About these ads

Archive

Posts Tagged ‘Sony’

16-31 August 2014 Cyber Attacks Timeline

September 1, 2014 Leave a comment

August is gone, and here we are with the list of the most noticeable cyber attacks occurred during the second half of the month (first part here).

This period will be probably remembered for the massive cyber attack against Community Health Systems (4.5 million records compromised), the wave of coordinated attacks targeting JPMorgan Chase and at least four other US banks, the malware targeting 51 franchised stores of UPS, and, last but not least, the mother of all breaches in Korea (220 million records containing personal information 0f 27 million people). Another noticeable event was also the coordinated DDoS attacks against Sony Entertainment Network, Xbox Live and other online gaming services.

For what concerns cyber espionage, chronicles report, among other things, the massive coordinated cyber attack against 50 Norwegian oil and energy companies, the discovery of three cyber attacks (within the past three years) against the Nuclear Regulatory Commission, and the theft of classified information from the Malaysian agencies involved in the MH370 investigation.

Instead, nothing particularly meaningful has been reported for hacktivism: many sparse actions (mostly against direct or indirect interests of Israel) of limited impact and hence without particular consequences.

If you want to have an idea of how fragile our electronic identity is inside the cyberspace, have a look at the timelines of the main Cyber Attacks in 2011, 2012, 2013 and now 2014 (regularly updated). You may also want to have a look at the Cyber Attack Statistics, and follow @paulsparrows on Twitter for the latest updates.

Also, feel free to submit remarkable incidents that in your opinion deserve to be included in the timelines (and charts).

16-31 August 2014 Cyber Attacks Timeline Read more…

About these ads
Categories: Cyber Attacks Timeline, Security Tags: , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , ,

16-30 November 2013 Cyber Attacks Timeline

December 4, 2013 Leave a comment

It is time for the report of the cyber landscape of the second half of November.

This month will be probably remembered for the discovery of the giant breach targeting Cupid Media and involving potentially 42 million users. However, this was not the only remarkable breach of November: chronicles report of 77,000 customers of Vodafone Island having their details leaked.

Other interesting events involve a brute-force attack to GitHub, forcing several users to change password, and yet another attack against a Bitcoin Wallet (the equivalent of $1 million stole).

Not only Cyber Criminals. Even Hacktivists were particularly active in this period: the attacks of Indonesian hackers against Australian targets continued in the second part of November, as also the mutual defacements between Pakistani and Indian crews. Last but not least, the Anonymous leaked some documents and emails allegedly belonging to the Italian Governor of Lombardy and the details of 40,000 individuals from an Israeli Job search portal.

As usual, if you want to have an idea of how fragile our data are inside the cyberspace, have a look at the timelines of the main Cyber Attacks in 2011, 2012 and now 2013 (regularly updated). You may also want to have a look at the Cyber Attack Statistics, and follow @paulsparrows on Twitter for the latest updates.

Also, feel free to submit remarkable incidents that in your opinion deserve to be included in the timelines (and charts).

16-30 November 2013 Cyber Attacks Timeline Read more…

16-31 January 2013 Cyber Attacks Timeline

February 7, 2013 1 comment

Two Weeks Living Dangerously! I have no other words to describe this second half of January (first two weeks here) that has shown an unprecedented level of attacks! And if a good day starts with the morning, this will be a very troubled year from an information security perspective.

Not only the peaks of DDoS attacks against the US Banks have reached an unstoppable peak, but, most of all, at the end of the month details have been unveiled about a massive cyber-espionage campaign allegedly orchestrated by Chinese hackers against some major US media including The New York Times, The Wall Street Journal, The Washington Post and Bloomberg News.

A very very long list of targets this month, with some high profile victims such as the U.S. Sentencing Commission, whose web site has been hacked twice and turned into an Asteroid game, but also Renault Argentina that suffered 37,000 accounts leaked.

To summarize this month is really impossible, you just have to scroll down the timeline to realize the hacking spree in this January 2013.

If this trend continues, I will have to decrease the frequency of publication…

If you want to have an idea of how fragile our data are inside the cyberspace, have a look at the timelines of the main Cyber Attacks in 2011 and 2012 and the related statistics (regularly updated), and follow @paulsparrows on Twitter for the latest updates.

Also, feel free to submit remarkable incidents that in your opinion deserve to be included in the timelines (and charts). To do so, you can use this form.

16-31 January 2013 Cyber Attacks Timeline

Read more…

Categories: Cyber Attacks Timeline, Security Tags: , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , ,

Give Me Twitter And Pastebin And I Will Hack The World!

September 11, 2012 Leave a comment

Fate, it seems, is not without a sense of irony. And this rule worths also for the Infosec Matrix…

Yesterday, while a five-hour outage, due to an alleged DDoS cyber attack initially claimed by the Anonymous, left GoDaddy unable to serve millions of websites (panicking millions of Internet Users), a digital publishing company named BlueToad came forward to take responsibility for the leak of a million iOS unique device identifiers (UDIDs). For sure you will remember that the same infamous collective claimed to have stolen the UDIDs from an FBI laptop few days ago.

Probably the FBI had really nothing to deal with the hack, since yesterday BlueToad admitted (and apologized) to have been breached and that the UDIDs were stolen just in that circumstance.

And as if that was not enough, hour after hour even the alleged cyber attack to GoDaddy has taken a paradoxical turn: after the initial claims, the Anonymous have denied the responsibility for the action (at first marked as the latest form of protest against GoDaddy’s support to SOPA), and have also mocked @AnonymousOwn3r, the alleged author of the attack, who self-proclaimed (sic) “security leader of Anonymous because I’m behind many things such like irc, ops, attacks, and many“.

Now the latest coup de théâtre: there’s no IRC bot behind GoDaddy’s outage (as claimed by the alleged author), but a much less romantic series of (unspecified) internal network events that corrupted data tables, apparently “simple” (for those famliar with networking) routing issues.

And they are two… In the same day, two alleged cyber attack initially claimed by the Anonymous, and then proven to be false. And even if it is not so common to discover two in the same day, fake cyber attacks are becoming quite frequent (think for instance to the alleged hack to Philips, old data leaked in February according to the Dutch Giant, and to Sony). Of course the point are not the Anonymous, the point is that claiming hacks and leaks (made by others, or worst totally false) is becoming too simple… Nowadays with Twitter and Pastebin you can (claim to) hack whatever you want (as an example I often find on pastebin dumps repeated several times and claimed by different authors).

Maybe it is time to take with caution and skepticism the news of massive leaks.

March 2012 Cyber Attacks Timeline (Part II)

First Part: March 2012 Cyber Attacks Timeline (Part I)

It is time for the second part of the March 2012 Cyber Attacks Timeline, a month that will probably be remembered for the breach occurred to Global Payments, a credit card processor, whose aftermath may potentially affect up to 10 million credit card holders belonging, among the others, to Visa and MasterCard.

On the hacktivism front, not even three weeks after the arrest of several LulzSec members, a new hacking crew has appeared whose name, LulzSecReborn, clearly reminds the infamous collective and its Days of Lulz. They entered the scene with a noticeable, albeit discussed, leak: more than 170.000 records from a military dating site.

Other remarkable hacktivism-led cyber attacks include the so called #OpFariseo, a wave of Cyber Attacks targeting websites related to the visit of the Pope in Mexico, and a new cyber attack to PBS. It is also important to notice the debut of the Anonymous in China, a debut characterized by a massive wave of defacements.

Last but not least, among the events of this month there is one which in particular deserves a mention, and is the leak which targeted Vector Inc., a Japanese computer selling firm, potentially affecting more than 260,000 users.

As usual after the jump you will find all the references.

If you want to have an idea of how fragile our data are inside the cyberspace, have a look at the timelines of the main Cyber Attacks in 2011 and 2012 (regularly updated), and follow @pausparrows on Twitter for the latest updates.

Read more…

Follow

Get every new post delivered to your Inbox.

Join 2,974 other followers