About these ads

Archive

Posts Tagged ‘South Korea’

1-15 November 2014 Cyber Attacks Timeline

November 17, 2014 Leave a comment

The first half of November is gone, so it’s time for the list of the main cyber attacks occurred during these fifteen days.

Confirming the trend of the last months, the activity has been quite sustained. For sure, the most remarkable attack has targeted the Turkish branch of HSBC, and has affected 2.7 million customers, whose credit cards have been compromised (and apparently the bank has decided not to issue new cards for the impacted users).

Again the operations related to cyber espionage have played an important role: some new campaigns have come to light (for instance Darkhotel), and also several noticeable attacks have been discovered, like the one against the United States Postal Service (600,000 users affected) or the one against the National Oceanographic and Atmospheric Administration.

Even hacktivists have been quite active: the RedHack collective has reemerged from several months in stealth mode (they claim to have deleted 650,000 USD worth 0f electricity power debt), and some hackers claiming to be affiliated to the Anonymous collective have performed similar operations in Italy (in parallel with the delicate social and economical period) and the Philippines.

If you want to have an idea of how fragile our electronic identity is inside the cyberspace, have a look at the timelines of the main Cyber Attacks in 2011, 2012, 2013 and now 2014 (regularly updated). You may also want to have a look at the Cyber Attack Statistics, and follow @paulsparrows on Twitter for the latest updates.

Also, feel free to submit remarkable incidents that in your opinion deserve to be included in the timelines (and charts).

1-15 November 2014 Cyber Attacks Timeline Read more…

Categories: Cyber Attacks Timeline, Security Tags: , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , ,

16-31 October 2014 Cyber Attacks Timeline

November 3, 2014 4 comments

It’s time for the second timeline of October (Part I here) covering the main cyber attacks between the 16th and 31st: yet another consistent list confirming the growing trend of the last period.

In particular, in these two weeks the most important events have been spotted inside Cyber Espionage, whose chronicles report, among other, a state-sponsored attack to an unclassified network of the White House, a relevant number of operations (APT 28, Operation Pawn Storm, Operation SMN, Operation DeathClick, a tail of the infamous Sandworm), and even a man-in-the-middle attack against Chinese iCloud users.

Cybercrime is also on a roll: the trail of attacks against retailers seems unstoppable (Staples is the latest victim), but chronicles also report a massive breach in South Korea, involving Pandora TV and a gigantic SQL Injection attack, driven by CVE-2014-3704, against every unpatched website running Drupal, existing on this desperate planet. There is also space for a little bit of irony, as in case of Sourcebooks, the publisher hacked few days before releasing the latest book of Brian Krebs.

Israel and Ukraine keep on being two hot fronts for Hacktivism, whereas India is again the cradle of  cyberwar, many events event in this months (despite limited to skirmishes involving defacements of governmental and military websites).

If you want to have an idea of how fragile our electronic identity is inside the cyberspace, have a look at the timelines of the main Cyber Attacks in 2011, 2012, 2013 and now 2014 (regularly updated). You may also want to have a look at the Cyber Attack Statistics, and follow @paulsparrows on Twitter for the latest updates.

Also, feel free to submit remarkable incidents that in your opinion deserve to be included in the timelines (and charts).

16-31 October 2014 Cyber Attacks Timeline Read more…

About these ads

16-31 August 2014 Cyber Attacks Timeline

September 1, 2014 2 comments

August is gone, and here we are with the list of the most noticeable cyber attacks occurred during the second half of the month (first part here).

This period will be probably remembered for the massive cyber attack against Community Health Systems (4.5 million records compromised), the wave of coordinated attacks targeting JPMorgan Chase and at least four other US banks, the malware targeting 51 franchised stores of UPS, and, last but not least, the mother of all breaches in Korea (220 million records containing personal information 0f 27 million people). Another noticeable event was also the coordinated DDoS attacks against Sony Entertainment Network, Xbox Live and other online gaming services.

For what concerns cyber espionage, chronicles report, among other things, the massive coordinated cyber attack against 50 Norwegian oil and energy companies, the discovery of three cyber attacks (within the past three years) against the Nuclear Regulatory Commission, and the theft of classified information from the Malaysian agencies involved in the MH370 investigation.

Instead, nothing particularly meaningful has been reported for hacktivism: many sparse actions (mostly against direct or indirect interests of Israel) of limited impact and hence without particular consequences.

If you want to have an idea of how fragile our electronic identity is inside the cyberspace, have a look at the timelines of the main Cyber Attacks in 2011, 2012, 2013 and now 2014 (regularly updated). You may also want to have a look at the Cyber Attack Statistics, and follow @paulsparrows on Twitter for the latest updates.

Also, feel free to submit remarkable incidents that in your opinion deserve to be included in the timelines (and charts).

16-31 August 2014 Cyber Attacks Timeline v2

Read more…

Categories: Cyber Attacks Timeline, Security Tags: , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , ,

16-31 June 2014 Cyber Attacks Timeline

I do not know if being happy or not, but it looks like the second half of June (the first timeline covering 1-15 June is here) has seen a sharp inversion of the decreasing trend recorded on the last few months. I have registered an increase of the number of attacks with particular focus on targeted attacks.

The cyber crime front offered several noticeable events, targeting, just to mention the most devastating cases: AT&T, Evernote, the State of Montana (1.3 million single individuals potentially affected), and Butler University.

Moving to hacktivism, the cyber temperature is still high in Brazil, where the hacktivists concentrated their unwelcome attentions. Other points of interest involve Pakistan, and US.

Last but not least, this period recorded an unusual number of targeted attacks spotted in the news. The list includes (but is not limited to): the British Government Secure Intranet, an US Hedge Fund, Vietnamese Ministry of Natural Resources and Environment, ICS vendors in US and Europe and a Government Agency in Taiwan.

As usual, if you want to have an idea of how fragile our data are inside the cyberspace, have a look at the timelines of the main Cyber Attacks in 2011, 2012, 2013 and now 2014 (regularly updated). You may also want to have a look at the Cyber Attack Statistics, and follow @paulsparrows on Twitter for the latest updates.

Also, feel free to submit remarkable incidents that in your opinion deserve to be included in the timelines (and charts).

16-31 June 2014 Cyber Attacks Timeline rev2

Read more…

1-15 April 2014 Cyber Attacks Timeline

And here it is the timeline reporting the Cyber Attacks happened during the first half of April 2014, a month probably long remembered within the Infosec Chronicles for the discovery of the terrible Heartbleed bug (two attacks have been recorded, so far, related to this devastating vulnerability).

Besides the infamous Heartbleed, the most important events of this timeline are related to Cyber Crime. Germany in particular had a bad surprise, with the discovery of a list of 18 million compromised e-mail accounts and passwords, affecting all major German Internet service providers. The list of the remarkable targets also includes Lacie, victim of a malware putting at risk the users who performed on-line purchases from the company web site, the Harley Medical Group (500,000 accounts potentially compromised) and, once again, South Korea where unknown hackers were able to steal the personal information of about 200,000 credit card users, racking up fraudulent charges of about $115,ooo.

The feared wave of cyber attacks against Israel, promised by several Anonymous affiliated hacktivists for the 7th of April, did not happen. The impact of the attacks was limited and in many cases several old leaks were ‘recycled’.

Last but not least, Germany’s Space Research Center in Cologne, was the victim of a targeted attack. Suspects point to China.

As usual, if you want to have an idea of how fragile our data are inside the cyberspace, have a look at the timelines of the main Cyber Attacks in 2011, 2012 and now 2013 (regularly updated). You may also want to have a look at the Cyber Attack Statistics, and follow @paulsparrows on Twitter for the latest updates.

Also, feel free to submit remarkable incidents that in your opinion deserve to be included in the timelines (and charts).

1-15 Apr 2014 Cyber Attacks Timelines Read more…

1-15 January 2014 Cyber Attacks Timeline

February 5, 2014 2 comments

It’s time for the Cyber Attacks Timeline for the first half of January 2014. I wish we had a better start for this Infosec year. Not even a month has passed (actually this timeline covers the first two weeks) and we have already seen several massive breaches (Snapchat) and other resounding events, maybe less relevant from a mere numeric perspective, but equally meaningful for the high profile of the victims involved (Microsoft).

Besides Snapchat, other important organizations have been targeted by Cyber crooks with very bad consequences: World Poker Tour (175,333), Staysure (93,000 individuals involved) and OpenSUSE (79,500 victims) are the most noticeable examples. On the cyber crime front other meaningful events include a wave of attacks against Video Games industries, and the hacking of Yahoo advertise network, infecting, potentially 27,000 users per hour.

Hacktivists of the Syrian Electronic Army are back with the result that even Microsoft is now part of the list of their victims (however their web site was also hacked in the same period). Other hacktivists very active in the same period include the infamous RedHack collective.

Last but not least, the control room of the Nuclear Plant of Monju in Japan was found infected with a malware capable of allegedly exfiltrate 42,000 emails.

As usual, if you want to have an idea of how fragile our data are inside the cyberspace, have a look at the timelines of the main Cyber Attacks in 2011, 2012 and now 2013 (regularly updated). You may also want to have a look at the Cyber Attack Statistics, and follow @paulsparrows on Twitter for the latest updates.

Also, feel free to submit remarkable incidents that in your opinion deserve to be included in the timelines (and charts).

1-15 Jan 2014 Cyber Attacks Timeline

Read more…

2013 Top 20 Breaches

December 30, 2013 Leave a comment

This year is nearly gone, so if you are afraid to have missed the most remarkable breaches of 2013, you’d better browse the following chart.

It collects the most devastating breaches in terms of number of records affected, and has been drawn based on the data collected by Hackmageddon.com during this endless infosec year. Do you still believe the massive breach targeting Adobe has been an isolated case?

2013 Top 20 Breaches png

Top 20 Breaches of 2013. The extension of the sphere is proportional to the number of affected records.

And The Winner Is…


Ubisoft

200px-UbisoftJuly 2: the video game developer warns 58 million users that an intruder gained illegal access to some of its online systems, illegally accessing data from the account database, including user names, email addresses and encrypted passwords.


Turkey

TurkeyDecember 16: Hurriyet News reports that Russian hackers were able to obtain 54 million Turkish citizens’ ID data. The Turkey’s Supreme Election Committee initially shared the data with Political Parties, who kept the information in insecure websites, where it was easily accessed.


Evernote

200px-Evernote_logo.svgMarch 2: Evernote’s Operations & Security team discovers suspicious activity that appears to have been a coordinated attempt to access secure areas of the Evernote Service. As a precaution a massive password reset is implemented for 50 million users.


Livingsocial

01150cc8-44ee-4bbe-9143-5ef85f27144e-q60-pngApril 26: LivingSocial suffers a massive cyber attack on its computer systems, resulting in “unauthorized access to some customer data from our servers”. The hack affects customer names, emails, birthdates and encrypted passwords and impacts 50 million customers.


Cupid Media

Cupid logo.gifNovember 20: Brian Krebs reveals that an intrusion at online dating service Cupid Media earlier this year exposed more than 42 million consumer records, including names, email addresses, unencrypted passwords and birthdays.


Target

150px-Target_logo.svgDecember 19: Target Corp. confirms an unauthorized access to payment card data that may have impacted customers making credit and debit card purchases in its U.S. stores. Approximately 40 million credit and debit card accounts may have been impacted between Nov. 27 and Dec. 15, 2013.


Adobe

200px-Adobe_Systems_logo_and_wordmark.svgOctober 3: Adobe announces a massive breach affecting customer IDs and encrypted passwords for 2.9 million customers (initially). The real extent of the breach is 38 million, and also affects the source code of ColdFusion and Acrobat family


Yahoo! Japan

Yahoo_Japan_logoMay 18: Yahoo! Japan Corp. warns its 22 million users to change their passwords after the detection of an unauthorized attempt to access the administrative systems.


China

chinaDecember 9: unknown hackers leak a database of an estimated 20 million hotel reservations on multiple websites and even on WeChat, the popular messaging service.


Groupon Taiwan

230px-Groupon_logo.svgMay 28: Groupon Taiwan reveals to have suffered a cyber attack compromising usernames and passwords of its 4.1 million registered users. Apparently, the intruders did not access credit cards and financial details


Maricopa County Community College

MaricopaDecember 1: the Maricopa County Community College District notifies, after seven months, 2.4 million students and employees that their academic or personal data were compromised in an April security breach.


South Korea

South KoreaJune 25: South Korean officials reveal that unknown hackers were able to hack and release publicly personal details of more than 2 million South Korean ruling party workers and 40,000 U.S. troops, including those stationed in South Korea.


Vodafone Germany

200px-Vodafone_logo.svgSeptember 12: personal details of more than 2 million customers of Vodafone Germany are stolen from an Internal Database. Data includes names, addresses, bank account numbers and birth dates.


Ubuntuforums.org

200px-Ubuntu_logo.svgJuly 20: E-mail addresses, user names, and password data for every registered user of the Ubuntu Forums, estimated to be 1.82 million accounts, are exposed in a security breach after a hacker managed to gain administrative access to the back-end servers.


Scribd

200px-Scribd_logo.svgApril 3: the world’s largest document sharing site Scribd says it was hacked and believes up to 1% of its 100 million users’ passwords were compromised due to being stored with an outdated hashing algorithm.


Washington State Courts

Washington CourtsMay 9: the Washington State Administrative Office of the Courts (courts.wa.gov) was hacked sometime between September 2012 and February 2013, and up to 160,000 SSN and 1 million driver’s license numbers may have been accessed during the data breach.


Drupal

220px-Drupal-wordmark.svgMay 29: passwords for almost 1 million accounts on the Drupal.org website are reset after hackers gained unauthorized access to sensitive user data exploiting vulnerability in an undisclosed third-party application.


vBulletin

270px-VBulletin.svgNovember 15: vBulletin.com notifies the registered users to change their password as a consequence of a sophisticated cyber attack, allowing the attackers to access customer IDs and encrypted passwords of 860,000 individuals.


MacRumors

MacRumorslogoNovember 11: MacRumors notifies the forum users to change their password as a consequence of a cyber attack. The number of affected users is in theory 850,000.


Walla!

200px-Walla_logo.svgFebruary 14: The Anonymous hack Walla! (walla.co.il) an Israeli portal and dump 600.000 accounts on pastebin.


Follow

Get every new post delivered to your Inbox.

Join 3,198 other followers