SQLi | Hackmageddon.com

1-15 April 2013 Cyber Attacks Timeline

May 1, 2013 Paolo Passeri Leave a comment

I know, I am a little late this month. We have just entered May and I was able to publish the first part of the Timeline of April. I will try to maintain the usual rhythm and to be more punctual for the next releases.

Anyway, the first part of April has offered many interesting port with several large scale attacks and massive breaches. The first category includes the Darkleech malware against Apache, and the gigantic brute-force attack against WordPress. The second category includes the attacks against two primary Japanese portals, the FPS War Z, Scribd, Linode, and, most of all Schnucks Markets, targeting potentially 2.4 million users.

But not only Cyber Crime in this month, even the hacktivists were quite active with their OpIsrael 2 (and its controversial damage report), the wake of attacks against North Korean web sites, and even the sixth week of DDoS attacks against the U.S. Banks carried on under the so-called Operation Ababil.

Hard times for System Administrators!

If you want to have an idea of how fragile our data are inside the cyberspace, have a look at the timelines of the main Cyber Attacks in 2011, 2012 and now 2013 (regularly updated). You may also want to have a look at the Cyber Attack Statistics, and follow @paulsparrows on Twitter for the latest updates.

Also, feel free to submit remarkable incidents that in your opinion deserve to be included in the timelines (and charts). Read more…

About these ads

Categories: Cyber Attacks Timeline, Security Tags: #Dark_BaBa, #OpLiberation, 0-Day, 2013, @LatinHackTeamR, @LulzSecPeru, @LulzSecWiki, @T3AMM3DU5A, @uriminzok, Account Hijacking, Al Mustaqbal, Alabama, Alon, American Express, Anonymous, Apache, April, avg.co.il, Azerbaijan, Bank of America, BB&T, Belgium, Bitcoin, brandweerbree.be, Bree, Brute Force, Capital One, Chase, Citizen Bank, ColdFusion, commbankuk.co.uk, Commonwealth Bank of Australia, Cyber Attacks Timeline, Darkleech, DDoS, Fire Department, First National Bank of Mercersburg, Flickr, fnbmbg.com, Gigabyte Technology, Goo, Google, google.co.ke, Harmonix, Hash, HPTH, hpth.org.uk, HSBC, HTP, Ideal, idinfo.co.il, Imgur, indiamp3.com, ING, Instawallet, Israel, Izz ad-Din al Qassam Cyber Fighters, Japan, jfuinsurance.com, JockerCracker, Johnson Fu Insurance Agency, julis.de, Junge Liberale, Kaspersky Lab, Kenya, Key Bank, Kirkwood Community College, LAPD, LatinHackTeamReborn, Lebanon, Linode, Maxney, Midwest Bank Centre, midwestbankcentre.com, mofa.gov.ps, Mtgox, Museum With No Frontiers, museumwnf.org, Netherlands, Nicolas Maduro, North Korea, OpBlackSummer, Operation Ababil, OpIsrael, OpNorthKorea, Palestine, Polo Tecnico ITIS-IPIAS Giulianova, Rafik Hariri, Regions Bank, restoringfamily.com, Road Signs, Schnucks Markets, Scribd, SQLi, standardmedia.co.ke, TEAM M3DU5A, Tunisian Cyber Army, Turkish Ajan Group, Twitter, uriminzokkiri.com, USC, War Z, Wells Fargo, Winnti, WordPress, Yahoo!

16-31 January 2013 Cyber Attacks Timeline

February 7, 2013 Paolo Passeri 1 comment

Two Weeks Living Dangerously! I have no other words to describe this second half of January (first two weeks here) that has shown an unprecedented level of attacks! And if a good day starts with the morning, this will be a very troubled year from an information security perspective.

Not only the peaks of DDoS attacks against the US Banks have reached an unstoppable peak, but, most of all, at the end of the month details have been unveiled about a massive cyber-espionage campaign allegedly orchestrated by Chinese hackers against some major US media including The New York Times, The Wall Street Journal, The Washington Post and Bloomberg News.

A very very long list of targets this month, with some high profile victims such as the U.S. Sentencing Commission, whose web site has been hacked twice and turned into an Asteroid game, but also Renault Argentina that suffered 37,000 accounts leaked.

To summarize this month is really impossible, you just have to scroll down the timeline to realize the hacking spree in this January 2013.

If this trend continues, I will have to decrease the frequency of publication…

If you want to have an idea of how fragile our data are inside the cyberspace, have a look at the timelines of the main Cyber Attacks in 2011 and 2012 and the related statistics (regularly updated), and follow @paulsparrows on Twitter for the latest updates.

Also, feel free to submit remarkable incidents that in your opinion deserve to be included in the timelines (and charts). To do so, you can use this form.

Categories: Cyber Attacks Timeline, Security Tags: #FuckTheSystem, #OpLastResort, #OpLeak, #opphillippine, #OpScientology, #TeamGhostShell, 2013, @AnonSquadNo035, @AnonymousMexi, @DarkWebGoons, @irBreShiE, @LulzSecNeuron, @nrtnz, @RexMundi_Anon, @TheLulzWarrior, @TheNeoGod, @ThisIsGameOver, @TN_cyberarmy, @XTnR3v0LT, Aaron Swartz, Africa, Anonymous, Anonymous Mexico, AnonymousSquadNo.035, Argentina, Asteroids, Australia, Azerbaijan, ℕrtn___z, babycareadvice.com, Bank of America, Bank Of The West, bankcapitalinventory.com, BB&T, BBVA, Bloomberg News, Bloomberg Television, BreShiE, Britam Defence, britamdefence.com, buyway.be, cabinet.gov.eg, caci.dz, Canada, Capital One, cci.fr, China, Citibank, Citizens Bank, Comerica, construction.com, Cyber Attacks, Cyber Attacks Timeline, D35M0ND142, Davy Jones, Denial-of-service attack, Digicel Jamaica, dmx.gov.az, DNS Poisoning, Egypt, egyptiancabinet.gov.eg, Egyptological, eportal.adu.ac.ae, eproc.dor.gov.np, ESA, ezycoupons.co.nz, Fédération des Mutuelles de France, Fifth Third Bank, First Citizens Bank, First United Church, Game Over, GhostShell, Github, gorele.gen.tr, Gray Lady, handsontheland.org, Harris Bank, Harvard, Huntington Bank, Ic3.gov, ied.edu.hk, indec.gov.ar, Indonesia, IonCuber, Iran, Izz ad-Din al Qassam Cyber Fighters, January, JAsIrX, JokerCracker, Key Bank, Ladysmith, library.seas.harvard.edu, M&T Bank, Man-In-The-Middle, McGraw-Hill Construction, Mexico, Michigan, Microsoft, miep.uscourts.gov, MIT, mobilephonetrace.com, moiegypt.gov.eg, moinfo.gov.eg, mutuelles-de-france.fr, Nepal, New York Times, NIC.lk, NIC.tm, NullCrew, OfficialNull, OpEgypt, Operation Ababil 2, Operation Last Resort, OperationEgypt, OpMali, partitodemocraticotrentino.it, Patelco, People’s United Bank, Philippine, PNC, ProjectSunRise, Proximus Security, Regions Financial Corporation, Renault, Reporters Without Borders, Rex Mundi, sasonline.com.ph, Scientology, sedena.gob.mx, Sony, Sony Music, sonymusic.com.mx, Spam, SQL Injection, SQLi, Sri Lanka, Stethoscope.com, sulu.gov.ph, Synovus Bank, tbnnetworks.org, th3inf1d3l, Timeline, TNB, Trinity Broadcasting Network, Tunisian Cyber Army, Turkmenistan, Twitter, U.S. Sentencing Commission, UMB Financial Corporation, Umpqua Bank, UN.org, Union Bank, United Nations, United States, United States Sentencing Commission, University Federal Credit Union, University of New South Wales, University of Western Sidney, University Of Wisconsin, UNSW, usatechguide.org, ussc.gov, Wall Street Journal, Wasatchit Software, Washington Post, Watering Hole Attack, Wells Fargo, Wildan Yani Ashari, Wilton Brands LLC, wisc.edu, XL3gi0n, Xl3gi0n hackers, Zions Bank

1-15 January 2013 Cyber Attacks Timeline

January 17, 2013 Paolo Passeri 4 comments

So here we are with the first Cyber Attacks Timeline for 2013 covering the first half of January.

Apparently the new year has begun with an intense activity by Cyber Crooks. Hacktivists and Cyber Criminals had many time to spend in front of their keyboards during the holiday break, and as a consequence the number of breaches with more than 10.000 accounts compromised is incredibly high. WWF China, the City of Steubenville, Ohio and The German Chamber of Commerce are only three examples of institutions that suffered massive breaches during the beginning of this year.

But the massive breaches are not the only remarkable events of this period: the waves of DDoS Attacks against US banks continued (and promise to extend also in the next weeks), Kaspersky Lab discovered a new massive Cyber Espionage Campaign dubbed “Red October”, and also the Japan Farm Ministry was hit by yet another Cyber Attack, allegedly originating from China…

If this is only the beginning… 2013 promises to be pretty much troubled for system administrators…

Also, feel free to submit remarkable incidents that in your opinion deserve to be included in the timelines (and charts). To do so, you can use this form.

Categories: Cyber Attacks Timeline, Security Tags: #AntiSec, #OpLeak, 2013, 53Bank, @AnonTitan, @AnonVoldemort, @anon_4freedom, @Anon_Acid, @DarkWebGoons, @Dysomnia_, @INST1NCT_, @irBreShiE, @Maxn3y, @OfficalNull, @RexMundi_Anon, @ThisIsGameOver, @XTnR3v0LT, Aaron Swartz, afca.gov.sa, africasia.com, ahk.de, Al-Qaeda, Ally Financial, Anonymous, AnonymousTitan, aoifeonline.com, Association of Irish Festival Events, atlantaperforms.biz, Bangladesh, BB&T, Blackmail, BoredGames.com, BreShiE, Capcom, Capital One, Capstone Turbine Corporation, Charles Schumer, Chile, China, COG, cotlook.com, csc.edu.sa, customs.gov.ye, CVE-2012-4792, Cyber Attack, Cyber Attacks, D35M0ND142, DarkWeb Goons, Debian, Defacement, Denial-of-service attack, dhs.gov, DOJ, Drake International, Durar Shamiya, Dysomnia, ejercito.cl, ejercito.mil.pe, eldorar.com, fibank.bg, Fifth Third, Fifth Third Bank, forensicexperts.in, France, G.O.D., Game Over, gdms.gov.sa, gdmw.gov.sa, German Chamber of Commerce, Godzilla, gov.ai, Hacktivism, HSBC, Human Mind Cracker, India, Indonesia, insight.mastercard.com, INST1NCT, Izz ad-Din al Qassam Cyber Fighters, January, Japan, Jefferson County Sheriff, jeffersoncountysheriff.com, Jember Hacker Team, jncasr.ac.in, JokerCracker, Justice.gov, Kaspersky, Kaspersky Lab, Kinros Tasiast, kinrosstasiast.mr, LulzSec Peru, maff.go.jp, Mastercard, MaX0xf, Maxney, mic.gov.sa, mic.org.sa, miestukarai.lt, mindefensa.gob.ve, MIT, Moin, NASA, nationalsecurity.lk, NaziGods, nitdgp.ac.in, NullCrew, OccupySteubenville, Ohio, Operation Ababil 2, OpFuckMohammad, OpIndia, OpRollRedRoll, OpSlaughterHouse, pakistanarmy.gov.pk, Panasonic, Peru, Philippines, Phone Hacking, PNC, police.ac.be, PoliceOne.com, presidensby.info, psmpq.org.sa, Python, Red October, Redhack, Rex Mundi, safous.gov.sa, Saudi Arabia, SEPO, servicehistorique.sga.defense.gouv.fr, SlixMe, SQL Injection, SQLi, Sri Lanka, Steubenville, SunTrust, Susilo Bambang Yudhoyono, Syrian Electronic Army, th3inf1d3l, The Saudi Ministry of Defense: moda.gov.sa, ThreatPost, Timeline, Tranzeo, tranzeo.com, Turkey, Turkish Ajan Group, Ubisoft, UNC, UNC Lineberger Comprehensive Cancer Center, University of North Carolina, Uplay, US Department Of Homeland Security, veterans.msstate.edu, Voldem0rt, Watering Hole Attack, Wells Fargo, Wiki, womvegas.com, WWF, wwfchina.org, Xl3gi0n hackers, XSS, YÖK, Zaxby’s, ZionsBank

16-31 December 2012 Cyber Attacks Timeline

January 7, 2013 Paolo Passeri 1 comment

The year is gone, and here it is the last Cyber Attack Timeline for 2012 (first part here).

The most important cyber-events of this second part of December can be considered: the third phase of the operation Ababil carried on by the Izz ad-Din al-Qassam Cyber Fighters against U.S. Banks, the attacks of the Anonymous collective against the Westboro Baptist Church, and, last but not least the Cyberwar echoes coming from Iran.

The wave of DDoS attacks carried on by the Izz ad-Din al-Qassam Cyber Fighters has taken down Six U.S. Banks under the fists of DDoS attacks apparently unstoppable. Instead the Anonymous seem to have changed tactic in their personal fight against the Westboro Baptist Church, they did not limit to DDoS the church’s website, but also performed a couple of Twitter account takeover against some key persons (with the collaboration of UGNazi members).

Instead, on the Cyberwar front, Iran confirms to be a danger zone, with some reports of a new Wiper and a simil-Stuxnet malware (even if this second news has been downplayed in a second moment.

Other noticeable news include an alleged breach to Yahoo!, a massive breach against a Chinese HP domain and a strange, controversial breach against Verizon FiOS (with data apparently leaked six months ago).

Also, feel free to submit remarkable incidents that in your opinion deserve to be included in the timelines (and charts). To do so, you can use this form.

Categories: Cyber Attacks Timeline, Security Tags: #GameOverDay, 0-Day, 2012, 2012obama.com, @CosmoTheGod, @DearShirley, @dswdserve, @gsec_, @LulzSecPeru, @Maxn3y, @nrtnz, @ThisIsGameOver, @TibitXimer, Account Hijacking, Aiplex, airport.ch, Al-Qaida, alwayson.hp.com.cn, an0nw3bc0d3r, Anonymous, Argentina, Australia, Bank of America, BB&T, Brazil, btflive.net, Bulgaria, Byron Bay Community School, C4ISR, CECOM, Central Intelligence Agency, CFR, cfr.org, China, CIA, Citi, Citigroup, Council on Foreign Relations, cpd.gov.kw, December, Denial-of-service attack, DiabloAnon, ebuyer.com, Egypt, Eletrobras, eln.gov.br, english.stanford.edu, Fred Phelps Jr., Fred Phelps Sr., Game Over, GameOverVirus, Grey Security, Heroes of Newerth, Hewlett Packard, Hormozgan, HP, ihya.org, India, Indian Express, Internet Explorer, Iran, islaam.net, ISNA, Israel, Izz ad-Din al Qassam Cyber Fighters, Jetro/Restaurant Depo, Jigsawhacker, JokerCracker, Kuwait, Lulz Security Peru, mantrackr.com, marvin.com.mx, Maxney, mindef.gov.ar, minfin.bg, mma.gov.br, MPAA, National University of Bangladesh, nu.edu.bd, Obama Must Go!, Operation Ababil, OpFuckMohammad, OpGreenRights, Philippines, PNC, Raj Musicals, rajmusicals.in, Ransomware, Renault, Renault.bg, Shirley Phelps-Roper, SQLi, Stanford, Stuxnet, th3inf1d3l, The Islamic Network, Tibit, Turkish Ajan Hacker Group, Twitter, ucsd.edu, UGNazi, United States, US Army, US Bank, Verizon FiOS, ViruS_HimA, WBC, Wells Fargo, Westboro Baptist Church, Wiper, Xc0unt3r, XL3gi0n, Yhaoo!, Zensis, zensis.com, zunal.com

1-15 December 2012 Cyber Attacks Timeline

December 17, 2012 Paolo Passeri 2 comments

Christmas is coming quickly, we have just passed the first half of December, and hence it’s time for the first update of the Cyber Attacks Timeline for December.

The Team GhostShell has decided to close the year with a clamorous Cyber Attack, and hence,as part of the project ProjectWhiteFox, has leaked 1.6 million of accounts from several organizations all over the world. This is the most important event for this first part of the month that apparently has shown a decreasing trend. Hacktivists are still focusing their attention (and their keyboards) to Israel, and Cyber Criminals are maybe preparing for the Christmas attacks.

However, the main events of the first half of December, are related to hacktivism, besides the above mentioned cyber attack, it worth to mention the new wave of massive DDoS attacks against US Banks (up to 60 Gbps of peak according to Arbor Networks), but also the leak of a ITU document on the future of Deep Packet Inspection and the attacks in Egypt, Mexico and India.

Last but not least: this two weeks also offered a giant attack to the famous Social Platform Tumblr and also the warning of the Switzerland’s national security agency (NDB) that a huge amount of secrets may have been leaked by a disgruntled IT Administrator.

Also, feel free to submit remarkable incidents that in your opinion deserve to be included in the timelines (and charts). To do so, you can use this form.

Categories: Security, Cyber Attacks Timeline Tags: DDoS, IAEA, APT, Hacktivism, Anonymous, OpEgypt, Arbor Networks, XSS, Egypt, FBI, CIA, Brazil, Turkey, Bank of America, Defacement, Russia, Mexico, SQLi, BSNL, Bharat Sanchar Nigam Limited, Korea, Christmas, Redhack, MI6, Cyber Attack, #TeamGhostShell, 2012, Timeline, CVE-2012-0507, Targeted Attack, JPMorgan Chase, @r0gu3An0n, YEIZETA, PNC, th3inf1d3l, @TeamBCA, Brazilian Cyber Army, GhostShell, #OpLeak, @XTnR3v0LT, @DARWINARE, Parastoo, Switzerland, Deep Packet Inspection, Getondown.com, ITU, DPI, ProjectWhiteFox, INOVx Solutions, MrOsama, @OsamaTheGod, nds.iaea.org, Family First Party, sa-familyfirst.org.au, Enrique Peña Nieto, Partido Revolucionario Institucional, PRI, NDB, maliye.gov.tr, Australian Miami Family Medical Centre, Freedom for the Mujahideen, David Morris, Izz ad-Din al-Qassam, SunTrust, US Bank, New Jersey, Niagara AX, The Darwinare, Michigan State University, msu.edu, prt5.mpt.gov.br, Mohamed Morsi, ExploitHub, Injector Team, Dockster, Tumblr, GNAA, Gay Nigger Association of America, nkhschool.ir, kekoushop.com, PizzaHut, filosofia.eu.org, rotoinfo.com, Bug_Mind, espaciovino.com.ar, TEAM M3DU5A, @T3AMM3DU5A, echtzeitmusik.de, airport.ch, Mohammed V, um5a.ac.ma, cfmoto.cn, GrenXparta_Hacker, Edwards Air Force Base, edwards.af.mil, Macquarie University, JuliaDaRanga1000, AbbotttheFaggot2000, dsd.gov.za/, population.gov.za, pnc.gov.za, H4sniper, South Africa, December

16-30 September 2012 Cyber Attacks Timeline

October 4, 2012 Paolo Passeri 2 comments

Part One with 1-15 September 201 Timeline Here.

September is over and it’s time to analyze this month from an Information Security perspective with the second part of the Cyber Attack Timeline.

Probably this month will be remembered for the massive outage of six U.S. Banks (Bank of America, JPMorgan Chase, Citigroup, U.S. Bank, Wells Fargo and PNC ) caused by a wave of DDoS attack carried on by alleged Muslim hackers in retaliation for the infamous movie (maybe this term is exaggerated) “The Innocence of Muslims”.

China has confirmed its intense activity inside the Cyber space. Alleged (state-sponsored?) Chinese hackers were allegedly behind the attack to Telvent, whose project files of its core product OASyS SCADA were stolen after a breach, and also behind a thwarted spear-phishing cyber attack against the White House.

Adobe suffered a high-profile breach which caused a build server to be compromised with the consequent theft of a certificate key used to sign two malware strains found on the wild (with the consequent necessary revoke of the compromised key affecting approximately 1,100 files).

Last but not least, the Hacktivism fever has apparently dropped. September has offered some attacks on the wake of the #OpFreeAssange campaign, and a new wave of attacks at the end of the month after the global protests set for September, the 29^th, under the hashtag of #29s.

Also, feel free to submit remarkable incidents that in your opinion deserve to be included in the timelines (and charts).

Categories: Cyber Attacks Timeline, Security Tags: #29S, @DeleteSec, @r0gu3An0n, @RexMundi_Anon, @_s0lar_, Adobe, Afghanistan Hackers, ALZH3R, amchamfrance.org, Anonymous, Asus OpFreeAssange, Attorney, Australia, Bangladesh Cyber Army, Bank of America, bebeauty.com.sg, Bl4k3 Security, BNL, Brazil, BukSus, Canada, Canada OASyS SCADA, China, Citigroup, com.edu, consejo-estado.es, Cyber Espionage, DDoS, Defacement, Dell SecureWorks, Denial-of-service attack, Diaoyu Islands, Distributed Denial Of Service, Donnie Wahlberg, Egypt, fip.org, Foxconn, G.O.D., Godzilla, Golden Dawn, gppeuropeo.eu, Hacktivism, hcsr.gov.sy, hello-hello.com, Hmei7, Iran, Israel, Izz ad-Din al Qassam Cyber Fighters, Japan, jobmarket.com.my, John Cena, John Morrison, JPMorgan Chase, Karachi Stock Exchange, KINOZ95, krystalhost.com.mx, Leak, lincetoyota.com, m0le, Maxney, Mirage, MirageFox, Nigeria, NullCrew Cambridge University, nxm.mx, Pakistan Army, Philippines, phpMyAdmin, PNC, policia.es, pparagon.es, ppzamora.com, psoeguaro.es, PSYCHOLYZERN, RAT, raymond-lo.com, revolutiontt.me, Rex Mundi, Rexoman, SourceForge, Spain, Spear Phishing, SQLi, Steve-O, stratigraphy.org, swftools.com, Syria, tadmor4dev.sy, Taiwan, Targeted Attack, Telvent, Telvent Canada, th3inf1d3l, The Innocence of Muslims, The Usos Team, thepiratebay.se, thetablet.co.uk, Toyota, Transcend Capital, Tulsa, Turkish Ajan Hacker Group, Twitter, tycsports.com, U.S. Bancorp, U.S. Bank, United States, United States Department of Agriculture, University of Padua, University Of Technology Sidney., uts.edu.au, Wells Fargo, White House Military Office, WHMO, Xc0unt3r, Xception Code, xL3gi0n hacker, yabroud4dev.sy, YEIZETA

1-15 September 2012 Cyber Attacks Timeline

September 19, 2012 Paolo Passeri Leave a comment

Here it is the usual compilation for the Cyber Attacks in the first half of September, a period which has apparently confirmed the revamping of hacktivism seen in August.

Several operations such as #OpFreeAssange (in support of Julian Assange), #OpTPB2 against the arrest of The Pirate Bay Co-Founder Gottfrid Svartholm Warg, and #OpIndipendencia in Mexico have characterized the first half of September. Curiously the hacktivists have also characterized this period for a couple of controversial events: the alleged leak of 1 million of UDIDs from FBI (later proven to be fake) and the alleged attack to GoDaddy (later proven to be a network issue, that is the reason why I not even mentioned it in this timeline). Other actions motivated by hacktivists have been carried on by Pro-Syrian hackers.

From a Cyber Crime perspective, there are two events particularly interesting (even if well different): the alleged leak of Mitt Romney’s tax returns and yet another breach against a Bitcoin Exchange (Bitfloor), worthing the equivalent of 250,000 USD which forced the operator to suspend the operations.

Also, feel free to submit remarkable incidents that in your opinion deserve to be included in the timelines (and charts).

Categories: Cyber Attacks Timeline, Security Tags: #AntiSec, #OpFreeAssange, #OpIndipendencia, #OpTBP2, 0xOmar, 2012, @0x00x00, @FAWKEHACKS, Anonymous, Bitcoin, Bitfloor, Cambodia, cpj.org, Cyber Attacks, Cyber Crime, DDoS, Error 404, FBI, GoDaddy, Gottfrid Svartholm, Hacktivism, IEEE, Julian Assange, Mexico, Mitt Romney, NullCrew, Pastebin, Pentagon, September, Siemens, Sony Mobile, SQLi, Timeline, UDID

16 – 31 August 2012 Cyber Attacks Timeline

September 5, 2012 Paolo Passeri Leave a comment

Here the first part with the timeline from 1 to 15 August 2012.

Here we are with the second part of the August 2012 Cyber Attacks Timeline. A second part of the month that has been characterized by hacktivism, most of all because of the so-called OperationFreeAssange, which has targeted many high-profile websites.

Among the targets of the month, Philips has been particularly “unlucky”. The Dutch giant has been the victim of three Cyber Attacks, even if there are several doubts about the authenticity of the hacks.

But maybe the biggest operation of the month is the #ProjectHellFire, carried on by the collective @TeamGhostShell, that has unleashed something as 1 million of accounts belonging to different sectors (banks, government agencies, consulting firms, law enforcement and the CIA). And the group promises new action for this Fall and Winter.

The Middle East confirms to be very hot, with a new Cyber Attack, probably another occurrence of Shamoon, targeting RasGas, yet another Oil Company.

Just one note: of course it is impossible to track all the targets of the #OpFreeAssange. You can find a complete list at cyberwarnews.info.

Also, feel free to submit remarkable incidents that in your opinion deserve to be included in the timelines (and charts).

Categories: Cyber Attacks Timeline, Security Tags: #DoktorBass, #OpBlitzkrieg, #OpColtan, #OperationFreeAssange, #OperationGreenRights, #OpFreeAssange, #OpUkraine, #ProjectHellFire, #TeamGhostShell, 2012, @0x00x00, @57UN, @AntiLeaks, @FelixNCW, @LulzSecPeru, @MidasBank, @OphiusLab, @rootbeer_, africacollege.leeds.ac.uk, AMD, Amnesty International, Anonymous, Anonymous Australia, August, Australia, AVX, Bambuser, blizzard.com.ua, blog.amd.com, Boko Haram, borsonline.hu, Cambridge University, civic.kmu.gov.ua, corriendovoy.com, cronicadelquindio.com, Cyb3rSeC Crew, Cyber Attacks, Cyber Crime, data.gov.uk, DDoS, Defacement, Department of Work and Pensions, descubremarin.com, Distributed Denial Of Service, Dundee University, dundee.ac.uk, dwp.gov.uk, Faroe Islands, Fenerbahçe, ffu.org.ua, Fujitsu General, GlobalCerts.net, Hacktivism, hamovnichesky.msk.sudrf.ru, herts.police.uk, hotelhorba.eu, Ibrahimshah Shahulhamee, Interpol, Iranian Niroo Research Institute, Israel, Jr. r00t, Julian Assange, justice.co.uk, K0eN, Keylogger, kievcity.com.ua, kitabain.com, Lada, leeds.ac.uk, livewire.amnesty.org, Manst0rm, Marin, minagro.gov.ua, Miss Hong Kong, Moscow Court, Mr.4N1$, mvs.gov.ua, N0xiuS, N4ndu, Nigeria, nottinghamshire.police.uk, nri.ac.ir, NullCrew, OfficialNull, OpGreenRights, OpHarpoon, patriaroja.org.pe, personalimpressions.com, Peter Hain, Philips, philips.com, police.uk, POS, Prime Minister Office, Pussy Riot, r00tbeer, RasGas, REALTIME, Road Runner Safe Storage, RT.com, RUBEN_LINUX, Shamoon, Siemens, Spartak Moscow, SQL Injection, SQLi, Stun, SwapDrive, Symantec, thebotnet.com, thestudentroom.co.uk, Timeline, tornworld.com, Toyota, TVB, ucl.ac.uk, uj.terasz.hu, ukrainiansoccer.net, University College London, University Of Cambridge, University of Leeds, University of South Carolina, urdu121.net, USC, WhaleMail, Wikileaks, you-r!-k@n

August 2012 Cyber Attacks Timeline (Part I)

August 20, 2012 Paolo Passeri 4 comments

The first half of August has seen a revamping of Hacktivism, encouraged by the takedown of the famous Torrent Tracker Demonoid (and the consequent OpDemonoid targeting most of all Ukrainian sites), but also encouraged by OpAustralia, the wave of attacks against Australian Web Sites carried on against the Australian Internet Surveillance Law (apparently the latter operation was successful since the controversial law has been put on standby).

But Hacktivism was not the only “trend topic” for this period. The Middle East continues to be the cradle for unexpected cyber weapons threats. In August, two new occurrences of allegedly state sponsored malware: Gauss, a cyber-espionage tool targeting bank transaction, and Shamoon , a destructive malware targeting energy companies.

These are probably the most remarkable Cyber Events of this period, which has also seen a purported giant breach targeting Pearl.fr, a French e-commerce website whose 729,000 accounts, together with over 1 million bank transaction details, have been subtracted by hackers.

Also, feel free to submit remarkable incidents that in your opinion deserve to be included in the timelines (and charts).

Categories: Security, Cyber Attacks Timeline Tags: #DoktorBass, #OpFreePalestine, #opfuckuganda, 2012, @AntiLeaks, @DramaSett3r, @_ignit3, Account Hijacking, afta.net.au, aibb.org.au, Amazon, Anonymous, apo.kiev.ua, Apple, asio.gov.au, AT&T, Atlanta Braves, August, Australia, Australian Institute of Business Brokers, AYYILDIZIIM-Gen~Reis, Battle.net, Blizzard Entertainment, cabledrum.net, Chicago Cubs, Chicago White Sox, ci.haines-city.fl.us, Clan VV3, Cyber Crime, dai.vn.ua, DDoS, Demonoid, Distributed Denial Of Service, dsd.gov.au, Dump, Education, Environmental Protection Agency, epa.gov, Facebook, fisu.gov.ua, Gauss, gclounge.com.au, Gizmodo, Hacktivism, Haines City, Hitcher, hptrainingcenter.com, Israel, JM511, Kapil Sibal, L0lz Security, L0lzSec, Lake City Police Association, lakecountysheriff.com, Leak, Lebanon, Los Angeles Angels of Anaheim, Malware, Mat Honan, Miami Marlins, Middle East, mil.gov.ua, National Council of Investigation and Security, nciss.org, Nepal, New York Yankees, nitc.gov.np, nnottscamra.co.uk, nrada.gov.ua, NullCrew, OpAustralia, OpDemonoid, Operation India, OpGreenRights, opmcm.gov.np, Palestinian Authority, PBBans, Pearl.fr, Phobia, Remember Emad, Reuters News, ReutersTech, RUTracker.org, San Diego Padres, San Francisco Giants, Saudi Aramco, scanbits.org, Shamoon, Siemens, Social Engineering, SQL Injection, SQLi, svalyava-vlada.gov.ua, Syrian Electronic Army, The Elite Society, Thomson Reuters, Torrent, Torrent Tracker, Trusteer, Twitter, uacrr.kiev.ua, uam.mx, Uganda, Ukraine, Universidad Autónoma Metropolitana, V0dka, Washington Nationals, WebGate, Wikileaks

July 2012 Cyber Attacks Statistics

August 9, 2012 Paolo Passeri Leave a comment

Here we are with the statistics from the Cyber Attack Timelines for the first and the second half of July 2012. The sample included 76 attacks which have been analyzed according the three familiar parameters: Motivations behind attacks, Distribution of attacks techniques and Distribution of targets.

Again, I will never get tired of repeating that data must be taken very carefully since they do refer only to discovered attacks (the so-called tip of the iceberg), and hence do not pretend to be exhaustive but only aim to provide an high level overview of the “cyber landscape” of the considered period. Moreover, remember that the most dangerous threats are the invisible ones.

As far as the Motivations Behind Attacks are concerned, July has confirmed the predominance of Cyber Crime, although it dropped down to 55% from 72% of the previous month. It is interesting to notice the corresponding growth of Hacktivism, from 18% in June to 32% in July. Although the number of (discovered) attacks motivated by Cyber Espionage is always low, this month their occurrences nearly doubled as a consequence of the events in the Middle East, that confirms to be a “hot area” for the Cyber Arena. Cyber Warfare is positioned at the bottom of the chart with a “poor” 4% of the occurrences.

The Distribution Of Attacks Techniques chart confirms that is getting harder and harder to recognize what the cyber crooks have leveraged to reach their goal. The percentage of the unknown attacks has grown from the 36% of June to the 45% of July. In any case, among the recognized attacks, SQL Injection ranks at number one with the 28% of possible occurrences. DDoS has confirmed his decreasing trend from 16% in June to 9% in July. Maybe the possible victims are learning to effectively defend themselves?

The Distribution of Targets chart confirms that targets belonging to industry are always on top of the preferences of Cyber Crooks with the 32% of occurrences, well above the 21% of the last month. Government targets confirmed their second place with the 15% of occurrences (were the 18% on July) followed by Online Services with the 10%. It is interesting to notice the low occurrences of incidents targeting Law Enforcement Agencies and Military Institutions. Maybe after the high number of cyber attacks suffered, they are learning to enforce adequate countermeasures.

If you want to have an idea of how fragile our data are inside the cyberspace, have a look at the timelines of the main Cyber Attacks in 2011 and 2012 (regularly updated), and follow @paulsparrows on Twitter for the latest updates.

Also, feel free to submit remarkable incidents that in your opinion deserve to be included in the timelines (and charts).

Categories: Cyber Attacks Statistics, Security Tags: 2012, Computer crime, Cyber Attacks, Cyber Crime, Cyber Espionage, Cyber War, DDoS, Denial-of-service attack, Hacktivism, July, Middle East, Security, SQL Injection, SQLi, Statistics

Older Entries

About these ads

May 2013
M	T	W	T	F	S	S
« Apr
	1	2	3	4	5
6	7	8	9	10	11	12
13	14	15	16	17	18	19
20	21	22	23	24	25	26
27	28	29	30	31

Twitter

1-15 May 2013 Cyber Attacks Timeline hackmageddon.com/2013/05/23/1-1… #Infosec - 1 day ago
Apparently someone flags the Cisco Website as malicious... virustotal.com/en/url/fb74e6d… - 2 days ago
RT @marco_cova: IE8 0-day exploit (CVE-2013-1347) analyzed on Wepawet: bit.ly/13IZs2E - 3 days ago
RT @jc_vazquez: Vista Equity Partners to Buy Websense #News #InfoSec on.wsj.com/13BfWaw via @WSJ - 4 days ago
Pentagon OKs Androids, BlackBerrys for soldiers nakedsecurity.sophos.com/2013/05/07/pen… - 5 days ago
April 2013 Cyber Attacks Statistics wp.me/p14J6X-2oX - 6 days ago
RT @LastlineLabs: Marco Cova from Lastline talking about hacktivism on Italian TV ow.ly/l8Az6 - 1 week ago
RT @lastlineinc: Malware can make itself invisible: in the case of RSA security's breach, malware went undetected for 1/2 year http://t.co/… - 1 week ago
RT @gianlucaSB: SMS-based command and control protocols are here ow.ly/l47Ye - 1 week ago
Skype with care Microsoft is reading everything you write h-online.com/security/news/… - 1 week ago

Follow @paulsparrows

Hackmageddon.com

Archive

1-15 April 2013 Cyber Attacks Timeline

16-31 January 2013 Cyber Attacks Timeline

1-15 January 2013 Cyber Attacks Timeline

16-31 December 2012 Cyber Attacks Timeline

1-15 December 2012 Cyber Attacks Timeline

16-30 September 2012 Cyber Attacks Timeline

1-15 September 2012 Cyber Attacks Timeline

16 – 31 August 2012 Cyber Attacks Timeline

July 2012 Cyber Attacks Statistics

About The Author

Stats

Support My Work!

Share:

Stay Tuned!

Interesting Links

News

About This Blog

Calendar

Archive

Tag

Recent Posts

Top Posts & Pages

Visitors from…

Twitter

Follow “Hackmageddon.com”

Archive

Share:

Like this:

Share:

Like this:

Share:

Like this:

Share:

Like this:

Share:

Like this:

Share:

Like this:

Share:

Like this:

Share:

Like this:

Share:

Like this:

Share:

Like this:

About The Author

Stats

Support My Work!

Share:

Stay Tuned!

Interesting Links

News

About This Blog

Calendar

Archive

Tag

Recent Posts

Top Posts & Pages

Visitors from…

Follow “Hackmageddon.com”