach, Data Leak, DDoS, Defacement, Denial-of-service attack, Digital Underground Team, duowan.com, Edinburgh, Edinburgh City Council Debt, Egypt, EL Salvador, Facebook, Gray Hatz, Hacktivism, hemmelig.com, iBAHN, India, Indian Stock Exchange, Indishell, Information security, inzit.gob.ve, Israel, Karmafilms.es, K|nG, Lady Gaga, LulzSec Guatemala, LulzXmas, Manchester, Mexico, Microsoft, NASA, NDAA, Oxford, Pakistan, Potent Security, Promo-Web.org, Promoweb, qualitapa.gov.it, Renren, Restaurant Depot, Russia, Sarah Palin, Sector 404, sefh.es, Siemens, Sony, SOPA, specialforces.com, SQL Injection, SQLi, Stanford, Stratfor, Taishin Bank, Team Gray Hat, thehosting.me, tianya.cn, Toxic Ven0m, Trion World, Twitter, U.S. Chamber Of Commerce, U.S. Senate, unifg.it, Valerie Boyer, valerieboyer.fr, Vermont.gov, Zuliano Institute For Technological Research

Quando la NASA ha la testa per aria…

December 11, 2010 Paolo Passeri Leave a comment

Accade che materiale informatico contenente informazioni classificate venga messo impunemente in vendita.

Personalmente ritengo che quello del DLP, sia uno dei filoni più interessanti del panorama attuale di sicurezza informatica. Il Data Loss (o Leakage) Prevention e indica una famiglia di processi e tecnologie dedicati alla protezione della proprietà intellettuale da furti, perdite, o uso inappropriato.

Questi giorni stavo pensando molto al DLP, naturalmente a causa dell’affaire Wikileaks, quando mi sono imbattuto in questa notizia alquanto curiosa.

Un recente documento ha svelato difatti l’ennesimo episodio di perdita di dati classificati che ha avuto questa volta come protagonista (o vittima) l’Agenzia Spaziale Americana. A causa di una inefficienza nel processo di verifica del materiale informatico in dismissione 10 computer che non avevano superato i test di pulizia dei dati, e che quindi contenevano ancora informazioni sensibili, sono stati messi in vendita nell’ambito del programma di pensionamento del progetto Space Shuttle dopo 130 missioni e 38 anni di onorata carriera. Altri 4 sono stati intercettati prima dell’immissione sul mercato.

Durante lo stesso audit inoltre sono state rilevate pesanti inefficienze nel processo di pulizia dei dati su apparati IT in dismissione per i centri NASA di Kennedy Johnson Space, nonché per i laboratori di Ames e Langley.

Per 10 computer non c’è stato nulla da fare: nonostante non avessero superato i test di pulizia sono stati immessi sul mercato ed assieme ad essi sono state rilasciate:

sensitive information regarding Space Shuttle operations and maintenance procedures

Sebbene per i 10 sfortunati piccoli indiani non vi sia stato alcun modo di verificare quali informazioni siano state esposte al pubblico ludibrio, è stato tuttavia possibile analizzare 4 computer afferati sull’orlo del baratro mediatico. Sebbene questi non avessero superato il test di pulizia, erano comunque in procinto di essere immessi sul mercato. Le analisi forensi hanno comunque rilevato all’interno di uno di essi informazioni soggette a controllo di export secondo il regolamento ITAR (International Traffic in Arms Regulations), la cui violazione può avere conseguenze penali e civili.

Come se tutto ciò non fosse sufficiente, l’audit ha rilevato anche l’incorretta etichettatura degli hard disk da distruggere nei laboratori di Langley, mentre nel centro Kennedy, alcune macchine pronte per la vendita riportavano ancora in vista informazioni relative agli indirizzi IP probabile preda di Hacker famelici desiderosi di farsi un giretto all’interno della base.

Certo l’America non è così lontana come sembra e sono ~~sicuro~~ certo che episodi di questo genere siano frequenti anche nel Belpaese (passando rigorosamente inosservati). Se poi è così facile mettere in circolazione (perdere) un PC con dati sensibili, è immediato capire come la frequenza di episodi di questo tipo sia destinata a crescere esponenzialmente ~~grazie~~ a causa dell’uso massiccio dei dispositivi mobili (telefoni intelligenti o tavolette) per uso professionale.

In un precedente post mi chiedevo perché Intel, il maggiore produttore di processori, sorprendendo il mercato, abbia deciso di acquisire McAfee che porta in dote, tra le altre tecnologie, una delle più diffuse soluzioni di DLP. Episodi come questo consentono di fare luce sulla strategia del colosso di Santa Clara che punta alla convergenza degli endpoint (fissi e mobili) ed alla possibilità di applicare nativamente a livello di processore funzioni quali antivirus, cifratura ed il temuto DRM. Grazie a questa strategia di convergenza è probabile che in un futuro non troppo remoto si potrà cifrare nativamente l’hard disk ed effettuare la sua pulizia in maniera altrettanto trasparente.

Naturalmente prima della tecnologia c’è sempre l’essere umano (la potenza è nulla senza il controllo e circostanze come questa lo dimostrano), ad ogni modo tutto fa pensare che tra breve sarà più difficile rubare progetti della scuderia avversaria oppure esporre alla forca mediatica le considerazioni dei diplomatici a stelle e strisce spacciandole (dopo il danno la beffa) per un CD di Lady Gaga.

Categories: Security Tags: DLP, Endpoint Protection, Enterprise, Intel, McAfee, NASA

About these ads

May 2013
M	T	W	T	F	S	S
« Apr
	1	2	3	4	5
6	7	8	9	10	11	12
13	14	15	16	17	18	19
20	21	22	23	24	25	26
27	28	29	30	31

Twitter

RT @jc_vazquez: Vista Equity Partners to Buy Websense #News #InfoSec on.wsj.com/13BfWaw via @WSJ - 1 day ago
Pentagon OKs Androids, BlackBerrys for soldiers nakedsecurity.sophos.com/2013/05/07/pen… - 2 days ago
April 2013 Cyber Attacks Statistics wp.me/p14J6X-2oX - 3 days ago
RT @LastlineLabs: Marco Cova from Lastline talking about hacktivism on Italian TV ow.ly/l8Az6 - 4 days ago
RT @lastlineinc: Malware can make itself invisible: in the case of RSA security's breach, malware went undetected for 1/2 year http://t.co/… - 4 days ago
RT @gianlucaSB: SMS-based command and control protocols are here ow.ly/l47Ye - 6 days ago
Skype with care Microsoft is reading everything you write h-online.com/security/news/… - 1 week ago
How the Syrian Electronic Army Hacked The Onion - Onion Inc.'s Tech Blog theonion.github.com/blog/2013/05/0… - 1 week ago
@Xyri3 sorry I forgot :) Done! - 1 week ago
@Xyri3 sure when you want. - 1 week ago

Follow @paulsparrows

Hackmageddon.com

Archive

1-15 January 2013 Cyber Attacks Timeline

May 2012 Cyber Attacks Timeline (Part I)

April 2012 Cyber Attacks Timeline (Part II)

March 2012 Cyber Attacks Timeline (Part II)

February 2012 Cyber Attacks Timeline (Part I)

Quando la NASA ha la testa per aria…

About The Author

Stats

Support My Work!

Share:

Stay Tuned!

Interesting Links

News

About This Blog

Calendar

Archive

Tag

Recent Posts

Top Posts & Pages

Visitors from…

Twitter

Follow “Hackmageddon.com”

Archive

Share:

Like this:

Share:

Like this:

Share:

Like this:

Share:

Like this:

Share:

Like this:

Share:

Like this:

Share:

Like this:

Share:

Like this:

Share:

Like this:

Share:

Like this:

About The Author

Stats

Support My Work!

Share:

Stay Tuned!

Interesting Links

News

About This Blog

Calendar

Archive

Tag

Recent Posts

Top Posts & Pages

Visitors from…

Follow “Hackmageddon.com”