XSS | Hackmageddon.com

1-15 March 2013 Cyber Attacks Timeline

March 18, 2013 Paolo Passeri 2 comments

Other troubles for system administrators: March is confirming the 2013 dangerous trend with several high profile breaches against industrial, financial and governmental targets.

The first two weeks of March have begun with the breach to Evernote, and continued with (among the others) the third phase of the infamous Operation Ababil, targeting U.S. Banks and an alleged Chinese attack against the Reserve Bank of Australia.

Additional noticeable events include a wave of DDoS attacks against several Czech Republic’s targets (belonging to media, news and financial sector), a breach suffered by the NIST Vulnerability Database (unfortunately not an isolated example of the attacks against US governmental targets happened in these two weeks) and also the leak of 20,000 records from an Avast! German distributor.

Last but not least, the examined period has also confirmed the role of Twitter as the new mean to make resounding attacks against single individuals or organizations. Qatar Foundation, Saudi Aramco, and France 24 are only several of the organizations fallen victims of accounts hijacking.

Of course, these are only the main events, feel free to scroll down the list to analyze in detail what happened in these two weeks.

If you want to have an idea of how fragile our data are inside the cyberspace, have a look at the timelines of the main Cyber Attacks in 2011, 2012 and now 2013 (regularly updated). You may also want to have a look at the Cyber Attack Statistics, and follow @paulsparrows on Twitter for the latest updates.

Also, feel free to submit remarkable incidents that in your opinion deserve to be included in the timelines (and charts).

Once again, a special thanks to Kim Guldberg AKA @bufferzone for continuously advising me about significant cyber events through the Submit Form! Much Appreciated!

About these ads

Categories: Cyber Attacks Timeline, Security Tags: #OpIran, 2013, @dw_arabic, @France24_ar, @NullCrew_FTS, @observateurs, @Phr0zenM, @StateSecurityRS, @T3AMM3DU5A, aio.ir, Alladyn2, AngloAmerican, angloplatinum.co.za, angloplatinum.com, Anonymous, Anonymous Italy, Anonymous Philippines, Arnold Schwarzenegger, Ashton Kutcher, Australia, avadas.de, Avast!, Bank of America, BB&T, BCPP, Belgrade, Beyoncé, Bill Gates, Billboard, Bitcoin, BitInstant, Britney Spears, Casapounditalia.org, Ceskatelevize.cz, Chase Bank, Chevron Corporation, chevron.com, China, Colin Poweel, Colin Powell, Constantin Film, cpb.gov, csas.cz, CSOB, csob.cz, Ct24.cz, Cyber Attacks Timeline, Cypher, Czech Republic, denik.cz, Deutsche Welle, Donald Trump, Dpp.cz, drdo.gov.in, E15.cz, Equifax, eri.ir, Evernote, Experian, Facebook, Fifth Third Bank, Fio Banka, fio.cz, France 24 Arabia, France 24 observers, G.O.D., g1arng.army.pentagon.mil, Godzilla, Government, Hacker sTz, herzliyaconference.org, Hillary Clinton, HMP Isis, HSBC, Hulk Hogan, ical.ir, ict.org.il, idnes.cz, ihned.cz, India, Iran, isi.org.pk, Izz ad-Din al Qassam Cyber Fighters, Jay Z, Joe Biden, JPMorgan Chase & Co, karjera.ktu.lt, kb.cz, Kim Kardashian, Komerční Banka, ktu, lidovky.cz, majlis.ir, March, Maxney, Mel Gibson, Michelle Obama, mobilmania.cz, nationaljournal.com, natpdae.gov.bd, nespak.com.pk, Nicholas Webber, NIST, North Korea, novinky.cz, NullCrew, nvd.nist.gov, O2.cz, Oceaneering International, OpBlackSummer. Tunisian Cyber Army Al Qaida Electronic Army, Operation Ababil, Operation Green Rights, OpFuckMohammad, opm.gov, PAKbugs, Pakistan, Paris Hilton, Phr0zenMyst, PNC, Poland, Prague Stock Exchange, Pyongyang, Qatar Foundation, Raiffeisen Bank, Rasberry P, rb.cz, RBA, Reserve Bank of Australia, Robert Mueller, Sarah Palin, Saudi Aramco, seznam.cz, Soneri Bank, South Africa, South Korea, state.gov, supremecourt.gov.bd, Syrian Electronic Army, T-Mobile, T-mobile.cz, TEAM M3DU5A, th3inf1d3l, timewarnercable.com, TransUnion, Twitter, United States, US Bank, Watering Hole Attack, XSS, Zoosk, Živě.cz, Česká spořitelna

1-15 January 2013 Cyber Attacks Timeline

January 17, 2013 Paolo Passeri 4 comments

So here we are with the first Cyber Attacks Timeline for 2013 covering the first half of January.

Apparently the new year has begun with an intense activity by Cyber Crooks. Hacktivists and Cyber Criminals had many time to spend in front of their keyboards during the holiday break, and as a consequence the number of breaches with more than 10.000 accounts compromised is incredibly high. WWF China, the City of Steubenville, Ohio and The German Chamber of Commerce are only three examples of institutions that suffered massive breaches during the beginning of this year.

But the massive breaches are not the only remarkable events of this period: the waves of DDoS Attacks against US banks continued (and promise to extend also in the next weeks), Kaspersky Lab discovered a new massive Cyber Espionage Campaign dubbed “Red October”, and also the Japan Farm Ministry was hit by yet another Cyber Attack, allegedly originating from China…

If this is only the beginning… 2013 promises to be pretty much troubled for system administrators…

If you want to have an idea of how fragile our data are inside the cyberspace, have a look at the timelines of the main Cyber Attacks in 2011 and 2012 and the related statistics (regularly updated), and follow @paulsparrows on Twitter for the latest updates.

Also, feel free to submit remarkable incidents that in your opinion deserve to be included in the timelines (and charts). To do so, you can use this form.

Categories: Cyber Attacks Timeline, Security Tags: #AntiSec, #OpLeak, 2013, 53Bank, @AnonTitan, @AnonVoldemort, @anon_4freedom, @Anon_Acid, @DarkWebGoons, @Dysomnia_, @INST1NCT_, @irBreShiE, @Maxn3y, @OfficalNull, @RexMundi_Anon, @ThisIsGameOver, @XTnR3v0LT, Aaron Swartz, afca.gov.sa, africasia.com, ahk.de, Al-Qaeda, Ally Financial, Anonymous, AnonymousTitan, aoifeonline.com, Association of Irish Festival Events, atlantaperforms.biz, Bangladesh, BB&T, Blackmail, BoredGames.com, BreShiE, Capcom, Capital One, Capstone Turbine Corporation, Charles Schumer, Chile, China, COG, cotlook.com, csc.edu.sa, customs.gov.ye, CVE-2012-4792, Cyber Attack, Cyber Attacks, D35M0ND142, DarkWeb Goons, Debian, Defacement, Denial-of-service attack, dhs.gov, DOJ, Drake International, Durar Shamiya, Dysomnia, ejercito.cl, ejercito.mil.pe, eldorar.com, fibank.bg, Fifth Third, Fifth Third Bank, forensicexperts.in, France, G.O.D., Game Over, gdms.gov.sa, gdmw.gov.sa, German Chamber of Commerce, Godzilla, gov.ai, Hacktivism, HSBC, Human Mind Cracker, India, Indonesia, insight.mastercard.com, INST1NCT, Izz ad-Din al Qassam Cyber Fighters, January, Japan, Jefferson County Sheriff, jeffersoncountysheriff.com, Jember Hacker Team, jncasr.ac.in, JokerCracker, Justice.gov, Kaspersky, Kaspersky Lab, Kinros Tasiast, kinrosstasiast.mr, LulzSec Peru, maff.go.jp, Mastercard, MaX0xf, Maxney, mic.gov.sa, mic.org.sa, miestukarai.lt, mindefensa.gob.ve, MIT, Moin, NASA, nationalsecurity.lk, NaziGods, nitdgp.ac.in, NullCrew, OccupySteubenville, Ohio, Operation Ababil 2, OpFuckMohammad, OpIndia, OpRollRedRoll, OpSlaughterHouse, pakistanarmy.gov.pk, Panasonic, Peru, Philippines, Phone Hacking, PNC, police.ac.be, PoliceOne.com, presidensby.info, psmpq.org.sa, Python, Red October, Redhack, Rex Mundi, safous.gov.sa, Saudi Arabia, SEPO, servicehistorique.sga.defense.gouv.fr, SlixMe, SQL Injection, SQLi, Sri Lanka, Steubenville, SunTrust, Susilo Bambang Yudhoyono, Syrian Electronic Army, th3inf1d3l, The Saudi Ministry of Defense: moda.gov.sa, ThreatPost, Timeline, Tranzeo, tranzeo.com, Turkey, Turkish Ajan Group, Ubisoft, UNC, UNC Lineberger Comprehensive Cancer Center, University of North Carolina, Uplay, US Department Of Homeland Security, veterans.msstate.edu, Voldem0rt, Watering Hole Attack, Wells Fargo, Wiki, womvegas.com, WWF, wwfchina.org, Xl3gi0n hackers, XSS, YÖK, Zaxby’s, ZionsBank

1-15 December 2012 Cyber Attacks Timeline

December 17, 2012 Paolo Passeri 2 comments

Christmas is coming quickly, we have just passed the first half of December, and hence it’s time for the first update of the Cyber Attacks Timeline for December.

The Team GhostShell has decided to close the year with a clamorous Cyber Attack, and hence,as part of the project ProjectWhiteFox, has leaked 1.6 million of accounts from several organizations all over the world. This is the most important event for this first part of the month that apparently has shown a decreasing trend. Hacktivists are still focusing their attention (and their keyboards) to Israel, and Cyber Criminals are maybe preparing for the Christmas attacks.

However, the main events of the first half of December, are related to hacktivism, besides the above mentioned cyber attack, it worth to mention the new wave of massive DDoS attacks against US Banks (up to 60 Gbps of peak according to Arbor Networks), but also the leak of a ITU document on the future of Deep Packet Inspection and the attacks in Egypt, Mexico and India.

Last but not least: this two weeks also offered a giant attack to the famous Social Platform Tumblr and also the warning of the Switzerland’s national security agency (NDB) that a huge amount of secrets may have been leaked by a disgruntled IT Administrator.

Also, feel free to submit remarkable incidents that in your opinion deserve to be included in the timelines (and charts). To do so, you can use this form.

Categories: Cyber Attacks Timeline, Security Tags: #OpLeak, #TeamGhostShell, 2012, @DARWINARE, @OsamaTheGod, @r0gu3An0n, @T3AMM3DU5A, @TeamBCA, @XTnR3v0LT, AbbotttheFaggot2000, airport.ch, Anonymous, APT, Arbor Networks, Australian Miami Family Medical Centre, Bank of America, Bharat Sanchar Nigam Limited, Brazil, Brazilian Cyber Army, BSNL, Bug_Mind, cfmoto.cn, Christmas, CIA, CVE-2012-0507, Cyber Attack, David Morris, DDoS, December, Deep Packet Inspection, Defacement, Dockster, DPI, dsd.gov.za/, echtzeitmusik.de, Edwards Air Force Base, edwards.af.mil, Egypt, Enrique Peña Nieto, espaciovino.com.ar, ExploitHub, Family First Party, FBI, filosofia.eu.org, Freedom for the Mujahideen, Gay Nigger Association of America, Getondown.com, GhostShell, GNAA, GrenXparta_Hacker, H4sniper, Hacktivism, IAEA, Injector Team, INOVx Solutions, ITU, Izz ad-Din al-Qassam, JPMorgan Chase, JuliaDaRanga1000, kekoushop.com, Korea, Macquarie University, maliye.gov.tr, Mexico, MI6, Michigan State University, Mohamed Morsi, Mohammed V, MrOsama, msu.edu, NDB, nds.iaea.org, New Jersey, Niagara AX, nkhschool.ir, OpEgypt, Parastoo, Partido Revolucionario Institucional, PizzaHut, PNC, pnc.gov.za, population.gov.za, PRI, ProjectWhiteFox, prt5.mpt.gov.br, Redhack, rotoinfo.com, Russia, sa-familyfirst.org.au, South Africa, SQLi, SunTrust, Switzerland, Targeted Attack, TEAM M3DU5A, th3inf1d3l, The Darwinare, Timeline, Tumblr, Turkey, um5a.ac.ma, US Bank, XSS, YEIZETA

The Alphabet of Cyber Crime from APT to Zeus

February 24, 2012 Paolo Passeri Leave a comment

If you need to know what Cyber Crime is but you are bored and fed up with the too many information security terms, loosing yourself among the acronyms, you have stumbled upon the correct place. I have just compiled a very special alphabet which collects the terms related to Cybercrime. Forgive me for some “poetic license” and enjoy this half-serious list.

A like APT

Yes, the Advanced Persistent Threats have been the undisputed protagonists of 2011. An APT is essentially an attack carried on with different vectors, different stages and on a distributed time windows (yes, it Persistent). APT are behind the most remarkable events of 2011 such as the RSA Breach, Stuxnet, and so on…

B like Botnet

Botnet are networks of compromised machines that are used by cybercriminals to perpetrate their malicious action. Tipically a compromised machine becomes part of a botnet where the master distributes the commands from a C&C Server. Command may include the theft of information or the attack to other machines.

C like Crime-As-A-Service

The last frontier of Cybercrime: why developing costly malware if you can find a wide offer of customizable malware on the black market offering help desk and support services?

D like DLP

Data Leackage (or Lost) prevention is a suite of technologies that may help organization to counter the theft of information by preventing misuse or leak of data while they are in use at the endpoint (DIU), in transit on the network (DIM), or simply it is an aggregated Dark Matter on the corporate servers (DAR) that needs to be indexed and cataloged (and possibly classified and assessed).

January 2012 Cyber Attacks Timeline (Part 2)

February 2, 2012 Paolo Passeri 1 comment

Click here for part 1.

The second half of January is gone, and it is undoubtely clear that this month has been characterized by hacktivism and will be remembered for the Mega Upload shutdown. Its direct and indirect aftermaths led to an unprecedented wave of cyber attacks in terms of LOIC-Based DDoS (with a brand new self service approach we will need to get used to), defacements and more hacking initiatives against several Governments and the EU Parliament, all perpetrated under the common umbrella of the opposition to SOPA, PIPA and ACTA. These attacks overshadowed another important Cyber Event: the Middle East Cyberwar (which for the sake of clarity deserved a dedicated series of posts, here Part I and Part II) and several other major breaches (above all Dreamhost and New York State Electric & Gas and Rochester Gas & Electric).

Chronicles also reports a cyber attack to railways, several cyber attacks to universities, a preferred target, and also of a bank robbery in South Africa which allowed the attackers to steal $6.7 million.

Do you think that cyber attacks in this month crossed the line and the Cyber Chessboard will not be the same anymore? It may be, meanwhile do not forget to follow @paulsparrows to get the latest timelines and feel free to support and improve my work with suggeastions and other meaningful events I eventually forgot to mention.

Categories: Security, Cyberwar, Cyber Attacks Timeline Tags: #AntiSec, #opeurope, #OpFreePalestine, #OpMegaUpload, #OpPiggyBank, #OpUFC, 2012 Cyber Attacks Timeline, @Abs0luti0n_, @als7rx, @anon_4freedom, @b4lc3nh4ck, @b4lc4nh4ck, @d4op, @Havittaja, @ItsKahuna, @psykonx, @s3rverexe, @theevilc0de, ACTA, Al Jazeera, Anonymous, Anonymous Brasil, Arab World, Arizona State University, ASU, Azerbaijan, “#OP XSS, Banco Bradesco SA, Belgian Anti Piracy Federation, blogs.aljazeera.com, bmwmoa.org, bradesco.com.br, Brazil, Breach, Broadcast Music Inc, C'Seven Booter, CabinCr3w, CBS, China, Chriss1001, Chrissdod.com, Chung Yuam Christian University, Cross-Site Scripting, Cyber Attacks Timeline, D35M0ND142, DarkDevilz, DDoS, Defacement, Department of Justice, DGASPCGR, Dinelson, Distributed Denial Of Service, DNS Hijacking, DreamHost, Euronet Worldwide Inc, European Parliament, Federal Bureau of Investigation, finance.gov.ie, Find2Trade.com, Foothill college, FTC’s federal online security, gente.com.ar, Ghana, giustizia.it, Goshen Hospital, Grindr, Hacker, hacktivists, HADOPI, Harvard Medical School, HaxOr, Horia Hulubei National Institute of Physics and Nuclear Engineering, Indiana University, Ireland, Israel, italia.gov.it, Italian Ministry of Justice, Jaguar Hacker, jdcc.edu, Jefferson Davis Community, Just10time.com, justice.ie, Justin Bieber, justinbieberweb.com, Kazakhstan Embassy, LulzSecItaly, Mega Upload, Megaupload, Mexico, Middle East, Motion Picture Association of America, MPAA, MSUpdater, MSUpdater Trojan, NASA, Nepal Telecommunications Authority, Netlinx, New York State Electric & Gas, New York State Public Service Commission, ninewinds.co.in, nipne.ro, Northwest Rail, nta.gov.np, NuevaOrden, NYSEG, oksportsandfitness.com, onguardonline.gov, OpIreland, Pak Cyber Combat Squad, Panasonic, Pastebin, Paula Fernandes, PCSS, PIPA, Poland, Recording Industry Association of America, RG&E, RIAA, Rochester Gas and Electric, Romanian Social Services and Child protection Agency, rpghry.cz, Saccafrazi, SCADA, Sector 404, sellpal.co.uk, Senate of Michigan, senate.mi.gov, SEPO, Sexyono.com, SOPA, South African Postbank, SQL Injection, SQLi, STK, Sykipot, Symantec, T3Rr0r, TeamHav0k, The Colbert Report, The Daily Show, The White House, Trojan, TryMedia, U.S. Copyright Office, UFC, Ufc.com, Ultimate Fighting Championship, ULTRA-DJ, Universal Music, Universalmusic.pt, University Of Washington, VGP, Videogamesplus.ca, Vivendi, Wallace College, Wallace.edu, Warner Music Group, Washington.edu, Websoftdownload.com, wikispaces, WordPress, Xboxliveclans.com, xdev, XSS, ZCompany Hacking Crew

Cross-Site Scripting in svendita… All’Android Market

March 9, 2011 Paolo Passeri 1 comment

Per un giorno mi ero ripromesso di non parlare dei problemi di sicurezza dell’Androide ma non ce l’ho fatta… Non si sono ancora sopite del tutto le polemiche relative al modello di sicurezza dell’Android Market (io invece mi ero quasi sopito) che oggi è trapelata la notizia di una grave vulnerabilità di tipo XSS esistente, dalla sua origine, nella versione Web dell’Android Market. Prima della sua scoperta da parte di Jon Oberheide (ricercatore di sicurezza non nuovo a questo genere di scoperte), la vulnerabilità in questione era sfruttabile inserendo codice malevolo all’interno del campo “Description” nella finestra di pubblicazione delle applicazioni.

La falla nel sistema di input consentiva di eseguire il codice in questione nel dispositivo client nel momento in cui l’utente ricercava l’applicazione nel mercato (e quindi il browser leggeva il campo in questione).

Dopo la segnalazione la vulnerabilità è stata sanata, ma senza dubbio, per il povero androide, continua a piovere sul bagnato.

Piccola nota romantica: il ricercatore cacciatore di taglie informatiche ha scoperto la vulnerabilità e l’ha segnalata a Google pochi giorni prima del Pwn2Own 2011, ricevendo una taglia di 1337 $. L’avesse svelata durante il contest avrebbe ricevuto in premio 15.000 $, quindi un ordine di grandezza in più di quanto meritatamente spillato nella circostanza al gigante di Mountain View.

Categories: Mobile, Security Tags: Android, Android Market, Android Market Web, Cross-Site Scripting, Jon Oberheide, Mobile, Pwn2Own, Pwn2Own 2011, XSS

About these ads

May 2013
M	T	W	T	F	S	S
« Apr
	1	2	3	4	5
6	7	8	9	10	11	12
13	14	15	16	17	18	19
20	21	22	23	24	25	26
27	28	29	30	31

Twitter

1-15 May 2013 Cyber Attacks Timeline hackmageddon.com/2013/05/23/1-1… #Infosec - 2 days ago
Apparently someone flags the Cisco Website as malicious... virustotal.com/en/url/fb74e6d… - 2 days ago
RT @marco_cova: IE8 0-day exploit (CVE-2013-1347) analyzed on Wepawet: bit.ly/13IZs2E - 3 days ago
RT @jc_vazquez: Vista Equity Partners to Buy Websense #News #InfoSec on.wsj.com/13BfWaw via @WSJ - 5 days ago
Pentagon OKs Androids, BlackBerrys for soldiers nakedsecurity.sophos.com/2013/05/07/pen… - 6 days ago
April 2013 Cyber Attacks Statistics wp.me/p14J6X-2oX - 6 days ago
RT @LastlineLabs: Marco Cova from Lastline talking about hacktivism on Italian TV ow.ly/l8Az6 - 1 week ago
RT @lastlineinc: Malware can make itself invisible: in the case of RSA security's breach, malware went undetected for 1/2 year http://t.co/… - 1 week ago
RT @gianlucaSB: SMS-based command and control protocols are here ow.ly/l47Ye - 1 week ago
Skype with care Microsoft is reading everything you write h-online.com/security/news/… - 1 week ago

Follow @paulsparrows

Hackmageddon.com

Archive

1-15 March 2013 Cyber Attacks Timeline

1-15 January 2013 Cyber Attacks Timeline

1-15 December 2012 Cyber Attacks Timeline

Cross-Site Scripting in svendita… All’Android Market

About The Author

Stats

Support My Work!

Share:

Stay Tuned!

Interesting Links

News

About This Blog

Calendar

Archive

Tag

Recent Posts

Top Posts & Pages

Visitors from…

Twitter

Follow “Hackmageddon.com”

Archive

Share:

Like this:

Share:

Like this:

Share:

Like this:

A like APT

B like Botnet

C like Crime-As-A-Service

D like DLP

Share:

Like this:

Share:

Like this:

Share:

Like this:

About The Author

Stats

Support My Work!

Share:

Stay Tuned!

Interesting Links

News

About This Blog

Calendar

Archive

Tag

Recent Posts

Top Posts & Pages

Visitors from…

Follow “Hackmageddon.com”