About these ads

Archive

Posts Tagged ‘Syrian Electronic Army’

16-31 March 2014 Cyber Attacks Timeline

And here we are with the second part of the Cyber Attacks Timeline (first part here).

The prize for the most noticeable breach of the month goes in Korea, where a 31-year-old man has been arrested for infiltrating the account of 25 million users of Never, a local Internet Portal (actually it happened several months ago but was unveiled in this month). Other noticeable events include the trail of attacks against several Universities (Maryland, Auburn, Purdue, Wisconsin-Parkside), the compromising of personal information of 550,000 employees and users of Spec’s, the leak of 158,000 forum users of Boxee.tv and 95,000 users of Cerberus and, finally, a breach targeting the California Department of Motor Vehicles. Last but not least, even the infamous Operation Windigo has deserved a mention in the timeline.

Moving to Hacktivism, chronicles report of a couple of hijackings performed, as usual, by the Syrian Electronic Army, a couple of operations carried on by the Russian Cyber Command and a (probably fake) attack by someone in disguise of Anonymous Ukraine, claiming to to have leaked 7 million Russian Credit Cards. Probably a recycle of old leaks.

As usual, if you want to have an idea of how fragile our data are inside the cyberspace, have a look at the timelines of the main Cyber Attacks in 2011, 2012 and now 2013 (regularly updated). You may also want to have a look at the Cyber Attack Statistics, and follow @paulsparrows on Twitter for the latest updates.

Also, feel free to submit remarkable incidents that in your opinion deserve to be included in the timelines (and charts).

16-31 Mar 2014 Cyber Attacks Timelines Read more…

About these ads

16-28 February 2014 Cyber Attacks Timeline

Here is the list of the main Cyber Attacks happened during the second half of February 2014 (Part I here). As you will soon discover, unlike the previous months, the activity in this second half of February has shown a sensible decrease both in number and in size in comparison with the previous months.

One of the few exception to this decreasing trend is  the University of Maryland, that was the victim of a cyber attack that led to the compromising of more than 300,o00 records.

Apparently even the hacktivists have slowed down their attacks with few exceptions (the Syrian Electronic Army and some sporadic actions executed by hackers affiliated to Anonymous.

Interestingly the cyber espionage front has been the more interesting with a couple of remarkable events (a cyber attack against a French aerospace engine maker and the revelation of further details concerning the Iranian attack against a US Navy Computer Network.

As usual, if you want to have an idea of how fragile our data are inside the cyberspace, have a look at the timelines of the main Cyber Attacks in 2011, 2012 and now 2013 (regularly updated). You may also want to have a look at the Cyber Attack Statistics, and follow @paulsparrows on Twitter for the latest updates.

Also, feel free to submit remarkable incidents that in your opinion deserve to be included in the timelines (and charts).

16-28 Feb 2014 Cyber Attacks Timelines Read more…

1-15 February 2014 Cyber Attacks Timeline

And here we are with the timelines of the main Cyber Attacks happened during the first half of February.

It is very hard to summarize these days from an Infosec perspective, considering the noticeable number of massive breaches: Kickstarter (potentially 5.6 million of records affected), Forbes (1 million records leaked), Orange (800,000 users impacted) and St. Joseph Health System (400,000 users affected) are the main examples, but they must not overshadow other ‘minor’ events such as the the attack against Bell.ca (‘only’ 40,000 users affected).

15 days in which Cybercrime and Hacktivism dangerously overlapped, ‘thanks’ mainly to the infamous Syrian Electronic Army, author of the hack against Forbes but also of several account hijacking attacks that have become their unique fingerprint, but also ‘thanks’ to the RedHack collective who, once again, targeted (directly or indirectly) the Turkish Government with three noticeable attacks.

Last but not least, the Cyber Espionage: the first half of February has brought us the discovery of “The Mask” (AKA Careto), a massive Operation targeting 31 countries around the world, but also the revelation of an alleged attack carried on by Huawei against the Indian provider BSNL and a further purported Chinese attack against some bio-medic industries in the U.S.

Finally, the Cyber War between India and Pakistan deserves a special mention, despite only defacements have been reported, the end of the fight is far from being reached.

As usual, if you want to have an idea of how fragile our data are inside the cyberspace, have a look at the timelines of the main Cyber Attacks in 2011, 2012 and now 2013 (regularly updated). You may also want to have a look at the Cyber Attack Statistics, and follow @paulsparrows on Twitter for the latest updates.

Also, feel free to submit remarkable incidents that in your opinion deserve to be included in the timelines (and charts).

1-15 Feb 2014 Cyber Attacks Timelines Read more…

16-31 January 2014 Cyber Attacks Timeline

February 17, 2014 Leave a comment

Even if with several days of delay, it is time for the second Cyber Attacks Timeline of June January 2014 (Part I here).

Unfortunately the trail of massive breaches has continued even in the second half of the month with the two remarkable events of the 16 million of records scraped by a German botnet and also the discovery of the ChewBacca malware by RSA. Cyber Crime Chronicles also report a global password reset issued by Yahoo! after the discovery of a coordinated effort to compromise accounts.

Cyber Espionage Chronicles report of an attempted malware attack against the Electronic Frontier Foundation, the Israeli Defense Ministry and, most of all, the discovery of an operation allegedly orchestrated by Russian hackers against Western energy interests.

Looking at the attacks motivated by Hacktivism, the Syrian Electronic Army were behind the most noticeable events.

As usual, if you want to have an idea of how fragile our data are inside the cyberspace, have a look at the timelines of the main Cyber Attacks in 2011, 2012 and now 2013 (regularly updated). You may also want to have a look at the Cyber Attack Statistics, and follow @paulsparrows on Twitter for the latest updates.

Also, feel free to submit remarkable incidents that in your opinion deserve to be included in the timelines (and charts).

16-31 Jan 2014 Cyber Attacks Timeline

Read more…

1-15 January 2014 Cyber Attacks Timeline

February 5, 2014 2 comments

It’s time for the Cyber Attacks Timeline for the first half of January 2014. I wish we had a better start for this Infosec year. Not even a month has passed (actually this timeline covers the first two weeks) and we have already seen several massive breaches (Snapchat) and other resounding events, maybe less relevant from a mere numeric perspective, but equally meaningful for the high profile of the victims involved (Microsoft).

Besides Snapchat, other important organizations have been targeted by Cyber crooks with very bad consequences: World Poker Tour (175,333), Staysure (93,000 individuals involved) and OpenSUSE (79,500 victims) are the most noticeable examples. On the cyber crime front other meaningful events include a wave of attacks against Video Games industries, and the hacking of Yahoo advertise network, infecting, potentially 27,000 users per hour.

Hacktivists of the Syrian Electronic Army are back with the result that even Microsoft is now part of the list of their victims (however their web site was also hacked in the same period). Other hacktivists very active in the same period include the infamous RedHack collective.

Last but not least, the control room of the Nuclear Plant of Monju in Japan was found infected with a malware capable of allegedly exfiltrate 42,000 emails.

As usual, if you want to have an idea of how fragile our data are inside the cyberspace, have a look at the timelines of the main Cyber Attacks in 2011, 2012 and now 2013 (regularly updated). You may also want to have a look at the Cyber Attack Statistics, and follow @paulsparrows on Twitter for the latest updates.

Also, feel free to submit remarkable incidents that in your opinion deserve to be included in the timelines (and charts).

1-15 Jan 2014 Cyber Attacks Timeline

Read more…

1-15 December 2013 Cyber Attacks Timeline

December 17, 2013 Leave a comment

Maybe hackers are feeling the Christmas atmosphere since this first half of December has recorded a minor number of attacks in comparison with the previous months. However considering merely the number of attacks to evaluate the cyber landscape could bring to wrong conclusions since, even if in absolute terms the number of attacks has experienced a decrease, in several cases the amount of affected users has been really considerable.

This is the case, for instance, of the 20 million of records leaked in China (and found on WeChat) or the 2.4 million of students and employees of Maricopa Community College compromised in an Aprl Security Breach.

It is really curious to notice that in (too) many cases the breaches have been notified several months later. As also happened for JP Morgan Chase, who also had 456,000 owners of prepaid cash cards compromised in July and notified only in December.

Concerning Cyber Espionage, chronicles report of an alleged Chinese Cyber Attack during the 2013 G8 Summit in Russia, while hacktivists were constantly active in Ukraine, Turkey, India, Syria (indirectly) and, a new Entry for December, Angola.

As usual, if you want to have an idea of how fragile our data are inside the cyberspace, have a look at the timelines of the main Cyber Attacks in 2011, 2012 and now 2013 (regularly updated). You may also want to have a look at the Cyber Attack Statistics, and follow @paulsparrows on Twitter for the latest updates.

Also, feel free to submit remarkable incidents that in your opinion deserve to be included in the timelines (and charts).

1-15 December 2013 Cyber Attacks Timeline Read more…

1-15 November 2013 Cyber Attacks Timeline

November 25, 2013 Leave a comment

It’s time for the summary of the main cyber attacks occurred in the first half of November and reported on the news.

These fifteen days have been particularly troubled from an information security perspective, having left to the records several remarkable breaches: LoyaltyBuild, affecting potentially 1.12 million individuals, CorporateCarOnline.com (850,000 individuals), MacRumors (850,000 individuals) and, last but not least, vBulletin (860,000 users affected). A damage report which appears really devastating.

But even hacktivists have been particularly active: several operations have been carried on by the Anonymous all over the world (Italy, UK, Singapore, Japan, Philippines and Ukraine). One in particular (by Indonesian hacktivists against Australian targets) has apparently created a fracture inside the collective.

Last but not least, the chronicles report the latest hack of the Syrian Electronic Army against VICE and a new wave of attacks of Pakistani hackers against Indian targets.

As usual, if you want to have an idea of how fragile our data are inside the cyberspace, have a look at the timelines of the main Cyber Attacks in 2011, 2012 and now 2013 (regularly updated). You may also want to have a look at the Cyber Attack Statistics, and follow @paulsparrows on Twitter for the latest updates.

Also, feel free to submit remarkable incidents that in your opinion deserve to be included in the timelines (and charts).1-15 November 2013 Cyber Attacks Timeline

Read more…

16-31 October 2013 Cyber Attacks Timeline

November 12, 2013 2 comments

And here we are we the second part of the October 2013 Cyber Attacks Timeline (first part here).

It’s interesting to notice how sophisticated cyber attacks are characterizing the final part of this 2013. The second timeline of October reports at least three remarkable cases: Belgacom (once again), the Finland’s Foreign Ministry and a wave of spear phishing against several targets belonging to Israeli Industries in the defense and security sector

Other noticeable events include the compromising of some servers belonging to php.net, the breach to the online database MongoHQ, and also a breach involving NeoGaf, a popular video games forum, targeting potentially 114,000 users.

The latter is the only remarkable breach (at least from a numerical perspective) of this second half of October, in the same period in which new revelations indicate that the number of victims of the infamous Adobe breach occurred in the first part of this month appears 12 times greater than initially estimated (38M users).

For the rest, the summary of the month is closed by the usual background of hacktivism, a growing phenomenon that is showing multiple different “flavors” and hence is no more characterized by the only infamous Anonymous collective.

As usual, if you want to have an idea of how fragile our data are inside the cyberspace, have a look at the timelines of the main Cyber Attacks in 2011, 2012 and now 2013 (regularly updated). You may also want to have a look at the Cyber Attack Statistics, and follow @paulsparrows on Twitter for the latest updates.

Also, feel free to submit remarkable incidents that in your opinion deserve to be included in the timelines (and charts).

16-31 October 2013 Cyber Attacks Timeline Read more…

1-15 September 2013 Cyber Attacks Timeline

September 20, 2013 Leave a comment

So unfortunately the Summer is nearly gone, but, despite the sadness for the beautiful season fading away, here we are with the usual analysis of what’s happened in September from a Security Information perspective.

The main event for the first half of September is the massive attack against Vodafone Germany, potentially compromising more than 2 million customer records. Actually it was very hard to declare a main event, since even Belgacom performed was on the infosec news, unleashing some information related to a targeted attack, it was victim of. Always on the Cyber Crime front, it’s also worth to mention the failed (luckily) attack against Santander.

Nothing new under the Hacktivism front, that offered a minor revamp of the Syrian Electronic Army, despite the claims of them being dox’ed, some events in Turkey, where the cyber temperature remains hot despite the Summer fading away, and again some small attacks related to Syria and the NSA affair.

As usual, if you want to have an idea of how fragile our data are inside the cyberspace, have a look at the timelines of the main Cyber Attacks in 2011, 2012 and now 2013 (regularly updated). You may also want to have a look at the Cyber Attack Statistics, and follow @paulsparrows on Twitter for the latest updates.

Also, feel free to submit remarkable incidents that in your opinion deserve to be included in the timelines (and charts).

1-15 September 2013 Cyber Attacks Timeline Read more…

16-31 August 2013 Cyber Attacks Timeline

September 2, 2013 Leave a comment

August is gone (and unfortunately the Summer is also reaching the end), so it is time to analyze what happened in the Cyber Space during the second half of this month.

Apparently the hacktivism has been the most influencing factor of the last two weeks on the wake of the sad events happening in Syria, which also influenced the Cyber Space from both sides (loyalists represented by the Syrian Electronic Army and rebels represented by the Anonymous). Other events influencing the landscape include the protests in Turkey, Colombia, Gabon and (marginally) Egypt, which also had some echoes in the Cyber Space.

On the Cyber Crime front the chronicles report the breaches against the RPG League of Legends (million of users theoretically at risk), the Estate Agent Foxtons (10,000 records allegedly compromised) and Pizza Hut Spain and Malta (7,000 records leaked) and a controversial attack to Twitter (nearly 18,000 accounts leaked purportedly belonging to Turkish users).

As usual, if you want to have an idea of how fragile our data are inside the cyberspace, have a look at the timelines of the main Cyber Attacks in 2011, 2012 and now 2013 (regularly updated). You may also want to have a look at the Cyber Attack Statistics, and follow @paulsparrows on Twitter for the latest updates.

Also, feel free to submit remarkable incidents that in your opinion deserve to be included in the timelines (and charts).

16-31 August 2013 Cyber Attacks Timeline

Read more…

Follow

Get every new post delivered to your Inbox.

Join 2,714 other followers