Entry Title: WHID 2015-090: RubyGems.org hacked, interrupting Heroku services and putting sites using Rails at risk WHID ID: 2015-090 Date Occurred: 1/30/2015 Attack Method: Code Injection Application Weakness: Improper Input Handling Outcome: Leakage of Information Attacked Entity Field: Technology Attacked Entity Geography: Incident Description: A user uploaded a malicious gem that contained a malicious gem manifest (YAML file). The manifest contained embedded Ruby with this payload. This is the only known incident involving this vulnerability, but the vulnerability involved is a remote code execution exploit, so the usual rules apply. Reference: http://venturebeat.com/2013/01/30/rubygems-org-hacked-interrupting-heroku-services-and-putting-millions-of-sites-using-rails-at-risk/ |
Entry Title: WHID 2015-089: Rogue Payday loan brokers hacking websites to increase website traffic WHID ID: 2015-089 Date Occurred: 1/29/2015 Attack Method: Unknown Application Weakness: Unknown Outcome: SPAM Links Attacked Entity Field: Multiple Attacked Entity Geography: Incident Description: An investigation by Sky News has revealed that some Payday loan brokers have been involved in hacking popular websites in order to increase their rankings on Google and the number of visitors to their sites Reference: http://www.financialreporter.co.uk/finance-news/rogue-payday-loan-brokers-hacking-websites-to-increase-website-traffic.html |
Entry Title: WHID 2015-088: Citizens Bank website brought down by Iranian hackers WHID ID: 2015-088 Date Occurred: 1/26/2015 Attack Method: Denial of Service Application Weakness: Insufficient Anti-Automation Outcome: Downtime Attacked Entity Field: Finance Attacked Entity Geography: Incident Description: The bank's website was down on Thursday because of what the bank called "a temporary disruption due to an unusually high volume of Internet traffic." Reference: http://www.wcvb.com/money/Citizens-Bank-website-brought-down-by-Iranian-hackers/18291048 |
Entry Title: WHID 2015-087: Anonymous Hacks US Government Site, Threatens Supreme 'Warheads' WHID ID: 2015-087 Date Occurred: 1/26/2015 Attack Method: Unknown Application Weakness: Unknown Outcome: Defacement Attacked Entity Field: Government Attacked Entity Geography: Incident Description: The hacktivist group Anonymous hacked the U.S. federal sentencing website early Saturday, using the page to make a brazen and boisterous declaration of "war" on the U.S. government. Reference: http://mashable.com/2013/01/26/anonymous-hack-government-website-declares-war/ |
Entry Title: WHID 2015-086: Buy Way Hit by Extortionist Rex Mundi Hackers WHID ID: 2015-086 Date Occurred: 1/25/2015 Attack Method: SQL Injection Application Weakness: Improper Input Handling Outcome: Leakage of Information Attacked Entity Field: Retail Attacked Entity Geography: Incident Description: Hacker group Rex Mundi, which recently attempted to extort $15,000 from AmeriCash Advance and $50,000 from Drake International, now claim to have breached the servers of Belgian company Buy Way Reference: http://www.esecurityplanet.com/hackers/buy-way-hit-by-extortionist-rex-mundi-hackers.html |
Entry Title: WHID 2015-085: Texas Credit Union Hit by DDoS Attackers WHID ID: 2015-085 Date Occurred: 1/25/2015 Attack Method: Denial of Service Application Weakness: Insufficient Anti-Automation Outcome: Downtime Attacked Entity Field: Finance Attacked Entity Geography: Incident Description: University Federal Credit Union, the $1.5 billion institution headquartered in Austin, Texas, confirmed Friday that it was taken down ?for around two and one-half hours? on Thursday in a cyber attack Reference: http://www.cutimes.com/2013/01/25/texas-credit-union-hit-by-ddos-attackers?ref=hp |
Entry Title: WHID 2015-084: After Ransom Request, Trading Firm Repelled Hacker Attacks WHID ID: 2015-084 Date Occurred: 1/25/2015 Attack Method: Denial of Service Application Weakness: Insufficient Anti-Automation Outcome: Downtime Attacked Entity Field: Finance Attacked Entity Geography: Incident Description: The last in a year-long series of hacker attacks on Henyep Capital Markets (UK) Ltd., an online trading platform, was quickly repelled last October Reference: http://blogs.wsj.com/cio/2013/01/25/after-ransom-request-trading-firm-repelled-hacker-attacks/ |
Entry Title: WHID 2015-083: Web server hackers install rogue Apache modules and SSH backdoors WHID ID: 2015-083 Date Occurred: 1/24/2015 Attack Method: Unknown Application Weakness: Unknown Outcome: Planting of Malware Attacked Entity Field: Multiple Attacked Entity Geography: Incident Description: A group of hackers that are infecting Web servers with rogue Apache modules are also backdooring their SSH (Secure Shell) services in order to steal login credentials from administrators and users. Reference: http://www.infoworld.com/article/2612975/hacking/web-server-hackers-install-rogue-apache-modules-and-ssh-backdoors--researchers-say.html |
Entry Title: WHID 2015-082: Capital One Website Disrupted, Cyber Protestors Claim Attack WHID ID: 2015-082 Date Occurred: 1/24/2015 Attack Method: Denial of Service Application Weakness: Insufficient Anti-Automation Outcome: Downtime Attacked Entity Field: Finance Attacked Entity Geography: Incident Description: The website for Capital One was inaccessible for online banking customers for hours overnight, possibly the latest salvo in a long-running cyber protest targeting major Western financial institutions over an anti-Islam movie. Reference: http://abcnews.go.com/blogs/headlines/2013/01/capital-one-website-disrupted-cyber-protestors-claim-attack/ |
Entry Title: WHID 2015-081: More Zimbabwean bank websites hacked WHID ID: 2015-081 Date Occurred: 1/24/2015 Attack Method: Unknown Application Weakness: Unknown Outcome: Defacement Attacked Entity Field: Finance Attacked Entity Geography: Incident Description: Metropolitan Bank, the hacking of whose website we reported here two days ago, were not the only local financial institution to suffer at the hands of site defacers in the past couple of weeks. - See more at: http://www.techzim.co.zw/2013/01/more-zimbabwean-bank-websites-hacked-mbca-tetrad-and-others/#sthash.DMxZ56S1.dpuf Reference: http://www.techzim.co.zw/2013/01/more-zimbabwean-bank-websites-hacked-mbca-tetrad-and-others/ |
Entry Title: WHID 2015-080: Sri Lanka govt Web sites hit in spate of attacks WHID ID: 2015-080 Date Occurred: 1/23/2015 Attack Method: Unknown Application Weakness: Unknown Outcome: Defacement Attacked Entity Field: Government Attacked Entity Geography: Incident Description: A hacker on Tuesday breached the Web site of Sri Lanka Port Authority (SLPA), and also attacked and leaked the Web sites of two Sri Lankan TV channels and the Bureau of Foreign Employment over the last weekend. Reference: http://www.zdnet.com/article/sri-lanka-govt-web-sites-hit-in-spate-of-attacks/ |
Entry Title: WHID 2015-079: Hackers steal thousands from Vancouver church WHID ID: 2015-079 Date Occurred: 1/22/2015 Attack Method: Banking Trojan Application Weakness: Insufficient Process Validation Outcome: Monetary Loss Attacked Entity Field: Finance Attacked Entity Geography: Incident Description: It?s very likely that hackers were simply using a banking trojan in a consumer-focused info-stealing campaign and just happened to ensnare the church?s account details from the home computer. Reference: http://www.infosecurity-magazine.com/news/hackers-steal-thousands-from-vancouver-church/ |
Entry Title: WHID 2015-078: UNSW confirms hacking breach WHID ID: 2015-078 Date Occurred: 1/21/2015 Attack Method: Unknown Application Weakness: Unknown Outcome: Downtime Attacked Entity Field: Education Attacked Entity Geography: Incident Description: The University of NSW has been the target of a "concerted effort" to hack its systems in December and January forcing the shutdown of 25 of its servers, a spokesman confirmed. Reference: http://www.theage.com.au/it-pro/security-it/unsw-confirms-hacking-breach-20130121-2d272.html |
Entry Title: WHID 2015-077: Metropolitan Bank website hacked WHID ID: 2015-077 Date Occurred: 1/21/2015 Attack Method: Unknown Application Weakness: Unknown Outcome: Defacement Attacked Entity Field: Finance Attacked Entity Geography: Incident Description: We?re gathering that the websites belonging to Zimbabwean bank, Metropolitan Bank (www.metbank.co.zw) was defaced and subsequently taken down ?for maintenance?. - See more at: http://www.techzim.co.zw/2013/01/metropolitan-bank-website-hacked/#sthash.9ykIzLxt.dpuf Reference: http://www.techzim.co.zw/2013/01/metropolitan-bank-website-hacked/ |
Entry Title: WHID 2015-076: Altech website hacked WHID ID: 2015-076 Date Occurred: 1/21/2015 Attack Method: Unknown Application Weakness: Unknown Outcome: Defacement Attacked Entity Field: Technology Attacked Entity Geography: Incident Description: Australian distributor Altech Computers fell victim to a hacking attack on Sunday after attackers gained access to a page on the company?s website and uploaded images of a pornographic nature. Reference: http://www.crn.com.au/News/329486,altech-website-hacked-replaced-with-porn.aspx |
Entry Title: WHID 2015-075: Phys.Org Hacked, serving up malware WHID ID: 2015-075 Date Occurred: 1/16/2015 Attack Method: Unknown Application Weakness: Unknown Outcome: Planting of Malware Attacked Entity Field: Education Attacked Entity Geography: Incident Description: Phys.Org admitted it was hacked, but says there is no threat. Chrome and Firefox via Google are blocking the malware "attack" site, but Bing and IE do nothing to warn users that "this site may harm your computer." Reference: http://www.networkworld.com/article/2223853/microsoft-subnet/phys-org-hacked--serving-up-malware--google-blocks-site--but-bing-doesn-t.html |
Entry Title: WHID 2015-074: Hackers Disrupt Mexican Defense Ministry?s Website WHID ID: 2015-074 Date Occurred: 1/17/2015 Attack Method: Unknown Application Weakness: Unknown Outcome: Defacement Attacked Entity Field: Government Attacked Entity Geography: Incident Description: Hackers claimed a cyberattack on the Mexican defense ministry website on Jan. 16, posting a manifesto from the Zapatista rebel group for two hours. Reference: http://www.defensenews.com/article/20130117/DEFREG02/301170013/Hackers-Disrupt-Mexican-Defense-Ministry-8217-s-Website?odyssey=nav%7Chead |
Entry Title: WHID 2015-073: EMG website hacked by Red Army WHID ID: 2015-073 Date Occurred: 1/16/2015 Attack Method: Unknown Application Weakness: Unknown Outcome: Defacement Attacked Entity Field: Media Attacked Entity Geography: Incident Description: The webpage, http://news-eleven.com, of Eleven Media Group has today been hacked by Red Army (a combination of six different hacker groups namely Blink Hacker Group, Myanmar Hack3rs Unite4m, Myanmar Cyber Army, Black Hack Area, Myanmar Cyber Defence Army, and Cyber Vampire Team). Reference: http://www.nationmultimedia.com/breakingnews/EMG-website-hacked-by-Red-Army-30198022.html |
Entry Title: WHID 2015-072: Culture Ministry website hacked by "Bad Piggies" WHID ID: 2015-072 Date Occurred: 1/16/2015 Attack Method: Unknown Application Weakness: Unknown Outcome: Defacement Attacked Entity Field: Government Attacked Entity Geography: Incident Description: The official website of the Cultural Ministry was still off the air on Wednesday, as police continued to hunt for hackers who tampered with the website yesterday and again today. Reference: http://www.nationmultimedia.com/national/Culture-Ministry-website-hacked-by-Bad-Piggies-30198031.html |
Entry Title: WHID 2015-071: PhonCert Hacked WHID ID: 2015-071 Date Occurred: 1/31/2015 Attack Method: SQL Injection Application Weakness: Improper Input Handling Outcome: Leakage of Information Attacked Entity Field: Entertainment Attacked Entity Geography: Incident Description: DB Dump Reference: http://siph0n.net/exploits.php?id=3676 |
Entry Title: WHID 2015-070: Women's Resource Centre website hacked by people claiming to support Isis WHID ID: 2015-070 Date Occurred: 1/30/2015 Attack Method: Unknown Application Weakness: Unknown Outcome: Defacement Attacked Entity Field: Politics Attacked Entity Geography: Incident Description: After the hacking last week, the umbrella body has been unable to restore its website to working order, and does not know why it has been targeted Reference: http://www.thirdsector.co.uk/womens-resource-centre-website-hacked-people-claiming-support-isis/communications/article/1331684 |
Entry Title: WHID 2015-069: Website of Bulgaria's Energy Watchdog Hacked WHID ID: 2015-069 Date Occurred: 1/8/2015 Attack Method: Unknown Application Weakness: Unknown Outcome: Defacement Attacked Entity Field: Government Attacked Entity Geography: Incident Description: Hackers have taken down the website of DKEVR, the Bulgarian energy regulator. - See more at: http://www.novinite.com/articles/165828/Website+of+Bulgaria%27s+Energy+Watchdog+Hacked#sthash.zKOcddf7.dpuf Reference: http://www.novinite.com/articles/165828/Website+of+Bulgaria%27s+Energy+Watchdog+Hacked |
Entry Title: WHID 2015-068: Higher Education Commission Pakistan Hacked WHID ID: 2015-068 Date Occurred: 1/29/2015 Attack Method: SQL Injection Application Weakness: Improper Input Handling Outcome: Leakage of Information Attacked Entity Field: Education Attacked Entity Geography: Incident Description: DB Dump Reference: http://siph0n.net/exploits.php?id=3670 |
Entry Title: WHID 2015-067: Some University of Washington websites hacked WHID ID: 2015-067 Date Occurred: 1/27/2015 Attack Method: Unknown Application Weakness: Unknown Outcome: Defacement Attacked Entity Field: Education Attacked Entity Geography: Incident Description: A group of University of Washington websites was hacked Thursday morning, and pages were replaced by an extremist message that promised death to Americans in Iraq. Reference: http://q13fox.com/2015/01/29/some-university-of-washington-websites-hacked-extremist-group-claims-responsibility/ |
Entry Title: WHID 2015-066: Top adult site xhamster victim of large malvertising campaign WHID ID: 2015-066 Date Occurred: 1/27/2015 Attack Method: Unknown Application Weakness: Unknown Outcome: Planting of Malware Attacked Entity Field: Adult Attacked Entity Geography: Incident Description: We are observing a particular large malvertising campaign in progress from popular adult site xhamster[.]com, a site that boasts half a billion visits a month. Reference: https://blog.malwarebytes.org/exploits-2/2015/01/top-adult-site-xhamster-victim-of-large-malvertising-campaign/ |
Entry Title: WHID 2015-065: Taylor Swift hacked on Twitter and Instagram WHID ID: 2015-065 Date Occurred: 1/27/2015 Attack Method: Unknown Application Weakness: Unknown Outcome: Account Takeover Attacked Entity Field: Social Attacked Entity Geography: Incident Description: Taylor Swift may be the victim of a recent hack on both of her confirmed Twitter and Instagram accounts. The now-deleted tweets tag Twitter users @Veriuser and @Lizzard and encourages her fans to follow them. Reference: http://mashable.com/2015/01/27/taylor-swift-hack/ |
Entry Title: WHID 2015-064: Rex Mundi dumps more data after another entity doesn?t pay extortion demands WHID ID: 2015-064 Date Occurred: 1/27/2015 Attack Method: SQL Injection Application Weakness: Improper Input Handling Outcome: Leakage of Information Attacked Entity Field: Recruiting Attacked Entity Geography: Incident Description: Last week, we hacked the servers of Temporis, allegedly France?s largest network of franchised temp work agencies (www.temporis-franchise.fr). Reference: http://www.databreaches.net/rex-mundi-dumps-more-data-after-another-entity-doesnt-pay-extortion-demands/ |
Entry Title: WHID 2015-063: Victor Valley College hit by computer security breach WHID ID: 2015-063 Date Occurred: 1/31/2015 Attack Method: SQL Injection Application Weakness: Improper Input Handling Outcome: Leakage of Information Attacked Entity Field: Education Attacked Entity Geography: Incident Description: The entire Victor Valley College Information Technology Department has been placed on paid administrative leave while campus police and an outside company investigate a breach in security protocol, President Roger Wagner said Thursday. Reference: http://www.databreaches.net/ca-victor-valley-college-hit-by-computer-security-breach-entire-it-dept-put-on-leave/ |
Entry Title: WHID 2015-062: oklahomacounty.org hacked WHID ID: 2015-062 Date Occurred: 1/25/2015 Attack Method: SQL Injection Application Weakness: Improper Input Handling Outcome: Leakage of Information Attacked Entity Field: Government Attacked Entity Geography: Incident Description: DB Dump on PasteBin Reference: http://pastebin.com/0ekAGZWs |
Entry Title: WHID 2015-061: Malaysia Airlines website hacked by 'Cyber Caliphate' WHID ID: 2015-061 Date Occurred: 1/26/2015 Attack Method: DNS Hijacking Application Weakness: Insufficient Process Validation Outcome: Defacement Attacked Entity Field: Transportation Attacked Entity Geography: Incident Description: In a post on its Facebook account, the airline denied its internal servers, which contain passenger information, had been compromised. It said its Domain Name System (DNS) had instead been hijacked, with users redirected to the hackers' website. Reference: http://www.cnn.com/2015/01/25/asia/malaysia-airlines-website-hacked/ |
Entry Title: WHID 2015-060: ValidDumps.RU Full User Database Dump WHID ID: 2015-060 Date Occurred: 1/22/2015 Attack Method: SQL Injection Application Weakness: Improper Input Handling Outcome: Leakage of Information Attacked Entity Field: Hacker Site Attacked Entity Geography: Incident Description: DB Dump Reference: http://siph0n.net/exploits.php?id=3668 |
Entry Title: WHID 2015-059: FreshFiction DB Dumped WHID ID: 2015-059 Date Occurred: 1/24/2015 Attack Method: SQL Injection Application Weakness: Improper Input Handling Outcome: Leakage of Information Attacked Entity Field: Media Attacked Entity Geography: Incident Description: DB Dump on PasteBin Reference: http://pastebin.com/ZGfRR7mL |
Entry Title: WHID 2015-058: Bitcoin news website Coinfire and its Twitter account hacked WHID ID: 2015-058 Date Occurred: 1/26/2015 Attack Method: DNS Hijacking Application Weakness: Insufficient Process Validation Outcome: Defacement Attacked Entity Field: Media Attacked Entity Geography: Incident Description: ?Well, looks like the XPY supporters got what they wanted. They logged in to our domain registrar account and had our domain taken away from us,? he added. Reference: http://www.hackread.com/bitcoin-news-website-coinfire-website-twitter-hacked/ |
Entry Title: WHID 2015-057: Government of Nepal /Nepal Department of Transportation Hacked WHID ID: 2015-057 Date Occurred: 1/19/2015 Attack Method: SQL Injection Application Weakness: Improper Input Handling Outcome: Leakage of Information Attacked Entity Field: Government Attacked Entity Geography: Incident Description: DB Dump Reference: http://siph0n.net/exploits.php?id=3665 |
Entry Title: WHID 2015-056: Nigeria: DHQ Blogsite Hacked WHID ID: 2015-056 Date Occurred: 1/24/2015 Attack Method: Unknown Application Weakness: Unknown Outcome: Defacement Attacked Entity Field: Government Attacked Entity Geography: Incident Description: The Defence Headquarters (DHQ)' information blog site, defenceinfo.mil.ng, that was hacked into in the early hours of Friday, 23 January, 2015 has been restored to full operation. Reference: http://allafrica.com/stories/201501250109.html |
Entry Title: WHID 2015-055: U. Chicago hacked WHID ID: 2015-055 Date Occurred: 1/24/2015 Attack Method: SQL Injection Application Weakness: Improper Input Handling Outcome: Leakage of Information Attacked Entity Field: Education Attacked Entity Geography: Incident Description: It appears we should add the University of Chicago to schools hacked by Carbonic. And yes, chalk it up to another SQLi vulnerability. Reference: http://www.databreaches.net/u-chicago-hacked-by-teamcarbonic-claim/ |
Entry Title: WHID 2015-054: Ghana government websites targeted by hackers WHID ID: 2015-054 Date Occurred: 1/21/2015 Attack Method: Unknown Application Weakness: Unknown Outcome: Defacement Attacked Entity Field: Government Attacked Entity Geography: Incident Description: The majority of the Ghanaian government's websites, including its main site, have been hacked and are currently offline. Reference: http://www.bbc.com/news/world-africa-30914000 |
Entry Title: WHID 2015-053: Le Monde hacked: 'Je ne suis pas Charlie' writes Syrian Electronic Army WHID ID: 2015-053 Date Occurred: 1/21/2015 Attack Method: Unknown Application Weakness: Unknown Outcome: Account Takeover Attacked Entity Field: Social Attacked Entity Geography: Incident Description: Hackers from the Syrian Electronic Army, which supports Syrian President Bashar al-Assad, broke into the Twitter account of Le Monde overnight, the newspaper confirmed on Wednesday. Reference: http://www.telegraph.co.uk/news/worldnews/europe/france/11359732/Le-Monde-hacked-Je-ne-suis-pas-Charlie-writes-Syrian-Electronic-Army.html |
Entry Title: WHID 2015-052: Russian Dating Site Topface Hacked for 20 Million User Names WHID ID: 2015-052 Date Occurred: 1/25/2015 Attack Method: SQL Injection Application Weakness: Improper Input Handling Outcome: Leakage of Information Attacked Entity Field: Social Attacked Entity Geography: Incident Description: User names and e-mail addresses of 20 million visitors to a Russia-based online dating service have been hacked and offered for sale on a website, according to fraud-detection software-maker Easy Solutions Inc. Reference: http://www.bloomberg.com/news/articles/2015-01-25/hacker-steals-20-million-passwords-from-unidentified-dating-site |
Entry Title: WHID 2015-051: Alleged Islamic hackers target NZ websites WHID ID: 2015-051 Date Occurred: 1/19/2015 Attack Method: Unknown Application Weakness: Unknown Outcome: Defacement Attacked Entity Field: Non-Profit Attacked Entity Geography: Incident Description: At least two New Zealand websites have been hacked and defaced by a group calling themselves the 'Team Muslim Cyberforce'. Reference: http://www.stuff.co.nz/technology/digital-living/65198165/islamic-hackers-target-nz-websites |
Entry Title: WHID 2015-050: Aussie Travel Cover hack exposes details of 770,000 customers WHID ID: 2015-050 Date Occurred: 1/20/2015 Attack Method: SQL Injection Application Weakness: Improper Input Handling Outcome: Leakage of Information Attacked Entity Field: Travel Attacked Entity Geography: Incident Description: A major data breach has hit one of Australia's leading travel insurers, exposing details of three quarters of a million policy holders. But while the hack occurred last year, customers have remained in the dark. Reference: http://www.cnet.com/au/news/aussie-travel-cover-hack-exposes-customer-details/ |
Entry Title: WHID 2015-049: philsacra.ust.edu.ph website hacked WHID ID: 2015-049 Date Occurred: 1/17/2015 Attack Method: SQL Injection Application Weakness: Improper Input Handling Outcome: Leakage of Information Attacked Entity Field: Education Attacked Entity Geography: Incident Description: DB dump Reference: http://siph0n.net/exploits.php?id=3654 |
Entry Title: WHID 2015-048: Govt sites hacked on eve of SC cybercrime hearing WHID ID: 2015-048 Date Occurred: 1/14/2015 Attack Method: Unknown Application Weakness: Unknown Outcome: Defacement Attacked Entity Field: Government Attacked Entity Geography: Incident Description: On the eve of the Supreme Court's hearing on the Anti-Cybercrime Act of 2012, hackers opposing the law defaced several government websites early Monday. Reference: http://www.gmanetwork.com/news/story/290139/scitech/technology/govt-sites-hacked-on-eve-of-sc-cybercrime-hearing |
Entry Title: WHID 2015-047: Road Transport Corporation website hacked WHID ID: 2015-047 Date Occurred: 1/14/2015 Attack Method: Unknown Application Weakness: Unknown Outcome: Defacement Attacked Entity Field: Government Attacked Entity Geography: Incident Description: The official website of the Andhra Pradesh State Road Transport Corporation (APSRTC) was defaced by suspected hackers from Bangladesh on Sunday Reference: http://timesofindia.indiatimes.com/city/hyderabad/Road-Transport-Corporation-website-hacked/articleshow/18012113.cms |
Entry Title: WHID 2015-046: DDoS Attacks Slam Finnish Bank WHID ID: 2015-046 Date Occurred: 1/7/2015 Attack Method: Denial of Service Application Weakness: Insufficient Anti-Automation Outcome: Downtime Attacked Entity Field: Finance Attacked Entity Geography: Incident Description: Police in Finland are investigating a series of distributed denial-of-service attacks against the country's OP Pohjola financial services group that have intermittently shut down online banking and direct debit services Reference: http://www.bankinfosecurity.com/ddos-attacks-slam-finnish-bank-a-7761 |
Entry Title: WHID 2015-045: PowerPulse website hacked WHID ID: 2015-045 Date Occurred: 1/16/2015 Attack Method: SQL Injection Application Weakness: Improper Input Handling Outcome: Leakage of Information Attacked Entity Field: Media Attacked Entity Geography: Incident Description: DB dumped Reference: http://siph0n.net/exploits.php?id=3653 |
Entry Title: WHID 2015-044: Virginia county website defaced with Islamic State message WHID ID: 2015-044 Date Occurred: 1/20/2015 Attack Method: Unknown Application Weakness: Unknown Outcome: Defacement Attacked Entity Field: Government Attacked Entity Geography: Incident Description: A Virginia county was the victim of a cyber attack where a group posted messages and videos praising ISIS, the rebel Islamic group that has leveled threats against the United States. - See more at: http://statescoop.com/virginia-county-website-defaced-islamic-state-messages/#sthash.C2MeEh4O.dpuf Reference: http://statescoop.com/virginia-county-website-defaced-islamic-state-messages/ |
Entry Title: WHID 2015-043: Grill parts website experiences system intrusion, payment card breach WHID ID: 2015-043 Date Occurred: 1/23/2015 Attack Method: SQL Injection Application Weakness: Improper Input Handling Outcome: Leakage of Information Attacked Entity Field: Retail Attacked Entity Geography: Incident Description: From January 2014 to October 2014, cardholder data was exposed on three separate occasions for various lengths of time due to a cyber attack against Barbecue Renew's web server. Reference: http://www.scmagazine.com/grill-parts-website-experiences-system-intrusion-payment-card-breach/article/394116/ |
Entry Title: WHID 2015-042: New York Post Confirms Twitter Accounts Were Hacked WHID ID: 2015-042 Date Occurred: 1/16/2015 Attack Method: Unknown Application Weakness: Unknown Outcome: Account Takeover Attacked Entity Field: Social Attacked Entity Geography: Incident Description: The New York Post said its Twitter account was hacked after messages were posted citing bogus breaking news about U.S. interest-rate policy and China firing missiles on a U.S. Navy ship. Reference: http://www.bloomberg.com/news/articles/2015-01-16/new-york-post-says-twitter-feed-hacked-after-fake-china-tweets |
Entry Title: WHID 2015-041: Lizard Lair Hacked WHID ID: 2015-041 Date Occurred: 1/15/2015 Attack Method: SQL Injection Application Weakness: Improper Input Handling Outcome: Leakage of Information Attacked Entity Field: Retail Attacked Entity Geography: Incident Description: Someone hacked LizardStresser[dot]su, the Web site the group uses to coordinate attacks and sell subscriptions to its attacks-for-hire service. Reference: https://krebsonsecurity.com/2015/01/another-lizard-arrested-lizard-lair-hacked/ |
Entry Title: WHID 2015-040: Hacker breached Metropolitan State University database with personal info WHID ID: 2015-040 Date Occurred: 1/16/2015 Attack Method: SQL Injection Application Weakness: Improper Input Handling Outcome: Leakage of Information Attacked Entity Field: Education Attacked Entity Geography: Incident Description: In a campuswide e-mail Friday, interim president Devinder Malhotra wrote that a computer hacker apparently got ?unauthorized access? to the university database in mid-December, and that investigators are still trying to determine the scope of the data breach. Reference: http://www.databreaches.net/mn-hacker-breached-metropolitan-state-university-database-with-pe-rsonal-info/ |
Entry Title: WHID 2015-039: FREE SYRIAN HACKERS HACKS OHIO CITY?S WEBSITE WHID ID: 2015-039 Date Occurred: 1/17/2015 Attack Method: Unknown Application Weakness: Unknown Outcome: Defacement Attacked Entity Field: Government Attacked Entity Geography: Incident Description: Free Syrian Hacker Dr.SHA6H hacked and defaced the official Ohio City Website of Perrysburg. He left a message to the defaced page with a message bashing the governments of the world for not solving the Syrian Crisis. Reference: http://beforeitsnews.com/alternative/2015/01/free-syrian-hackers-hacks-ohio-citys-website-3094106.html |
Entry Title: WHID 2015-038: 19,000 French websites hit by DDoS, defaced in wake of terror attack WHID ID: 2015-038 Date Occurred: 1/16/2015 Attack Method: Denial of Service Application Weakness: Insufficient Anti-Automation Outcome: Downtime Attacked Entity Field: Media Attacked Entity Geography: Incident Description: Since the three day terror attack that started in France on January 7 with the attack on satirical newspaper Charlie Hebdo, 19,000 websites of French-based companies have been targeted by cyber attackers, AP reports. Reference: http://www.net-security.org/secworld.php?id=17832 |
Entry Title: WHID 2015-037: Aqua Marine Boat website hacked WHID ID: 2015-037 Date Occurred: 1/13/2015 Attack Method: SQL Injection Application Weakness: Improper Input Handling Outcome: Leakage of Information Attacked Entity Field: Retail Attacked Entity Geography: Incident Description: DB dumped on PasteBin Reference: http://pastebin.com/ApnT0YcX |
Entry Title: WHID 2015-036: BigBlueInteractive Hacked WHID ID: 2015-036 Date Occurred: 1/14/2015 Attack Method: SQL Injection Application Weakness: Improper Input Handling Outcome: Leakage of Information Attacked Entity Field: Media Attacked Entity Geography: Incident Description: Zyklon dumpts DB Reference: http://www.databreaches.net/and-then-i-stumbled-across-these-hacks-by-zyklon/ |
Entry Title: WHID 2015-035: PasteBin DB Dump from lehlel.com WHID ID: 2015-035 Date Occurred: 1/14/2015 Attack Method: SQL Injection Application Weakness: Improper Input Handling Outcome: Leakage of Information Attacked Entity Field: Social Attacked Entity Geography: Incident Description: lehlel.com was hacked and DB dumped Reference: http://pastebin.ca/2906107 |
Entry Title: WHID 2015-034: Payment cards targeted in attack on pet supplies website WHID ID: 2015-034 Date Occurred: 1/16/2015 Attack Method: Unknown Application Weakness: Unknown Outcome: Leakage of Information Attacked Entity Field: Retail Attacked Entity Geography: Incident Description: Tennessee-based ValuePetSupplies.com is notifying several thousand customers that unauthorized persons accessed its servers and installed malicious files to capture personal information ? including payment card data ? entered into its website. Reference: http://www.scmagazine.com/payment-cards-targeted-in-attack-on-pet-supplies-website/article/392821/ |
Entry Title: WHID 2015-033: Boomerang Rentals Issues Statement Following Alleged Security Breach WHID ID: 2015-033 Date Occurred: 1/12/2015 Attack Method: SQL Injection Application Weakness: Improper Input Handling Outcome: Leakage of Information Attacked Entity Field: Gaming Attacked Entity Geography: Incident Description: UK-based Boomerang Rentals, a videogame rental service, issued a statement Monday, January 12th, following earlier allegations that customer information had been compromised. Reference: http://www.gamebrit.com/2015/01/12/boomerang-rentals-uk-issues-statement-following-alleged-hack-security-breach-game-rental/ |
Entry Title: WHID 2015-032: Notepad++ Releases ?Je suis Charlie? Edition, Website Gets Defaced WHID ID: 2015-032 Date Occurred: 1/14/2015 Attack Method: Unknown Application Weakness: Unknown Outcome: Defacement Attacked Entity Field: Technology Attacked Entity Geography: Incident Description: The website of the open-source text editor Notepad++ has been defaced by an Islamist hacking group because the developer released a ?Je suis Charlie? edition of the software. Reference: http://news.softpedia.com/news/Notepad-plus-plus-Releases-Je-suis-Charlie-Edition-Website-Gets-Defaced-469956.shtml |
Entry Title: WHID 2015-031: Crayola apologizes for Facebook page hack WHID ID: 2015-031 Date Occurred: 1/12/2015 Attack Method: Unknown Application Weakness: Unknown Outcome: Account Takeover Attacked Entity Field: Social Attacked Entity Geography: Incident Description: The Crayola Facebook page was posting things far more risqu? than crayons this past weekend. Unknown hackers took control of the Crayola social media webpage and posted dozens of links to R-rated sites and sexual jokes. Reference: http://www.usatoday.com/story/news/nation-now/2015/01/12/crayola-facebook-page-hack/21640887/ |
Entry Title: WHID 2015-030: Thousands of American and United airlines accounts hacked, with thieves booking dozens of free trips WHID ID: 2015-030 Date Occurred: 1/12/2015 Attack Method: SQL Injection Application Weakness: Improper Input Handling Outcome: Leakage of Information Attacked Entity Field: Transportation Attacked Entity Geography: Incident Description: The hackers stole usernames and passwords from a third party source and logged into thousands of accounts. The source of the leak is being investigated as the airlines work to pay back the hacked customers. Reference: http://www.nydailynews.com/news/national/thousands-american-united-airlines-accounts-hacked-article-1.2075162 |
Entry Title: WHID 2015-029: CENTCOM Twitter account hacked, suspended WHID ID: 2015-029 Date Occurred: 1/12/2015 Attack Method: Brute Force Application Weakness: Insufficient Anti-Automation Outcome: Account Takeover Attacked Entity Field: Social Attacked Entity Geography: Incident Description: The Twitter account for U.S. Central Command was suspended Monday after it was hacked by ISIS sympathizers -- but no classified information was obtained and no military networks were compromised, defense officials said. Reference: http://www.cnn.com/2015/01/12/politics/centcom-twitter-hacked-suspended/ |
Entry Title: WHID 2015-028: Bundaberg Library website used as hacker's billboard WHID ID: 2015-028 Date Occurred: 1/13/2015 Attack Method: Unknown Application Weakness: Unknown Outcome: Defacement Attacked Entity Field: Government Attacked Entity Geography: Incident Description: POLICE are investigating after the Bundaberg Regional Libraries website was hacked by a Syrian activist. Reference: http://www.news-mail.com.au/news/library-website-a-hackers-billboard/2508740/ |
Entry Title: WHID 2015-027: Anonymous claims first victim in 'Operation Charlie Hebdo' WHID ID: 2015-027 Date Occurred: 1/10/2015 Attack Method: Denial of Service Application Weakness: Insufficient Anti-Automation Outcome: Downtime Attacked Entity Field: Media Attacked Entity Geography: Incident Description: Hacking collective Anonymous declared war on Islamic extremists after Wednesday's deadly attack on Paris-based satirical newspaper Charlie Hebdo, and the group has now claimed its first victim. Reference: http://mashable.com/2015/01/10/anonymous-operation-charlie-hebdo/ |
Entry Title: WHID 2015-026: North Korean official news agency site serves malware WHID ID: 2015-026 Date Occurred: 1/13/2015 Attack Method: Unknown Application Weakness: Unknown Outcome: Planting of Malware Attacked Entity Field: Media Attacked Entity Geography: Incident Description: Users who visited the site of the state-run North Korean news agency, to see the country?s response to the Sony hacking accusations or for other reasons, might want to scan their computers for malware. Reference: http://www.pcworld.com/article/2868436/north-korean-official-news-agency-site-serves-malware.html |
Entry Title: WHID 2015-025: Extratorrent Down After Huge DDoS Attack WHID ID: 2015-025 Date Occurred: 1/12/2015 Attack Method: Denial of Service Application Weakness: Insufficient Anti-Automation Outcome: Downtime Attacked Entity Field: Data Sharing Attacked Entity Geography: Incident Description: xtraTorrent, one of the largest torrent sites on the Internet, remains down following a huge DDoS attack. The site's operators are working hard to mitigate the assault and hope to have the site back online soon. Reference: https://torrentfreak.com/extratorrent-down-after-huge-ddos-attack-150112/ |
Entry Title: WHID 2015-024: Did you visit HuffPo last week? You might have a virus WHID ID: 2015-024 Date Occurred: 1/8/2015 Attack Method: Unknown Application Weakness: Unknown Outcome: Planting of Malware Attacked Entity Field: Media Attacked Entity Geography: Incident Description: This past week, The Huffington Post and several major websites displayed malware-laced advertisements that infected computers and locked them down. Reference: http://money.cnn.com/2015/01/08/technology/security/malvertising-huffington-post/ |
Entry Title: WHID 2015-023: 8chan, related sites go down in Lizard Squad-powered DDoS WHID ID: 2015-023 Date Occurred: 1/8/2015 Attack Method: Denial of Service Application Weakness: Insufficient Anti-Automation Outcome: Downtime Attacked Entity Field: Social Attacked Entity Geography: Incident Description: On Thursday, the recent Lizard Squad tour of Internet infamy continued as the hacking group took credit for a distributed denial of service (DDoS) attack against the imageboard site 8chan. Reference: http://arstechnica.com/security/2015/01/8chan-related-sites-go-down-in-lizard-squad-powered-ddos/ |
Entry Title: WHID 2015-022: U. of Hawaii and Cornell University hacked WHID ID: 2015-022 Date Occurred: 1/7/2015 Attack Method: SQL Injection Application Weakness: Improper Input Handling Outcome: Leakage of Information Attacked Entity Field: Education Attacked Entity Geography: Incident Description: The U. of Hawaii data dump, which DataBreaches.net is not linking to, does not contain student or employee personal information, but in addition to acquiring the root username/password, ?Attorney? also got the mac addresses, service tags, usernames and more of each and every computer/smart board in their University. The dump only contained approximately 2,000 of the 65,000 lines of data he acquired, he tells this site Reference: http://www.databreaches.net/u-of-hawaii-and-cornell-university-hacked-by-marxistattorney/ |
Entry Title: WHID 2015-021: CyberBerkut committed DDoS attack on the parliament website WHID ID: 2015-021 Date Occurred: 1/7/2015 Attack Method: Denial of Service Application Weakness: Insufficient Anti-Automation Outcome: Downtime Attacked Entity Field: Government Attacked Entity Geography: Incident Description: The Internet pages of German Chancellor Angela Merkel and the German Bundestag are obviously crippled by an attack from the Internet. Reference: http://www.zeit.de/digital/internet/2015-01/bundestag-bundeskanzlerin-cyberberkut-angriff-webseiten |
Entry Title: WHID 2015-020: Banque Cantonale de Geneve (BCGE) hacked by Rex Mundi WHID ID: 2015-020 Date Occurred: 1/9/2015 Attack Method: SQL Injection Application Weakness: Improper Input Handling Outcome: Leakage of Information Attacked Entity Field: Finance Attacked Entity Geography: Incident Description: Hackers operating under the handle of Rex Mundi have claimed that they hacked into the systems of Banque Cantonale de Geneve (BCGE) and stolen the banks customer information including private emails. Now the hackers are demanding ?10,000 for not making the data public. Reference: http://www.techworm.net/2015/01/banque-cantonale-de-geneve-bcge-hacked-rex-mundi-demand-ransom.html |
Entry Title: WHID 2015-019: Islamic extremists hack websites of primary school and church in Yorkshire WHID ID: 2015-019 Date Occurred: 1/6/2015 Attack Method: Unknown Application Weakness: Unknown Outcome: Defacement Attacked Entity Field: Education Attacked Entity Geography: Incident Description: Islamic extremists have hacked the websites of a primary school and a church and replaced their homepages with a hate message against the US and Israel. Reference: http://www.dailymail.co.uk/news/article-2898635/Islamic-extremists-hack-websites-primary-school-church-Yorkshire-replace-homepages-hate-message-against-U-S-Israel.html |
Entry Title: WHID 2015-018: More EC-Council Sub-Domains Defaced WHID ID: 2015-018 Date Occurred: 1/6/2015 Attack Method: Unknown Application Weakness: Unknown Outcome: Defacement Attacked Entity Field: Government Attacked Entity Geography: Incident Description: Two more EC-Council sub-domains have been defaced by the hacking group known as Indonesian Gantengers Crew. Reference: http://www.batblue.com/more-ec-council-sub-domains-defaced/ |
Entry Title: WHID 2015-017: News websites, Twitter feeds hacked with pro-ISIS message WHID ID: 2015-017 Date Occurred: 1/6/2015 Attack Method: Brute Force Application Weakness: Insufficient Anti-Automation Outcome: Account Takeover Attacked Entity Field: Social Attacked Entity Geography: Incident Description: A group calling itself the "CyberCaliphate" took over the Twitter feeds of two American news outlets Tuesday, in addition to the website of a Maryland-based TV news station. Reference: http://www.cbsnews.com/news/albuquerque-journal-wboc-websites-twitter-feeds-hacked-with-pro-isis-message/ |
Entry Title: WHID: 2015-016: 10 million customer data stolen from Orange Spain WHID ID: 2015-016 Date Occurred: 1/5/2015 Attack Method: SQL Injection Application Weakness: Improper Input Handling Outcome: Leakage of Information Attacked Entity Field: Retail Attacked Entity Geography: Incident Description: To achieve this flight, hackers exploited a flaw, a SQL injection via two different reticular fallible addresses [ as in the case of TF1 / Viapresse, NDR ]. Remember, OWASP , an independent organization dedicated to IT security, classified in its top 10 SQL injections as the first plague web applications. Reference: http://www.zataz.com/10-millions-de-donnees-volees-a-orange-espagne/#axzz3Nr3klnlH |
Entry Title: WHID 2015-015: Universities hacked, data dumped WHID ID: 2015-015 Date Occurred: 1/4/2015 Attack Method: SQL Injection Application Weakness: Improper Input Handling Outcome: Leakage of Information Attacked Entity Field: Education Attacked Entity Geography: Incident Description: In a post on Pastebin yesterday, @MarxistAttorney (web site) claimed a number of hacks, including California State University, University of Kentucky, University of Connecticut, University of Maryland, Coastal Carolina University, and Abertay University. Reference: http://www.databreaches.net/universities-hacked-data-dumped-by-marxistattorney/ |
Entry Title: WHID 2015-014: TAN TOCK SENG: EDZ ELLO?S FACEBOOK ACCOUNT WAS HACKED WHEN HE MADE INSULTING COMMENTS WHID ID: 2015-014 Date Occurred: 1/4/2015 Attack Method: Brute Force Application Weakness: Insufficient Anti-Automation Outcome: Account Takeover Attacked Entity Field: Social Attacked Entity Geography: Incident Description: Tan Tock Seng Hospital has explained that the insulting, anti-Singaporean comments made by one of their staff, Edz Ello, were posted while his facebook account was hacked. Reference: http://therealsingapore.com/content/tan-tock-seng-edz-ello%E2%80%99s-facebook-account-was-hacked-when-he-made-insulting-comments |
Entry Title: WHID 2015-013: United Nation Pakistan Website Hacked By Free Syrian Hacker WHID ID: 2015-013 Date Occurred: 1/6/2015 Attack Method: Unknown Application Weakness: Unknown Outcome: Defacement Attacked Entity Field: Government Attacked Entity Geography: Incident Description: The famous anti-Bashar Al Assad hacker Dr.SHA6H from Free Syrian Hacker group has hacked and defaced the official website of UNDP ? United Nations Development Programme, Pakistan against the ongoing Syrian conflict. Reference: https://www.facebook.com/hackrons/posts/1023633604318713 |
Entry Title: WHID 2015-012: United Nations Hacked by ulzr1z #REPOST WHID ID: 2015-012 Date Occurred: 1/11/2015 Attack Method: SQL Injection Application Weakness: Improper Input Handling Outcome: Leakage of Information Attacked Entity Field: Government Attacked Entity Geography: Incident Description: United Nations Sub-domain Hacked by UlzR1z Reference: http://pastebin.com/GTmHYUyY |
Entry Title: WHID 2015-011: MIT sites defaced in lead-up to anniversary of Aaron Swartz's death WHID ID: 2015-011 Date Occurred: 1/6/2015 Attack Method: Unknown Application Weakness: Unknown Outcome: Defacement Attacked Entity Field: Education Attacked Entity Geography: Incident Description: Attackers going under the name of "Ulzr1z" defaced websites for courses at the Massachusetts Institute of Technology (MIT). Reference: https://nakedsecurity.sophos.com/2015/01/06/mit-sites-defaced-in-lead-up-to-anniversary-of-aaron-swartzs-death/ |
Entry Title: WHID 2015-010: 1.9m shoppers' data is hacked WHID ID: 2015-010 Date Occurred: 1/4/2015 Attack Method: SQL Injection Application Weakness: Improper Input Handling Outcome: Leakage of Information Attacked Entity Field: Retail Attacked Entity Geography: Incident Description: HACKERS have stolen confidential data relating to almost two million online shoppers in France who made purchases via the French TV station website TF1.fr - See more at: http://www.connexionfrance.com/shoppers-data-hacked-tf1-magazine-subscription-website-16506-view-article.html#sthash.7vOravLn.dpuf Reference: http://www.connexionfrance.com/shoppers-data-hacked-tf1-magazine-subscription-website-16506-view-article.html |
Entry Title: WHID 2015-009: ?Snooki?s? Instagram Account hacked by Arabic Speaking Hackers WHID ID: 2015-009 Date Occurred: 1/1/2015 Attack Method: Brute Force Application Weakness: Insufficient Anti-Automation Outcome: Account Takeover Attacked Entity Field: Social Attacked Entity Geography: Incident Description: Nicole ?Snooki? Polizzi got a shock on the New Year eve, when she found out that her Instagram account had been taken over by unknown Arabic speaking hackers on Tuesday. Reference: http://www.techworm.net/2015/01/snookis-instagram-account-hacked-by-arabic-speaking-hackers.html |
Entry Title: WHID 2015-008: differencegames.com Database Dump WHID ID: 2015-008 Date Occurred: 1/1/2015 Attack Method: SQL Injection Application Weakness: Improper Input Handling Outcome: Leakage of Information Attacked Entity Field: Retail Attacked Entity Geography: Incident Description: PasteBin DB Dump of data from differencegames.com Reference: http://pastebin.com/SJc2xDr8 |
Entry Title: WHID 2015-007: en.asiadcp.com Buyer Info Dump WHID ID: 2015-007 Date Occurred: 1/1/2015 Attack Method: SQL Injection Application Weakness: Improper Input Handling Outcome: Leakage of Information Attacked Entity Field: Retail Attacked Entity Geography: Incident Description: PasteBin DB Dump of data from http://en.asiadcp.com Reference: http://pastebin.com/Wp8xCir3 |
Entry Title: WHID 2015-006: Saudi Arabia hires 'ethical hackers' to silence smut slingers WHID ID: 2015-006 Date Occurred: 1/5/2015 Attack Method: Unknown Application Weakness: Unknown Outcome: Account Takeover Attacked Entity Field: Social Attacked Entity Geography: Incident Description: "The Commission members have succeeded in hacking Twitter pornography accounts, shutting them and arresting some of their owners over the past period," an unnamed spokesman told the publication. The agency did not say how it compromised the users, either through the use of malware or by softer methods such as open source intelligence gathering. Reference: http://www.theregister.co.uk/2015/01/05/saudi_arabia_hires_ethical_hackers_to_silence_smut_slingers/ |
Entry Title: WHID 2015-005: Origin Accounts Hacked WHID ID: 2015-005 Date Occurred: 1/3/2015 Attack Method: Unknown Application Weakness: Unknown Outcome: Account Takeover Attacked Entity Field: Gaming Attacked Entity Geography: Incident Description: According to Reddit and EA forum postings Origin users are having their accounts hacked and fraudulent purchases are being made. Reference: http://www.hardcoregamer.com/2015/01/03/origin-accounts-hacked/127212/ |
Entry Title: WHID 2015-004: Battle.net Experiencing Unusual Major Disruptions, DDoS Speculated WHID ID: 2015-004 Date Occurred: 1/2/2015 Attack Method: Denial of Service Application Weakness: Insufficient Anti-Automation Outcome: Downtime Attacked Entity Field: Gaming Attacked Entity Geography: Incident Description: Blizzard?s Battle.net service is having authentication issues today as hundred of angry gamers are clambering over each other wondering what?s going on. Reference: http://www.gamerheadlines.com/2015/01/battle-net-experiencing-unusual-major-disruptions-ddos-speculated/ |
Entry Title: WHID 2015-003: Nordea: Online banking hit by hackers WHID ID: 2015-003 Date Occurred: 1/2/2015 Attack Method: Denial of Service Application Weakness: Insufficient Anti-Automation Outcome: Downtime Attacked Entity Field: Finance Attacked Entity Geography: Incident Description: On the heels of Wednesday's attack on the OP-Pohjola Group's online banking services, Nordea announced on Friday afternoon that its online banking services had also been the target of a denial of services attack Reference: http://yle.fi/uutiset/nordea_online_banking_hit_by_hackers/7718241 |
Entry Title: WHID 2015-002: Islamic script kiddies aim killer blow - at Bristol bus timetable website WHID ID: 2015-002 Date Occurred: 1/2/2015 Attack Method: Unknown Application Weakness: Unknown Outcome: Defacement Attacked Entity Field: Transportation Attacked Entity Geography: Incident Description: Bristol residents looking for bus and train timetables were confronted by a message from Islamic militants following a defacement of the TravelWest website. Reference: http://www.theregister.co.uk/2015/01/02/bristol_bus_timetable_website_defaced_militants/ |
Entry Title: WHID 2015-001: iCloud accounts at risk of brute force attack as hacker exploits 'painfully obvious' password flaw WHID ID: 2015-001 Date Occurred: 1/2/2015 Attack Method: Brute Force Application Weakness: Insufficient Anti-Automation Outcome: Account Takeover Attacked Entity Field: Technology Attacked Entity Geography: Incident Description: A developer claims to have discovered a flaw in Apple's iCloud security where an automated piece of software can be used to repeatedly guess a target's password. Reference: http://www.ibtimes.co.uk/icloud-accounts-risk-brute-force-attack-hacker-exploits-painfully-obvious-password-flaw-1481623 |
Entry Title: WHID 2014-151: ctf365.com defaced and account information taken WHID ID: 2014-151 Date Occurred: 11/24/2014 Attack Method: Unknown Application Weakness: Unknown Outcome: Defacement Attacked Entity Field: Technology Attacked Entity Geography: Incident Description: Hacking group defaced ctf365.com and obtained the username and password list. Reference: http://www.reddit.com/r/hacking/comments/2nbsou/ctf365_hacked/ |
Entry Title: WHID 2014-150: DerpTrolling leaks PSN, 2K, Windows Live customer logins WHID ID: 2014-150 Date Occurred: 11/20/2014 Attack Method: Unknown Application Weakness: Unknown Outcome: Leakage of Information Attacked Entity Field: Gaming Attacked Entity Geography: Incident Description: Hacker group DerpTrolling has released a "very small portion" of usernames and logins for three gaming networks in its possession as a "warning to companies". Reference: http://www.cnet.com/news/derptrolling-leaks-psn-2k-windows-live-customer-logins/ |
Entry Title: WHID 2014-149: The Largest Cyber Attack In History Has Been Hitting Hong Kong Sites WHID ID: 2014-149 Date Occurred: 11/21/2014 Attack Method: Denial of Service Application Weakness: Insufficient Anti-Automation Outcome: Downtime Attacked Entity Field: Politics Attacked Entity Geography: Incident Description: The distributed denial of service (DDoS) attacks have been carried out against independent news site Apple Daily and PopVote, which organised mock chief executive elections for Hong Kong. Reference: http://www.forbes.com/sites/parmyolson/2014/11/20/the-largest-cyber-attack-in-history-has-been-hitting-hong-kong-sites/?ss=cio-network/ |
Entry Title: WHID 2014-148: Chinese hackers breach U.S. federal weather network, may have accessed classified data WHID ID: 2014-148 Date Occurred: 11/12/2014 Attack Method: Unknown Application Weakness: Unknown Outcome: Downtime Attacked Entity Field: Government Attacked Entity Geography: Incident Description: Hackers from China breached the federal weather network recently, forcing cybersecurity teams to seal off data vital to disaster planning, aviation, shipping and scores of other crucial uses, officials said. Reference: http://news.nationalpost.com/2014/11/12/chinese-hackers-breach-u-s-federal-weather-network-may-have-accessed-classified-data/ |
Entry Title: WHID 2014-147: BrowserStack Hacked via Shellshock WHID ID: 2014-147 Date Occurred: 11/9/2014 Attack Method: OS Commanding Application Weakness: Improper Input Handling Outcome: Leakage of Information Attacked Entity Field: Technology Attacked Entity Geography: Incident Description: The cross-browser testing service BrowserStack was recently breached by an attacker who leveraged his access to send an email to users claiming that the service was shutting down. Reference: http://www.esecurityplanet.com/network-security/browserstack-hacked-via-shellshock.html |
Entry Title: WHID 2014-146: Blizzard confirms World of Warcraft target of DDoS attack WHID ID: 2014-146 Date Occurred: 11/13/2014 Attack Method: Denial of Service Application Weakness: Insufficient Anti-Automation Outcome: Downtime Attacked Entity Field: Gaming Attacked Entity Geography: Incident Description: WoW Insider received reports earlier today that Blizzard may be the target of a significant DDoS effort -- and community manager Bashiok has confirmed it on the World of Warcraft forums. Reference: http://wow.joystiq.com/2014/11/13/blizzard-confirms-world-of-warcraft-target-of-ddos-attack/ |
Entry Title: WHID 2014-145: Hackers bypass online security at 34 banks WHID ID: 2014-145 Date Occurred: 7/24/2014 Attack Method: Banking Trojan Application Weakness: Insufficient Process Validation Outcome: Monetary Loss Attacked Entity Field: Finance Attacked Entity Geography: Incident Description: Cybercriminals are sneaking past security protections to access online accounts across 34 banks in Switzerland, Sweden, Austria and Japan. And in doing so, experts say, the hackers are defeating what?s often touted as one of the more effective online security protocols. Reference: http://www.marketwatch.com/story/hackers-bypass-online-security-at-34-banks-2014-07-22?siteid=bigcharts&dist=bigcharts |
Entry Title: WHID 2014-144: AskMen website hacked twice in the past month, sending malicious code WHID ID: 2014-144 Date Occurred: 7/22/2014 Attack Method: Unknown Application Weakness: Unknown Outcome: Planting of Malware Attacked Entity Field: Media Attacked Entity Geography: Incident Description: For the second time in the past month, AskMen.com was compromised, with malicious code injected on the company's server sending out attacks. AskMen is reportedly looking into the security issue after being contacted by security software company Malwarebytes. Reference: http://www.tweaktown.com/news/39211/askmen-website-hacked-twice-in-the-past-month-sending-malicious-code/index.html |
Entry Title: WHID 2014-143: WSJ website hacked, data offered for sale for 1 bitcoin WHID ID: 2014-143 Date Occurred: 7/23/2014 Attack Method: SQL Injection Application Weakness: Improper Input Handling Outcome: Leakage of Information Attacked Entity Field: Media Attacked Entity Geography: Incident Description: However, Komarov, whose firm discovered the posting offering the vulnerabilities, said that IntelCrawl had confirmed that a SQL injection vulnerability in the wsj.com site made it possible ?to get access to any database on the wsj.com server.? Reference: http://arstechnica.com/security/2014/07/wsj-website-hacked-data-offered-for-sale-for-1-bitcoin/?utm_source=feedburner&utm_medium=feed&utm_campaign=Feed%3A+arstechnica%2Findex+(Ars+Technica+-+All+content) |
Entry Title: WHID 2014-142: WORDPRESS SITES SEEING INCREASED MALWARE, BRUTE FORCE ATTACKS THIS WEEK WHID ID: 2014-142 Date Occurred: 7/23/2014 Attack Method: Brute Force Application Weakness: Insufficient Anti-Automation Outcome: Account Takeover Attacked Entity Field: Blogs Attacked Entity Geography: Incident Description: A glut of WordPress sites have fallen victim to both malware infections and a series of brute force attacks that have been making the rounds over the past several days, researchers claim. Reference: http://threatpost.com/wordpress-sites-seeing-increased-malware-brute-force-attacks-this-week |
Entry Title: WHID 2014-141: Hackers steal user data from the European Central Bank website, ask for money WHID ID: 2014-141 Date Occurred: 7/24/2014 Attack Method: SQL Injection Application Weakness: Improper Input Handling Outcome: Leakage of Information Attacked Entity Field: Finance Attacked Entity Geography: Incident Description: The attackers exploited a vulnerability to access a database serving the ECB?s public website, the institution announced Thursday on its website. No internal systems or market sensitive data were affected, the ECB said. Reference: http://www.pcworld.com/article/2457960/hackers-steal-user-data-from-the-european-central-bank-website-ask-for-money.html |
Entry Title: WHID 2014-140: Shelby County Schools' direct deposit data hacked WHID ID: 2014-140 Date Occurred: 7/18/2014 Attack Method: Unknown Application Weakness: Unknown Outcome: Monetary Loss Attacked Entity Field: Education Attacked Entity Geography: Incident Description: Shelby County Schools is limiting access to the direct deposit portion of its employee portal after bank routing and account numbers for at least 10 employees were changed and routed instead to prepaid cards. Reference: http://www.commercialappeal.com/news/local-news/schools/shelby-county-schools-direct-deposit-data-hacked_31644341 |
Entry Title: WHID 2014-139: Hacker Goes On Spree Against Musicians' Websites WHID ID: 2014-139 Date Occurred: 7/18/2014 Attack Method: Unknown Application Weakness: Unknown Outcome: Defacement Attacked Entity Field: Entertainment Attacked Entity Geography: Incident Description: An online activist known only as Ethical Dragon has been reportedly hacking the websites of musicians and celebrities he feels have been ignoring his efforts to communicate with him (or her). Reference: http://themusic.com.au/news/all/2014/07/19/hacker-goes-on-spree-against-musicians-websites/ |
Entry Title: WHID 2014-138: #OpSaveGaza: Anonymous Takes Down 1,000 Israeli Government and Business Websites WHID ID: 2014-138 Date Occurred: 7/19/2014 Attack Method: Denial of Service Application Weakness: Insufficient Anti-Automation Outcome: Downtiime Attacked Entity Field: Government Attacked Entity Geography: Incident Description: Hacker collective Anonymous has announced that it has taken down over a thousand of crucial Israeli websites in a huge new coordinated cyber-attack called #OpSaveGaza on 11 July and 17 July, in support of the people of Palestine. Reference: http://www.ibtimes.co.uk/opsavegaza-anonymous-takes-down-1000-israeli-government-business-websites-1457269 |
Entry Title: WHID 2014-137: Anonymous hacks Israeli websites in new pro-Palestine campaign WHID ID: 2014-137 Date Occurred: 4/7/2014 Attack Method: Denial of Service Application Weakness: Insufficient Anti-Automation Outcome: Downtime Attacked Entity Field: Government Attacked Entity Geography: Incident Description: Anonymous has laid claim to the downing of 500 Israeli web pages as part of a cyber attack by the group in support of the people of Palestine. Reference: http://www.itproportal.com/2014/04/07/anonymous-hacks-israeli-websites-in-new-pro-palestine-campaign/ |
Entry Title: WHID 2014-136: Bank account of Saudi hacked WHID ID: 2014-136 Date Occurred: 7/18/2014 Attack Method: Unknown Application Weakness: Unknown Outcome: Monetary Loss Attacked Entity Field: Finance Attacked Entity Geography: Incident Description: A Saudi man in Bashair has filed a complaint saying that an anonymous individual had hacked into his bank account and transferred SR18,430 to another account through local transfer, adding that he is worried that the money would land in the wrong hands. Reference: http://www.arabnews.com/news/603681 |
Entry Title: WHID 2014-135: B.C. PharmaNet hit by hacker, 1,600 accounts breached WHID ID: 2014-135 Date Occurred: 7/11/2014 Attack Method: Stolen Credentials Application Weakness: Insufficient Authentication Outcome: Leakage of Information Attacked Entity Field: Healthcare Attacked Entity Geography: Incident Description: About 1,600 patients had their private data in the provincial PharmaNet ?prescription system accessed by an unknown hacker, a Health Ministry investigation has revealed. Reference: http://www.cbc.ca/news/canada/british-columbia/b-c-pharmanet-hit-by-hacker-1-600-accounts-breached-1.2704446 |
Entry Title: WHID 2014-134: CNET Confirms Russian Hack WHID ID: 2014-134 Date Occurred: 7/15/2014 Attack Method: Code Injection Application Weakness: Improper Input Handling Outcome: Leakage of Information Attacked Entity Field: Media Attacked Entity Geography: Incident Description: W0rm, which uses the Twitter handle @rev_priv8, tweeted a screenshot purportedly showing the contents of the CNET database. He or she said that a security hole in CNET.com's implementation of the Symfony PHP framework was the attack vector. Reference: http://www.infosecurity-magazine.com/view/39323/cnet-confirms-russian-hack |
Entry Title: WHID 2014-133: Town website hacked WHID ID: 2014-133 Date Occurred: 7/15/2014 Attack Method: Unknown Application Weakness: Unknown Outcome: SPAM Links Attacked Entity Field: Government Attacked Entity Geography: Incident Description: Visitors accessing the Town of Grand Falls-Windsor?s official website late last week or over the weekend may have gotten a shock. Reference: http://www.gfwadvertiser.ca/News/Local/2014-07-15/article-3801475/Town-website-hacked/1 |
Entry Title: WHID 2014-132: Astros Respond After Hackers Breach Internal Database WHID ID: 2014-132 Date Occurred: 6/30/2014 Attack Method: Unknown Application Weakness: Unknown Outcome: Leakage of Information Attacked Entity Field: Sports Attacked Entity Geography: Incident Description: The Houston Astros say they have been the victims of hackers who accessed their servers and published months of internal trade talks on the Internet. Reference: http://www.kwtx.com/sports/headlines/Astros-Respond-To-Security-Breach-265301541.html?ref=541 |
Entry Title: WHID 2014-131: Operation SnowMan: DeputyDog Actor Compromises US Veterans of Foreign Wars Website WHID ID: 2014-131 Date Occurred: 2/13/2014 Attack Method: Unknown Application Weakness: Unknown Outcome: Planting of Malware Attacked Entity Field: Government Attacked Entity Geography: Incident Description: After compromising the VFW website, the attackers added an iframe into the beginning of the website?s HTML code that loads the attacker?s page in the background. The attacker?s HTML/JavaScript page runs a Flash object, which orchestrates the remainder of the exploit. Reference: http://www.fireeye.com/blog/uncategorized/2014/02/operation-snowman-deputydog-actor-compromises-us-veterans-of-foreign-wars-website.html |
Entry Title: WHID 2014-130: European Cyber Army Hacker Targets Syria WHID ID: 2014-130 Date Occurred: 4/9/2014 Attack Method: SQL Injection Application Weakness: Improper Input Handling Outcome: Leakage of Information Attacked Entity Field: Advertising Attacked Entity Geography: Incident Description: Over 60,000 full names, user names, phone numbers and home addresses were leaked, along with several encrypted passwords and several in clear text. Reference: http://www.esecurityplanet.com/hackers/european-cyber-army-hacker-targets-syria.html |
Entry Title: WHID 2014-129: Anti-media cybercrime spree continues: Al Arabiya hacked by NullCrew WHID ID: 2014-129 Date Occurred: 4/3/2014 Attack Method: Local File Inclusion (LFI) Application Weakness: Improper Input Handling Outcome: Leakage of Information Attacked Entity Field: Media Attacked Entity Geography: Incident Description: After hacking and humiliating Comcast in February, NullCrew is back with HorsemenLulz in a successful hack on the mail servers of the second biggest media company in the Arab world, Al Arabiya. Reference: http://www.zdnet.com/anti-media-cybercrime-spree-continues-al-arabiya-hacked-by-nullcrew-7000028004/ |
Entry Title: WHID 2014-128: SQL Injection Leads To BigMoneyJobs.com Leak WHID ID: 2014-128 Date Occurred: 4/2/2014 Attack Method: SQL Injection Application Weakness: Improper Input Handling Outcome: Leakage of Information Attacked Entity Field: Advertising Attacked Entity Geography: Incident Description: Earlier today, a hacker identified as ProbablyOnion (who recently breached Boxee.tv) has posted data from a large job seeker website resulting in over 36,000 accounts being published online. Reference: https://www.riskbasedsecurity.com/2014/04/sql-injection-leads-to-bigmoneyjobs-com-leak/ |
Entry Title: WHID 2014-127: Email Marketing Service Mad Mimi Hit by DDOS Attacks, Blackmailed WHID ID: 2014-127 Date Occurred: 4/1/2014 Attack Method: Denial of Service Application Weakness: Insufficient Anti-Automation Outcome: Downtime Attacked Entity Field: Advertising Attacked Entity Geography: Incident Description: On Sunday, March 30, email marketing service Mad Mimi was hit by a distributed denial-of-service (DDOS) attack. Shortly after, they received an email from someone who asked for 1.8 Bitcoins to stop launching attacks. Reference: http://news.softpedia.com/news/Email-Marketing-Service-Mad-Mimi-Hit-by-DDOS-Attacks-Blackmailed-435152.shtml |
Entry Title: WHID 2014-126: Gov't contractor Klas Telecom responds to getting hacked by NullCrew WHID ID: 2014-126 Date Occurred: 4/6/2014 Attack Method: SQL Injection Application Weakness: Improper Input Handling Outcome: Leakage of Information Attacked Entity Field: Technology Attacked Entity Geography: Incident Description: A skirmish erupted last week when hacking group NullCrew successfully broke into tactical communications company Klas Telecom. The global government contractor had an interesting response to its attackers. Reference: http://www.zdnet.com/govt-contractor-klas-telecom-responds-to-getting-hacked-by-nullcrew-7000028102/ |
Entry Title: WHID 2014-125: Hack of Boxee.tv exposes password data, messages for 158,000 users WHID ID: 2014-125 Date Occurred: 4/1/2014 Attack Method: Unknown Application Weakness: Unknown Outcome: Leakage of Information Attacked Entity Field: Technology Attacked Entity Geography: Incident Description: Hackers posted names, e-mail addresses, message histories, and partially protected login credentials for more than 158,000 forum users of Boxee.tv, the Web-based television service that was acquired by Samsung last year, researchers said. Reference: http://arstechnica.com/security/2014/04/hack-of-boxee-tv-exposes-password-data-messages-for-158000-users/ |
Entry Title: WHID 2014-124: Foreign Minister Julie Bishop confirms her Twitter account was hacked WHID ID: 2014-124 Date Occurred: 3/17/2014 Attack Method: Unknown Application Weakness: Insufficient Authentication Outcome: SPAM Links Attacked Entity Field: Social Attacked Entity Geography: Incident Description: On Monday morning, Ms Bishop's spokeswoman said: "In weightier issues today, the Australian Foreign Minister?s Twitter account was accessed by spambots alerting her more than 50,000 followers to the latest innovations in weight loss, instead of her usual diplomatic endeavours. Twitter was quickly on the case and the situation swiftly handled.? Reference: http://www.smh.com.au/federal-politics/political-news/foreign-minister-julie-bishop-confirms-her-twitter-account-was-hacked-20140317-34wc8.html |
Entry Title: WHID 2014-123: Guatemala Sites of Renault, Toyota and Chevrolet Hacked and Defaced WHID ID: 2014-123 Date Occurred: 3/18/2014 Attack Method: Unknown Application Weakness: Unknown Outcome: Defacement Attacked Entity Field: Automotive Attacked Entity Geography: Incident Description: The Guatemala websites of Renault, Toyota and Chevrolet have been hacked and defaced by a member of a Pakistani group called Team Cyber Criminals. Reference: http://news.softpedia.com/news/Guatemala-Sites-of-Renault-Toyota-and-Chevrolet-Hacked-and-Defaced-432682.shtml |
Entry Title: WHID 2014-122: Over 500,000 PCs attacked every day after 25,000 UNIX servers hijacked by Operation Windigo WHID ID: 2014-122 Date Occurred: 3/18/2014 Attack Method: Stolen Credentials Application Weakness: Insufficient Authentication Outcome: SPAM Links Attacked Entity Field: Technology Attacked Entity Geography: Incident Description: The attack, which has been given the name ?Windigo? after a mythical creature from Algonquian Native American folklore, has resulted in over 25,000 Unix servers being hacked, resulting in 35 million spam messages being sent each day from compromised machines. Reference: http://www.welivesecurity.com/2014/03/18/attack-unix-operation-windigo/ |
Entry Title: WHID 2014-121: Citroen becomes the latest victim of Adobe ColdFusion hackers WHID ID: 2014-121 Date Occurred: 3/17/2014 Attack Method: Local File Inclusion (LFI) Application Weakness: Improper Input Handling Outcome: Leakage of Information Attacked Entity Field: Retail Attacked Entity Geography: Incident Description: One of the carmaker?s German websites hacked to include a backdoor last year, following similar cases elsewhere Reference: http://www.theguardian.com/technology/2014/mar/17/citroen-adobe-coldfusion-hacked-backdoor |
Entry Title: WHID 2014-120: Hacker breaches Hopkins server WHID ID: 2014-120 Date Occurred: 3/7/2014 Attack Method: Unknown Application Weakness: Unknown Outcome: Leakage of Information Attacked Entity Field: Education Attacked Entity Geography: Incident Description: Names, email addresses and phone numbers from about 850 current and former Johns Hopkins University biomedical engineering students were posted online Thursday, stolen by someone claiming to be part of the hacker group known as Anonymous. Reference: http://articles.baltimoresun.com/2014-03-07/news/bs-md-hopkins-servers-hacked-20140306_1_engineering-students-identity-theft-server |
Entry Title: WHID 2014-119: COMIXOLOGY URGES USERS TO CHANGE PASSWORDS IN WAKE OF SERVER HACK WHID ID: 2014-119 Date Occurred: 3/6/2014 Attack Method: Unknown Application Weakness: Unknown Outcome: Leakage of Information Attacked Entity Field: Entertainment Attacked Entity Geography: Incident Description: Earlier this morning, digital comics publisher comiXology sent out an email notifying subscribers that it had discovered its database had recently been compromised. While comiXology states that credit card information should be safe -- it does not store card numbers on its servers -- it is suggested users of the digital platform immediately change their password immediately. Reference: http://www.comicbookresources.com/?page=article&id=51291 |
Entry Title: WHID 2014-118: Statistics Company Statista Hacked, Email Addresses and Passwords Possibly Stolen WHID ID: 2014-118 Date Occurred: 3/8/2014 Attack Method: Unknown Application Weakness: Unknown Outcome: Leakage of Information Attacked Entity Field: Technology Attacked Entity Geography: Incident Description: Statista, the company that provides statistics and studies from over 18,000 sources, has been hacked. The company believes the hackers could have accessed its user database. Reference: http://news.softpedia.com/news/Statistics-Company-Statista-Hacked-Email-Addresses-and-Passwords-Possibly-Stolen-431173.shtml |
Entry Title: WHID 2014-117: Sally Beauty Confirms Card Data Breach WHID ID: 2014-117 Date Occurred: 3/14/2014 Attack Method: Unknown Application Weakness: Unknown Outcome: Leakage of Information Attacked Entity Field: Retail Attacked Entity Geography: Incident Description: Nationwide cosmetics and beauty retailer Sally Beauty today confirmed that hackers had broken into its networks and stolen credit card data from stores. Reference: http://krebsonsecurity.com/2014/03/sally-beauty-confirms-card-data-breach/ |
Entry Title: WHID 2014-116: North Dakota university system says server hacked WHID ID: 2014-116 Date Occurred: 3/5/2014 Attack Method: Unknown Application Weakness: Unknown Outcome: Leakage of Information Attacked Entity Field: Education Attacked Entity Geography: Incident Description: A North Dakota University System computer server that stores personal data of nearly 300,000 past and present students was hacked, university system officials announced Wednesday. Reference: http://bismarcktribune.com/news/state-and-regional/north-dakota-university-system-says-server-hacked/article_2c11572a-a4ad-11e3-ac1d-001a4bcf887a.html |
Entry Title: WHID 2014-115: Website of International Video News Agency Ruptly Hit With DDOS Attack WHID ID: 2014-115 Date Occurred: 3/4/2014 Attack Method: Denial of Service Application Weakness: Insufficient Anti-Automation Outcome: Downtime Attacked Entity Field: Media Attacked Entity Geography: Incident Description: Moments ago, the Ruptly international video news agency, which is part of the RT (Russia Today) global news network, announced that its website is under a distributed denial-of-service (DDOS) attack. Reference: http://news.softpedia.com/news/Website-of-International-Video-News-Agency-Ruptly-Hit-With-DDOS-Attack-430390.shtml |
Entry Title: WHID 2014-114: High-Profile Domains from Congo Defaced via Hack Attack on NIC WHID ID: 2014-114 Date Occurred: 3/3/2014 Attack Method: DNS Hijacking Application Weakness: Insufficient Process Validation Outcome: Defacement Attacked Entity Field: Service Provider Attacked Entity Geography: Incident Description: The Congo domains (.cd) for Amazon, Audi, AVG, BBC, BMW, Canon, DHL, eBay, Fujitsu, GoDaddy, Hitachi, Honda, IBM, Panasonic, Toshiba, Mercedes, Rolex, Samsung, T-Mobile, Volkswagen and many others have been defaced by hackers of TeaM MaDLeeTs. Reference: http://news.softpedia.com/news/High-Profile-Domains-from-Congo-Defaced-via-Hack-Attack-on-NIC-430140.shtml |
Entry Title: WHID 2014-113: Denial-Of-Service Attack Snags Meetup.com For Days WHID ID: 2014-113 Date Occurred: 3/4/2014 Attack Method: Denial of Service Application Weakness: Insufficient Anti-Automation Outcome: Downtime Attacked Entity Field: Social Attacked Entity Geography: Incident Description: Meetup.com was back online Monday, after a series of massive denial-of-service attacks that lasted off and on for four days. Reference: http://newyork.cbslocal.com/2014/03/03/denial-of-service-attack-snags-meetup-com-for-days/ |
Entry Title: WHID 2014-112: Thieves Jam Up Smucker?s, Card Processor WHID ID: 2014-112 Date Occurred: 3/14/2014 Attack Method: Local File Inclusion (LFI) Application Weakness: Improper Input Handling Outcome: Leakage of Information Attacked Entity Field: Retail Attacked Entity Geography: Incident Description: Not all of the above-mentioned victims involved the exploitation of ColdFusion vulnerabilities, but Smucker?s was included in a list of compromised online stores that I regrettably lost track of toward the end of 2013, amid a series of investigations involving breaches at much bigger victims. Reference: http://krebsonsecurity.com/2014/03/thieves-jam-up-smuckers-card-processor/ |
Entry Title: WHID 2014-111: W3C website fell victim to an SQL injection WHID ID: 2014-111 Date Occurred: 3/1/2014 Attack Method: SQL Injection Application Weakness: Improper Input Handling Outcome: Leakage of Information Attacked Entity Field: Technology Attacked Entity Geography: Incident Description: It has come to to light today that the website of W3C (World Wide Web Consortium) has fallen victim to an SQL injection from an unknown party. Reference: http://www.hackingdaily.com/2014/03/w3c-hacked-by-sql.html |
Entry Title: WHID 2014-110: EA Games website hacked to steal Apple IDs WHID ID: 2014-110 Date Occurred: 3/19/2014 Attack Method: OS Commanding Application Weakness: Improper Input Handling Outcome: Phishing Attacked Entity Field: Gaming Attacked Entity Geography: Incident Description: An EA Games server has been compromised by hackers and is now hosting a phishing site which targets Apple ID account holders. Reference: http://news.netcraft.com/archives/2014/03/19/ea-games-website-hacked-to-steal-apple-ids.html |
Entry Title: WHID 2014-109: SurveyGizmo Recovers from DDoS Attack Despite ?Communication Issues? with Hosting Provider ViaWest WHID ID: 2014-109 Date Occurred: 3/28/2014 Attack Method: Denial of Service Application Weakness: Insufficient Anti-Automation Outcome: Downtime Attacked Entity Field: Technology Attacked Entity Geography: Incident Description: After almost two days of disrupted service, SurveyGizmo has completely recovered from a DDoS attack. According to Jason Carolan, CTO of SurveyGizmo?s web host ViaWest, the attack was persistent and estimated at between 20 and 40 Gbps. Reference: http://www.thewhir.com/web-hosting-news/surveygizmo-recovers-ddos-attack-despite-communication-issues-hosting-provider-viawest |
Entry Title: WHID 2014-108: World Of Warcraft, Hearthstone Hit By DDoS Attacks And ISP Issues WHID ID: 2014-108 Date Occurred: 3/31/2014 Attack Method: Denial of Service Application Weakness: Insufficient Anti-Automation Outcome: Downtime Attacked Entity Field: Gaming Attacked Entity Geography: Incident Description: In Europe, hackers are causing problems with distributed denial-of-service (DDoS) attacks. The result is that every online game by the company has been disrupted. Reference: http://www.cinemablend.com/games/World-Warcraft-Hearthstone-Hit-By-DDoS-Attacks-ISP-Issues-63106.html |
Entry Title: WHID 2014-107: Elance and oDesk hit by major DDoS attacks, downing services for many freelancers WHID ID: 2014-107 Date Occurred: 3/18/2014 Attack Method: Denial of Service Application Weakness: Insufficient Anti-Automation Outcome: Downtime Attacked Entity Field: Technology Attacked Entity Geography: Incident Description: The Elance denial-of-service attack has been going on for over a day now, though it is now only sporadic. Elance says it has bought in new defences to try cope. Meanwhile oDesk says it got hit by a briefer, separate attack. Reference: http://gigaom.com/2014/03/18/elance-hit-by-major-ddos-attack-downing-service-for-many-freelancers/ |
Entry Title: WHID 2014-106: HootSuite Bounces Back After DDoS Attack WHID ID: 2014-106 Date Occurred: 3/21/2014 Attack Method: Denial of Service Application Weakness: Insufficient Anti-Automation Outcome: Downtime Attacked Entity Field: Social Attacked Entity Geography: Incident Description: HootSuite has bounced back from a denial of service (DoS) attack on Thursday morning that prevented users from accessing the social media platform. Reference: http://mashable.com/2014/03/21/hootsuite-bounce-back-after-ddos-attack/ |
Entry Title: WHID 2014-105: DDoS attack takes out NATO websites, Ukraine connection claimed WHID ID: 2014-105 Date Occurred: 3/17/2014 Attack Method: Denial of Service Application Weakness: Insufficient Anti-Automation Outcome: Downtime Attacked Entity Field: Government Attacked Entity Geography: Incident Description: A series of DDoS attacks launched over the weekend disrupted access to several websites operated by NATO Reference: http://nakedsecurity.sophos.com/2014/03/17/ddos-attack-takes-out-nato-websites-ukraine-connection-claimed/ |
Entry Title: WHID 2014-104: Russian media websites hit by ?massive? DDoS attack ?linked to Ukraine? WHID ID: 2014-104 Date Occurred: 3/14/2014 Attack Method: Denial of Service Application Weakness: Insufficient Anti-Automation Outcome: Downtime Attacked Entity Field: Media Attacked Entity Geography: Incident Description: Websites of several Russian state TV channels have been hit by a large cyberattack suspected to partly come from Kiev. Anonymous Caucasus claimed it was responsible for hacking Channel One TV?s site, saying it had ?nothing? to do with Ukraine. Reference: http://rt.com/news/russian-media-ddos-ukraine-614/ |
Entry Title: WHID 2014-103: Basecamp Becomes Latest Victim Of DDoS Attackers Attempting To Extort Money From Tech Companies WHID ID: 2014-103 Date Occurred: 3/24/2014 Attack Method: Denial of Service Application Weakness: Insufficient Anti-Automation Outcome: Downtime Attacked Entity Field: Technology Attacked Entity Geography: Incident Description: Basecamp, makers of the popular online project management software of the same name (which as of this February became the company?s main focus) was hit with a distributed denial-of-service attack (DDoS) this morning, rendering its services temporarily unavailable. The company disclosed this news in a blog post, explaining that the ?criminals? behind the DDoS had also tried to extort money in return for stopping the attack ? a request that Basecamp smartly refused. Reference: http://techcrunch.com/2014/03/24/basecamp-becomes-latest-victim-of-ddos-attackers-attempting-to-extort-money-from-tech-companies/ |
Entry Title: WHID 2014-102: More Than 162,000 WordPress Sites Used for Distributed Denial of Service Attack WHID ID: 2014-102 Date Occurred: 3/10/2014 Attack Method: Denial of Service Application Weakness: Insufficient Process Validation Outcome: Downtime Attacked Entity Field: Blogs Attacked Entity Geography: Incident Description: Distributed Denial of Service (DDOS) attacks are becoming a common trend on our blog lately, and that?s OK because it?s a very serious issue for every website owner. Today I want to talk about a large DDOS attack that leveraged thousands of unsuspecting WordPress websites as indirect source amplification vectors Reference: http://blog.sucuri.net/2014/03/more-than-162000-wordpress-sites-used-for-distributed-denial-of-service-attack.html |
Entry Title: WHID 2014-101: Denial of Service Attacks on GitHub WHID ID: 2014-101 Date Occurred: 3/14/2014 Attack Method: Denial of Service Application Weakness: Insufficient Anti-Automation Outcome: Downtime Attacked Entity Field: Technology Attacked Entity Geography: Incident Description: On Tuesday, March 11th, GitHub was largely unreachable for roughly 2 hours as the result of an evolving distributed denial of service (DDoS) attack. I know that you rely on GitHub to be available all the time, and I'm sorry we let you down. I'd like to explain what happened, how we responded to it, and what we're doing to reduce the impact of future attacks like this. Reference: https://github.com/blog/1796-denial-of-service-attacks |
Entry Title: WHID 2014-100: Ellie Mae hit by DDoS attack WHID ID: 2014-100 Date Occurred: 4/4/2014 Attack Method: Denial of Service Application Weakness: Insufficient Anti-Automation Outcome: Downtime Attacked Entity Field: Government Attacked Entity Geography: Incident Description: Mortgage origination software provider Ellie Mae says that a distributed denial of service (DDoS) attack is to blame for its systems falling over earlier this week. Reference: http://www.finextra.com/news/fullstory.aspx?newsitemid=25930&topic=security |
Entry Title: WHID 2014-099: XSS flaw in popular video-sharing site allowed DDoS attack through browsers WHID ID: 2014-099 Date Occurred: 4/4/2014 Attack Method: Cross-site Scripting (XSS) Application Weakness: Improper Output Handling Outcome: DDoS Attacks Attacked Entity Field: Social Attacked Entity Geography: Incident Description: Attackers exploited a vulnerability in a popular video-sharing site to hijack users' browsers for use in a large-scale distributed denial-of-service attack, according to researchers from Web security firm Incapsula. Reference: http://www.computerworld.com/s/article/9247450/XSS_flaw_in_popular_video_sharing_site_allowed_DDoS_attack_through_browsers |
Entry Title: WHID 2014-098: Revealed: key UK websites vulnerable to hackers WHID ID: 2014-098 Date Occurred: 3/4/2014 Attack Method: Cross-site Scripting (XSS) Application Weakness: Improper Output Handling Outcome: Disinformation Attacked Entity Field: Government Attacked Entity Geography: Incident Description: The official website of the UK Parliament contained basic flaws that left it vulnerable to hacking, a programmer has discovered. Reference: http://www.telegraph.co.uk/technology/internet-security/10673520/Revealed-key-UK-websites-vulnerable-to-hackers.html |
Entry Title: WHID 2014-097: Three Alleged Hackers Arrested in Korea for Stealing Information from Hundreds of Sites WHID ID: 2014-097 Date Occurred: 2/27/2014 Attack Method: Cross-site Request Forgery (CSRF) Application Weakness: Insufficient Process Validation Outcome: Leakage of Information Attacked Entity Field: Retail Attacked Entity Geography: Incident Description: In some cases, the attackers posted maliciously crafted code on online forums. When administrators clicked on the links, they unknowingly gave the hackers access to their systems. Reference: http://news.softpedia.com/news/Three-Alleged-Hackers-Arrested-in-Korea-for-Stealing-Information-from-Hundreds-of-Sites-429630.shtml |
Entry Title: WHID 2014-096: Social site Meetup hit by DDoS attack WHID ID: 2014-096 Date Occurred: 2/28/2014 Attack Method: Denial of Service Application Weakness: Insufficient Anti-Automation Outcome: Downtime Attacked Entity Field: Social Attacked Entity Geography: Incident Description: Social site Meetup was hit by a DDoS attack today, according to a notice on its website. Reference: http://business-technology.co.uk/2014/02/social-site-meetup-under-ddos-attack/ |
Entry Title: WHID 2014-095: Hackers target Carson City market, credit card info stolen WHID ID: 2014-095 Date Occurred: 2/24/2014 Attack Method: Unknown Application Weakness: Unknown Outcome: Leakage of Information Attacked Entity Field: Retail Attacked Entity Geography: Incident Description: Store officials at the Carson VIllage Market confirm their local server was compromised but say proper security measures have been put in place and customers are no longer at risk Reference: http://www.wzzm13.com/story/news/crime/2014/02/24/hackers-target-carson-city-market/5796113/ |
Entry Title: WHID 2014-094: Hacker defaces website of IT security certification body EC-Council WHID ID: 2014-094 Date Occurred: 2/24/2014 Attack Method: DNS Hijacking Application Weakness: Insufficient Process Validation Outcome: Defacement Attacked Entity Field: Government Attacked Entity Geography: Incident Description: It appears the attack was the result of DNS hijacking with the domain name pointed to an Internet Protocol (IP) address under the attacker?s control. This also seems to have affected EC-Council?s email infrastructure, as attempts to contact the organization at two of its publicly listed email addresses failed with a DNS error. Reference: http://www.pcworld.com/article/2100880/hacker-defaces-website-of-it-security-certification-body-eccouncil.html |
Entry Title: WHID 2014-093: Systems of Austrian Energy Provider Energie Steiermark Hacked WHID ID: 2014-093 Date Occurred: 2/20/2014 Attack Method: Unknown Application Weakness: Unknown Outcome: Leakage of Information Attacked Entity Field: Energy Attacked Entity Geography: Incident Description: Energie Steiermark, an energy company in Austria?s Styria province, says that its systems have been hacked. Reference: http://news.softpedia.com/news/Systems-of-Austrian-Energy-Provider-Energie-Steiermark-Hacked-428187.shtml |
Entry Title: WHID 2014-092: Massive hacking spree in Singapore, possibly over 180 websites defaced WHID ID: 2014-092 Date Occurred: 2/20/2014 Attack Method: Unknown Application Weakness: Unknown Outcome: Defacement Attacked Entity Field: Hosting Providers Attacked Entity Geography: Incident Description: Dozens of Singapore websites, possibly more than 180, have been defaced by hackers in two separate occasions this week. Reference: http://www.techinasia.com/massive-website-defacing-spree-singapore-possibly-180-sites-affected/ |
Entry Title: WHID 2014-091: Namecheap fends off DDoS attack that knocked 300 websites offline WHID ID: 2014-091 Date Occurred: 2/21/2014 Attack Method: Denial of Service Application Weakness: Insufficient Anti-Automation Outcome: Downtime Attacked Entity Field: Service Provider Attacked Entity Geography: Incident Description: Namecheap said Thursday it struggled to recover from a new type of distributed denial-of-service attack (DDoS) against its DNS (domain name system) servers that knocked 300 websites offline. Reference: http://www.pcworld.com/article/2100040/namecheap-fends-off-ddos-attack-restores-services.html |
Entry Title: WHID 2014-090: Hackers breach Texas college server, thousands compromised WHID ID: 2014-090 Date Occurred: 2/19/2014 Attack Method: Unknown Application Weakness: Unknown Outcome: Leakage of Information Attacked Entity Field: Education Attacked Entity Geography: Incident Description: Texas State Technical College (TSTC) Waco is notifying almost 3,000 former students and fewer than 2,000 employees that personal information may have been compromised after an unauthorized party remotely gained access to a server that contained the data. Reference: http://www.scmagazine.com/hackers-breach-texas-college-server-thousands-compromised/article/334663/ |
Entry Title: WHID 2014-089: University of Maryland hacked; 309,000 Social Security numbers stolen WHID ID: 2014-089 Date Occurred: 2/19/2014 Attack Method: Unknown Application Weakness: Unknown Outcome: Leakage of Information Attacked Entity Field: Education Attacked Entity Geography: Incident Description: The names and Social Security numbers of more than 309,000 students and staff from the University of Maryland, dating back to 1998, were stolen in a "sophisticated" security attack that penetrated recently bolstered defenses, the school?s president announced late Wednesday. Reference: http://www.latimes.com/nation/nationnow/la-na-nn-university-of-maryland-hacked-309000-records-compromised-20140219-story.html#ixzz2trcqXKuo |
Entry Title: WHID 2014-088: Forbes website hacked by notorious Syrian Electronic Army WHID ID: 2014-088 Date Occurred: 2/16/2014 Attack Method: Phishing Application Weakness: Insufficient Authentication Outcome: Disinformation Attacked Entity Field: Media Attacked Entity Geography: Incident Description: The notorious pro-Assad hacker group known as the Syrian Electronic Army has reportedly published a database that it says contains login credentials for 1 million users of business publication Forbes.com. Reference: http://www.business-standard.com/article/news-ani/forbes-website-hacked-by-notorious-syrian-electronic-army-114021600119_1.html |
Entry Title: WHID 2014-087: Kickstarter hacked, user names and encrypted passwords accessed WHID ID: 2014-087 Date Occurred: 2/15/2014 Attack Method: Unknown Application Weakness: Unknown Outcome: Leakage of Information Attacked Entity Field: Social Attacked Entity Geography: Incident Description: The crowdfunding website Kickstarter said Saturday it had been hacked and that user names, encrypted passwords and other data had been accessed. Reference: http://www.computerworld.com/s/article/9246388/Kickstarter_hacked_user_names_and_encrypted_passwords_accessed |
Entry Title: WHID 2014-086: Hackers hit Tesco as over 2,200 accounts compromised WHID ID: 2014-086 Date Occurred: 2/14/2014 Attack Method: Brute Force Application Weakness: Insufficient Authentication Outcome: Account Takeover Attacked Entity Field: Retail Attacked Entity Geography: Incident Description: The international supermarket chain deactivated its online customer accounts as hackers posted account and personal details online. Reference: http://www.cnet.com/news/hackers-hit-tesco-as-over-2200-accounts-compromised/ |
Entry Title: WHID 2014-085: Briefly Hacked, Quickly Eradicated WHID ID: 2014-085 Date Occurred: 2/14/2014 Attack Method: Unknown Application Weakness: Unknown Outcome: Planting of Malware Attacked Entity Field: Media Attacked Entity Geography: Incident Description: At the start of this work week Blue MauMau was briefly hacked by a spambot lodged in third-party service software. It tried to use our server to inject spam out to the world. That sparked Google to mark our site for a few hours on Monday with the message, "The website ahead contains malware!" Reference: http://www.bluemaumau.org/briefly_hacked_quickly_eradicated |
Entry Title: WHID 2014-084: GCHQ website falls after threats from Anonymous WHID ID: 2014-084 Date Occurred: 2/12/2014 Attack Method: Denial of Service Application Weakness: Insufficient Anti-Automation Outcome: Downtime Attacked Entity Field: Government Attacked Entity Geography: Incident Description: GCHQ's website at www.gchq.gov.uk is exhibiting some noticeable performance issues today, suggesting that it could be suffering from a denial of service attack. Reference: http://news.netcraft.com/archives/2014/02/12/gchq-website-falls-after-threats-from-anonymous.html |
Entry Title: WHID 2014-083: Ministry website forced offline WHID ID: 2014-083 Date Occurred: 2/12/2014 Attack Method: Denial of Service Application Weakness: Insufficient Anti-Automation Outcome: Downtime Attacked Entity Field: Government Attacked Entity Geography: Incident Description: A Government department's website was taken offline by a cyber attack which bombarded it with access requests. Reference: http://www.belfasttelegraph.co.uk/news/local-national/uk/ministry-website-forced-offline-30003368.html |
Entry Title: WHID 2014-082: Hackers breach websites of Venetian, Palazzo and other casinos in Las Vegas WHID ID: 2014-082 Date Occurred: 2/12/2014 Attack Method: Unknown Application Weakness: Unknown Outcome: Defacement Attacked Entity Field: Gaming Attacked Entity Geography: Incident Description: Hackers breached the websites of all Las Vegas Sands Corp. casinos on Tuesday morning, and the home pages of some of the world's largest casinos remained down through the day. Reference: http://gadgets.ndtv.com/internet/news/hackers-breach-websites-of-venetian-palazzo-and-other-casinos-in-las-vegas-482455 |
Entry Title: WHID 2014-081: Feds' Climate Change Website Hacked By Online Drug Seller WHID ID: 2014-081 Date Occurred: 2/12/2014 Attack Method: Unknown Application Weakness: Unknown Outcome: SPAM Links Attacked Entity Field: Government Attacked Entity Geography: Incident Description: The website of the U.S. Global Change Research Program (USGCRP) was repeatedly hacked on Monday and Tuesday this week by an online drug retailer. A Tuesday Google search of the site, www.globalchange.gov, revealed dozens of pages hawking everything from Xanax to Levitra to Ambien. Reference: http://www.weeklystandard.com/blogs/feds-climate-change-website-hacked-online-drug-seller_781491.html |
Entry Title: WHID 2014-080: NullCrew FTS hacks Comcast servers, post exploit and passwords WHID ID: 2014-080 Date Occurred: 2/5/2014 Attack Method: Local File Inclusion (LFI) Application Weakness: Improper Input Handling Outcome: Leakage of Information Attacked Entity Field: Service Provider Attacked Entity Geography: Incident Description: Hacking group "NullCrew FTS" announced on Twitter today that they had successfully hacked Comcast and provided unredacted proof on Pastebin. Reference: http://www.zdnet.com/nullcrew-fts-hacks-comcast-servers-post-exploit-and-passwords-7000026020/ |
Entry Title: WHID 2014-079: Bitly hit by DDoS attack WHID ID: 2014-079 Date Occurred: 2/5/2014 Attack Method: Denial of Service Application Weakness: Insufficient Anti-Automation Outcome: Downtime Attacked Entity Field: Technology Attacked Entity Geography: Incident Description: The website of URL shortening service Bitly was down on Wednesday morning.The company has blamed a DDoS attack. Reference: http://www.scmagazineuk.com/exclusive-bitly-hit-by-ddos-attack/article/332738/ |
Entry Title: WHID 2014-078: Banks face ?significant? DDoS threat as cyber criminals target share prices WHID ID: 2014-078 Date Occurred: 2/5/2014 Attack Method: Denial of Service Application Weakness: Insufficient Anti-Automation Outcome: Monetary Loss Attacked Entity Field: Finance Attacked Entity Geography: Incident Description: Financial institutions face a ?significant? and growing cyber threat, as hacktivists and criminals attempt to manipulate markets with distributed denial of service attacks, according to a report. Reference: http://www.computerworlduk.com/news/security/3500580/banks-face-significant-ddos-threat-as-cyber-criminals-target-share-prices/ |
Entry Title: WHID 2014-077: Bell Canada Hacked by NullCrew WHID ID: 2014-077 Date Occurred: 2/4/2014 Attack Method: SQL Injection Application Weakness: Improper Input Handling Outcome: Leakage of Information Attacked Entity Field: Technology Attacked Entity Geography: Incident Description: The hackers, however, told DataBreaches.net that they had leveraged a SQL injection vulnerability on Bell's own Web site, not at a third-party supplier, to access the information. Reference: http://www.esecurityplanet.com/hackers/bell-canada-hacked-by-nullcrew.html |
Entry Title: WHID 2014-076: Insecure healthcare.gov allowed hacker to access 70,000 records in 4 minutes WHID ID: 2014-076 Date Occurred: 1/20/2014 Attack Method: SQL Injection Application Weakness: Improper Input Handling Outcome: Leakage of Information Attacked Entity Field: Government Attacked Entity Geography: Incident Description: Then yesterday, after explaining ?passive reconnaissance, which allows us to query and look at how the website operates and performs,? Kennedy said he was able to access 70,000 records within four minutes! Reference: http://blogs.computerworld.com/cybercrime-and-hacking/23412/insecure-healthcaregov-allowed-hacker-access-70000-records-4-minutes |
Entry Title: WHID 2014-075: EE BrightBox routers can be hacked 'by simple copy/paste operation' WHID ID: 2014-075 Date Occurred: 1/20/2014 Attack Method: Predictable Resource Location Application Weakness: Insufficient Authentication Outcome: Leakage of Information Attacked Entity Field: Technology Attacked Entity Geography: Incident Description: A cache of sensitive traffic including ISP user credentials, WiFi SSIDs and WPA2 keys is kept in a file called cgi_status.js that can be accessed without logging into the device. Reference: http://www.theregister.co.uk/2014/01/20/brightbox_routers_vuln/ |
Entry Title: WHID 2014-074: AVG Confirms One of Its Webservers Was Hacked and Defaced WHID ID: 2014-074 Date Occurred: 1/16/2014 Attack Method: Unknown Application Weakness: Unknown Outcome: Defacement Attacked Entity Field: Technology Attacked Entity Geography: Incident Description: AVG has confirmed that one of its webservers was recently breached by hackers. The IT security company is investigating the incident. Reference: http://news.softpedia.com/news/AVG-Confirms-One-of-Its-Webservers-Was-Hacked-and-Defaced-417781.shtml |
Entry Title: WHID 2014-073: Saudi Arabian Government?s Informatics Magazine Hacked by Syrian Hacktivist WHID ID: 2014-073 Date Occurred: 1/16/2014 Attack Method: Unknown Application Weakness: Unknown Outcome: Defacement Attacked Entity Field: Government Attacked Entity Geography: Incident Description: A Syrian hacktivist who uses the online moniker Dr.Sha6h has breached and defaced the website of Saudi Arabia?s Informatics Magazine (informatics.gov.sa). Reference: http://news.softpedia.com/news/Saudi-Arabian-Government-s-Informatics-Magazine-Hacked-by-Syrian-Hacktivist-417491.shtml |
Entry Title: WHID 2014-072: Hackers Used Amazon's Cloud To Scrape LinkedIn User Data WHID ID: 2014-072 Date Occurred: 1/16/2014 Attack Method: Scraping Application Weakness: Insufficient Anti-Automation Outcome: Disinformation Attacked Entity Field: Social Attacked Entity Geography: Incident Description: Hackers have been using Amazon?s powerful data center computers to scrape data from thousands of LinkedIn accounts in order to create fake profiles on the site, according to a new complaint the company has filed in the U.S. district court of Northern California. Reference: http://www.businessinsider.com.au/linkedin-suing-to-get-hacker-identities-2014-1 |
Entry Title: WHID 2014-071: Anonymous Hackers Target Website of the Archbishop of Granada WHID ID: 2014-071 Date Occurred: 1/14/2014 Attack Method: Unknown Application Weakness: Unknown Outcome: Defacement Attacked Entity Field: Religious Attacked Entity Geography: Incident Description: The official website of the Archbishop of Granada, Spain, has been breached by hackers of Anonymous. Satirical messages and even adult images have been posted in various sections of the site. Reference: http://news.softpedia.com/news/Anonymous-Hackers-Target-Website-of-the-Archbishop-of-Granada-416622.shtml |
Entry Title: WHID 2014-070: Microsoft's official blog hacked by Syrian Electronic Army WHID ID: 2014-070 Date Occurred: 1/12/2014 Attack Method: Unknown Application Weakness: Unknown Outcome: Disinformation Attacked Entity Field: Technology Attacked Entity Geography: Incident Description: Microsoft's official blog, along with email and social network handles, have been hacked by the Syrian Electronic Army (SEA), with the group warning that they will publish "the documents of monitoring email accounts by Microsoft". Reference: http://www.techradar.com/news/world-of-tech/microsoft-s-official-blog-hacked-by-syrian-electronic-army-1214677 |
Entry Title: WHID 2014-069: City of Sheboygan website hacked WHID ID: 2014-069 Date Occurred: 1/12/2014 Attack Method: Unknown Application Weakness: Improper Output Handling Outcome: SPAM Links Attacked Entity Field: Government Attacked Entity Geography: Incident Description: SheboyganDaily.com accessed several pages on the city?s website at www.ci.sheboygan.wi.us Sunday afternoon and discovered links, forms and applications are redirecting to drug websites. Reference: http://www.sheboygandaily.com/2014/01/12/city-of-sheboygan-website-hacked/ |
Entry Title: WHID 2014-068: Microsoft's Twitter account Hacked WHID ID: 2014-068 Date Occurred: 1/11/2014 Attack Method: Unknown Application Weakness: Unknown Outcome: Account Takeover Attacked Entity Field: Social Attacked Entity Geography: Incident Description: In an apparent hacking of the Microsoft News Twitter account, a tweet emerges saying the company sells customer data to the government. The Syrian Electronic Army claims responsibility. Reference: http://www.cnet.com/news/microsofts-twitter-account-dont-use-our-e-mail/ |
Entry Title: WHID 2014-067: Dropbox hits by DDoS, but user data safe; The 1775 Sec claims responsibility WHID ID: 2014-067 Date Occurred: 1/11/2014 Attack Method: Denial of Service Application Weakness: Insufficient Anti-Automation Outcome: Downtime Attacked Entity Field: Technology Attacked Entity Geography: Incident Description: Dropbox website went offline last night with a hacking collecting calling itself The 1775 Sec claiming responsibility of the attack on the cloud storage company?s website. Reference: http://www.techienews.co.uk/974664/dropbox-hits-ddos-user-data-safe-1775-sec-claims-responsibility/ |
Entry Title: WHID 2014-066: MIT website hacked by Anonymous on anniversary of Aaron Swartz suicide WHID ID: 2014-066 Date Occurred: 1/10/2014 Attack Method: Unknown Application Weakness: Unknown Outcome: Defacement Attacked Entity Field: Education Attacked Entity Geography: Incident Description: Late on January 10, the hacktivism entity Anonymous hacked and defaced MIT letting the institution know Anonymous will not forget the tragic suicide of hacker Aaron Swartz. Reference: http://www.zdnet.com/mit-website-hacked-by-anonymous-on-anniversary-of-aaron-swartz-suicide-7000025041/ |
Entry Title: WHID 2014-065: Md. man admits taking over YouTube channels for ad money, hacking into AOL CEO?s e-mail WHID ID: 2014-065 Date Occurred: 1/9/2014 Attack Method: Brute Force Application Weakness: Insufficient Anti-Automation Outcome: Account Takeover Attacked Entity Field: Service Provider Attacked Entity Geography: Incident Description: According to his plea, he and another man ? who court records show is scheduled to plead in the case next week ? exploited Google?s password-reset process to get into unwitting users? accounts, which they then used to take over those users? YouTube channels. Reference: http://www.washingtonpost.com/local/crime/md-man-admits-taking-over-youtube-channels-for-ad-money-hacking-into-aol-ceos-e-mail/2014/01/09/f352ac3e-7970-11e3-b1c5-739e63e9c9a7_story.html |
Entry Title: WHID 2014-064: Australian Police Investigating Teen Who Found Database Flaw WHID ID: 2014-064 Date Occurred: 1/10/2014 Attack Method: SQL Injection Application Weakness: Improper Input Handling Outcome: Leakage of Information Attacked Entity Field: Government Attacked Entity Geography: Incident Description: Joshua Rogers, 16, of Melbourne, found a SQL injection flaw in a database owned by Public Transport Victoria (PTV), which runs the state's transport system. Reference: http://www.cio.com/article/2379712/data-protection/australian-police-investigating-teen-who-found-database-flaw.html |
Entry Title: WHID 2014-063: Russian Foreign Ministry website suffers new hacker attack WHID ID: 2014-063 Date Occurred: 3/24/2014 Attack Method: Denial of Service Application Weakness: Insufficient Anti-Automation Outcome: Downtime Attacked Entity Field: Government Attacked Entity Geography: Incident Description: The Russian Foreign Ministry's website suffered yet another hacker attack on Saturday. By now, access to the website has been restored and steps are being taken to modernize its security. Reference: http://voiceofrussia.com/news/2014_03_23/Russian-Foreign-Ministry-website-suffers-new-hacker-attack-source-9194/ |
Entry Title: WHID 2014-062: Basecamp Held Hostage by Hackers WHID ID: 2014-062 Date Occurred: 3/24/2014 Attack Method: Denial of Service Application Weakness: Insufficient Anti-Automation Outcome: Downtime Attacked Entity Field: Technology Attacked Entity Geography: Incident Description: It looks like hackers have hit Basecamp with a distributed denial-of-service (DDoS) attack and are demanding that the company pay a ransom. Reference: http://www.nbcnews.com/tech/security/basecamp-held-hostage-hackers-n60621 |
Entry Title: WHID 2014-061: Credit Card Breach at California DMV WHID ID: 2014-061 Date Occurred: 3/14/2014 Attack Method: Unknown Application Weakness: Unknown Outcome: Leakage of Information Attacked Entity Field: Government Attacked Entity Geography: Incident Description: The California Department of Motor Vehicles appears to have suffered a wide-ranging credit card data breach involving online payments for DMV-related services, according to banks in California and elsewhere that received alerts this week about compromised cards that all had been previously used online at the California DMV. Reference: http://krebsonsecurity.com/2014/03/sources-credit-card-breach-at-california-dmv/ |
Entry Title: WHID 2014-060: HootSuite Back Online After Denial of Service Attacks WHID ID: 2014-060 Date Occurred: 3/24/2014 Attack Method: Denial of Service Application Weakness: Insufficient Anti-Automation Outcome: Downtime Attacked Entity Field: Social Attacked Entity Geography: Incident Description: Social media management system Hootsuite recovered rapidly from a denial of service (DoS) attack late last week, bouncing back after being offline for a few hours Thursday morning. Reference: https://threatpost.com/hootsuite-back-online-following-denial-of-service-attack/104975 |
Entry Title: WHID 2014-059: Researchers Uncover Interesting Browser-Based Botnet WHID ID: 2014-059 Date Occurred: 4/4/2014 Attack Method: Cross-site Scripting (XSS) Application Weakness: Improper Output Handling Outcome: Planting of Malware Attacked Entity Field: Media Attacked Entity Geography: Incident Description: Security researchers discovered an odd DDoS attack against several sites recently that relied on a persistent cross-site scripting vulnerability in a major video Web site and hijacked users? browsers in order to flood the site with traffic. Reference: http://threatpost.com/researchers-uncover-interesting-browser-based-botnet/105250 |
Entry Title: WHID 2014-058: University of Wisconsin Hacked WHID ID: 2014-058 Date Occurred: 3/28/2014 Attack Method: Unknown Application Weakness: Unknown Outcome: Leakage of Information Attacked Entity Field: Education Attacked Entity Geography: Incident Description: The University of Wisconsin-Parkside recently began notifying approximately 15,000 students that their personal information may have been exposed after hackers installed malware on a university server Reference: http://www.esecurityplanet.com/print/hackers/university-of-wisconsin-hacked.html |
Entry Title: WHID 2014-057: DDOS Attacks Buckle Blizzard Servers for Diablo III, Hearthstone & More WHID ID: 2014-057 Date Occurred: 4/1/2014 Attack Method: Denial of Service Application Weakness: Insufficient Anti-Automation Outcome: Downtime Attacked Entity Field: Entertainment Attacked Entity Geography: Incident Description: Blizzard has announced that EU servers for World of Warcraft, StarCraft II, Hearthstone and Diablo III might be impacted by high latency and disconnections due to DDoS attacks. Reference: http://www.escapistmagazine.com/news/view/133402-DDOS-Attacks-Buckle-Blizzard-Servers-for-Diablo-III-Hearthstone-More |
Entry Title: WHID 2014-056: Attacker Holds Email Service Mad Mimi for Bitcoin Ransom WHID ID: 2014-056 Date Occurred: 4/1/2014 Attack Method: Denial of Service Application Weakness: Insufficient Anti-Automation Outcome: Downtime Attacked Entity Field: Service Provider Attacked Entity Geography: Incident Description: Email marketing service Mad Mimi was hit with a denial of service attack this past weekend. Soon after the attack, the email provider received an email from someone asking or rather holding Mad Mimi ransom for 1.8 bitcoins in order to stop launching attacks on them. Reference: https://coinreport.net/mad-mimi-bitcoin-ransom/ |
Entry Title: WHID 2014-055: Anonymous DDoS attack dismantles Albuquerque Police website WHID ID: 2014-055 Date Occurred: 4/1/2014 Attack Method: Denial of Service Application Weakness: Insufficient Anti-Automation Outcome: Downtime Attacked Entity Field: Law Enforcement Attacked Entity Geography: Incident Description: The hacktivist collective Anonymous organized a distributed denial-of-service (DDoS) attack this weekend that made good on the group's promise to shut down the Albuquerque Police Department's website. Reference: http://www.scmagazine.com/anonymous-ddos-attack-dismantles-albuquerque-police-website/article/340805/ |
Entry Title: WHID 2014-054: Sudan Tribune Website Hacked WHID ID: 2014-054 Date Occurred: 2/4/2014 Attack Method: Unknown Application Weakness: Unknown Outcome: Disinformation Attacked Entity Field: Media Attacked Entity Geography: Incident Description: Sudan Tribune would like to clarify that a fake report published on Tuesday stating that former South Sudan vice-president and leader of the SPLM in Opposition Riek Machar was assassinated was a result to the site being hacked apparently in an April Fool's Day prank done in an extremely poor taste Reference: http://allafrica.com/stories/201404020362.html |
Entry Title: WHID 2014-053: Man charged with using SQL injection to access Federal Reserve data WHID ID: 2014-053 Date Occurred: 2/28/2014 Attack Method: SQL Injection Application Weakness: Improper Input Handling Outcome: Leakage of Information Attacked Entity Field: Government Attacked Entity Geography: Incident Description: According to the indictment, Love used SQL injection to take advantage of a vulnerability in software used by certain servers belonging to the Federal Reserve, which allowed him to gain unauthorized access. Reference: http://www.scmagazine.com/man-charged-with-using-sql-injection-to-access-federal-reserve-data/article/336228/ |
Entry Title: WHID 2014-052: Attack campaign compromises 300,000 home routers, alters DNS settings WHID ID: 2014-052 Date Occurred: 3/4/2014 Attack Method: Cross-site Request Forgery (CSRF) Application Weakness: Insufficient Process Validation Outcome: DNS Hijacking Attacked Entity Field: Technology Attacked Entity Geography: Incident Description: A group of attackers managed to compromise 300,000 home and small-office wireless routers, altering their settings to use rogue DNS servers, according to Internet security research organization Team Cymru. Reference: http://www.pcworld.com/article/2104380/attack-campaign-compromises-300000-home-routers-alters-dns-settings.html |
Entry Title: WHID 2014-051: Meetup.com DDoSed by extortionist, refuses to pay ransom WHID ID: 2014-051 Date Occurred: 3/5/2014 Attack Method: Denial of Service Application Weakness: Insufficient Anti-Automation Outcome: Downtime Attacked Entity Field: Technology Attacked Entity Geography: Incident Description: But a DDoS is exactly what's been plaguing the site, Scott Heiferman, Meetup.com co-founder and CEO, wrote on the company's blog. Reference: http://nakedsecurity.sophos.com/2014/03/05/meetup-com-ddosed-by-extortionist-refuse-to-pay-ransom/ |
Entry Title: WHID 2014-050: Kenya: Ministry of Transport Website Hacked WHID ID: 2014-050 Date Occurred: 3/5/2014 Attack Method: Unknown Application Weakness: Unknown Outcome: Defacement Attacked Entity Field: Government Attacked Entity Geography: Incident Description: Kenya's ministry of transport website has been hacked by a Turkish Muslim group calling itself Ayyildiz Tim which accuses the government of not respecting Islam. Reference: http://allafrica.com/stories/201403051048.html |
Entry Title: WHID 2014-049: Russian Central Bank Says Website Hacked Ahead of Rate Decision WHID ID: 2014-049 Date Occurred: 3/14/2014 Attack Method: Denial of Service Application Weakness: Insufficient Anti-Automation Outcome: Downtime Attacked Entity Field: Finance Attacked Entity Geography: Incident Description: "Currently the bank of Russia website is having troubles due to a hacker attack. The bank of Russia is taking measures to rebuff it and to restore [the website's] normal operation," the press office said in a text message. Reference: http://online.wsj.com/article/BT-CO-20140314-701521.html |
Entry Title: WHID 2014-048: Maryland Hacked Again: 2nd Data Breach in 4 Weeks WHID ID: 2014-048 Date Occurred: 3/15/2014 Attack Method: Unknown Application Weakness: Unknown Outcome: Leakage of Information Attacked Entity Field: Education Attacked Entity Geography: Incident Description: The University of Maryland says someone hacked into its computer network and obtained personal information for the second time in four weeks. Reference: http://washington.cbslocal.com/2014/03/20/maryland-hacked-again-2nd-data-breach-in-4-weeks/ |
Entry Title: WHID 2014-047: Kremlin website hit by 'powerful' cyber attack WHID ID: 2014-047 Date Occurred: 3/17/2014 Attack Method: Denial of Service Application Weakness: Insufficient Anti-Automation Outcome: Downtime Attacked Entity Field: Government Attacked Entity Geography: Incident Description: Victories are hard to come by for Vladimir Putin's opponents, activists are jailed, protests draw dwindling crowds, but on Friday they celebrated a minor triumph by briefly knocking out the Kremlin website. Reference: http://www.smh.com.au/it-pro/security-it/kremlin-website-hit-by-powerful-cyber-attack-20140317-hvjme.html |
Entry Title: WHID 2014-046: Pro-Russian Ukrainians launch DDoS strike against NATO WHID ID: 2014-046 Date Occurred: 3/17/2014 Attack Method: Denial of Service Application Weakness: Insufficient Anti-Automation Outcome: Downtime Attacked Entity Field: Politics Attacked Entity Geography: Incident Description: A group of pro-Russian Ukrainians hit NATO with a DDoS attack over the weekend, protesting the organization's stance on Crimea's split from the Ukraine. - See more at: http://blogs.csoonline.com/network-security/3075/pro-russian-ukrainians-launch-ddos-strike-against-nato#sthash.wjqevPXH.dpuf Reference: http://blogs.csoonline.com/network-security/3075/pro-russian-ukrainians-launch-ddos-strike-against-nato |
Entry Title: WHID 2014-045: Hackers hit Unix servers to send 35 million spam messages a day WHID ID: 2014-045 Date Occurred: 3/19/2014 Attack Method: Unknown Application Weakness: Unknown Outcome: Planting of Malware Attacked Entity Field: Technology Attacked Entity Geography: Incident Description: A criminal group has seized control of 25,000 Unix servers since 2011, forcing them to send out more than 35 million malware-laden spam messages per day, according to security researchers at ESET. Reference: http://www.v3.co.uk/v3-uk/news/2334789/hackers-hit-unix-servers-to-send-35-million-spam-messages-a-day |
Entry Title: WHID 2014-044: Citroen becomes the latest victim of Adobe ColdFusion hackers WHID ID: 2014-044 Date Occurred: 3/17/2014 Attack Method: Directory Traversal Application Weakness: Improper Input Handling Outcome: Planting of Malware Attacked Entity Field: Automotive Attacked Entity Geography: Incident Description: A prolific hacker gang that has breached numerous companies by exploiting Adobe software has claimed another major hit in the form of car manufacturer Citro?n, the Guardian has learned. Reference: http://www.theguardian.com/technology/2014/mar/17/citroen-adobe-coldfusion-hacked-backdoor |
Entry Title: WHID 2014-043: Criminal Malware Used In Attacks On Ukraine Government WHID ID: 2014-043 Date Occurred: 3/19/2014 Attack Method: Denial of Service Application Weakness: Insufficient Anti-Automation Outcome: Downtime Attacked Entity Field: Government Attacked Entity Geography: Incident Description: The DirtJumper malware, a tool used by digital criminals during attacks on banks, has started targeting Ukranian government websites, amid growing tensions with neighbouring Russia. Reference: http://www.techweekeurope.co.uk/news/dirtjumper-malware-ukraine-russia-141954 |
Entry Title: WHID 2014:042: Estonian Foreign Ministry?s website comes under cyber attack WHID ID: 2014-042 Date Occurred: 3/20/2014 Attack Method: Denial of Service Application Weakness: Insufficient Anti-Automation Outcome: Downtime Attacked Entity Field: Government Attacked Entity Geography: Incident Description: The website of the Estonian Ministry of Foreign Affairs came under cyber attack yesterday afternoon, reported ERR. Reference: http://balticbusinessnews.com/article/2014/3/20/estonian-foreign-ministry-s-website-comes-under-cyber-attack |
Entry Title: WHID 2014-041: EA Games website hacked to steal Apple IDs WHID ID: 2014-041 Date Occurred: 3/19/2014 Attack Method: Unknown Application Weakness: Unknown Outcome: Phishing Attacked Entity Field: Gaming Attacked Entity Geography: Incident Description: An EA Games server has been compromised by hackers and is now hosting a phishing site which targets Apple ID account holders. Reference: http://news.netcraft.com/archives/2014/03/19/ea-games-website-hacked-to-steal-apple-ids.html |
Entry Title: WHID 2014-040: Hackers steal data for 12 million customers at South Korean phone giant WHID ID: 2014-040 Date Occurred: 3/6/2014 Attack Method: Unknown Application Weakness: Unknown Outcome: Leakage of Information Attacked Entity Field: Technology Attacked Entity Geography: Incident Description: Police have arrested two people in connection with a cyber-attack that yielded personal details for 12 million customers of one of South Korea's biggest phone companies. Reference: http://edition.cnn.com/2014/03/06/business/south-korea-telecoms-hackers/ |
Entry Title: WHID 2014-039: ComiXology Hacked! Change Your Password Now WHID ID: 2014-039 Date Occurred: 3/6/2014 Attack Method: SQL Injection Application Weakness: Improper Input Handling Outcome: Leakage of Information Attacked Entity Field: Media Attacked Entity Geography: Incident Description: Digital comic book seller ComiXology has suffered a security breach, and is now requiring all users reset their passwords. Reference: http://www.pcmag.com/article2/0,2817,2454664,00.asp |
Entry Title: WHID 2014-038: Navy Hacking Blamed on Iran Tied to H-P Contract WHID ID: 2014-038 Date Occurred: 3/6/2014 Attack Method: SQL Injection Application Weakness: Improper Input Handling Outcome: Leakage of Information Attacked Entity Field: Government Attacked Entity Geography: Incident Description: The infiltration was launched with a common hacking technique known as an SQL injection. It used a Navy website available to the public and then found its way to the unprotected databases, said people familiar with the matter. The lack of security meant once the hackers were inside, they could easily move into other parts of the network, these people said. Reference: http://online.wsj.com/news/articles/SB10001424052702304732804579423611224344876 |
Entry Title: WHID 2014-037: Archdiocese of Seattle hacked, warns 90,000 WHID ID: 2014-037 Date Occurred: 3/11/2014 Attack Method: SQL Injection Application Weakness: Improper Input Handling Outcome: Leakage of Information Attacked Entity Field: Religious Attacked Entity Geography: Incident Description: That information is stored in several databases, and the Archdiocese believes one of those databases was hacked. "The bad guys have figured out how to breach it," Magnoni said, "and so it's unsettling." Reference: http://www.kirotv.com/news/news/archdiocese-seattle-hacked-warns-90000-employees-a/nd9Xs/ |
Entry Title: WHID 2014-036: Russian hacker family allegedly steals $58,000 from US bank WHID ID: 2014-036 Date Occurred: 3/12/2014 Attack Method: Banking Trojan Application Weakness: Insufficient Process Validation Outcome: Monetary Loss Attacked Entity Field: Finance Attacked Entity Geography: Incident Description: MOSCOW, March 12 (RAPSI) ? The police detained suspected hackers in Russia who are believed to have stolen about $58,000 from client accounts of a US bank, the Russian Interior Ministry said in a statement Wednesday. Reference: http://rapsinews.com/news/20140312/270911000.html |
Entry Title: WHID 2014-035: Bitcoin Exchange Mt. Gox Hit by 150,000 DDoS Attacks Per Second Before Collapse WHID ID: 2014-035 Date Occurred: 3/10/2014 Attack Method: Denial of Service Application Weakness: Insufficient Anti-Automation Outcome: Downtime Attacked Entity Field: Finance Attacked Entity Geography: Incident Description: Bitcoin exchange Mt. Gox suffered about 150,000 hacking attacks per second for several days before its collapse last month, according to a report. Reference: http://www.ibtimes.co.uk/bitcoin-exchange-mt-gox-hit-by-150000-ddos-attacks-per-second-before-collapse-1439568 |
Entry Title: WHID 2014-034: Hacker attempts to hold Johns Hopkins hostage using student data WHID ID: 2014-034 Date Occurred: 3/12/2014 Attack Method: SQL Injection Application Weakness: Improper Input Handling Outcome: Leakage of Information Attacked Entity Field: Education Attacked Entity Geography: Incident Description: In an attack on the Johns Hopkins University servers, a hacker was able to obtain the names, emails and phone numbers of some 850 current and past biomedical engineering students. Reference: http://www.cr80news.com/2014/03/12/hacker-attempts-to-hold-johns-hopkins-hostage-using-student-data |
Entry Title: WHID 2014-033: 162,000 WORDPRESS SITES USED IN DDOS ATTACK WHID ID: 2014-033 Date Occurred: 3/12/2014 Attack Method: Denial of Service Application Weakness: Insufficient Process Validation Outcome: Downtime Attacked Entity Field: Blog Attacked Entity Geography: Incident Description: More than 162,000 ?popular and clean? WordPress sites were recently used in a large-scale distributed denial of service attack (DDoS) that exploited the content management system?s pingback feature. Reference: http://threatpost.com/162000-wordpress-sites-used-in-ddos-attack/104745 |
Entry Title: WHID 2014-032: EC-Council Acknowledges, Details February Hacker Attack WHID ID: 2014-032 Date Occurred: 3/13/2014 Attack Method: DNS Hijacking Application Weakness: Insufficient Process Validation Outcome: Defacement Attacked Entity Field: Technology Attacked Entity Geography: Incident Description: The defacement, EC-Council explained, resulted from a DNS poisoning attack. After gaining control of the domain, the hacker issued a password reset request to EC-Council's e-mail service provider, which allowed the hacker to compromise some e-mail accounts before EC-Council responded. Reference: http://www.esecurityplanet.com/hackers/ec-council-acknowledges-details-february-hacker-attack.html |
Entry Title: WHID 2014-031: Hackers down Russian presidential site in ?powerful cyber-attack? WHID ID: 2014-031 Date Occurred: 3/14/2014 Attack Method: Denial of Service Application Weakness: Insufficient Anti-Automation Outcome: Downtime Attacked Entity Field: Government Attacked Entity Geography: Incident Description: Unidentified hackers brought down the Russian presidency?s site and the Central Bank?s web page in a wave of online attacks. The website is now operational for most users. Reference: http://rt.com/news/kremlin-site-attack-hackers-790/ |
Entry Title: WHID 2014-030: Russian media websites hit by ?massive? DDoS attack ?linked to Ukraine? WHID ID: 2014-030 Date Occurred: 3/14/2014 Attack Method: Denial of Service Application Weakness: Insufficient Anti-Automation Outcome: Downtime Attacked Entity Field: Media Attacked Entity Geography: Incident Description: Websites of several Russian state TV channels have been hit by a large cyberattack suspected to partly come from Kiev. Anonymous Caucasus claimed it was responsible for hacking Channel One TV?s site, saying it had ?nothing? to do with Ukraine. Reference: http://rt.com/news/russian-media-ddos-ukraine-614/ |
Entry Title: WHID 2014-029: Hackers hijack 300,000-plus wireless routers, make malicious changes WHID ID: 2014-029 Date Occurred: 3/3/2014 Attack Method: Cross-site Request Forgery (CSRF) Application Weakness: Insufficient Process Validation Outcome: DNS Hijacking Attacked Entity Field: Technology Attacked Entity Geography: Incident Description: The hackers appear to be using a variety of techniques to commandeer the devices and make changes to the domain name system (DNS) servers used to translate human-friendly domain names into the IP addresses computers use to locate their Web servers, according to a report published Monday by researchers from security firm Team Cymru. Likely hacks include a recently disclosed cross-site request forgery (CSRF) that allows attackers to inject a blank password into the Web interface of TP-Link routers. Reference: http://arstechnica.com/security/2014/03/hackers-hijack-300000-plus-wireless-routers-make-malicious-changes/ |
Entry Title: WHID 2014-028: U-Md. computer security attack exposes 300,000 records WHID ID: 2014-028 Date Occurred: 2/18/2014 Attack Method: Stolen Credentials Application Weakness: Insufficient Authentication Outcome: Leakage of Information Attacked Entity Field: Education Attacked Entity Geography: Incident Description: More than 300,000 personal records for faculty, staff and students who have received identification cards at the University of Maryland were compromised in a computer security breach this week, school officials said. Reference: http://www.washingtonpost.com/local/college-park-shady-grove-campuses-affected-by-university-of-maryland-security-breach/2014/02/19/ce438108-99bd-11e3-80ac-63a8ba7f7942_story.html |
Entry Title: WHID 2014-027: Spotlight On Sochi: Distributed Denial Of Sochi WHID ID: 2014-027 Date Occurred: 2/7/2014 Attack Method: Denial of Service Application Weakness: Insufficient Anti-Automation Outcome: Downtime Attacked Entity Field: Government Attacked Entity Geography: Incident Description: Beginning February 4, hacktivists began leveling distributed denial-of-service attacks (DDoS) against at least 1,700 Russian Websites connected to the winter games. The attacks targeted official Websites of the games as well as those owned by hotels and financial institutions connected with the event. As is the case with DDoS attacks, each of the Websites was rendered temporarily unavailable. Reference: http://www.hstoday.us/industry-news/general/single-article/spotlight-on-sochi-distributed-denial-of-sochi-feb-7/e605d5e1db57c00e9c432ca83449b4e1.html |
Entry Title: WHID 2014-026: churchofcyprus.org.cy Hacked WHID ID: 2014-026 Date Occurred: 2/19/2014 Attack Method: Unknown Application Weakness: Unknown Outcome: Leakage of Information Attacked Entity Field: Religious Attacked Entity Geography: Incident Description: Email and data exposed in PasteBin Dump Reference: http://pastebin.com/9TyDsSR3 |
Entry Title: WHID 2014-025: Stack Overflow goes down for an hour on Sunday due to DDoS attack WHID ID: 2014-025 Date Occurred: 2/16/2014 Attack Method: Denial of Service Application Weakness: Insufficient Anti-Automation Outcome: Downtime Attacked Entity Field: Blog Attacked Entity Geography: Incident Description: Stack Overflow went out for about an hour on Sunday morning due to a DDoS attack, TechCrunch reported. Stack Overflow is a question and answer website focused on coding that programmers, both professional and amateur, rely on. Reference: http://www.vcpost.com/articles/21665/20140216/stack-overflow-goes-down-for-an-hour-sunday-due-to-ddos-attack.htm |
Entry Title: WHID 2014-024: Barcelona Twitter Accounts Hacked by Syrian Electronic Army WHID ID: 2014-024 Date Occurred: 2/19/2014 Attack Method: Unknown Application Weakness: Unknown Outcome: Account Takeover Attacked Entity Field: Social Attacked Entity Geography: Incident Description: The Syrian Electronic Army, the cyber-wing of Syrian president Bashar al-Assad's regime, has targeted Barcelona football club because of its ties to Qatari money which is "full of blood and kill." Reference: http://www.ibtimes.co.uk/barcelona-twitter-accounts-hacked-by-syrian-electronic-army-over-links-qatar-1437064 |
Entry Title: WHID 2014-023: Kickstarter Hacked, Credit Card Data Safe WHID ID: 2014-023 Date Occurred: 2/16/2014 Attack Method: Unknown Application Weakness: Unknown Outcome: Leakage of Information Attacked Entity Field: Retail Attacked Entity Geography: Incident Description: The group funding site Kickstarter was recently the target of a hack by an unknown individual or group of individuals. Yes, some of the data that the service stores about you ??? if you're a user ??? was tapped into. However, there's a bit of a silver lining: Credit card data and passwords appear relatively safe, with a caveat. Reference: http://www.pcmag.com/article2/0,2817,2453510,00.asp |
Entry Title: WHID 2014-022: Massive hacking affected Venezuela???s government servers WHID ID: 2014-022 Date Occurred: 2/17/2014 Attack Method: Unknown Application Weakness: Unknown Outcome: Defacement Attacked Entity Field: Government Attacked Entity Geography: Incident Description: Hackers around the world are setting their sights on Venezuela???s government web properties following violent repression against anti-government protesters and instances of internet censorship. Reference: http://voxxi.com/2014/02/18/anonymous-hackers-venezuela-servers/ |
Entry Title: WHID 2014-021: Hackers Attack University of Costa Rica Publication WHID ID: 2014-021 Date Occurred: 1/27/2014 Attack Method: Denial of Service Application Weakness: Insufficient Anti-Automation Outcome: Downtiime Attacked Entity Field: Media Attacked Entity Geography: Incident Description: Semanario Universidad, the weekly news publication produced by the University of Costa Rica, saw its website brought down by distributed denial of service (DDOS) attacks in late January. Reference: http://news.co.cr/hackers-attack-university-of-costa-rica-publication/33056/ |
Entry Title: WHID 2014-020: UK MoJ Falls Victim To DDoS Attack WHID ID: 2014-020 Date Occurred: 2/17/2014 Attack Method: Denial of Service Application Weakness: Insufficient Anti-Automation Outcome: Downtiime Attacked Entity Field: Government Attacked Entity Geography: Incident Description: Another incident last week highlighted the growing cyber threat posed by Distributed Denial of Service (DDoS) attacks on government organisations. On Wednesday one such attack took down the website of the UK Ministry of Justice (MoJ), rendering it inaccessible for about three hours, V3 reported. Reference: http://www.misco.co.uk/blog/news/01707/uk-moj-falls-victim-to-ddos-attack |
Entry Title: WHID 2014-019: Royaldutchshellplc.com website under Denial of Service Attack WHID ID: 2014-019 Date Occurred: 2/17/2014 Attack Method: Denial of Service Application Weakness: Insufficient Anti-Automation Outcome: Downtime Attacked Entity Field: Utilities Attacked Entity Geography: Incident Description: Today the site is being bombarded with Shell Blog comments, made in multiple languages via multiple isp addresses. It appears to be yet another concerted denial of service attack by an unknown party. Reference: http://royaldutchshellplc.com/2014/02/17/royaldutchshellplc-com-website-under-denial-of-service-attack/ |
Entry Title: WHID 2014-018: Syrian Electronic Army hacks into Forbes.com WHID ID: 2014-018 Date Occurred: 2/16/2014 Attack Method: Cross-site Request Forgery (CSRF) Application Weakness: Unknown Outcome: Disinformation Attacked Entity Field: Blog Attacked Entity Geography: Incident Description: The Syrian Electronic Army, the cyber wing of Bashar al-Assad's army, said it hacked Forbes.com website Friday, claiming it compromised user data, defaced webpages and posted a fake story to the site. Reference: http://www.forbes.com/sites/andygreenberg/2014/02/20/how-the-syrian-electronic-army-hacked-us-a-detailed-timeline/ |
Entry Title: WHID 2014-017: School District Still Using Default Login For Admin Account Surprised To Learn Its Site Has Been Hacked WHID ID: 2014-017 Date Occurred: 1/8/2014 Attack Method: Brute Force Application Weakness: Insufficient Authentication Outcome: Defacement Attacked Entity Field: Education Attacked Entity Geography: Incident Description: A Texas school district is learning the hard way about website security basics. If you'd like to keep your site from being compromised, the very least you can do is reset the default login. According to a post at Hackforums, the Round Rock Independent School District of Austin, TX was using the following name and password for its admin account. Reference: http://www.techdirt.com/articles/20131223/18274325679/school-district-still-using-default-login-admin-account-surprised-to-learn-its-site-has-been-hacked.shtml |
Entry Title: WHID 2014-016: 24 Mexican Government Websites Hacked by Anonymous WHID ID: 2014-016 Date Occurred: 1/6/2014 Attack Method: Unknown Application Weakness: Unknown Outcome: Defacement Attacked Entity Field: Government Attacked Entity Geography: Incident Description: Anonymous hackers have breached and defaced around a couple of dozen websites hosted on Mexican government domains. Reference: http://news.softpedia.com/news/24-Mexican-Government-Websites-Hacked-by-Anonymous-413789.shtml |
Entry Title: WHID 2014-015: Massive E-toll website security flaw WHID ID: 2014-015 Date Occurred: 1/7/2014 Attack Method: Predictable Resource Location Application Weakness: Insufficient Process Validation Outcome: Leakage of Information Attacked Entity Field: eCommerce Attacked Entity Geography: Incident Description: An unofficial security advisory issued by a hacker identifying themselves as ???Moe1??? has warned E-toll users that the PINs used to log into their E-toll website accounts can be easily obtained if their username is known. Reference: http://mybroadband.co.za/news/security/94446-massive-e-toll-website-security-flaw.html |
Entry Title: WHID 2014-014: Hacker Targets Directors Guild of Canada Website WHID ID: 2014-014 Date Occurred: 1/6/2014 Attack Method: Unknown Application Weakness: Unknown Outcome: Leakage of Information Attacked Entity Field: Entertainment Attacked Entity Geography: Incident Description: A hacker site called ObeySec took over a computer server at the Directors Guild of Canada on the weekend. OUR EDITOR RECOMMENDS Directors Guild of Canada Has New Topper Angelina Jolie Might Testify in News Corp's Phone Hacking Lawsuit The external hacker used the handle legionnaire on Sunday to commandeer the DGC site and obtain the personal data of over 2,000 members, including Canada's top film and TV directors. Reference: http://www.hollywoodreporter.com/news/hacker-targets-directors-guild-canada-668584 |
Entry Title: WHID 2014-013: Thousands of visitors to yahoo.com hit with malware attack WHID ID: 2014-013 Date Occurred: 1/4/2014 Attack Method: Malvertising Application Weakness: Insufficient Output Handling Outcome: Planting of Malware Attacked Entity Field: Search Engine Attacked Entity Geography: Incident Description: Two Internet security firms have reported that Yahoo's advertising servers have been distributing malware to hundreds of thousands of users over the last few days. The attack appears to be the work of malicious parties who have hijacked Yahoo's advertising network for their own ends. Reference: http://www.washingtonpost.com/blogs/the-switch/wp/2014/01/04/thousands-of-visitors-to-yahoo-com-hit-with-malware-attack-researchers-say//?print=1 |
Entry Title: WHID 2014-012: Hacker Group DERP Attacking Xbox Live Now With DDoS, Sign-In Issue Reported WHID ID: 2014-012 Date Occurred: 1/4/2014 Attack Method: Denial of Service Application Weakness: Insufficient Anti-Automation Outcome: Downtime Attacked Entity Field: Gaming Attacked Entity Geography: Incident Description: Infamous hacker group DERP has now become a pain in the A#$ for gaming community, after targeting EA's Origin and some video game servers with DDoS attack the group has now started attacking Xbox Live. Reference: http://www.gamepur.com/news/13200-hacker-group-derp-attacking-xbox-live-now-ddos-sign-issue-reported.html |
Entry Title: WHID 2014-011: Sunanda Pushkar claims her Twitter account hacked WHID ID: 2014-011 Date Occurred: 1/4/2014 Attack Method: Brute Force Application Weakness: Insufficient Authentication Outcome: Account Takeover Attacked Entity Field: Social Attacked Entity Geography: Incident Description: Sunanda Pushkar, the wife of Union minister of state for HRD Shashi Tharoor, has claimed that "her Twitter account has been hacked" and the message that came criticizing BJP leader Subramaniam Swamy on her account was not hers. Reference: http://articles.timesofindia.indiatimes.com/2014-01-04/india/45859292_1_twitter-account-sunanda-pushkar-tweet |
Entry Title: WHID 2014-010: World of Warcraft users hit by account-hijacking malware attack WHID ID: 2014-010 Date Occurred: 1/6/2014 Attack Method: Malware Application Weakness: Insufficient Authentication Outcome: Account Takeover Attacked Entity Field: Gaming Attacked Entity Geography: Incident Description: World of Warcraft players have been hit with a malicious trojan that hijacks accounts even when they're protected by two-factor authentication, officials have warned. Reference: http://arstechnica.com/security/2014/01/world-of-warcraft-users-hit-by-account-hijacking-malware-attack/ |
Entry Title: WHID 2014-009: Greyhats expose 4.5 million Snapchat phone numbers using ???theoretical??? hack (updated) WHID ID: 2014-009 Date Occurred: 1/2/2014 Attack Method: Predictable Resource Location Application Weakness: Insufficient Anti-Automation Outcome: Leakage of Information Attacked Entity Field: Social Attacked Entity Geography: Incident Description: Greyhat hackers have published the partial phone numbers belonging to more than 4.5 million Snapchat users after exploiting a recently disclosed security weakness that officials of the service had described as theoretical. Reference: http://arstechnica.com/security/2014/01/greyhats-expose-4-5-million-snapchat-phone-numbers-using-theoretical-hack/ |
Entry Title: WHID 2014-008: World Poker Tour Amateur Poker League Website Hacked WHID ID: 2014-008 Date Occurred: 1/4/2014 Attack Method: Unknown Application Weakness: Unknown Outcome: Leakage of Information Attacked Entity Field: Gaming Attacked Entity Geography: Incident Description: The league website for free live poker nights across North America and the UK has been compromised and login details exposed. Reference: http://pokerfuse.com/news/live-and-online/world-poker-tour-amateur-poker-league-website-hacked-04-01/ |
Entry Title: WHID 2014-007: Highland website hacked WHID ID: 2014-007 Date Occurred: 1/3/2014 Attack Method: Unknown Application Weakness: Unknown Outcome: Defacement Attacked Entity Field: Education Attacked Entity Geography: Incident Description: Computer hackers broke into the website for the Highland Middle School last month, but school officials said that only the home page was changed. Reference: http://www.heraldbulletin.com/education/x12770567/Highland-website-hacked |
Entry Title: WHID 2014-006: Hacker Group DERP Takes Down Origin, Battlelog and More With DDoS Attack WHID ID: 2014-006 Date Occurred: 1/3/2014 Attack Method: Denial of Service Application Weakness: Insufficient Anti-Automation Outcome: Downtime Attacked Entity Field: Gaming Attacked Entity Geography: Incident Description: A hacker group known as DERP is currently taking down all of EA's gaming servers. Battlelog, a web based social networking service for the Battlefield and Medal of Honor series, is also down. Reference: http://www.ibtimes.co.uk/hacker-group-derp-takes-down-origin-battlelog-more-ddos-attack-1430857 |
Entry Title: WHID 2014-005: Battle.net and League of Legend hit with denial of service attacks WHID ID: 2014-005 Date Occurred: 1/3/2014 Attack Method: Denial of Service Application Weakness: Insufficient Anti-Automation Outcome: Downtime Attacked Entity Field: Gaming Attacked Entity Geography: Incident Description: Blizzard's Battle.net service has been the target of a denial-of-service attack resulting in intermittent downtime for its game platform as well as server instability on World of Warcraft. Reference: http://www.computerandvideogames.com/443794/battlenet-and-league-of-legend-hit-with-denial-of-service-attacks/ |
Entry Title: WHID 2014-004: Steam Hit By DDoS Attacks, Hackers Claim Responsibility WHID ID: 2014-004 Date Occurred: 1/3/2014 Attack Method: Denial of Service Application Weakness: Insufficient Anti-Automation Outcome: Downtime Attacked Entity Field: Gaming Attacked Entity Geography: Incident Description: We had heard how Snapchat got hacked, and how Microsoft???s Skype social media accounts had been hacked, and now according to the latest reports, we are hearing word that Valve???s Steam platform has been attacked by hackers as well who have launched a series of DDoS attacks against the company???s servers, causing outages and rendering gamers unable to play their online games or connecting to the service entirely. Reference: http://www.ubergizmo.com/2014/01/steam-hit-by-ddos-attacks-hackers-claim-responsibility/ |
Entry Title: WHID 2014-003: Pakistani Hackers Leak Data from Financial Services Online Australia WHID ID: 2014-003 Date Occurred: 1/3/2014 Attack Method: Unknown Application Weakness: Unknown Outcome: Leakage of Information Attacked Entity Field: Finance Attacked Entity Geography: Incident Description: A group of Pakistani hackers called Pakiz Cyber Squad has leaked user data apparently stolen from the systems of Financial Services Online (FSO), an Australian company that provides insurance, finance, superannuation and investment services. Reference: http://news.softpedia.com/news/Pakistani-Hackers-Leak-Data-from-Financial-Services-Online-Australia-413191.shtml |
Entry Title: WHID 2014-002: Skypes Twitter, Facebook, and blog hacked by Syrian Electronic Army WHID ID: 2014-002 Date Occurred: 1/1/2014 Attack Method: Unknown Application Weakness: Unknown Outcome: Account Takeover Attacked Entity Field: Social Attacked Entity Geography: Incident Description: arlier today, a person (or a few people) breached Skype???s security and hacked its Twitter account, Facebook page, and blog. The group claiming responsibility is the Syrian Electronic Army (SEA). Its message: end spying on the public. Reference: http://thenextweb.com/microsoft/2014/01/01/skypes-twitter-account-blog-get-hacked-sea-demanding-end-spying/#!uFj39 |
Entry Title: WHID 2014-001: MOE website hacked few hours after New Year WHID ID: 2014-001 Date Occurred: 1/1/2014 Attack Method: Unknown Application Weakness: Unknown Outcome: Defacement Attacked Entity Field: Government Attacked Entity Geography: KUALA LUMPUR Incident Description: KUALA LUMPUR: The Ministry of Education (MOE) website was allegedly hacked by a group of hackers that called themselves EvilSha0w Team, just a few hours after the country celebrated the New Year, today. Reference: http://www.nst.com.my/latest/moe-website-hacked-few-hours-after-new-year-1.452286 |
Entry Title: WHID 2013-022: Here?s How Hackers Stole Over $1 Million From 1,600 StubHub Users WHID ID: 2013-022 Date Occurred: 3/1/2013 Attack Method: Stolen Credentials Application Weakness: Insufficient Authentication Outcome: Monetary Loss Attacked Entity Field: Retail Attacked Entity Geography: Incident Description: The hackers obtained customers? logins through other sources, StubHub said, not by hacking StubHub?s systems. Reference: http://time.com/3024409/over-1000-stubhub-accounts-reportedly-hacked/ |
Entry Title: WHID 2013-021: Two more Cambodia govt sites hacked and defaced WHID ID: 2013-021 Date Occurred: 1/10/2013 Attack Method: Unknown Application Weakness: Unknown Outcome: Defacement Attacked Entity Field: Government Attacked Entity Geography: Incident Description: The Web sites of Cambodia's National Military Police and the Supreme Court had been breached by different hacker groups on Tuesday, and industry watchers note government sites in the country are vulnerable to hacks due to their poor security. Reference: http://www.zdnet.com/two-more-cambodia-govt-sites-hacked-and-defaced-7000009622/ |
Entry Title: WHID 2013-020: Drake International the latest victim of hacking, extortion scheme against companies WHID ID: 2013-020 Date Occurred: 1/9/2013 Attack Method: SQL Injection Application Weakness: Improper Input Handling Outcome: Leakage of Information Attacked Entity Field: Consulting Attacked Entity Geography: Incident Description: Drake International, the Canadian-based job placement firm, confirmed Wednesday that it has been the victim of a hacking scheme by a group seeking to extort payment in exchange for not releasing the personal information of people who have used Drake???s services. Reference: http://business.financialpost.com/2013/01/09/drake-international-confirms-database-with-user-information-hacked/?__lsa=bf4c-db1b |
Entry Title: WHID 2013-019: DHS website falls victim to hacktivist intrusion WHID ID: 2013-019 Date Occurred: 1/7/2013 Attack Method: Forceful Browsing Application Weakness: Predictable Resource Location Outcome: Leakage of Information Attacked Entity Field: Government Attacked Entity Geography: Incident Description: Hacktivist group NullCrew recently announced a succesful intrusion (though intrusionette might be a better word) against a website in the DHS.GOV domain hierarchy. Reference: http://nakedsecurity.sophos.com/2013/01/07/dhs-website-falls-victim-to-hacktivist-intrusion/ |
Entry Title: WHID 2013-018: Ubisoft probes sudden rash of hijack attacks on gamers' accounts WHID ID: 2013-018 Date Occurred: 1/4/2013 Attack Method: Unknown Application Weakness: Unknown Outcome: Account Hijacking Attacked Entity Field: Gaming Attacked Entity Geography: Incident Description: Ubisoft is investigating a recent spate of hijackings of gaming accounts belonging to users of its Uplay platform Reference: http://www.theregister.co.uk/2013/01/04/ubisoft_gaming_account_hijack_caper/ |
Entry Title: WHID 2013-017: Cyberattack hits Fifth Third for 2nd time in week WHID ID: 2013-017 Date Occurred: 1/9/2013 Attack Method: Denial of Service Application Weakness: Insufficient Anti-automation Outcome: Downtime Attacked Entity Field: Finance Attacked Entity Geography: Incident Description: Fifth Third Bank's website was hit with a cyberattack Tuesday causing its second shutdown in a span of five days, the Cincinnati Business Courier reports. Reference: http://www.bizjournals.com/columbus/morning_call/2013/01/cyber-attack-hits-fifth-third-for.html |
Entry Title: WHID 2013-016: Law firm???s trust account hacked, ???large six figure??? taken WHID ID: 2013-016 Date Occurred: 1/7/2013 Attack Method: Banking Trojan Application Weakness: Insufficient Process Validation Outcome: Monetary Loss Attacked Entity Field: Finance Attacked Entity Geography: Incident Description: In a scam never seen before in Ontario, a Toronto-area law firm lost ???a large six figure??? over the holidays after a virus gave hackers backdoor access to its bookkeeper???s computer. The virus copied bank account passwords as she typed them. Reference: http://www.lawtimesnews.com/201301079535/Headline-News/Law-firms-trust-account-hacked-large-six-figure-taken |
Entry Title: WHID 2013-015: Yahoo Mail users hit by widespread hacking, XSS exploit seemingly to blame WHID ID: 2013-015 Date Occurred: 1/7/2013 Attack Method: Cross-site Scripting (XSS) Application Weakness: Improper Output Handling Outcome: Account Hijacking Attacked Entity Field: Web-based Email Attacked Entity Geography: Incident Description: Late last night reports started coming in suggesting that Yahoo Mail users have had their accounts hacked. While ???hacked??? is a very broad term nowadays, it does appear that Yahoo email accounts are being compromised after users click on a malicious link they receive in their inboxes. Reference: http://thenextweb.com/insider/2013/01/07/yahoo-mail-users-hit-by-widespread-hacking-xss-exploit-seemingly-to-blame/ |
Entry Title: WHID 2013-014: BB&T, PNC say they've been hit by cyber hackers WHID ID: 2013-014 Date Occurred: 1/4/2013 Attack Method: Denial of Service Application Weakness: Insufficient Anti-automation Outcome: Downtime Attacked Entity Field: Finance Attacked Entity Geography: Incident Description: BB&T Corp. and PNC Financial Services Corp. said Friday they have experienced this week another wave of website ???denial of service??? disruptions that could be coming from cyber hackers. Reference: http://www.journalnow.com/business/business_news/local/article_31f50e90-56dc-11e2-ada2-0019bb30f31a.html |
Entry Title: WHID 2013-013: DDoS attacks on banks continue into the New Year WHID ID: 2013-013 Date Occurred: 1/4/2013 Attack Method: Denial of Service Application Weakness: Insufficient Anti-automation Outcome: Downtime Attacked Entity Field: Finance Attacked Entity Geography: Incident Description: A hacktivist group is claiming responsibility for outages affecting nine U.S. bank websites in recent weeks ??? part of a distributed denial-of-service (DDoS) operation that began last fall. Reference: http://www.scmagazine.com/ddos-attacks-on-banks-continue-into-the-new-year/article/274712/ |
Entry Title: WHID 2013-012: 22 SL Government sites hacked WHID ID: 2013-012 Date Occurred: 1/3/2013 Attack Method: Unknown Application Weakness: Unknown Outcome: Defacement Attacked Entity Field: Government Attacked Entity Geography: India Incident Description: A number of 22 subdomains of the North Central Provincial Council (nc.gov.lk) owned by the Sri Lanka government have been defaced by Bangladeshi Grey Hat Hackers (BGHH). Reference: http://www.dailymirror.lk/news/24732-22-sl-government-sites-hacked.html |
Entry Title: WHID 2013-011: Foreign Policy Group Gets Hacker Happy New Yea WHID ID: 2013-011 Date Occurred: 1/3/2013 Attack Method: Unknown Application Weakness: Unknown Outcome: Planting of Malware Attacked Entity Field: Politics Attacked Entity Geography: Incident Description: The group's website was infected with malware that uses a "watering hole" attack -??? waiting for users to visit the site before downloading the malware to their machines. Reference: http://news.discovery.com/tech/council-on-foreign-relations-site-hit-with-malware-130103.htm |
Entry Title: WHID 2013-010: Just in time: Facebook restores New Year???s messaging service after plugging privacy loophole WHID ID: 2013-010 Date Occurred: 1/1/2013 Attack Method: Forceful Browsing Application Weakness: Predictable Resource Location Outcome: Leakage of Information Attacked Entity Field: Social Attacked Entity Geography: Incident Description: Earlier today, social networking giant Facebook was caught with its pants down when blogger Jack Jenkins noticed a privacy flaw with its New Year ???Midnight Delivery??? messaging service. Reference: http://thenextweb.com/facebook/2012/12/31/just-in-time-facebook-restores-new-years-messaging-service-after-plugging-privacy-loophole/ |
Entry Title: WHID 2013-009: Facebook fixes 'Peeping Tom' webcam bug - AFTER 5 MONTHS WHID ID: 2013-009 Date Occurred: 1/2/2013 Attack Method: Cross-site Request Forgery (CSRF) Application Weakness: Insufficient Process Validation Outcome: Leakage of Information Attacked Entity Field: Social Attacked Entity Geography: Incident Description: Facebook had a busy time over the holiday period fixing several security flaws, including a webcam-related vulnerability that allowed hackers to record video from a user's web camera and post it on their timeline. Reference: http://www.theregister.co.uk/2013/01/02/facebook_privacy_bug_fixes/ |
Entry Title: WHID 2013-008: ZOL website hacked WHID ID: 2013-008 Date Occurred: 1/3/2013 Attack Method: Unknown Application Weakness: Unknown Outcome: Defacement Attacked Entity Field: Hosting Providers Attacked Entity Geography: Incident Description: Today we woke up to the tip that the website of one of the largest internet service providers in the country, Zimbabwe Online (ZOL) had been hacked. Reference: http://www.techzim.co.zw/2013/01/zol-website-is-hacked/ |
Entry Title: WHID 2013-007: Hacker AnonAcid Publishes Data on 50,000 Ohio Residents WHID ID: 2013-007 Date Occurred: 1/3/2013 Attack Method: Unknown Application Weakness: Unknown Outcome: Leakage of Information Attacked Entity Field: Government Attacked Entity Geography: Incident Description: As part of OpRedRoll and Occupy Steubenville, Anonymous' response to the rape of a 15-year-old girl in Steubenville, Ohio last August, hacker AnonAcid recently published the names, birthdates, addresses and other personal data of residents of Steubenville and nearby towns in Ohio. Reference: http://www.esecurityplanet.com/hackers/hacker-anonacid-publishes-data-on-50000-ohio-residents.html |
Entry Title: WHID 2013-006: World Wildlife Foundation China Hacked, Details of 80,000 Users Leaked WHID ID: 2013-006 Date Occurred: 1/3/2013 Attack Method: SQL Injection Application Weakness: Improper Input Handling Outcome: Leakage of Information Attacked Entity Field: Non-Profit Attacked Entity Geography: Incident Description: A hacker collective called DarkWeb Goons, recently founded by a former member of the Grey Security group, has breached the official website of World Wildlife Foundation China (wwfchina.org). Reference: http://news.softpedia.com/news/World-Wildlife-Foundation-China-Hacked-Details-of-80-000-Users-Leaked-318117.shtml |
Entry Title: WHID 2013-005: Energy Manufacturer Also Victimized by IE Zero Day in Watering Hole Attack WHID ID: 2013-005 Date Occurred: 1/2/2013 Attack Method: Unknown Application Weakness: Unknown Outcome: Planting of Malware Attacked Entity Field: Energy Attacked Entity Geography: Incident Description: Researcher Eric Romang said that Capstone Turbine Corp., which builds power generation equipment for utilities, has been infected with malware exploiting CVE 2012-4969 for four months and the latest IE exploit since Dec. 18. Reference: http://threatpost.com/en_us/blogs/energy-manufacturer-also-victimized-ie-zero-day-watering-hole-attack-010213 |
Entry Title: WHID 2013-004: The hacker has breached a large number of websites over the past several days WHID ID: 2013-004 Date Occurred: 1/1/2013 Attack Method: SQL Injection Application Weakness: Improper Input Handling Outcome: Leakage of Information Attacked Entity Field: Government Attacked Entity Geography: Incident Description: The hacker has breached a large number of websites over the past several days, including the Jawaharlal Nehru Centre for Advanced Scientific Research (jncasr.ac.in) Reference: http://news.softpedia.com/news/Yemen-Customs-Authority-Hacked-User-Details-Leaked-318245.shtml |
Entry Title: WHID 2013-003: Hacker has breached a large number of websites WHID ID: 2013-003 Date Occurred: 1/1/2013 Attack Method: SQL Injection Application Weakness: Improper Input Handling Outcome: Leakage of Information Attacked Entity Field: Government Attacked Entity Geography: Incident Description: hacker has breached a large number of websites over the past several days, including the Indian National Institute of Technology (nitdgp.ac.in) Reference: http://news.softpedia.com/news/Yemen-Customs-Authority-Hacked-User-Details-Leaked-318245.shtml |
Entry Title: WHID 201-3-002: Yemen Customs Authority Hacked, User Details Leaked WHID ID: 2013-002 Date Occurred: 1/1/2013 Attack Method: SQL Injection Application Weakness: Improper Input Handling Outcome: Leakage of Information Attacked Entity Field: Government Attacked Entity Geography: Incident Description: The hacker known as JokerCracker has breached the official website of Yemen???s Customs Authority (customs.gov.ye), leaking the details of hundreds of users. Reference: http://news.softpedia.com/news/Yemen-Customs-Authority-Hacked-User-Details-Leaked-318245.shtml |
Entry Title: WHID 2013-001: OpFuckMohammad - Happy New Year WHID ID: 2013-001 Date Occurred: 1/1/2013 Attack Method: SQL Injection Application Weakness: Improper Input Handling Outcome: Leakage of Information Attacked Entity Field: Media Attacked Entity Geography: Incident Description: PastBin DB Dump of data from attack on http://eldorar.com/ Reference: http://pastebin.com/yDFK5XEC |
Entry Title: WHID 2012-100: ICO fines travel firm ?150,000 after hacker steals card details from more than a million customers WHID ID: 2012-100 Date Occurred: 12/21/2012 Attack Method: SQL Injection Application Weakness: Improper Input Handling Outcome: Leakage of Information Attacked Entity Field: Travel Attacked Entity Geography: Incident Description: This happened on 21 December 2012, when the hacker uncovered a coding error in the website and used an SQL injection to log in to the administrators? interface, the report explained. Reference: http://www.v3.co.uk/v3-uk/news/2357033/ico-fines-travel-firm-gbp150-000-after-hacker-steals-over-a-million-card-details |
Entry Title: WHID 2012-99: 'Anonymous' hackers attack Brazilian websites WHID ID: 2012-99 Date Occurred: 1/21/2012 Attack Method: Denial of Service Application Weakness: Insufficient Anti-automation Outcome: Downtime Attacked Entity Field: Government Attacked Entity Geography: RIO DE JANEIRO, Brazil Incident Description: The computer hacker group Anonymous attacked websites of Brazil's federal district Saturday as well as one belonging to a Brazilian singer to protest the forced closure of Megaupload.com. Reference: http://www.google.com/hostednews/afp/article/ALeqM5jGNOfn8Ij_BmP_UTSE83cFq_bMDA?docId=CNG.ed2a687c0642d8185d1e4e7ccab9f2c3.6e1 |
Entry Title: WHID 2012-98: Hackers tap Salem Co. account for $19,000 WHID ID: 2012-98 Date Occurred: 1/22/2012 Attack Method: Banking Trojan Application Weakness: Insufficient Process Validation Outcome: Monetary Loss Attacked Entity Field: Finance Attacked Entity Geography: Salem, NJ Incident Description: Computer hackers have broken in and stolen approximately $19,000 by way of an illegal wire transfer from a Salem County bank account that held more than $13 million in funds. Reference: http://www.nj.com/salem/index.ssf/2012/01/hackers_tap_salem_co_account_f.html |
Entry Title: WHID 2012-97: Israeli hacker posts ???100,000??_ more stolen Facebook logins WHID ID: 2012-97 Date Occurred: 1/21/2012 Attack Method: Unknown Application Weakness: Unknown Outcome: Leakage of Information Attacked Entity Field: Social Attacked Entity Geography: San Francisco Incident Description: Israeli hacker Hannibal claims to have stolen another 100,000 Facebook logins from Arab users of the social network. A quick analysis shows that the number is actually closer to 20,000 accounts. Reference: https://www.zdnet.com/blog/facebook/israeli-hacker-posts-8216100000-8242-more-stolen-facebook-logins/7837 |
Entry Title: WHID 2012-96: Israeli hacker steals 85,000 Facebook logins from Arabs WHID ID: 2012-96 Date Occurred: 1/19/2012 Attack Method: Unknown Application Weakness: Unknown Outcome: Leakage of Information Attacked Entity Field: Social Attacked Entity Geography: San Francisco, CA Incident Description: An Israeli hacker who goes by the name Hannibal this week stole ???85,000??_ Facebook logins from Arab users of the social network, as part of an online hacker war being fought in the Middle East. Reference: https://www.zdnet.com/blog/facebook/israeli-hacker-steals-85000-facebook-logins-from-arabs/7758 |
Entry Title: WHID 2012-95: T-Mobile reused staff passwords WHID ID: 2012-95 Date Occurred: 1/19/2012 Attack Method: SQL Injection Application Weakness: Improper Input Handling Outcome: Leakage of Information Attacked Entity Field: Technology Attacked Entity Geography: Bonn, DE Incident Description: A hacking group has dumped internal login-in details for T-Mobile staff revealing the US telco had reused passwords for multiple accounts. Reference: http://www.scmagazine.com.au/News/287402,t-mobile-reused-staff-passwords.aspx |
Entry Title: WHID 2012-94: VideoGamesPlus.ca hacked, 21,000 users' details stolen WHID ID: 2012-94 Date Occurred: 1/18/2012 Attack Method: Unknown Application Weakness: Unknown Outcome: Leakage of Information Attacked Entity Field: Entertainment Attacked Entity Geography: Ontario, Canada Incident Description: VGP admitted it was "currently investigating a security issue" in a generic email addressed to users, passed to Eurogamer this evening. The company recommends users change their passwords "as a safety precaution" and apologised "for any inconvenience caused". Reference: http://www.eurogamer.net/articles/2012-01-18-videogamesplus-ca-hacked-21-000-users-details-stolen |
Entry Title: WHID 2012-93: Hackers steal $6.7M in cyber bank robbery WHID ID: 2012-93 Date Occurred: 1/18/2012 Attack Method: Banking Trojan Application Weakness: Insufficient Process Validation Outcome: Monetary Loss Attacked Entity Field: Finance Attacked Entity Geography: Johannesburg, South Africa Incident Description: Most of the hackers we talk about here are out to steal credit card numbers and harass. Some of the hacks result in illicit gains, but few that we have talked about have been able to pull the massive amount of funds that hackers who hit the South African Postbank have grabbed. These hackers were able to steal $6.7 million from the bank. Reference: http://www.slashgear.com/hackers-steal-6-7m-in-cyber-bank-robbery-18209697/ |
Entry Title: WHID 2012-92: Ashton Kutcher's FourSquare, Twitter hacked WHID ID: 2012-92 Date Occurred: 1/18/2012 Attack Method: Unknown Application Weakness: Unknown Outcome: Account Takeover Attacked Entity Field: Social Attacked Entity Geography: San Francisco Incident Description: Hackers broke into the FourSquare and Twitter accounts of actor Ashton Kutcher, claiming to confirm he was in a romantic relationship with Lorene Scafaria. Reference: http://www.gmanetwork.com/news/story/244942/scitech/socialmedia/ashton-kutcher-s-foursquare-twitter-hacked |
Entry Title: WHID 2012-91: Hackers spread malware via children's gaming websites WHID ID: 2012-91 Date Occurred: 1/16/2012 Attack Method: Unknown Application Weakness: Improper Output Handling Outcome: Planting of Malware Attacked Entity Field: Entertainment Attacked Entity Geography: Fortitude Valley, Australia Incident Description: Hackers are increasingly targeting child-focused gaming websites, according to a leading anti-virus firm. Reference: http://www.bbc.co.uk/news/technology-16576542 |
Entry Title: WHID 2012-90: Namesco customers affected by hackers WHID ID: 2012-90 Date Occurred: 1/16/2012 Attack Method: Unknown Application Weakness: Unknown Outcome: Leakage of Information Attacked Entity Field: Service Provider Attacked Entity Geography: UK Incident Description: UK ISP Namesco confirmed that a small number of its customers were affected by hackers who broke into the company system and stole some personal data, including credit card information, ISPreview reported. Reference: http://www.telecompaper.com/news/namesco-customers-affected-by-hackers |
Entry Title: WHID 2012-9: GAME website 'hacked', passwords obtained - Report WHID ID: 2012-9 Date Occurred: 1/16/2012 Attack Method: Shell Injection Application Weakness: Improper Input Handling Outcome: Leakage of Information Attacked Entity Field: Entertainment Attacked Entity Geography: United Kingdom Incident Description: There are fears that the GAME website's user database has been hacked, with hackers getting hold of over 200 customers' email addresses and passwords in clear text. Reference: http://www.computerandvideogames.com/332334/game-website-hacked-passwords-obtained-report/ |
Entry Title: WHID 2012-89: Nigerian army website hacked by protesters WHID ID: 2012-89 Date Occurred: 1/16/2012 Attack Method: Unknown Application Weakness: Unknown Outcome: Defacement Attacked Entity Field: Government Attacked Entity Geography: Nigeria Incident Description: A Nigerian army website was hacked by cyber activists Monday as protests against a hike in fuel prices continue. Reference: http://observers.france24.com/content/20120116-nigerian-army-website-hacked-protesters-occupy-fuel-subisidy-goodluck-jonathan-lagos-soldiers-roadblocks-strike |
Entry Title: WHID 2012-88: Anti-Israeli hackers hit ally Azerbaijan's websites WHID ID: 2012-88 Date Occurred: 1/16/2012 Attack Method: Unknown Application Weakness: Unknown Outcome: Defacement Attacked Entity Field: Government Attacked Entity Geography: Tel-Aviv, Israel Incident Description: Anti-Israeli hackers attacked official websites in the Jewish state's mainly Muslim ally Azerbaijan on Monday, the same day as several Israeli sites were also threatened. To read more: http://www.nowlebanon.com/NewsArchiveDetails.aspx?ID=353180#ixzz1rxH5n79K Only 25% of a given NOW Lebanon article can be republished. For information on republishing rights from NOW Lebanon: http://www.nowlebanon.com/Sub.aspx?ID=125478 Reference: http://www.nowlebanon.com/NewsArchiveDetails.aspx?ID=353180 |
Entry Title: WHID 2012-87: Actress Madhu Shalini???s twitter account hacked WHID ID: 2012-87 Date Occurred: 1/16/2012 Attack Method: Unknown Application Weakness: Unknown Outcome: Disinformation Attacked Entity Field: Social Attacked Entity Geography: San Francisco, CA Incident Description: On realizing that her account was hacked, the actress was quick to retrieve it, giving the hacker little chance to misuse the account Reference: http://articles.timesofindia.indiatimes.com/2012-01-16/news-interviews/30631582_1_twitter-account-hacker-popular-micro-blogging-site |
Entry Title: WHID 2012-86: HuffPo's Twitter account hacked WHID ID: 2012-86 Date Occurred: 1/15/2012 Attack Method: Unknown Application Weakness: Unknown Outcome: Disinformation Attacked Entity Field: Social Attacked Entity Geography: San Francisco, CA Incident Description: Usual tweets with links to stories about celebrities and cute animal photos are joined by racist and homophobic notes on The Huffington Post's Twitter account. Reference: http://news.cnet.com/8301-1023_3-57359471-93/huffpos-twitter-account-hacked/ |
Entry Title: WHID 2012-85: Websites of Israel bourse, airline brought down WHID ID: 2012-85 Date Occurred: 1/16/2012 Attack Method: Denial of Service Application Weakness: Insufficient Anti-automation Outcome: Downtime Attacked Entity Field: Finance Attacked Entity Geography: Tel-Aviv, Israel Incident Description: The websites of Israeli national carrier El Al and the Tel Aviv Stock Exchange were both offline on Monday morning hours after they were reportedly threatened by a hacker claiming to be Saudi. Reference: http://www.bangkokpost.com/tech/computer/275406/websites-of-israel-bourse-airline-brought-down |
Entry Title: WHID 2012-84: Hackers deface city police website WHID ID: 2012-84 Date Occurred: 1/15/2012 Attack Method: Unknown Application Weakness: Unknown Outcome: Defacement Attacked Entity Field: Law Enforcement Attacked Entity Geography: Kochi City, India Incident Description: Brilliant hackers have defaced some links given on the crime prevention tips page of city police website, www.kochicitypolice.org, entering picture language icons. Reference: http://www.asianage.com/india/hackers-deface-city-police-website-670 |
Entry Title: WHID 2012-83: Gaza hackers attack Israeli fire services website WHID ID: 2012-83 Date Occurred: 1/13/2012 Attack Method: Unknown Application Weakness: Unknown Outcome: Defacement Attacked Entity Field: Government Attacked Entity Geography: Tel-Aviv, Israel Incident Description: A group hackers succeeded on Thursday night in hacking into the Israeli Fire and Rescue Services' official website. The site's homepage was changed to black with a sneering message from the hackers to the Israeli government and other messages supporting armed resistance against Israel, Israeli media reported. Reference: http://www.allvoices.com/contributed-news/11288572-gaza-hackers-attack-israel-fire-services-website |
Entry Title: WHID 2012-82: Xbox.com has been hacked claim users WHID ID: 2012-82 Date Occurred: 1/13/2012 Attack Method: Brute Force Application Weakness: Insufficient Anti-automation Outcome: Account Takeover Attacked Entity Field: Entertainment Attacked Entity Geography: Redmond, WA Incident Description: Possible evidence that Xbox.com has been hacked has emerged in the US, suggesting that the Microsoft Points scandal really does have more to it than just phishing scams. Read more: http://www.metro.co.uk/tech/games/887330-xbox-com-has-been-hacked-claim-users-update-microsoft-response#ixzz1rxAyOi00 Reference: http://www.metro.co.uk/tech/games/887330-xbox-com-has-been-hacked-claim-users-update-microsoft-response |
Entry Title: WHID 2012-81: RON PAUL SUPPORTERS HACK TWITTER ACCOUNTS OF RISE AGAINST AND NO DOUBT WHID ID: 2012-81 Date Occurred: 1/13/2012 Attack Method: Unknown Application Weakness: Unknown Outcome: Disinformation Attacked Entity Field: Social Attacked Entity Geography: San Francisco, CA Incident Description: Contrary to what you may have read, popular alternative bands No Doubt and Rise Against have not officially endorsed any presidential candidate. According to Billboard, early Wednesday morning (Jan. 11), both bands had their Twitter accounts hacked by overzealous supporters of Ron Paul. Reference: http://audioinkradio.com/2012/01/no-doubt-rise-against-twitter-hacked-ron-paul-backers |
Entry Title: WHID 2012-80: Live Blog Platform CoverItLive Hacked WHID ID: 2012-80 Date Occurred: 1/7/2012 Attack Method: Unknown Application Weakness: Unknown Outcome: Leakage of Information Attacked Entity Field: Blogs Attacked Entity Geography: Austin, TX Incident Description: Live-blogging platform CoverItLive revealed Friday night that it will be implementing a required password reset after discovering a hack of its files. Reference: http://www.pcmag.com/article2/0,2817,2398924,00.asp |
Entry Title: WHID 2012-8: Zappos website hacked; credit card database not affected, CEO says WHID ID: 2012-8 Date Occurred: 1/15/2012 Attack Method: Unknown Application Weakness: Unknown Outcome: Leakage of Information Attacked Entity Field: Retail Attacked Entity Geography: Henderson, NV Incident Description: Zappos.com, the popular online shoe site, was the victim of a cyber attack by a hacker who gained access to part of the company's internal network through one of its servers, Chief Executive Tony Hsieh said in an email to employees Sunday. Reference: http://latimesblogs.latimes.com/technology/2012/01/zappos-hacked.html |
Entry Title: WHID 2012-79: ???Operation Italy??? takes down government website WHID ID: 2012-79 Date Occurred: 1/13/2012 Attack Method: Denial of Service Application Weakness: Insufficient Anti-automation Outcome: Downtime Attacked Entity Field: Government Attacked Entity Geography: Italy Incident Description: Plans by Anonymous to launch a distributed denial of service attack against www.governo.it were changed half an hour before the attack was scheduled to commence. Reference: http://news.netcraft.com/archives/2012/01/13/operation-italy-takes-down-government-website.html |
Entry Title: WHID 2012-78: American Express fixes critical security vulnerability WHID ID: 2012-78 Date Occurred: 1/13/2012 Attack Method: SQL Injection Application Weakness: Improper Input Handling Outcome: Leakage of Information Attacked Entity Field: Finance Attacked Entity Geography: El Paso, TX Incident Description: Charge card company American Express has fixed a security vulnerability on its web site that allowed SQL injection and, therefore, direct access to its server's database. The company acted after The H's associates at heise Security forwarded a tip-off from one of its readers. Reference: http://www.h-online.com/security/news/item/American-Express-fixes-critical-security-vulnerability-1410252.html |
Entry Title: WHID 2012-77: FoundationSource.com fends off a web attack WHID ID: 2012-77 Date Occurred: 1/12/2012 Attack Method: Denial of Service Application Weakness: Insufficient Anti-automation Outcome: Downtime Attacked Entity Field: Politics Attacked Entity Geography: Fairfield, CT Incident Description: The management firm enlisted reinforcements to quell a denial of service attack. Reference: http://www.internetretailer.com/2012/01/12/foundationsourcecom-fends-web-attack |
Entry Title: WHID 2012-76: Hackers retaliate as Dutch ISPs told to block Pirate Bay WHID ID: 2012-76 Date Occurred: 1/12/2012 Attack Method: Denial of Service Application Weakness: Insufficient Anti-automation Outcome: Downtime Attacked Entity Field: Government Attacked Entity Geography: Netherlands Incident Description: A Dutch court has ordered two ISPs in that country to block their customers' access to The Pirate Bay, a site often used for copyright-infringing activities. On Wednesday, the Hague district court told the ISPs Ziggo and XS4ALL that they have to block the site within 10 days or face a ???10,000 (??8,315) fine each day that access remains possible. The action against the ISPs was brought by Brein, the Netherlands' rights-holder group. Following the verdict, it appears that hackers claiming to be part of Anonymous have used a denial-of-service attack to make Brein's own site inaccessible. Reference: http://www.zdnet.co.uk/blogs/communication-breakdown-10000030/hackers-retaliate-as-dutch-isps-told-to-block-pirate-bay-10025189/ |
Entry Title: WHID 2012-75: Stratfor downed again after brief relaunch WHID ID: 2012-75 Date Occurred: 1/12/2012 Attack Method: Denial of Service Application Weakness: Insufficient Anti-automation Outcome: Downtime Attacked Entity Field: Technology Attacked Entity Geography: Austin, TX Incident Description: Stratfor relaunched its website overnight, which included a video from the company's CEO George Friedman thumbing his nose at Anonymous. This morning, the site has been pulled down again. Reference: http://www.zdnet.com.au/stratfor-downed-again-after-brief-relaunch-339329556.htm |
Entry Title: WHID 2012-74: Indian hackers break into DGPR site WHID ID: 2012-74 Date Occurred: 1/11/2012 Attack Method: Unknown Application Weakness: Unknown Outcome: Defacement Attacked Entity Field: Government Attacked Entity Geography: Lahore, Pakistan Incident Description: A group of Indian hackers-India Cyber Army (ICA)-hacked the Punjab Directorate General of Public Relations (DGPR)???s official website (www.dgprpunjab.com) on Tuesday. Reference: http://www.pakistantoday.com.pk/2012/01/11/city/lahore/indian-hackers-break-into-dgpr-site/ |
Entry Title: WHID 2012-73: Russians in cyber attack on Manly business WHID ID: 2012-73 Date Occurred: 1/10/2012 Attack Method: Denial of Service Application Weakness: Insufficient Anti-automation Outcome: Downtime Attacked Entity Field: Finance Attacked Entity Geography: Manly, Australia Incident Description: CYBER criminals manipulating computer networks across the globe are targeting internet businesses and a Manly trader is warning locals to be wary after his website was temporarily crippled in a high-tech extortion attempt. Reference: http://manly-daily.whereilive.com.au/news/story/russians-in-cyber-attack/ |
Entry Title: WHID 2012-72: Pirate Bay block prompts Anonymous to launch DDOS WHID ID: 2012-72 Date Occurred: 1/10/2012 Attack Method: Denial of Service Application Weakness: Insufficient Anti-automation Outcome: Downtime Attacked Entity Field: Entertainment Attacked Entity Geography: Finland Incident Description: Anonymous has struck the websites of two anti-piracy organizations, a day after Finnish ISP Elisa blocked access to The Pirate Bay search engine in response to an injunction requested by one of the organizations. Reference: https://www.computerworld.com/s/article/9223304/Pirate_Bay_block_prompts_Anonymous_to_launch_DDOS |
Entry Title: WHID 2012-71: Xbox Live a goldmine for hackers WHID ID: 2012-71 Date Occurred: 1/9/2012 Attack Method: Stolen Credentials Application Weakness: Insufficient Authentication Outcome: Monetary Loss Attacked Entity Field: Entertainment Attacked Entity Geography: Redmond, WA Incident Description: Fraudsters have etched out a goldmine grey market from Xbox Live by selling hacked gaming profiles loaded with Microsoft Points. Reference: http://www.scmagazine.com.au/News/286307,xbox-live-a-goldmine-for-hackers.aspx |
Entry Title: WHID 2012-70: Israeli hackers hit Arab websites WHID ID: 2012-70 Date Occurred: 1/9/2012 Attack Method: Unknown Application Weakness: Unknown Outcome: Leakage of Information Attacked Entity Field: Finance Attacked Entity Geography: Saudi Arabia Incident Description: Israeli hackers decided this past weekend to retaliate in an unorganized fashion: On an Israeli hacking forum, personal details were revealed (including phone numbers) of users from an Arab website that was hacked by an Israeli. Reference: http://www.globes.co.il/serveen/globes/docview.asp?did=1000713894 |
Entry Title: WHID 2012-7: Subsidy Protest: EFCC site hacked with False arrests of oil moguls WHID ID: 2012-7 Date Occurred: 1/13/2012 Attack Method: Unknown Application Weakness: Unknown Outcome: Defacement Attacked Entity Field: Government Attacked Entity Geography: Nigeria Incident Description: Nigerian hackers have tampered with the website of the Economic and Financial Crimes Commission, EFCC, www.efccnigeria.org, posting on the site the false ???arrests???of prominent Nigerian players in the oil sector. Reference: http://pmnewsnigeria.com/2012/01/13/subsidy-protest-efcc-site-hacked-with-false-arrests-oil-moguls/ |
Entry Title: WHID 2012-69: Hackers hit ArcelorMittal's Belgian website WHID ID: 2012-69 Date Occurred: 1/6/2012 Attack Method: Unknown Application Weakness: Unknown Outcome: Defacement Attacked Entity Field: Government Attacked Entity Geography: Brussels, Belgium Incident Description: The online piracy group Anonymous hacked into the Belgian website of industrial giant ArcelorMittal on Friday, posting a video to protest the closure of two blast furnaces in Belgium. Reference: http://www.google.com/hostednews/afp/article/ALeqM5h96a9ZQ7H-z0m5mW1LP6anEUM0qQ?docId=CNG.7cda19e9b40775c4791cfe074e851e06.b1 |
Entry Title: WHID 2012-68: Server hacked at OSU Medical Center WHID ID: 2012-68 Date Occurred: 1/6/2012 Attack Method: Unknown Application Weakness: Unknown Outcome: Leakage of Information Attacked Entity Field: Healthcare Attacked Entity Geography: Columbus, OH Incident Description: Ohio State University Medical Center has notified 30 patients and 150 students that a hacker might have accessed their names, medical information and/or Social Security numbers. Reference: http://www.dispatch.com/content/stories/local/2012/01/06/OSU-Medical-Center-server-hacked.html |
Entry Title: WHID 2012-67: Turkish hackers break French MP???s website WHID ID: 2012-67 Date Occurred: 1/5/2012 Attack Method: Unknown Application Weakness: Unknown Outcome: Defacement Attacked Entity Field: Government Attacked Entity Geography: Paris, France Incident Description: A group of Turkish hackers Cyber-Warrior.org/AKINCILAR broke French MP of Armenian descent Patrick Devedjian???s website. Reference: http://news.am/eng/news/88198.html |
Entry Title: WHID 2012-66: Sony Pictures hacked again by Anonymous WHID ID: 2012-66 Date Occurred: 1/6/2012 Attack Method: Unknown Application Weakness: Unknown Outcome: Defacement Attacked Entity Field: Entertainment Attacked Entity Geography: Culver City, CA Incident Description: The hacking group Anonymous has confirmed that they have once again hacked Sony Pictures, gaining access to their Facebook account and website. Reference: http://www.afterdawn.com/news/article.cfm/2012/01/06/sony_pictures_hacked_again_by_anonymous |
Entry Title: WHID 2012-65: Hackers steal 45,000 Facebook passwords WHID ID: 2012-65 Date Occurred: 1/6/2012 Attack Method: Stolen Credentials Application Weakness: Improper Output Handling Outcome: Planting of Malware Attacked Entity Field: Social Attacked Entity Geography: California Incident Description: THE SOCIAL NETWORK Facebook has been hit by a malware worm called Ramnit, which has gained access to the login details of more than 45,000 users. Source: The Inquirer (http://s.tt/157jZ) Reference: http://www.theinquirer.net/inquirer/news/2135748/hackers-steal-facebook-passwords |
Entry Title: WHID 2012-64: Care2 political social network hacked WHID ID: 2012-64 Date Occurred: 1/5/2012 Attack Method: Unknown Application Weakness: Unknown Outcome: Leakage of Information Attacked Entity Field: Social Attacked Entity Geography: Redwood City, CA Incident Description: Care2.com, a social networking website for activists, has decided to reset the account passwords of almost 18 million registered members after hackers gained access to its servers. Reference: http://www.computerworlduk.com/news/security/3327948/care2-political-social-network-hacked/ |
Entry Title: WHID 2012-63: Singapore University hacked WHID ID: 2012-63 Date Occurred: 1/5/2012 Attack Method: SQL Injection Application Weakness: Improper Input Handling Outcome: Leakage of Information Attacked Entity Field: Education Attacked Entity Geography: Singapore Incident Description: Update: Hackers have broken into the National University of Singapore and made staff usernames, domain information and hashed passwords public. Reference: http://www.scmagazine.com.au/News/285906,singapore-university-hacked.aspx |
Entry Title: WHID 2012-62: Double wham bam: AntiSec hacks, dumps CA & NY law enforcement emails WHID ID: 2012-62 Date Occurred: 1/3/2012 Attack Method: Unknown Application Weakness: Unknown Outcome: Leakage of Information Attacked Entity Field: Law Enforcement Attacked Entity Geography: New York Incident Description: Almost like an echo from retired hackers, those from the 90s who long ago faded into the ether, the motto for 2011 may have been along the lines of "hack the planet." Yet there are some who obviously learned nothing about the consequences of maintaining sloppy security in 2011. In the cyber world, 2012 was not greeted by the boom of fireworks but by a double wham bam to law enforcement in California and New York. Reference: http://blogs.computerworld.com/19507/double_wham_bam_antisec_hacks_dumps_ca_ny_law_enforcement_emails |
Entry Title: WHID 2012-61: Saudi Hackers Post Israeli Credit Card Numbers Online WHID ID: 2012-61 Date Occurred: 1/3/2012 Attack Method: Unknown Application Weakness: Unknown Outcome: Leakage of Information Attacked Entity Field: Finance Attacked Entity Geography: Israel Incident Description: A group of Saudi hackers dubbed Group-XP claimed on Monday to have posted the personal information of nearly half a million Israelis online, though credit card companies said the number of compromised records is actually much lower. Reference: http://www.pcmag.com/article2/0,2817,2398297,00.asp |
Entry Title: WHID 2012-60: Cyber attack strands ETrade customers WHID ID: 2012-60 Date Occurred: 1/5/2012 Attack Method: Denial of Service Application Weakness: Insufficient Anti-automation Outcome: Downtime Attacked Entity Field: Finance Attacked Entity Geography: Australia Incident Description: AUSTRALIA'S second-biggest online broking business, ANZ Bank's ETrade, was forced to shut down over the Christmas-New Year period by a ''malicious'' cyber attack offshore. Read more: http://www.smh.com.au/business/cyber-attack-strands-etrade-customers-20120104-1pl3x.html#ixzz1rvmJvu3b Reference: http://www.smh.com.au/business/cyber-attack-strands-etrade-customers-20120104-1pl3x.html |
Entry Title: WHID 2012-6: Radical Islamic Web Site Attacked by Hackers WHID ID: 2012-6 Date Occurred: 1/10/2012 Attack Method: Denial of Service Application Weakness: Insufficient Anti-automation Outcome: Downtime Attacked Entity Field: Media Attacked Entity Geography: Australia Incident Description: Arrahmah.com, a Web site categorized by the National Anti-Terrorism Agency and Indonesia???s largest Islamic group as promoting radical jihad and terrorism, could not be accessed on Tuesday, its editor said on Wednesday. Reference: http://www.thejakartaglobe.com/media/radical-islamic-web-site-attacked-by-hackers/490668 |
Entry Title: WHID 2012-58: 'Anonymous' declares 'Blitzkrieg' on neo-Nazis WHID ID: 2012-59 Date Occurred: 1/2/2012 Attack Method: Denial of Service Application Weakness: Insufficient Anti-automation Outcome: Downtime Attacked Entity Field: Politics Attacked Entity Geography: Frankfurt, Germany Incident Description: ???Anonymous??? hackers have declared ???Blitzkrieg??? on neo-Nazis for the New Year, disabling a number of their websites and publishing lists of extreme-right supporters. Reference: http://www.thelocal.de/society/20120102-39867.html |
Entry Title: WHID 2012-58: City of Eau Claire???s website hacked Thursday night WHID ID: 2012-58 Date Occurred: 4/5/2012 Attack Method: Unknown Application Weakness: Unknown Outcome: Downtime Attacked Entity Field: Government Attacked Entity Geography: Wisconson Incident Description: The City of Eau Claire spent time restoring its website after it was hacked Reference: http://www.weau.com/home/headlines/City_of_Eau_Claires_website_hacked_Thursday_night_146380865.html?storySection=story |
Entry Title: WHID 2012-57: Home Office Website 'Hacked By Anonymous' Over Email Snooping WHID ID: 2012-57 Date Occurred: 4/7/2012 Attack Method: Denial of Service Application Weakness: Insufficient Anti-automation Outcome: Downtime Attacked Entity Field: Government Attacked Entity Geography: United Kingdom Incident Description: The Home Office tonight acknowledged it had been the target of an online protest after its website was taken down in an apparent backlash against Government extradition and surveillance policies. Reference: http://www.huffingtonpost.co.uk/2012/04/07/home-office-website-hacked-anonymous-email-snooping_n_1410220.html?ref=uk |
Entry Title: WHID 2012-56: Anonymous hacks hundreds of Chinese government sites WHID ID: 2012-56 Date Occurred: 3/30/2012 Attack Method: Unknown Application Weakness: Unknown Outcome: Leakage of Information Attacked Entity Field: Government Attacked Entity Geography: China Incident Description: Anonymous has hacked hundreds of Chinese government websites. Some sites were just defaced, but others have had administrator accounts, phone numbers, and e-mail addresses leaked. Reference: http://www.zdnet.com/blog/security/anonymous-hacks-hundreds-of-chinese-government-sites/11303 |
Entry Title: WHID 2012-55: Denial of Service Attack Targets Epoch Times WHID ID: 2012-55 Date Occurred: 4/1/2012 Attack Method: Denial of Service Application Weakness: Insufficient Anti-automation Outcome: Downtime Attacked Entity Field: Media Attacked Entity Geography: China Incident Description: The Epoch Times was hit with a series of cyber attacks. Reference: http://www.theepochtimes.com/n2/technology/denial-of-service-attack-targets-epoch-times-213907.html |
Entry Title: WHID 2012-54: DDOS Attack WHID ID: 2012-54 Date Occurred: 3/29/2012 Attack Method: Denial of Service Application Weakness: Insufficient Anti-automation Outcome: Downtime Attacked Entity Field: Religious Attacked Entity Geography: Manassas, Virginia Incident Description: CatholicCulture.org was the victim of a distributed denial of service attack yesterday. Reference: http://www.catholicculture.org/commentary/the-city-gates.cfm?id=253 |
Entry Title: WHID 2012-53: Westchester County's website hacked WHID ID: 2012-53 Date Occurred: 3/30/2012 Attack Method: Unknown Application Weakness: Unknown Outcome: Downtime Attacked Entity Field: Government Attacked Entity Geography: Westchester, New York Incident Description: A spokesman for County Executive Rob Astorino said Friday that Westchester County???s web site had been accessed and that the intruders had left a message declaring that they had hacked the site. Reference: http://www.lohud.com/article/20120330/NEWS02/120330015/Westchester-County-s-website-hacked |
Entry Title: WHID 2012-52: Anonymous Takes Down And Defaces Chinese Government Web Sites WHID ID: 2012-52 Date Occurred: 3/30/2012 Attack Method: Unknown Application Weakness: Unknown Outcome: Downtime Attacked Entity Field: Government Attacked Entity Geography: China Incident Description: All has been relatively quiet on the Anonymous front as far as defacing Web sites are concerned. That has changed today as Anonymous China has attacked and defaced a number of Chinese government Web sites to protest the country???s censorship of the Internet. Reference: http://www.webpronews.com/anonymous-takes-down-and-defaces-chines-government-web-sites-2012-03 |
Entry Title: WHID 2012-51: FAM Website Hacked WHID ID: 2012-51 Date Occurred: 3/30/2012 Attack Method: Unknown Application Weakness: Unknown Outcome: Defacement Attacked Entity Field: Sports Attacked Entity Geography: Malaysia Incident Description: The website of the Football Association of Malaysia (FAM) was hacked by irresponsible parties. Reference: http://www.bernama.com/bernama/v6/newssport.php?id=656042 |
Entry Title: WHID 2012-50: Pak government website hacked, 'Indians' blamed WHID ID: 2012-50 Date Occurred: 3/30/2012 Attack Method: Unknown Application Weakness: Unknown Outcome: Defacement Attacked Entity Field: Government Attacked Entity Geography: Pakistan Incident Description: A section of Pakistan's Federal Tax Ombudsman (FTO) website was hacked with a media report describing this as the handiwork of 'Indians???. Reference: http://zeenews.india.com/news/south-asia/pak-government-website-hacked-indians-blamed_767145.html |
Entry Title: WHID 2012-5: Mass SQL Injection Storm Uses Search Engines And Automation WHID ID: 2012-5 Date Occurred: 1/11/2012 Attack Method: SQL Injection Application Weakness: Improper Input Handling Outcome: Planting of Malware Attacked Entity Field: Multiple Attacked Entity Geography: Multiple locations Incident Description: Security researchers monitoring mass SQL injection attacks warned the latest one may be nearing a million infected pages using a combination of automated tools with reconnaissance information gathered from search engines. This follows similar storms last year. Reference: http://www.techweekeurope.co.uk/news/mass-sql-injection-storm-uses-search-engines-and-automation-to-infect-sites-53567 |
Entry Title: WHID 2012-49: Dating Website Dedicated To US Military Personnel Hacked By LulzSec WHID ID: 2012-49 Date Occurred: 3/28/2012 Attack Method: Unknown Application Weakness: Unknown Outcome: Leakage of Information Attacked Entity Field: Entertainment Attacked Entity Geography: Scottsdale, Arizona Incident Description: LulzSec, the hacking group responsible for breaching into a series of websites during spring of the year 2011, is back, according a rumor spread all over US. Reference: http://www.techgadgetsweb.com/8364/dating-website-dedicated-military-personnel-hacked-lulzsec |
Entry Title: WHID 2012-48: Election poll shot down by DDoS-ers WHID ID: 2012-48 Date Occurred: 3/23/2012 Attack Method: Denial of Service Application Weakness: Insufficient Anti-automation Outcome: Downtime Attacked Entity Field: Government Attacked Entity Geography: China Incident Description: Two local men have been arrested after an online referendum organised by Hong Kong university to poll citizens on their choice of chief executive was disabled in an apparent denial of service attack. Reference: http://www.theregister.co.uk/2012/03/26/hong_kong_vote_hack/ |
Entry Title: WHID 2012-47: Anonymous Hackers Target Pope in Mexico WHID ID: 2012-47 Date Occurred: 3/22/2012 Attack Method: Denial of Service Application Weakness: Insufficient Anti-automation Outcome: Downtime Attacked Entity Field: Government Attacked Entity Geography: Mexico Incident Description: The infamous Anonymous hacker group is not happy about Pope Benedict XVI's arrival in Mexico. Reference: http://latino.foxnews.com/latino/news/2012/03/23/anonymous-hackers-target-pope-in-mexico/?test=latestnews |
Entry Title: WHID 2012-46: Orchard Central's website gets hacked WHID ID: 2012-46 Date Occurred: 3/22/2012 Attack Method: Unknown Application Weakness: Unknown Outcome: Defacement Attacked Entity Field: Retail Attacked Entity Geography: Singapore Incident Description: Orchard Central's website fell victim to hackers, who replaced a thumbnail photo on the page with that depicting a sexual act and put up racist content. Reference: http://www.digitalone.com.sg/news/article/18021 |
Entry Title: WHID 2012-45: Hackers hit Australian police website, leak data WHID ID: 2012-45 Date Occurred: 3/21/2012 Attack Method: Unknown Application Weakness: Unknown Outcome: Defacement Attacked Entity Field: Law Enforcement Attacked Entity Geography: Australia Incident Description: Hackers breached an Australian police website this week, defacing the site and leaking the online data of its members. Reference: http://www.gmanetwork.com/news/story/252173/scitech/technology/hackers-hit-australian-police-website-leak-data |
Entry Title: WHID 2012-44: Anonymous Hackers Take Down PandaLabs Website WHID ID: 2012-44 Date Occurred: 3/7/2012 Attack Method: Unknown Application Weakness: Unknown Outcome: Defacement Attacked Entity Field: Technology Attacked Entity Geography: USA Incident Description: Hackers with the collective Anonymous attack the home page of Panda Security's PandaLabs in apparent retaliation for the arrests of five LulzSec members. Reference: http://www.eweek.com/c/a/Security/Anonymous-Hackers-Take-Down-PandaLabs-Website-687825/ |
Entry Title: WHID 2012-43: Lebanon Labor Ministry website hacked WHID ID: 2012-43 Date Occurred: 3/8/2012 Attack Method: Unknown Application Weakness: Unknown Outcome: Defacement Attacked Entity Field: Government Attacked Entity Geography: Lebanon Incident Description: The website of the Labor Ministry was hacked Thursday by a group calling itself "Mad Hackerz Team.??? Reference: http://www.dailystar.com.lb/News/Politics/2012/Mar-08/165981-labor-ministry-website-hacked.ashx#axzz1oah4DHvr |
Entry Title: WHID 2012-427: Iranians hacked Navy network for four months WHID ID: 2012-428 Date Occurred: 8/19/2012 Attack Method: Unknown Application Weakness: Unknown Outcome: Downtime Attacked Entity Field: Government Attacked Entity Geography: Incident Description: Iranian hackers attacked NMCI in August of 2012, using a vulnerability in a public-facing website to gain initial access to the network. Reference: http://arstechnica.com/information-technology/2014/02/iranians-hacked-navy-network-for-4-months-not-a-surprise/ |
Entry Title: WHID 2012-427: Who Hacked the Dalai Lama's Website? WHID ID: 2012-427 Date Occurred: 12/3/2012 Attack Method: Unknown Application Weakness: Unknown Outcome: Malware distribution Attacked Entity Field: Religion Attacked Entity Geography: India Incident Description: A website associated with the Dalai Lama's YouTube account has been hacked using malware. Reference: http://mashable.com/2012/12/06/dalai-lama-website-hacked/ |
Entry Title: WHID 2012-426: ITU Website Hacked WHID ID: 2012-426 Date Occurred: 12/5/2012 Attack Method: Denial of Service Application Weakness: Unknown Outcome: Service disruption Attacked Entity Field: Information Technology Attacked Entity Geography: Geneva, Switzerland Incident Description: The websites of the ITU were hit by a denial of service attack. Reference: http://www.multichannel.com/technology/itu-website-hacked/140572 |
Entry Title: WHID 2012-425: Anonymous Hackers Target Australian Right-Wing Party WHID ID: 2012-425 Date Occurred: 12/4/2012 Attack Method: Unknown Application Weakness: Unknown Outcome: Defacement Attacked Entity Field: Politics Attacked Entity Geography: Australia Incident Description: Anonymous hackers recently defaced the South Australian Web site for Australia's far-right Family First Party. Reference: http://www.esecurityplanet.com/hackers/anonymous-hackers-target-australian-right-wing-party.html |
Entry Title: WHID 2012-424: How a computer worm slithered across a huge number of Tumblr accounts WHID ID: 2012-424 Date Occurred: 12/3/2012 Attack Method: Cross-site Request Forgery (CSRF) Application Weakness: Insufficient Process Validation Outcome: Worm Attacked Entity Field: Social Attacked Entity Geography: Incident Description: A quickly spreading worm on Tumblr has caused media companies The Verge, Reuters, and a large number of other account holders to publish a post laced with racist epithets and other offensive content. Reference: http://arstechnica.com/security/2012/12/how-a-computer-worm-slithered-across-a-huge-number-of-tumblr-accounts/ |
Entry Title: WHID 2012-423: Hackers planted backdoor in Piwik's web analytics update WHID ID: 2012-423 Date Occurred: 11/28/2012 Attack Method: Unknown Application Weakness: Unknown Outcome: Planting of Malware Attacked Entity Field: Technology Attacked Entity Geography: Incident Description: Widely-used open source web analytics platform Piwik has confirmed that hackers on Monday breached its piwik.org webserver and planted malicious code in the ZIP file containing its current software update. Reference: http://www.cso.com.au/article/443069/hackers_planted_backdoor_piwik_web_analytics_update/ |
Entry Title: WHID 2012-422: Hackers steal $150K from Wis. school district WHID ID: 2012-422 Date Occurred: 11/28/2012 Attack Method: Stolen Credentials Application Weakness: Insufficient Authentication Outcome: Monetary Loss Attacked Entity Field: Finance Attacked Entity Geography: Incident Description: A school district in western Wisconsin says hackers have stolen nearly $150,000 after breaking into its payroll system. Reference: http://www.kare11.com/news/article/999866/396/Hackers-steal-150K-from-Wis-school-district |
Entry Title: WHID 2012-421: Google And Apple Sites Downed In Massive Pakistani DNS Hack WHID ID: 2012-421 Date Occurred: 11/26/2012 Attack Method: DNS Hijacking Application Weakness: Insufficient Process Validation Outcome: Defacement Attacked Entity Field: Search Engine Attacked Entity Geography: Incident Description: Hackers in Pakistan have reportedly hacked the organisation managing domain name servers to redirect users to their own site, disrupting access to major services such as Gmail and eBay. Reference: http://www.techweekeurope.co.uk/news/google-apple-dns-hack-defacement-100248 |
Entry Title: WHID 2012-420: Bank told to pay 42 thousand to man whose account was hacked WHID ID: 2012-420 Date Occurred: 11/25/2012 Attack Method: Stolen Credentials Application Weakness: Insufficient Authentication Outcome: Monetary Loss Attacked Entity Field: Finance Attacked Entity Geography: Incident Description: Protecting the rights of those who use internet banking, a state commission upheld a district forum order and directed a bank to compensate a Navi Mumbai doctor Rs 42,000 after his account was hacked and the money withdrawn. Reference: http://articles.timesofindia.indiatimes.com/2012-11-25/mumbai/35347098_1_bank-account-holder-rbi-guidelines |
Entry Title: WHID 2012-42: Vatican Website Hacked WHID ID: 2012-42 Date Occurred: 3/7/2012 Attack Method: Denial of Service Application Weakness: Insufficient Anti-automation Outcome: Downtime Attacked Entity Field: Religious Attacked Entity Geography: Vatican City, Italy Incident Description: Computers weren't working right at the Vatican on Wednesday. The loosely-affiliated international group of hackers known as Anonymous claimed it shut down the Catholic Church's official website, vatican.va. Reference: http://kdrv.com/news/local/240926 |
Entry Title: WHID 2012-419: Las Vegas Sun, sister websites recover from disruptive cyberattack WHID ID: 2012-419 Date Occurred: 11/24/2012 Attack Method: Denial of Service Application Weakness: Insufficient Anti-automation Outcome: Downtime Attacked Entity Field: Media Attacked Entity Geography: Incident Description: Four Greenspun Media Group websites -- lasvegassun.com, lasvegasweekly.com, vegasinc.com and vegasdeluxe.com -- were temporarily disabled or compromised for several hours Friday night into Saturday morning, the results of a cyberattack that effectively overwhelmed servers that maintain the online media sites. Reference: http://www.lasvegassun.com/news/2012/nov/24/attack-disrupts-las-vegas-sun-website-work-under-w/ |
Entry Title: WHID 2012-418: Google Pakistan website hacked WHID ID: 2012-418 Date Occurred: 11/24/2012 Attack Method: Unknown Application Weakness: Unknown Outcome: Defacement Attacked Entity Field: Search Engine Attacked Entity Geography: Incident Description: The Google Pakistan homepage has been apparently hacked by Turkish hackers. If you go to google.com.pk, you will find a black page with something written in Turkish. Reference: http://ibnlive.in.com/news/google-pakistan-website-hacked/307189-11.html |
Entry Title: WHID 2012-417: Yahoo Email-Stealing Exploit Fetches $700 WHID ID: 2012-417 Date Occurred: 11/23/2012 Attack Method: Cross-site Scripting (XSS) Application Weakness: Improper Output Handling Outcome: Session Hijacking Attacked Entity Field: Hosting Providers Attacked Entity Geography: Incident Description: A zero-day vulnerability in yahoo.com that lets attackers hijack Yahoo! email accounts and redirect users to malicious Web sites offers a fascinating glimpse into the underground market for large-scale exploits. The exploit, being sold for $700 by an Egyptian hacker on an exclusive cybercrime forum, targets a ???cross-site scripting??? (XSS) weakness in yahoo.com that lets attackers steal cookies from Yahoo! Webmail users. Reference: http://krebsonsecurity.com/2012/11/yahoo-email-stealing-exploit-fetches-700/ |
Entry Title: WHID 2012-416: Hacked Go Daddy sites infecting users with ransomware WHID ID: 2012-416 Date Occurred: 11/23/2012 Attack Method: DNS Hijacking Application Weakness: Insufficient Process Validation Outcome: Planting of Malware Attacked Entity Field: Hosting Providers Attacked Entity Geography: Incident Description: Users are getting infected with ransomware thanks to criminals managing to hack the DNS records of Go Daddy hosted websites. Reference: http://nakedsecurity.sophos.com/2012/11/23/hacked-go-daddy-ransomware/ |
Entry Title: WHID 2012-415: Top Israeli Official???s Facebook, Twitter Accounts Hacked WHID ID: 2012-415 Date Occurred: 11/21/2012 Attack Method: Unknown Application Weakness: Unknown Outcome: Disinformation Attacked Entity Field: Social Attacked Entity Geography: Incident Description: A group of pro-Palestinian hackers apparently managed to break into the social networking accounts of Israeli Deputy Prime Minister Silvan Shalom and has promised to release a drove of the top official???s private emails. Reference: http://abcnews.go.com/blogs/headlines/2012/11/top-israeli-officials-facebook-twitter-accounts-hacked/ |
Entry Title: WHID 2012-414: Website hacked changing online prices to 1p WHID ID: 2012-414 Date Occurred: 11/21/2012 Attack Method: Unknown Application Weakness: Unknown Outcome: Monetary Loss Attacked Entity Field: Retail Attacked Entity Geography: United Kingdom Incident Description: Hackers tried to steal thousands of pounds of goods from two Lancashire business. The two businesses discovered hackers had changed the online value of their goods to 1p before trying to buy the items ??? which included ??2000 of furniture - with a stolen credit card Reference: http://www.itv.com/news/granada/update/2012-11-21/website-hacked-changing-online-prices-to-1p/ |
Entry Title: WHID 2012-413: Exploitable SQLi on Ebay.com WHID ID: 2012-413 Date Occurred: 11/18/2012 Attack Method: SQL Injection Application Weakness: Improper Input Handling Outcome: Leakage of Information Attacked Entity Field: Retail Attacked Entity Geography: Incident Description: During some hunting on Ebay???s subdomains I found an exploitable SQL injection which I reported to Ebay???s security team. It took 20 days until they finally fixed the exploitable SQL injection. Reference: http://blog.majorsecurity.net/2012/11/18/exploitable-sqli-on-ebay-dot-com-analysis/ |
Entry Title: WHID 2012-412: Almost 30,000 Georgia Nationwide Insurance Customers Hacked WHID ID: 2012-412 Date Occurred: 11/20/2012 Attack Method: Unknown Application Weakness: Unknown Outcome: Leakage of Information Attacked Entity Field: Government Attacked Entity Geography: Incident Description: Insurance Commissioner Ralph Hudgens issued the following statement today concerning the unauthorized access of Nationwide Insurance???s website Reference: http://www.wctv.tv/home/headlines/Almost-30000-Georgia-Nationwide-Insurance-Customers-Hacked-180076711.html |
Entry Title: WHID 2012-411: Active XSS flaw discovered on eBay WHID ID: 2012-411 Date Occurred: 11/16/2012 Attack Method: Cross-site Scripting (XSS) Application Weakness: Improper Output Handling Outcome: Session Hijacking Attacked Entity Field: Retail Attacked Entity Geography: Incident Description: According to XSSed, Shubham Upadhyay has discovered an active XSS flaw affecting Ebay.com. Reference: http://www.zdnet.com/active-xss-flaw-discovered-on-ebay-7000007539/ |
Entry Title: WHID 2012-410: Anonymous takes on Israeli websites, wipes Jerusalem bank WHID ID: 2012-410 Date Occurred: 11/16/2012 Attack Method: Unknown Application Weakness: Unknown Outcome: Defacement Attacked Entity Field: Finance Attacked Entity Geography: Incident Description: Hacking collective Anonymous has gone on a hacking spree in protest over attacks on Gaza. Reference: http://www.zdnet.com/anonymous-takes-on-israeli-websites-wipes-jerusalem-bank-7000007537/ |
Entry Title: WHID 2012-41: Anonymous Hackers Attack Christian Websites, Declare 'Religion Sucks LOL' WHID ID: 2012-41 Date Occurred: 3/2/2012 Attack Method: Unknown Application Weakness: Unknown Outcome: Downtime Attacked Entity Field: Religious Attacked Entity Geography: Charlotte, North Carolina Incident Description: Calling it a "sickness to this world," members of the formless 'hacktivist' group of computer programmers known as Anonymous declared war on religion on Friday, March 2, hacking the websites of three Christian organizations all based in and around Charlotte, North Carolina. Reference: http://www.ibtimes.com/articles/308264/20120302/anonymous-hackers-religion-website-proxy-twitter.htm |
Entry Title: WHID 2012-409: New Zealand Herald falls victim to XSS prank WHID ID: 2012-409 Date Occurred: 11/15/2012 Attack Method: Cross-site Scripting (XSS) Application Weakness: Improper Output Handling Outcome: Defacement Attacked Entity Field: Media Attacked Entity Geography: Incident Description: The hack caused the site's text to be reversed and photos and graphics to rotate clockwise Reference: http://www.csoonline.com/article/721785/new-zealand-herald-falls-victim-to-xss-prank |
Entry Title: WHID 2012-408: Adobe Servers Compromised, 150,000 Records Leaked WHID ID: 2012-408 Date Occurred: 11/15/2012 Attack Method: SQL Injection Application Weakness: Improper Input Handling Outcome: Leakage of Information Attacked Entity Field: Technology Attacked Entity Geography: Incident Description: Adobe is the latest to have their databases compromised as an Egyptian hacker has posted links to records of employees from Adobe as well as NASA and the US Military. The hacker, who goes by the name ???Hima,??? said he had hacked into Adobe???s server to gather these records before posting them on Pastebin. All told, Hima claims to have obtained the records for 150,000 Adobe clients and employees redOrbit (http://s.tt/1tAg4) Reference: http://www.redorbit.com/news/technology/1112732564/adobe-user-records-hacked-hima-111512/ |
Entry Title: WHID 2012-407: DDoS Takes Down The Pirate Bay, isoHunt and Others WHID ID: 2012-407 Date Occurred: 11/13/2012 Attack Method: Denial of Service Application Weakness: Insufficient Anti-automation Outcome: Downtime Attacked Entity Field: Torrent Site Attacked Entity Geography: Incident Description: The Pirate Bay is suffering some downtime this morning due to a DDoS attack that appears to originate from a Twitter user who goes by the handle Zeiko Anonymous. The connection flood targeted at the site originates from a small botnet and isn???t worrying The Pirate Bay team too much. Instead, the BitTorrent site is taking this opportunity to do some database maintenance. Reference: http://torrentfreak.com/ddos-takes-down-the-pirate-bay-121113/ |
Entry Title: WHID 2012-406: Hacker Darwinare Claims Breach of Amazon UK WHID ID: 2012-406 Date Occurred: 11/12/2012 Attack Method: SQL Injection Application Weakness: Improper Input Handling Outcome: Leakage of Information Attacked Entity Field: Retail Attacked Entity Geography: Incident Description: The hacker published more than 600 users' details online, including some passwords in clear text. Reference: http://www.esecurityplanet.com/hackers/hacker-darwinare-claims-breach-of-amazon-uk.html |
Entry Title: WHID 2012-405: Hackers add hidden pages to government sites WHID ID: 2012-405 Date Occurred: 11/13/2012 Attack Method: Unknown Application Weakness: Unknown Outcome: Defacement Attacked Entity Field: Government Attacked Entity Geography: Incident Description: Hackers gained access to several government websites Tuesday, November 13, but not in any way average users would notice. Reference: http://www.rappler.com/life-and-style/technology/16053-hackers-add-hidden-pages-to-government-sites |
Entry Title: WHID 2012-404: NullCrew Hackers Hit UNESCO Web Site WHID ID: 2012-404 Date Occurred: 11/8/2012 Attack Method: Unknown Application Weakness: Unknown Outcome: Defacement Attacked Entity Field: Government Attacked Entity Geography: Incident Description: The hackers defaced the page with a statement calling the United Nations 'just a bunch of corrupt nations.' Reference: http://www.esecurityplanet.com/hackers/nullcrew-hackers-hit-unesco-web-site.html |
Entry Title: WHID 2012-403: Pizza Hut hacked, customer info lost, credit card details safe WHID ID: 2012-403 Date Occurred: 11/7/2012 Attack Method: SQL Injection Application Weakness: Improper Input Handling Outcome: Leakage of Information Attacked Entity Field: Retail Attacked Entity Geography: Incident Description: The company denies that 240,000 customer credit card details were stolen, but hackers did gain access to customer information. Reference: http://www.zdnet.com/au/pizza-hut-hacked-customer-info-lost-credit-card-details-safe-7000007016/ |
Entry Title: WHID 2012-402: NullCrew hacks MoD ??? leaks thousands of plaintext credentials WHID ID: 2012-402 Date Occurred: 11/6/2012 Attack Method: SQL Injection Application Weakness: Improper Input Handling Outcome: Leakage of Information Attacked Entity Field: Government Attacked Entity Geography: Incident Description: NullCrew remembered the 5th of November by breaking into mod.co.uk and stealing and dumping more than 3400 email addresses and passwords. While the date of the breach cannot be verified, it does look as if it happened on the Guy Fawkes anniversary Reference: http://www.infosecurity-magazine.com/view/29161/nullcrew-hacks-mod-leaks-thousands-of-plaintext-credentials/ |
Entry Title: WHID 2012-401: Hackers claim attacks against ImageShack, Symantec, PayPal, other websites WHID ID: 2012-401 Date Occurred: 11/5/2012 Attack Method: SQL Injection Application Weakness: Improper Input Handling Outcome: Leakage of Information Attacked Entity Field: Technology Attacked Entity Geography: Incident Description: Different hacker groups claim to have breached servers belonging to ImageShack, Symantec, PayPal and other organizations. Reference: http://www.computerworld.com/s/article/9233262/Hackers_claim_attacks_against_ImageShack_Symantec_PayPal_other_websites?taxonomyId=142 |
Entry Title: WHID 2012-400: Hackers Replace NBC Sites With Sm??rg??sbord of Hacker Cliches WHID ID: 2012-400 Date Occurred: 11/4/2012 Attack Method: Unknown Application Weakness: Unknown Outcome: Defacement Attacked Entity Field: Media Attacked Entity Geography: Incident Description: hose in search of SNL and 30 Rock clips over at NBC???s videos page have been met with something quite different: a hacked page of weirdness with a surprisingly catchy soundtrack. It???s most prominent website hack we???ve seen in a while, and also one of the least coherent. Reference: http://www.gizmodo.co.uk/2012/11/hackers-replace-nbc-sites-with-smorgasbord-of-hacker-cliches/ |
Entry Title: WHID 2012-40: Interpol website hacked after arrest of 25 suspected Anonymous members WHID ID: 2012-40 Date Occurred: 2/28/2012 Attack Method: Denial of Service Application Weakness: Insufficient Anti-automation Outcome: Downtime Attacked Entity Field: Law Enforcement Attacked Entity Geography: Global Incident Description: Interpol's website appears to have been the target of a cyber attack following the arrests of 25 members of the hacking activist group Anonymous. Reference: http://www.thejournal.ie/interpol-website-hacked-after-arrest-of-25-suspected-anonymous-members-369043-Feb2012/ |
Entry Title: WHID 2012-4: Hacker Group Anonymous Takes Down Over 40 Child Porn Sites WHID ID: 2012-4 Date Occurred: 1/10/2012 Attack Method: Unknown Application Weakness: Unknown Outcome: Downtime Attacked Entity Field: Hosting Provider Attacked Entity Geography: South Africa Incident Description: The group of computer hackers known as Anonymous has turned its attention from corporations long enough to attack and take down over 40 child porn websites run by pedophiles. Reference: http://www.skyvalleychronicle.com/BREAKING-NEWS/HACKER-GROUP-ANONYMOUS-TAKES-DOWN-OVER-40-CHILD-PORN-SITES-874450 |
Entry Title: WHID 2012-399: French Euromillions Lottery Website Hacked, Anti-Gambling Message Posted WHID ID: 2012-399 Date Occurred: 10/29/2012 Attack Method: Unknown Application Weakness: Unknown Outcome: Defacement Attacked Entity Field: Gaming Attacked Entity Geography: Incident Description: Hackers from the Moroccan Ghosts collective have breached and defaced the website of France???s renowned Euromillions lottery (euromillions.fr). Reference: http://news.softpedia.com/news/French-Euromillions-Lottery-Website-Hacked-Anti-Gambling-Message-Posted-302742.shtml |
Entry Title: WHID 2012-398: Ford Website Hacked by NullCrew, User Credentials Leaked Online WHID ID: 2012-398 Date Occurred: 10/29/2012 Attack Method: SQL Injection Application Weakness: Improper Input Handling Outcome: Leakage of Information Attacked Entity Field: Automotive Attacked Entity Geography: Incident Description: The hackers claim to have leveraged an SQL Injection vulnerability in order to gain access to the databases behind the social.ford.com subdomain. As a result of the breach, database and table names, customer usernames ??? represented by email addresses ??? and encrypted passwords have been leaked. Reference: http://news.softpedia.com/news/Ford-Website-Hacked-by-NullCrew-User-Credentials-Leaked-Online-302688.shtml |
Entry Title: WHID 2012-397: Hacker swipes 3.6M Social Security numbers, other data WHID ID: 2012-397 Date Occurred: 10/26/2012 Attack Method: Stolen Credentials Application Weakness: Insufficient Authentication Outcome: Leakage of Information Attacked Entity Field: Government Attacked Entity Geography: Incident Description: By the time the computer crimes office of the U.S. Secret Service discovered a problem Oct. 10, a foreign hacker had taken a database from the Department of Revenue's computers exposing 3.6 million Social Security numbers and 387,000 credit and debit card numbers, one of the largest computer breaches in the state or nation. Reference: http://www.usatoday.com/story/news/nation/2012/10/26/hacker-south-caroling-social-security-numbers/1660929/ |
Entry Title: WHID 2012-396: Ally Financial Latest U.S Bank to Face Cyber Attacks WHID ID: 2012-396 Date Occurred: 10/18/2012 Attack Method: Denial of Service Application Weakness: Insufficient Anti-automation Outcome: Downtime Attacked Entity Field: Finance Attacked Entity Geography: Incident Description: Ally Financial Inc on Thursday became the latest U.S. financial institution to face cyber attacks that may stem from hackers in Iran. Reference: http://www.banktech.com/risk-management/ally-financial-latest-us-bank-to-face-cy/240009394 |
Entry Title: WHID 2012-395: National Weather Service website hacked WHID ID: 2012-395 Date Occurred: 10/19/2012 Attack Method: Local File Inclusion (LFI) Application Weakness: Improper Input Handling Outcome: Leakage of Information Attacked Entity Field: Government Attacked Entity Geography: Incident Description: Hackers have breached servers belonging to the US National Weather Service by exploiting a vulnerability in the weather.gov website, releasing sensitive data from the government systems. Reference: http://nakedsecurity.sophos.com/2012/10/19/national-weather-service-website-hacked-by-kosovo-hackers-security/ |
Entry Title: WHID 2012-394: 'Major interruption' at GitHub as attackers launch DDoS WHID ID: 2012-394 Date Occurred: 10/19/2012 Attack Method: Denial of Service Application Weakness: Insufficient Anti-automation Outcome: Downtime Attacked Entity Field: Technology Attacked Entity Geography: Incident Description: GitHub has been targeted by another DDoS attack that has been successful in causing major disruptions for the code sharing site. Reference: http://www.zdnet.com/major-interruption-at-github-as-attackers-launch-ddos-7000006030/ |
Entry Title: WHID 2012-393: HSBC websites fell in DDoS attack last night, bank admits WHID ID: 2012-393 Date Occurred: 10/19/2012 Attack Method: Denial of Service Application Weakness: Insufficient Anti-automation Outcome: Downtime Attacked Entity Field: Finance Attacked Entity Geography: Incident Description: HSBC has blamed a denial of service attack for the downtime of many of its websites worldwide on Thursday night. Reference: http://www.theregister.co.uk/2012/10/19/hsbc_ddos/ |
Entry Title: WHID 2012-392: BB&T Site Outages Linked to DDoS WHID ID: 2012-392 Date Occurred: 10/17/2012 Attack Method: Denial of Service Application Weakness: Insufficient Anti-automation Outcome: Downtime Attacked Entity Field: Finance Attacked Entity Geography: Incident Description: BB&T Corp., a Winston-Salem, N.C.-based bank, acknowledged Oct. 17 that its website was suffering from intermittent outages related to a distributed denial of service attack. The $178.5 billion institution is the ninth U.S. bank to be affected by a DDoS strike in the last five weeks. Reference: http://www.bankinfosecurity.com/bbt-site-outages-linked-to-ddos-a-5208 |
Entry Title: WHID 2012-391: Hackers target Fairfax holiday site Stayz, altering bank details on listings WHID ID: 2012-391 Date Occurred: 10/15/2012 Attack Method: Stolen Credentials Application Weakness: Insufficient Authentication Outcome: Monetary Loss Attacked Entity Field: Travel Attacked Entity Geography: Incident Description: CYBER criminals tried to swindle unsuspecting holidaymakers out of their money by altering the details of listings on Fairfax's holiday rental website, Stayz.com.au. Reference: http://www.theaustralian.com.au/travel/news/hackers-target-fairfax-holiday-site-stayz-altering-bank-details-on-listings/story-e6frg8ro-1226496595089 |
Entry Title: WHID 2012-390: Burlington city bank account hacked, $400k stolen WHID ID: 2012-390 Date Occurred: 10/12/2012 Attack Method: Banking Trojan Application Weakness: Insufficient Process Validation Outcome: Monetary Loss Attacked Entity Field: Finance Attacked Entity Geography: Incident Description: The city of Burlington is warning its employees to check their bank accounts after finding out funds have been stolen Reference: http://www.komonews.com/news/local/Burlington-city-bank-account-hacked-173966921.html |
Entry Title: WHID 2012-39: Roland's 'Backstage' website hacked WHID ID: 2012-39 Date Occurred: 2/27/2012 Attack Method: Unknown Application Weakness: Unknown Outcome: Leakage of Information Attacked Entity Field: Music Attacked Entity Geography: United States Incident Description: Roland Corporation's United States arm has confirmed that its Backstage website has been hacked, exposing the personal data of customers. Reference: http://www.itnews.com.au/News/291778,rolands-backstage-website-hacked.aspx |
Entry Title: WHID 2012-389: Facebook (FB) Said to Be Having Technical Issues in Europe Due to Hack WHID ID: 2012-389 Date Occurred: 10/11/2012 Attack Method: Cross-site Request Forgery (CSRF) Application Weakness: Insufficient Process Validation Outcome: Worm Attacked Entity Field: Social Attacked Entity Geography: Incident Description: A member of the Anonymous was said to take responsibility for the issues. The member used a for of cross-site request forgery, posting this: "Cross-site Request Forgery (CSRF) is a type of attack whereby unauthorized commands are transmitted from a user that the application trusts. Reference: http://www.streetinsider.com/Insiders+Blog/Facebook+(FB)+Said+to+Be+Having+Technical+Issues+in+Europe+Due+to+Hack/7788607.html |
Entry Title: WHID 2012-388: Regions Bank Confirms Online Outage WHID ID: 2012-388 Date Occurred: 10/11/2012 Attack Method: Denial of Service Application Weakness: Insufficient Anti-automation Outcome: Downtime Attacked Entity Field: Finance Attacked Entity Geography: Incident Description: Regions Financial Corp. on Oct. 11 confirmed its online banking and corporate websites were suffering intermittent outages related to an Internet service disruption. Reference: http://www.bankinfosecurity.com/regions-bank-confirms-online-outage-a-5189 |
Entry Title: WHID 2012-387: Hackers Target PlaySpan's Real World Marketplace WHID ID: 2012-387 Date Occurred: 10/11/2012 Attack Method: SQL Injection Application Weakness: Improper Input Handling Outcome: Leakage of Information Attacked Entity Field: Gaming Attacked Entity Geography: Incident Description: The PlaySpan hackers released details for two million accounts online Reference: http://www.escapistmagazine.com/news/view/120062-Hackers-Target-PlaySpans-Real-World-Marketplace |
Entry Title: WHID 2012-386: SunTrust Is Latest Attack Victim WHID ID: 2012-386 Date Occurred: 10/10/2012 Attack Method: Denial of Service Application Weakness: Insufficient Anti-automation Outcome: Downtime Attacked Entity Field: Finance Attacked Entity Geography: Incident Description: SunTrust Banks became the seventh U.S. financial institution apparently hit by a distributed denial of service attack orchestrated by the hacktivist group Izz ad-Din al-Qassam. Reference: http://www.bankinfosecurity.com/suntrust-latest-attack-victim-a-5184 |
Entry Title: WHID 2012-385: Capital One Latest Victim in Ongoing Cyber Attack WHID ID: 2012-385 Date Occurred: 10/9/2012 Attack Method: Denial of Service Application Weakness: Insufficient Anti-automation Outcome: Downtime Attacked Entity Field: Finance Attacked Entity Geography: Incident Description: ???I can confirm that Capital One is experiencing online systems issues due to a denial of service attack,??? a spokesperson from the bank told FOX Business. Read more: http://www.foxbusiness.com/technology/2012/10/09/capitol-one-confirms-cyber-attack/#ixzz2CoV3KILM Reference: http://www.foxbusiness.com/technology/2012/10/09/capitol-one-confirms-cyber-attack/ |
Entry Title: WHID 2012-384: Hackers hit Philippine govt sites again WHID ID: 2012-384 Date Occurred: 10/8/2012 Attack Method: Unknown Application Weakness: Unknown Outcome: Defacement Attacked Entity Field: Government Attacked Entity Geography: Incident Description: The government Web sites were defaced by three separate hacker groups, which were protesting against the country's cybercrime law among other reasons. Reference: http://www.zdnet.com/ph/hackers-hit-philippine-govt-sites-again-7000005364/ |
Entry Title: WHID 2012-383: Wagamama Hacked WHID ID: 2012-383 Date Occurred: 10/2/2012 Attack Method: Unknown Application Weakness: Unknown Outcome: Planting of Malware Attacked Entity Field: Retail Attacked Entity Geography: Incident Description: Visitors were redirected to sites infected with the Blackhole exploit kit. Reference: http://www.esecurityplanet.com/hackers/wagamama-hacked.html |
Entry Title: WHID 2012-382: GhostShell university hack: By the numbers WHID ID: 2012-382 Date Occurred: 10/2/2012 Attack Method: SQL Injection Application Weakness: Improper Input Handling Outcome: Leakage of Information Attacked Entity Field: Education Attacked Entity Geography: Incident Description: hacktivist group GhostShell claimed to have breached 100 top university servers, releasing 120,000 records. But how much information was sensitive? Reference: http://www.zdnet.com/ghostshell-university-hack-by-the-numbers-7000005194/ |
Entry Title: WHID 2012-381: Cybercriminals Hijack 4.5 Million ADLS Modems in Brazil to Serve Malware WHID ID: 2012-381 Date Occurred: 10/1/2012 Attack Method: Cross-site Request Forgery (CSRF) Application Weakness: Insufficient Process Validation Outcome: DNS Redirection Attacked Entity Field: Technology Attacked Entity Geography: Incident Description: The security hole allows an attacker to perform a cross-site request forgery (CSRF) in the administration panel of the device to capture the access password. Once they obtained the password, the crooks altered the modem???s DNS settings to make sure that when users wanted to visit certain websites, they would be served malicious files Reference: http://news.softpedia.com/news/Cybercriminals-Hijack-4-5-Million-ADLS-Modems-in-Brazil-to-Serve-Malware-295845.shtml |
Entry Title: WHID 2012-380: Cyber attack takes down PNC website for second day WHID ID: 2012-380 Date Occurred: 9/28/2012 Attack Method: Denial of Service Application Weakness: Insufficient Anti-automation Outcome: Downtime Attacked Entity Field: Finance Attacked Entity Geography: Incident Description: For the second consecutive day, the Pittsburgh-based bank's website fell victim to a denial-of-service attack, in which a person or group directs a flood of traffic to a website, overwhelming the system and preventing customers from gaining access. Reference: http://www.equities.com/news/headline-story?dt=2012-09-27&val=533911&cat=finance |
Entry Title: WHID 2012-38: Lynas Corp website hacked WHID ID: 2012-38 Date Occurred: 2/26/2012 Attack Method: Denial of Service Application Weakness: Insufficient Anti-automation Outcome: Downtime Attacked Entity Field: Retail Attacked Entity Geography: Australia Incident Description: In a show of opposition to a near-complete rare earths processing plant in Malaysia, the website of Australian miner Lynas Corporation has been hacked. Reference: http://www.freemalaysiatoday.com/2012/02/27/lynas-corp-website-hacked/ |
Entry Title: WHID 2012-379: Wells Fargo becomes latest bank to be hacked by cyber gang seeking revenge for anti-Islam film Read more: http://www.dailymail.co.uk/news/article-2209403/Wells-Fargo-reveal-website-hacked-cyber-gang-seeking-revenge-anti-Islam-film.html#ixzz2CoFkyink Follow us: @MailOnline on Twitter | DailyMail on Facebook WHID ID: 2012-379 Date Occurred: 9/27/2012 Attack Method: Denial of Service Application Weakness: Insufficient Anti-automation Outcome: Downtime Attacked Entity Field: Finance Attacked Entity Geography: Incident Description: Wells Fargo has become the latest bank to be targeted by a cyber gang seeking revenge for the anti-Islam film Innocence of Muslims Reference: http://www.dailymail.co.uk/news/article-2209403/Wells-Fargo-reveal-website-hacked-cyber-gang-seeking-revenge-anti-Islam-film.html?ito=feeds-newsxml |
Entry Title: WHID 2012-378: Thieves use DDoS to distract banks during cyber heists WHID ID: 2012-378 Date Occurred: 9/25/2012 Attack Method: Banking Trojan Application Weakness: Insufficient Process Validation Outcome: Monetary Loss Attacked Entity Field: Finance Attacked Entity Geography: Incident Description: A DDoS attack on a bank???s website could very well be a precursor to a wire transfer raid. Reference: http://www.cso.com.au/article/437372/thieves_use_ddos_distract_banks_during_cyber_heists/#closeme |
Entry Title: WHID 2012-377: Hackers deface old UTS system, dump user database WHID ID: 2012-377 Date Occurred: 9/24/2012 Attack Method: SQL Injection Application Weakness: Improper Input Handling Outcome: Leakage of Information Attacked Entity Field: Education Attacked Entity Geography: Incident Description: Hackers broke into a subdomain used by the University of Technology, Sydney, over the weekend, and dumped the contents of a database from an old content management system. Reference: http://www.zdnet.com/au/hackers-deface-old-uts-system-dump-user-database-7000004694/ |
Entry Title: WHID 2012-376: American Chamber of Commerce in France Hacked WHID ID: 2012-376 Date Occurred: 9/21/2012 Attack Method: SQL Injection Application Weakness: Improper Input Handling Outcome: Leakage of Information Attacked Entity Field: Government Attacked Entity Geography: Incident Description: The hackers say they published e-mail addresses and passwords only after their warnings about a SQL injection error were ignored. Reference: http://www.esecurityplanet.com/hackers/american-chamber-of-commerce-in-france-hacked.html |
Entry Title: WHID 2012-375: Hackers Get Personal Data From Navy Website WHID ID: 2012-375 Date Occurred: 9/21/2012 Attack Method: Unknown Application Weakness: Unknown Outcome: Leakage of Information Attacked Entity Field: Government Attacked Entity Geography: Incident Description: Hackers accessed personal information of more than 200,000 service members earlier this year and posted a sampling of the data online. Reference: http://www.military.com/daily-news/2012/09/21/hackers-get-personal-data-from-navy-website.html |
Entry Title: WHID 2012-374: Japanese Web sites attacked in tense dispute with China WHID ID: 2012-374 Date Occurred: 9/20/2012 Attack Method: Denial of Service Application Weakness: Insufficient Anti-automation Outcome: Downtime Attacked Entity Field: Government Attacked Entity Geography: Incident Description: The territorial dispute between Japan and China has escalated into cyberattacks, Japan-based reports say. Reference: http://news.cnet.com/8301-1009_3-57517128-83/japanese-web-sites-attacked-in-tense-dispute-with-china/ |
Entry Title: WHID 2012-373: Virgin Mobile PIN Brute Force Attack Issue Addressed by Sprint WHID ID: 2012-373 Date Occurred: 9/20/2012 Attack Method: Brute Force Application Weakness: Insufficient Anti-automation Outcome: Leakage of Information Attacked Entity Field: Telecommunications Attacked Entity Geography: Incident Description: Sprint, the mobile carrier that owns Virgin Mobile, claims to have addressed the PIN brute force attack issue discovered by Kevin Burke. However, the expert claims that more measures should be implemented. Reference: http://news.softpedia.com/news/Virgin-Mobile-PIN-Brute-Force-Attack-Issue-Addressed-by-Sprint-293560.shtml |
Entry Title: WHID 2012-372: Chase, NYSE Websites Targeted in Cyber Attacks WHID ID: 2012-372 Date Occurred: 9/19/2012 Attack Method: Denial of Service Application Weakness: Insufficient Anti-automation Outcome: Downtime Attacked Entity Field: Finance Attacked Entity Geography: Incident Description: J.P. Morgan Chase (JPM) and NYSE Euronext (NYX) experienced website trouble Wednesday after being targeted by apparent cyber attacks. The problems come a day after Bank of America experienced prolonged issues following a separate attack. Read more: http://www.foxbusiness.com/industries/2012/09/19/chase-website-experiences-intermittent-troubles/#ixzz2CntAd4Pz Reference: http://www.foxbusiness.com/industries/2012/09/19/chase-website-experiences-intermittent-troubles/ |
Entry Title: WHID 2012-371: Bank of America Website Hacked, Islamic Cyber Terrorists Takes Credit WHID ID: 2012-371 Date Occurred: 9/18/2012 Attack Method: Denial of Service Application Weakness: Insufficient Anti-automation Outcome: Downtime Attacked Entity Field: Finance Attacked Entity Geography: Incident Description: The Bank of America website was possibly hacked with customers experiencing intermittent problems most of Tuesday, the same time an Islamic cyber-terrorist group threatened to attack the bank, New York Stock Exchange and other U.S. targets. Reference: http://www.foodworldnews.com/articles/2197/20120918/bank-of-america-website-hacked-islamic-cyber-terrorists-takes-credit.htm |
Entry Title: WHID 2012-370: Hacker Steals $140k From Lock Poker Account WHID ID: 2012-370 Date Occurred: 9/18/2012 Attack Method: Stolen Credentials Application Weakness: Insufficient Authentication Outcome: Monetary Loss Attacked Entity Field: Gaming Attacked Entity Geography: Incident Description: However, unbeknownst to MicahJ, it was in fact an .exe file possibly complete with a keylogger program which then accessed all sensitive information on his computer. Reference: http://www.onlinepoker.net/poker-news/general-poker-news/hacker-steals-140k-lock-poker-account/16705 |
Entry Title: WHID 2012-37: AFL Website Hacked WHID ID: 2012-37 Date Occurred: 2/21/2012 Attack Method: Unknown Application Weakness: Unknown Outcome: Downtime Attacked Entity Field: Sports Attacked Entity Geography: Australia Incident Description: The AFL is a little embarrassed and users surprised by a message replacing the normal screen. Reference: http://www.triplem.com.au/sydney/sport/afl/news/blog/afl-website-hacked-with-demetriou-is-eddies-bitch-message/20120221-fo0o.html |
Entry Title: WHID 2012-369: Mexico hackers hit official websites in cyber protest WHID ID: 2012-369 Date Occurred: 9/16/2012 Attack Method: Unknown Application Weakness: Unknown Outcome: Defacement Attacked Entity Field: Government Attacked Entity Geography: Incident Description: Mexican computer hackers have taken over at least ten government and other websites in a political protest marking the country's independence day. Reference: http://www.bbc.co.uk/news/world-latin-america-19618459 |
Entry Title: WHID 2012-368: GoDaddy stopped by massive DDoS attack WHID ID: 2012-368 Date Occurred: 9/10/2012 Attack Method: Denial of Service Application Weakness: Insufficient Anti-automation Outcome: Downtime Attacked Entity Field: Service Providers Attacked Entity Geography: Incident Description: A lone hacker has claimed responsibility for an ongoing denial-of-service attack that may have knocked out millions of websites hosted by world's largest domain registrar GoDaddy. Reference: http://www.theregister.co.uk/2012/09/10/godaddy_ddos_attack/ |
Entry Title: WHID 2012-367: Dominos' India website hacked, customer info leaked WHID ID: 2012-367 Date Occurred: 9/11/2012 Attack Method: SQL Injection Application Weakness: Improper Input Handling Outcome: Leakage of Information Attacked Entity Field: Retail Attacked Entity Geography: Incident Description: Domino???s India website was hacked using the SQL injection method and remote file inclusion, one of the most common methods for stealing private data from web databases. Through this, the hacker typically tricks the site???s database into revealing data that should be hidden by ???injecting??? certain commands. Reference: http://business-standard.com/india/news/dominos-india-website-hacked-customer-info-leaked/486057/ |
Entry Title: WHID 2012-366: Hacker suspected of stealing scores of court documents WHID ID: 2012-366 Date Occurred: 9/10/2012 Attack Method: Predictable Resource Location Application Weakness: Insufficient Authorization Outcome: Leakage of Information Attacked Entity Field: Government Attacked Entity Geography: Incident Description: "I accidently typed in a wrong case number and saw that I could access other cases. Some of them I just passed on to acquaintances. It's what you do today ??? like Twitter." Reference: http://www.ynetnews.com/articles/0,7340,L-4279655,00.html |
Entry Title: WHID 2012-365: Al Jazeera???s mobile news service hacked WHID ID: 2012-365 Date Occurred: 9/10/2012 Attack Method: Unknown Application Weakness: Unknown Outcome: Disinformation Attacked Entity Field: Media Attacked Entity Geography: Incident Description: Al Jazeera news network's mobile service was hacked today, as per a report by AFP. This development comes barely a week after a number of its websites were hacked by Syria???s Assad loyalists, it reported on its website al-jazeera.net. Reference: http://tech2.in.com/news/general/al-jazeeras-mobile-news-service-hacked/424632 |
Entry Title: WHID 2012-364: Thousands of 'Guild Wars 2' accounts hacked WHID ID: 2012-364 Date Occurred: 9/6/2012 Attack Method: Stolen Credentials Application Weakness: Insufficient Authentication Outcome: Account Takeover Attacked Entity Field: Gaming Attacked Entity Geography: Incident Description: ArenaNet ??? the company behind the massively multiplayer online game ??? has told players that hackers are actively trying to get into accounts and appear to have cracked more than 11,000 already. Reference: http://www.nbcnews.com/technology/ingame/thousands-guild-wars-2-accounts-hacked-985019 |
Entry Title: WHID 2012-363: Nova Scotia Web site clobbered by virus WHID ID: 2012-363 Date Occurred: 9/6/2012 Attack Method: Stolen Credentials Application Weakness: Improper Input Handling Outcome: Downtime Attacked Entity Field: Government Attacked Entity Geography: Incident Description: A SQL injection attack took down the provincial lobbyist registry site several weeks ago. A government spokesperson says viruses sometimes slip through between software updates Reference: http://www.itworldcanada.com/news/nova-scotia-web-site-clobbered-by-virus/146080 |
Entry Title: WHID 2012-362: Hackers steal $250,000 from BitFloor exchange WHID ID: 2012-362 Date Occurred: 9/5/2012 Attack Method: Unknown Application Weakness: Unknown Outcome: Monetary Loss Attacked Entity Field: Finance Attacked Entity Geography: Incident Description: The US's biggest BitCoin trading exchange, BitFloor, has been forced to temporarily shut up shop, after a virtual heist in which the equivalent of $250,000 was stolen. Reference: http://www.tgdaily.com/business-and-law-features/65934-hackers-steal-250000-from-bitfloor-exchange |
Entry Title: WHID 2012-361: Anonymous Hackers Hit Siemens, Fujitsu WHID ID: 2012-361 Date Occurred: 9/4/2012 Attack Method: SQL Injection Application Weakness: Improper Input Handling Outcome: Leakage of Information Attacked Entity Field: Technology Attacked Entity Geography: Incident Description: "The hackers have published massive amounts of data -- including some e-mail addresses, usernames and passwords -- allegedly stolen from these Web sites," writes Softpedia's Eduard Kovacs. "Judging by the files posted on PrivatePaste, it appears that the attackers once again leveraged SQL Injection vulnerabilities to breach the sites and gain access to their databases." Reference: http://www.esecurityplanet.com/hackers/anonymous-hackers-hit-siemens-fujitsu.html |
Entry Title: WHID 2012-360: Qatar's Al Jazeera website hacked by Syria's Assad loyalists WHID ID: 2012-360 Date Occurred: 9/4/2012 Attack Method: Unknown Application Weakness: Unknown Outcome: Defacement Attacked Entity Field: Media Attacked Entity Geography: Incident Description: The website of Qatar-based satellite news network Al Jazeera was apparently hacked on Tuesday by Syrian government loyalists for what they said was the television channel's support for the "armed terrorist groups and spreading lies and fabricated news". Reference: http://www.reuters.com/article/2012/09/04/us-qatar-jazeera-hacking-idUSBRE8830ZI20120904 |
Entry Title: WHID 2012-36: Houston County website hacked, investigation ongoing WHID ID: 2012-36 Date Occurred: 2/20/2012 Attack Method: Unknown Application Weakness: Unknown Outcome: Downtime Attacked Entity Field: Government Attacked Entity Geography: Houston, TX Incident Description: Houston County???s official website is indefinitely down for maintenance after being hacked early Monday morning. Reference: http://www2.dothaneagle.com/news/2012/feb/20/houston-county-website-hacked-investigation-ongoin-ar-3266922/ |
Entry Title: WHID 2012-359: Sony Mobile's website hacked WHID ID: 2012-359 Date Occurred: 9/3/2012 Attack Method: SQL Injection Application Weakness: Improper Input Handling Outcome: Leakage of Information Attacked Entity Field: Entertainment Attacked Entity Geography: Incident Description: A group of hackers known as the Null Crew have laid claim to eight Sony servers, citing the company's notoriously 'lax security.' Reference: http://www.afterdawn.com/news/article.cfm/2012/09/03/sony_mobile_s_website_hacked |
Entry Title: WHID 2012-358: WikiLeaks supporters take down Swedish government sites with DDOS attacks WHID ID: 2012-358 Date Occurred: 9/3/2012 Attack Method: Denial of Service Application Weakness: Insufficient Anti-automation Outcome: Downtime Attacked Entity Field: Government Attacked Entity Geography: Incident Description: Multiple government and media websites in Sweden were taken down today by coordinated Distributed Denial of Service (DDoS) attacks at around 10AM local time. The Swedish Armed Forces, Sweden.se, the Swedish Institute, and the Swedish Courts websites were among those affected. At the time of writing, the first two were down while the other two were up, but that doesn???t mean much as the sites have been going in and out all day. Reference: http://thenextweb.com/insider/2012/09/03/wikileaks-supporters-take-swedish-government-sites-ddos-attacks/ |
Entry Title: WHID 2012-357: Hacker hands Barto manufacturer $190,000 loss WHID ID: 2012-357 Date Occurred: 9/3/2012 Attack Method: Banking Trojan Application Weakness: Insufficient Process Validation Outcome: Monetary Loss Attacked Entity Field: Finance Attacked Entity Geography: Incident Description: A hacker broke into a Berks County manufacturer's computer system and stole nearly $200,000, according to state police. Reference: http://readingeagle.com/article.aspx?id=412706 |
Entry Title: WHID 2012-356: Hackers deface MWSS site over high water rates WHID ID: 2012-356 Date Occurred: 9/1/2012 Attack Method: Unknown Application Weakness: Unknown Outcome: Defacement Attacked Entity Field: Government Attacked Entity Geography: Incident Description: Hackers claiming to be a Philippine chapter of the hacktivist collective Anonymous defaced the website of the Metropolitan Waterworks and Sewerage System (MWSS) over the weekend, supposedly over unjustified high charges by the agency's concessionaires. Reference: http://www.gmanetwork.com/news/story/272170/scitech/technology/hackers-deface-mwss-site-over-high-water-rates |
Entry Title: WHID 2012-355: Data stolen after Hertfordshire Constabulary website hacked WHID ID: 2012-355 Date Occurred: 9/1/2012 Attack Method: Unknown Application Weakness: Unknown Outcome: Leakage of Information Attacked Entity Field: Government Attacked Entity Geography: Incident Description: Hertfordshire Constabulary ???s website has been hacked and data from it published on internet by activists thought to be linked with WikiLeaks founder Julian Assange. Reference: http://www.times-series.co.uk/news/9905085.Data_stolen_after_Hertfordshire_Constabulary_website_hacked/ |
Entry Title: WHID 2012-354: Toyota Employee Allegedly Hacked, Stole Confidential Information WHID ID: 2012-354 Date Occurred: 8/31/2012 Attack Method: Stolen Credentials Application Weakness: Insufficient Authentication Outcome: Leakage of Information Attacked Entity Field: Automotive Attacked Entity Geography: Incident Description: Investigation is now underway into whether a computer programmer allegedly stole proprietary information from the automaker Toyota and ???sabotaged??? the company???s supplier computer network after being terminated last week. Reference: http://threatpost.com/en_us/blogs/toyota-employee-allegedly-hacked-stole-confidential-information-083112 |
Entry Title: WHID 2012-353: University IT blunder sparks hacking fears WHID ID: 2012-353 Date Occurred: 8/31/2012 Attack Method: Unknown Application Weakness: Unknown Outcome: Leakage of Information Attacked Entity Field: Education Attacked Entity Geography: Incident Description: On 24th and 29th August respectively both Cambridge University and Africa College Leeds (a research partnership affiliated to the University of Leeds working to improve food sources in sub-Saharan Africa) websites were infiltrated by hackers. Reference: http://oxfordstudent.com/2012/08/31/university-computer-systems-hacked/ |
Entry Title: WHID 2012-352: Hacker???s Overnight Attack South London Healthcare NHS Trust's Website WHID ID: 2012-352 Date Occurred: 8/30/2012 Attack Method: Unknown Application Weakness: Unknown Outcome: Defacement Attacked Entity Field: Healthcare Attacked Entity Geography: Incident Description: Arabic Service reports are confirming hacking of a London NHS trust, which was down for a night reading the message: Group HP-Hack in red letters with displayed images of the Syrian civil war. Reference: http://topnews.ae/content/212832-hacker-s-overnight-attack-south-london-healthcare-nhs-trusts-website |
Entry Title: WHID 2012-351: Hacker makes abusive bank account attack WHID ID: 2012-351 Date Occurred: 8/29/2012 Attack Method: Unknown Application Weakness: Unknown Outcome: Defacement Attacked Entity Field: Finance Attacked Entity Geography: Incident Description: "Our investigation has indicated that his account was accessed by an unknown third party. Our fraud detection systems recognised the threat, meaning that no money was able to be withdrawn. Reference: http://www.eveningtimes.co.uk/news/hacker-makes-abusive-bank-account-attack.18721478 |
Entry Title: WHID 2012-350: Guild Wars 2 Accounts Hacked WHID ID: 2012-350 Date Occurred: 8/30/2012 Attack Method: Stolen Credentials Application Weakness: Insufficient Authentication Outcome: Account Takeover Attacked Entity Field: Gaming Attacked Entity Geography: Incident Description: We're seeing an uptick in reports of account theft and attempted account theft. We believe hackers are using databases of email addresses and passwords stolen from other games and web sites, and pre-existing trojan horses, to search for matching Guild Wars 2 accounts which they attempt to compromise. To prevent this, we have temporarily disabled the 'reset password' feature, and we're working to bring email authentication online Reference: http://www.esecurityplanet.com/hackers/guild-wars-2-accounts-hacked.html |
Entry Title: WHID 2012-35: The Herald website hacked, used to propagate pornography WHID ID: 2012-35 Date Occurred: 2/15/2012 Attack Method: Unknown Application Weakness: Unknown Outcome: Spam Attacked Entity Field: Media Attacked Entity Geography: Zimbabwe Incident Description: The Herald website, www.herald.co.zw, was compromised and used to host links to pornography sites. Reference: http://www.techzim.co.zw/2012/02/the-herald-website-hacked-used-to-propagate-pornography/ |
Entry Title: WHID 2012-349: Brighton shopping centre website hacked WHID ID: 2012-349 Date Occurred: 8/30/2012 Attack Method: Unknown Application Weakness: Unknown Outcome: Spam Links Attacked Entity Field: Retail Attacked Entity Geography: Incident Description: The Churchill Square website has been displaying links to sexual enhancement drugs and hair loss treatment after being hacked. Reference: http://www.theargus.co.uk/news/9901746.Sex__drugs_and_hair_loss_links_on_hacked_Brighton_shopping_centre_website/?ref=nt |
Entry Title: WHID 2012-348: Guangdong PSB Website Hacked WHID ID: 2012-348 Date Occurred: 8/28/2012 Attack Method: Unknown Application Weakness: Unknown Outcome: Defacement Attacked Entity Field: Government Attacked Entity Geography: Incident Description: Screenshot: A message on the hacked website of the Heyuan City Public Security Department, in Guangdong Province, says ???the Chinese Communist Party deserves a terrible death.??? The website was hacked from between Aug. 22 and Aug. 27, when it was taken down and repaired. (Aboluowang.com) Reference: http://www.theepochtimes.com/n2/china-news/guangdong-psb-website-hacked-cheering-netizens-285263.html |
Entry Title: WHID 2012-347: South London Healthcare NHS Trust's website hacked WHID ID: 2012-347 Date Occurred: 8/29/2012 Attack Method: Unknown Application Weakness: Unknown Outcome: Defacement Attacked Entity Field: Healthcare Attacked Entity Geography: Incident Description: A London NHS trust had to take down its website after it was hacked. A message was written in Arabic on the South London Healthcare NHS Trust (SLHT) website on Wednesday night. Reference: http://www.bbc.co.uk/news/uk-england-london-19413427 |
Entry Title: WHID 2012-346: Amnesty International Website Hacked WHID ID: 2012-346 Date Occurred: 8/28/2012 Attack Method: Unknown Application Weakness: Unknown Outcome: Disinformation Attacked Entity Field: Blogs Attacked Entity Geography: Incident Description: Supporters of the Syrian government hacked the website of Amnesty International, posting items that falsely accused the rebels of a string of atrocities. Reference: http://www.northjersey.com/news/international/167726365_Amnesty_International_Website_Hacked.html?page=all |
Entry Title: WHID 2012-345: 1 MILLION accounts leaked in megahack on banks, websites WHID ID: 2012-345 Date Occurred: 8/28/2012 Attack Method: SQL Injection Application Weakness: Improper Input Handling Outcome: Leakage of Information Attacked Entity Field: Finance Attacked Entity Geography: Incident Description: Hacker collective Team GhostShell leaked a cache of more than one million user account records from 100 websites over the weekend. Reference: http://www.theregister.co.uk/2012/08/28/team_ghostshell_megahack/ |
Entry Title: WHID 2012-344: GOVT HACKED OFF BY WEB BUG WHID ID: 2012-344 Date Occurred: 8/23/2012 Attack Method: Unknown Application Weakness: Unknown Outcome: Defacement Attacked Entity Field: Government Attacked Entity Geography: Incident Description: Last weekend the website www.gibraltar.gov.gi was hacked, albeit for a brief time. Reference: http://www.chronicle.gi/headlines_details.php?id=25802 |
Entry Title: WHID 2012-343: MUN business school website hacked WHID ID: 2012-343 Date Occurred: 8/24/2012 Attack Method: Unknown Application Weakness: Unknown Outcome: Leakage of Information Attacked Entity Field: Education Attacked Entity Geography: Incident Description: Student records may have been among information exposed during a breach at Memorial University's business school website, according to officials. Reference: http://www.cbc.ca/news/canada/newfoundland-labrador/story/2012/08/23/nl-mun-business-website-hack-823.html |
Entry Title: WHID 2012-342: Adventists Claim Hacker Swiped Manuscripts WHID ID: 2012-342 Date Occurred: 8/22/2012 Attack Method: SQL Injection Application Weakness: Improper Input Handling Outcome: Leakage of Information Attacked Entity Field: Religion Attacked Entity Geography: Incident Description: "Significantly, the SQL injection inquiries that were contained in the web server logs match exactly the SQL inquires posted on the Hack Forums by Knudson and the others," the complaint states. "Structured Query Language," or SQL, refers to questions written in database language intended to extract the contents of the database, the Adventists say. Reference: http://www.courthousenews.com/2012/08/22/49525.htm |
Entry Title: WHID 2012-341: AMD Blog Site Hacked, Usernames, Encrypted Passwords Stolen WHID ID: 2012-341 Date Occurred: 8/20/2012 Attack Method: Unknown Application Weakness: Unknown Outcome: Leakage of Information Attacked Entity Field: Blogs Attacked Entity Geography: Incident Description: A group calling itself r00tbeer claims responsibility for the attack, which forced AMD to take the site offline and to change all the passwords. Reference: http://www.eweek.com/c/a/Security/AMD-Blog-Site-Hacked-Usernames-Passwords-Stolen-794445/ |
Entry Title: WHID 2012-34: Nonprofit reports hacker's theft from payroll system WHID ID: 2012-340 Date Occurred: 8/17/2012 Attack Method: Unknown Application Weakness: Unknown Outcome: Monetary Loss Attacked Entity Field: Government Attacked Entity Geography: Incident Description: Police Sgt. Jay Junghans said it appeared that someone had hacked into the nonprofit???s payroll system and made a fraudulent entry. Reference: http://cjonline.com/news/2012-08-17/nonprofit-reports-hackers-theft-payroll-system |
Entry Title: WHID 2012-34: Hackers Hit Anonymous's AnonyOps Website WHID ID: 2012-34 Date Occurred: 2/14/2012 Attack Method: Unknown Application Weakness: Unknown Outcome: Defacement Attacked Entity Field: Hacktivism Attacked Entity Geography: New York Incident Description: Reports have emerged that AnonyOps, a website associated with the hacktivist Anonymous collective, has been defaced by the hacker Exotz. Reference: http://www.ibtimes.co.uk/articles/298417/20120214/hackers-hit-anonymous-anonyops-website.htm |
Entry Title: WHID 2012-339: Activist website hacked, called 'dirty hippies' WHID ID: 2012-339 Date Occurred: 8/16/2012 Attack Method: Unknown Application Weakness: Unknown Outcome: Defacement Attacked Entity Field: Politics Attacked Entity Geography: Incident Description: A website curated by local activists was up and running again after being hacked by someone leaving a message about "dirty hippies," the group said in an email to supporters Thursday. Reference: http://www.utsandiego.com/news/2012/aug/16/activist-website-hacked-called-dirty-hippies/ |
Entry Title: WHID 2012-338: Ugandan Prime Minister's Website Hacked WHID ID: 2012-338 Date Occurred: 8/17/2012 Attack Method: Unknown Application Weakness: Unknown Outcome: Defacement Attacked Entity Field: Government Attacked Entity Geography: Incident Description: The Ugandan prime minister's website was attacked by hackers on Tuesday and Wednesday, a government official has confirmed to the BBC. Reference: http://reason.com/24-7/2012/08/17/ugandan-prime-ministers-website-hacked |
Entry Title: WHID 2012-337: Airport website hacked by ???neighbour??? WHID ID: 2012-337 Date Occurred: 8/17/2012 Attack Method: Unknown Application Weakness: Unknown Outcome: Defacement Attacked Entity Field: Government Attacked Entity Geography: Incident Description: The website welcomed surfers with the picture of a wrecked plane captioned that it was of a crashin Mumbai with at least 1,000 casualties. But as they scrolled down the page, it was revealed that is was a joke. Reference: http://www.dnaindia.com/mumbai/report_airport-website-hacked-by-neighbour_1728906 |
Entry Title: WHID 2012-336: Reuters website ???hacked??? for third time in month WHID ID: 2012-336 Date Occurred: 8/17/2012 Attack Method: Unknown Application Weakness: Unknown Outcome: Disinformation Attacked Entity Field: Media Attacked Entity Geography: Incident Description: UK-based news agency Reuters has fallen victim to computer hackers for the third time in a month, with an article falsely claiming that Saudi Arabia's Foreign Minister Saud al-Faisal had died. Reference: http://zeenews.india.com/news/world/reuters-website-hacked-for-third-time-in-month_794183.html |
Entry Title: WHID 2012-335: Russia Today hit by DDoS as anti-Wikileaks group claims responsibility WHID ID: 2012-335 Date Occurred: 8/17/2012 Attack Method: Denial of Service Application Weakness: Insufficient Anti-automation Outcome: Downtime Attacked Entity Field: Media Attacked Entity Geography: Incident Description: The Kremlin-funded channel, which featured Julian Assange as a talk-show host, says it has come under denial-of-service attack. Antileaks says it's responsible, but the timing could more to do with the Pussy Riot verdict than Wikileaks. Reference: http://www.zdnet.com/russia-today-hit-by-ddos-as-anti-wikileaks-group-claims-responsibility-7000002794/ |
Entry Title: WHID 2012-334: AT&T Hit by DDoS Attack, Suffers DNS Outage WHID ID: 2012-334 Date Occurred: 8/15/2012 Attack Method: Denial of Service Application Weakness: Insufficient Anti-automation Outcome: Downtime Attacked Entity Field: Service Providers Attacked Entity Geography: Incident Description: A distributed denial-of-service attack aimed at AT&T's DNS (Domain Name System) servers has disrupted data traffic for some of the company's customers. Reference: http://www.pcworld.com/article/260940/atandt_hit_by_ddos_attack_suffers_dns_outage.html |
Entry Title: WHID 2012-333: RUTracker Hacked WHID ID: 2012-333 Date Occurred: 8/15/2012 Attack Method: DNS Hijacking Application Weakness: Insufficient Authorization Outcome: Defacement Attacked Entity Field: Torrent Site Attacked Entity Geography: Incident Description: The Russian BitTorrent tracker RUTracker was recently hit by hackers. Reference: http://www.esecurityplanet.com/hackers/rutracker-hacked.html |
Entry Title: WHID 2012-332: Indian hackers break into LDA website WHID ID: 2012-332 Date Occurred: 8/15/2012 Attack Method: Unknown Application Weakness: Unknown Outcome: Defacement Attacked Entity Field: Government Attacked Entity Geography: Incident Description: A group of some Indian internet hackers ??? the Indian Tigers ??? broke into the website of the Lahore Development Authority (LDA) on Tuesday and hacked it. Reference: http://www.pakistantoday.com.pk/2012/08/15/city/lahore/indian-hackers-break-into-lda-website/ |
Entry Title: WHID 2012-331: Reuters Hacked With Fake Story About Saudi Arabia's Foreign Minister WHID ID: 2012-331 Date Occurred: 8/15/2012 Attack Method: Unknown Application Weakness: Unknown Outcome: Disinformation Attacked Entity Field: Media Attacked Entity Geography: Incident Description: The Reuters news agency says hackers have broken into one of its websites for the second time in two weeks and posted a false story saying Saudi Arabia's foreign minister had died. Reference: http://www.huffingtonpost.com/2012/08/15/reuters-hacked-saudi-arabia-syria_n_1778525.html |
Entry Title: WHID 2012-330: TMC Website Hacked, Declares Mamata a Maoist WHID ID: 2012-330 Date Occurred: 8/14/2012 Attack Method: Unknown Application Weakness: Unknown Outcome: Defacement Attacked Entity Field: Governmanet Attacked Entity Geography: India Incident Description: Trinamool Congress' website was today hacked with the hackers posting on it a quote from party chief Mamata Banerjee that she is a Maoist. Reference: http://news.outlookindia.com/items.aspx?artid=772006 |
Entry Title: WHID 2012-33: Hackers hit Israel Prime Minister Office website WHID ID: 2012-33 Date Occurred: 2/13/2012 Attack Method: Denial of Service Application Weakness: Insufficient Anti-automation Outcome: Downtime Attacked Entity Field: Government Attacked Entity Geography: Israel Incident Description: Other websites of large Israeli institutions and businesses were also attacked yesterday. Attacks could be a prelude to a further, broader attack today. Reference: http://www.haaretz.com/business/hackers-hit-israel-prime-minister-office-website-1.412769 |
Entry Title: WHID 2012-329: Bellevue Public Schools website hacked WHID ID: 2012-329 Date Occurred: 8/10/2012 Attack Method: Unknown Application Weakness: Unknown Outcome: Planting of Malware Attacked Entity Field: Education Attacked Entity Geography: Incident Description: The Bellevue Public Schools had to take down its website this week, just before school resumes on Tuesday. The website was infected with a virus on July 31 and information technology workers have been unable to ???cure??? it. Reference: http://www.omaha.com/article/20120810/NEWS/708119942/1707 |
Entry Title: WHID 2012-328: Photobucket hacked: 'Fusking' software used to gain access to private images Read more: http://www.wptv.com/dpp/news/science_tech/photobucket-hacked-fusking-software-used-to-gain-access-to-private-images#ixzz2ClvGraiL WHID ID: 2012-328 Date Occurred: 8/10/2012 Attack Method: Predictable Resource Location Application Weakness: Insufficient Authorization Outcome: Leakage of Information Attacked Entity Field: Social Attacked Entity Geography: Incident Description: While users who post unencrypted photos on Photobucket can make their albums password protected, individual photos, even in a private album, can be shared with others through a direct web link or URL. Read more: http://www.wptv.com/dpp/news/science_tech/photobucket-hacked-fusking-software-used-to-gain-access-to-private-images#ixzz2ClvRY6iA Reference: http://www.wptv.com/dpp/news/science_tech/photobucket-hacked-fusking-software-used-to-gain-access-to-private-images |
Entry Title: WHID 2012-327: Blizzard's Battle.net Servers Hacked, User Info Stolen WHID ID: 2012-327 Date Occurred: 8/10/2012 Attack Method: Unknown Application Weakness: Unknown Outcome: Leakage of Information Attacked Entity Field: Gaming Attacked Entity Geography: Incident Description: Blizzard announced on its website last night that its security team uncovered "unauthorized and illegal access" to Blizzard's internal network. Reference: http://www.pcmag.com/article2/0,2817,2408311,00.asp |
Entry Title: WHID 2012-326: Hacking group Anonymous targets ASIO, DSD websites WHID ID: 2012-326 Date Occurred: 8/11/2012 Attack Method: Denial of Service Application Weakness: Insufficient Anti-automation Outcome: Downtime Attacked Entity Field: Government Attacked Entity Geography: Incident Description: ACTIVIST group Anonymous says it has successfully knocked offline the public website of Australia's domestic spy agency, the Australian Security Intelligence Organisation (ASIO) Reference: http://www.heraldsun.com.au/technology/anonymous-targets-asio-website/story-fn7celvh-1226447969866 |
Entry Title: WHID 2012-325: Massive DDoS attack hits Chechen news agency WHID ID: 2012-325 Date Occurred: 8/10/2012 Attack Method: Denial of Service Application Weakness: Insufficient Anti-automation Outcome: Downtime Attacked Entity Field: Media Attacked Entity Geography: Incident Description: A massive distributed denial of service (DDoS) attack that peaked at 45 million packets per second (pps) has smashed into the Chechen internet news agency Kavkaz Center. Reference: http://www.scmagazine.com.au/News/311528,massive-ddos-attack-hits-chechen-news-agency.aspx |
Entry Title: WHID 2012-324: Australian Institute of Business Brokers hacked WHID ID: 2012-324 Date Occurred: 8/9/2012 Attack Method: Unknown Application Weakness: Unknown Outcome: Leakage of Information Attacked Entity Field: Finance Attacked Entity Geography: Incident Description: Hackers have broken into a website of the Australian Institute of Business Brokers and published 260 user login credentials on the internet. Reference: http://www.scmagazine.com.au/News/311387,australian-institute-of-business-brokers-hacked.aspx |
Entry Title: WHID 2012-323: Haines City government website returns after being hacked WHID ID: 2012-323 Date Occurred: 8/8/2012 Attack Method: Unknown Application Weakness: Unknown Outcome: Defacement Attacked Entity Field: Government Attacked Entity Geography: Incident Description: The city of Haines City's governmental website has returned after being down after it was hacked. Reference: http://www.baynews9.com/content/news/baynews9/news/article.html/content/news/articles/bn9/2012/8/8/haines_city_governme.html |
Entry Title: WHID 2012-322: Nepalese Government Sites Hacked, Serving Zegost Malware WHID ID: 2012-322 Date Occurred: 8/8/2012 Attack Method: Unknown Application Weakness: Unknown Outcome: Planting of Malware Attacked Entity Field: Government Attacked Entity Geography: Incident Description: Researchers have uncovered another in an ongoing series of targeted attacks against government agencies and activists, this time an attack that compromised a pair of Nepalese government web sites with code that exploits a Java vulnerability to install a backdoor on vistors' machines. Reference: http://threatpost.com/en_us/blogs/nepalese-government-sites-hacked-serving-zegost-malware-080812 |
Entry Title: WHID 2012-321: MWSS website defaced by hackers claiming 'Anonymous' link WHID ID: 2012-321 Date Occurred: 8/10/2012 Attack Method: Unknown Application Weakness: Unknown Outcome: Defacement Attacked Entity Field: Government Attacked Entity Geography: Incident Description: The website of the Metropolitan Waterworks and Sewerage System (MWSS) was defaced Thursday by hackers claiming links or solidarity with the 'Anonymous' network. Reference: http://www.gmanetwork.com/news/story/269071/scitech/technology/mwss-website-defaced-by-hackers-claiming-anonymous-link |
Entry Title: WHID 2012-320: Anonymous attacks Ukrainian government after Demonoid bust WHID ID: 2012-320 Date Occurred: 8/8/2012 Attack Method: Denial of Service Application Weakness: Insufficient Anti-automation Outcome: Downtime Attacked Entity Field: Government Attacked Entity Geography: Ukrain Incident Description: In retaliation to Demonoid's demise, Anonymous has begun its own denial of service attacks against the Ukrainian government. Reference: http://www.zdnet.com/anonymous-attacks-ukrainian-government-after-demonoid-bust-7000002348/ |
Entry Title: WHID 2012-32: Anonymous takes down Greek sites in support of Athens protests WHID ID: 2012-32 Date Occurred: 2/13/2012 Attack Method: Denial of Service Application Weakness: Insufficient Anti-automation Outcome: Downtime Attacked Entity Field: Government Attacked Entity Geography: Greece Incident Description: Hacktivist group Anonymous has claimed responsibility for a series of distributed denial of service (DDoS) attacks on Greek government sites. Reference: http://www.v3.co.uk/v3-uk/news/2152195/anonymous-takes-greek-sites-support-athens-protests |
Entry Title: WHID 2012-319: Website of Burmese Information Ministry hacked WHID ID: 2012-319 Date Occurred: 8/8/2012 Attack Method: Unknown Application Weakness: Unknown Outcome: Defacement Attacked Entity Field: Government Attacked Entity Geography: Incident Description: Hackers broke into the website of the Burmese Information Ministry on Tuesday, posting a threatening message to the Burmese government which said in part, ???Stop the killing of Muslims.??? Reference: http://www.mizzima.com/news/inside-burma/7708-website-of-burmese-information-ministry-hacked.html |
Entry Title: WHID 2012-318: UFree Network website hacked by Israeli hackers??? team WHID ID: 2012-318 Date Occurred: 8/8/2012 Attack Method: Unknown Application Weakness: Unknown Outcome: Defacement Attacked Entity Field: Politics Attacked Entity Geography: Incident Description: Mohammed Hamdan, UFree network chairman, said that UFree website was hacked by Israeli hackers??? team, which totally paralyzed the website. Reference: http://www.scoop.co.nz/stories/WO1208/S00153/ufree-network-website-hacked-by-israeli-hackers-team.htm |
Entry Title: WHID 20120-317: FX Broker Suffers DDoS Attack WHID ID: 2012-317 Date Occurred: 8/7/2012 Attack Method: Denial of Service Application Weakness: Insufficient Anti-automation Outcome: Monetary Loss Attacked Entity Field: Finance Attacked Entity Geography: Hong Kong Incident Description: Global eSolutions (Hong Kong) Limited, a provider of trade execution technology via personal computer and mobile devices, saw one of its clients, an online foreign exchange (FX) and contracts for difference (CFD) trading firm headquartered in the UK, become a target after management did not respond to a ransom demand from cybercriminals. Initially, Layer 3 and Layer 4 volumetric floods interrupted web site availability for approximately four hours. A second, more damaging Layer 7 attack occurred three weeks later, rendering the trading platform almost inaccessible to online traders. Reference: http://www.waterstechnology.com/sell-side-technology/news/2197260/hong-kong-broker-suffers-ddos-attack-turns-to-prolexic |
Entry Title: WHID 2012-316: VinaCapital Group website hacked WHID ID: 2012-316 Date Occurred: 8/7/2012 Attack Method: Unknown Application Weakness: Unknown Outcome: Defacement Attacked Entity Field: Finance Attacked Entity Geography: Incident Description: A hacker has just brought down the website of VinaCapital Group, the parent company of one of Vietnam???s largest tech investment fund. Reference: http://e27.sg/2012/08/07/vinacapital-group-website-hacked/ |
Entry Title: WHID 2012-316: Reuters hacked twice in 48 hours; pro-Syrian government stories, Tweets posted WHID ID: 2012-316 Date Occurred: 8/3/2012 Attack Method: Unknown Application Weakness: Unknown Outcome: Disinformation Attacked Entity Field: Social Attacked Entity Geography: Incident Description: The Reuters news service suffered a second successful hacker attack this weekend, just 48 hours after a computer intruder was able to post fake news stories on its web site. Reference: http://redtape.nbcnews.com/_news/2012/08/03/13106396-reuters-hacked-twice-in-48-hours-pro-syrian-government-stories-tweets-posted |
Entry Title: WHID 2012-315: How @Gizmodo Got Hacked and How You Should Defend Yourself WHID ID: 2012-315 Date Occurred: 8/4/2012 Attack Method: Brute Force Application Weakness: Insufficient Authentication Outcome: Disinformation Attacked Entity Field: Social Attacked Entity Geography: Incident Description: The weak link in the security chain turned out to be the seven digit alphanumeric password to our good buddy and former contributor Mat Honan's iCloud account. Reference: http://gizmodo.com/5931828/how-gizmodo-got-hacked-and-how-you-should-defend-yourself |
Entry Title: WHID 2012-314: Reuters News Site Hacked WHID ID: 2012-314 Date Occurred: 8/3/2012 Attack Method: Unknown Application Weakness: Unknown Outcome: Disinformation Attacked Entity Field: Media Attacked Entity Geography: Incident Description: Thomson Reuters Corp. said Friday that its blogging platform for Reuters News was hacked, resulting in multiple false posts to its website, including a fake interview with a Syrian rebel army leader. Reference: http://online.wsj.com/article/SB10000872396390443687504577567283653306226.html |
Entry Title: WHID 2012-313: Yanks, Cubs, other MLB team Facebook pages hacked WHID ID: 2012-313 Date Occurred: 8/3/2012 Attack Method: Unknown Application Weakness: Unknown Outcome: Disinformation Attacked Entity Field: Social Attacked Entity Geography: Incident Description: The Facebook pages of the New York Yankees, Chicago Cubs and several other Major League Baseball clubs have been restored after briefly being hacked. Reference: http://sports.yahoo.com/news/yanks-cubs-other-mlb-team-152805142--mlb.html |
Entry Title: WHID 2012-312: Demonoid redirecting to malware after DDoS attack WHID ID: 2012-312 Date Occurred: 8/3/2012 Attack Method: Unknown Application Weakness: Unknown Outcome: Planting of Malware Attacked Entity Field: Torrent Site Attacked Entity Geography: Incident Description: This week, though, users are reporting redirects from the Demonoid URL to an ad network, some of which are serving up a dose of malware. Reference: http://www.cnet.com.au/demonoid-redirecting-to-malware-after-ddos-attack-339340995.htm |
Entry Title: WHID 2012-311: Dropbox confirms it got hacked WHID ID: 2012-311 Date Occurred: 7/31/2012 Attack Method: Stolen Credentials Application Weakness: Insufficient Authentication Outcome: Leakage of Information Attacked Entity Field: Technology Attacked Entity Geography: Incident Description: In an explanatory blog post, Dropbox today said a stolen password was "used to access an employee Dropbox account containing a project document with user email addresses." Hackers apparently started spamming those addresses, although there???s no indication that user passwords were revealed as well. Reference: http://arstechnica.com/security/2012/07/dropbox-confirms-it-got-hacked-will-offer-two-factor-authentication/ |
Entry Title: WHID 2012-310: Daily Caller Hacked: Banner Replaced With Porn Ad WHID ID: 2012-310 Date Occurred: 7/30/2012 Attack Method: Unknown Application Weakness: Unknown Outcome: Defacement Attacked Entity Field: Politics Attacked Entity Geography: Incident Description: The Daily Caller is offering a gun as a reward for finding the person who hacked the website with porn ads. Reference: http://www.huffingtonpost.com/2012/07/30/daily-caller-hacked-porn-ads_n_1720830.html |
Entry Title: WHID 2012-31: Bursa website target of DDoS attack WHID ID: 2012-31 Date Occurred: 2/13/2012 Attack Method: Denial of Service Application Weakness: Insufficient Anti-automation Outcome: Downtime Attacked Entity Field: Finance Attacked Entity Geography: Malaysia Incident Description: Stock market operator Bursa Malaysia Bhd's website was the target of a distributed denial of service attack (DDoS), whereby the site was overloaded with excess traffic from multiple sources. Reference: http://biz.thestar.com.my/news/story.asp?file=/2012/2/14/business/20120214091735&sec=business |
Entry Title: WHID 2012-309: NewsOne website hacked for media???s ???inadequate coverage of Burma killings??? WHID ID: 2012-309 Date Occurred: 7/31/2012 Attack Method: Unknown Application Weakness: Unknown Outcome: Defacement Attacked Entity Field: Media Attacked Entity Geography: Incident Description: The website of private TV channel NewsOne was hacked in an attempt ???to open the eyes of Pakistanis as well as the media personnel??? towards the killings of Rohingya Muslims in Myanmar, reported ProPakistani on Tuesday. However, the site has been recovered now. Reference: http://tribune.com.pk/story/415403/newsone-website-hacked-for-medias-inadequate-coverage-of-burma-killings/ |
Entry Title: WHID 2012-308: Data of 8.7 million KT subscribers hacked in South Korea WHID ID: 2012-308 Date Occurred: 7/29/2012 Attack Method: Unknown Application Weakness: Unknown Outcome: Leakage of Information Attacked Entity Field: Service Providers Attacked Entity Geography: South Korea Incident Description: KT Corp., South Korea's No. 2 wireless service provider, apologized on Sunday after personal data of millions of mobile phone subscribers was hacked. Reference: http://in.reuters.com/article/2012/07/29/us-korea-hacking-idINBRE86S01Y20120729 |
Entry Title: WHID 2012-307: Demonoid hit by DDoS attack WHID ID: 2012-307 Date Occurred: 7/27/2012 Attack Method: Denial of Service Application Weakness: Insufficient Anti-automation Outcome: Downtime Attacked Entity Field: Torrent Site Attacked Entity Geography: Incident Description: Demonoid, one of the biggest torrent sites around, has been taken down by a massive Distributed Denial of Service (DDoS) attack. The website has been hit many times before, and this outage is another one that will take quite a while to resolve. Reference: http://www.zdnet.com/demonoid-hit-by-ddos-attack-7000001732/ |
Entry Title: WHID 2012-306: AAPT hacked WHID ID: 2012-306 Date Occurred: 7/26/2012 Attack Method: Unknown Application Weakness: Unknown Outcome: Leakage of Information Attacked Entity Field: Service Providers Attacked Entity Geography: Incident Description: AAPT has confirmed a breach of systems held at an external service provider that saw some of the telco's "business customer data" compromised. Reference: http://www.scmagazine.com.au/News/309922,confirmed-aapt-hacked.aspx |
Entry Title: WHID 2012-305: Union website shut by Anonymous ???hacktivist??? WHID ID: 2012-305 Date Occurred: 7/25/2012 Attack Method: Denial of Service Application Weakness: Insufficient Anti-automation Outcome: Downtime Attacked Entity Field: Politics Attacked Entity Geography: Incident Description: Last Friday, 3F???s website was shutdown after a so-called DDoS attack in which the site was flooded with traffic causing a virtual traffic jam and rendering the site inaccessible for legitimate users. Reference: http://cphpost.dk/news/national/union-website-shut-anonymous-%E2%80%98hacktivist%E2%80%99 |
Entry Title: WHID 2012-304: Zerigo falls victim to DDoS attackers WHID ID: 2012-304 Date Occurred: 7/25/2012 Attack Method: Denial of Service Application Weakness: Insufficient Anti-automation Outcome: Downtime Attacked Entity Field: Hosting Provider Attacked Entity Geography: Incident Description: Cloud services provider Zerigo has lost at least one client after its DNS servers suffered a ???sustained??? distributed denial of service (DDoS) attack. Reference: http://www.cloudpro.co.uk/cloud-essentials/general/4171/zerigo-falls-victim-ddos-attackers |
Entry Title: WHID 2012-303: Anonymous hackers cripple Australian gov't websites WHID ID: 2012-303 Date Occurred: 7/24/2012 Attack Method: Denial of Service Application Weakness: Insufficient Anti-automation Outcome: Downtime Attacked Entity Field: Government Attacked Entity Geography: Australia Incident Description: International hacking group Anonymous took at least 10 Australian government websites offline briefly Tuesday in a series of escalating attacks over proposed changes to privacy laws. Read more: http://www.foxnews.com/tech/2012/07/24/anonymous-hackers-cripple-australian-govt-websites/#ixzz2ChlstWvb Reference: http://www.foxnews.com/tech/2012/07/24/anonymous-hackers-cripple-australian-govt-websites/ |
Entry Title: WHID 2012-302: FP?? website hacked by Anonymous WHID ID: 2012-302 Date Occurred: 7/23/2012 Attack Method: Unknown Application Weakness: Unknown Outcome: Defacement Attacked Entity Field: Politics Attacked Entity Geography: Austria Incident Description: The hacker group Anonymous managed to hack the Freedom Party website and switched the usual content of the site with a protest against the EU Monitoring Project INDECT. Reference: http://austrianindependent.com/news/Politics/2012-07-23/11758/FP%D6_website_hacked_by_Anonymous. |
Entry Title: WHID 2012-301: Bokaro school website hacked WHID ID: 2012-301 Date Occurred: 7/24/2012 Attack Method: Unknown Application Weakness: Unknown Outcome: Data Loss Attacked Entity Field: Education Attacked Entity Geography: India Incident Description: The official website of Chinmaya Vidyalaya, a prominent school in the city, has been hacked recently. Reference: http://articles.timesofindia.indiatimes.com/2012-07-24/ranchi/32826694_1_website-chinmaya-vidyalaya-bokaro |
Entry Title: WHID 2012-300: Eight Million Email Addresses And Passwords Spilled From Gaming Site Gamigo Months After Hacker Breach WHID ID: 2012-300 Date Occurred: 7/23/2012 Attack Method: Unknown Application Weakness: Unknown Outcome: Leakage of Information Attacked Entity Field: Gaming Attacked Entity Geography: Incident Description: Four months after the gaming site Gamigo warned users about a hacker intrusion that accessed some portions of its users??? credentials, more than 8 million usernames, emails and and encrypted passwords from the site have been published on the Web, according to the data breach alert service PwnedList. Reference: http://www.forbes.com/sites/andygreenberg/2012/07/23/eight-million-passwords-spilled-from-gaming-site-gamigo-months-after-breach/ |
Entry Title: WHID 2012-30: Hackers Claim Attack on American Tear Gas Company WHID ID: 2012-30 Date Occurred: 2/14/2012 Attack Method: Unknown Application Weakness: Unknown Outcome: Leakage of Information Attacked Entity Field: Retail Attacked Entity Geography: Florida Incident Description: A U.S. security company whose tear gas has been used against Egyptian demonstrators has become the latest victim of the Anonymous movement, hackers claimed Tuesday.A U.S. seA U.S. security company whose tear gas has been used against Egyptian demonstrators has become the latest victim of the Anonymous movement, hackers claimed Tuesday. curity company whose tear gas has been used against Egyptian demonstrators has become the latest victim of the Anonymous movement, hackers claimed Tuesday. Reference: http://abcnews.go.com/International/wireStory/hackers-claim-attack-american-tear-gas-company-15579671#.TzsfFUxSS_c |
Entry Title: WHID 2012-3: Pastebin on the mend after DDoS battering WHID ID: 2012-3 Date Occurred: 1/3/2012 Attack Method: Denial of Service Application Weakness: Insufficient Anti-automation Outcome: Downtime Attacked Entity Field: Information Attacked Entity Geography: Los Angeles, CA Incident Description: Popular text file sharing service Pastebin.com has returned online following a denial of service attack on Tuesday. Reference: http://www.theregister.co.uk/2012/01/04/pastebin_ddos_recovery/ |
Entry Title: WHID 2012-299: Pinterest Locks Out Hacked Accounts, Investigates Security Breach WHID ID: 2012-299 Date Occurred: 7/20/2012 Attack Method: Unknown Application Weakness: Unknown Outcome: Account Takeover Attacked Entity Field: Social Attacked Entity Geography: Incident Description: Pinterest has been locking user accounts due to suspicious activity, after a string of disappearing or changed user data. But as the source of the security breach is still being determined, users are advised to keep their passwords unique and to make sure they don't fall victim to social engineering attacks. Reference: http://www.cmswire.com/cms/customer-experience/pinterest-locks-out-hacked-accounts-investigates-security-breach-016607.php |
Entry Title: WHID 2012-299: Hackers breached password security to steal UEA climate change emails WHID ID: 2012-299 Date Occurred: 7/19/2012 Attack Method: Abuse of Functionality Application Weakness: Insufficient Password Recovery Outcome: Account Takeover Attacked Entity Field: Education Attacked Entity Geography: Incident Description: Hackers broke into climate change emails sent by scientists at the University of East Anglia (UEA) on at least three occasions, a senior investigating officer revealed today. Reference: http://www.eveningnews24.co.uk/news/hackers_breached_password_security_to_steal_uea_climate_change_emails_1_1452449 |
Entry Title: WHID 2012-298: Pennsylvania mom allegedly hacked school website to change kids' grades WHID ID: 2012-298 Date Occurred: 7/19/2012 Attack Method: Stolen Credentials Application Weakness: Insufficient Authentication Outcome: Fraud Attacked Entity Field: Education Attacked Entity Geography: Incident Description: A Pennsylvania woman allegedly changed her children's grades after logging into a school computer system using passwords obtained when she worked for the district. Read more: http://www.foxnews.com/us/2012/07/19/pennsylvania-mom-allegedly-hacked-school-website-to-change-kids-grades/#ixzz2ChbzMl3Z Reference: http://www.foxnews.com/us/2012/07/19/pennsylvania-mom-allegedly-hacked-school-website-to-change-kids-grades/ |
Entry Title: WHID 2012-297: Hackers Claim Wall Street Resume Leak WHID ID: 2012-297 Date Occurred: 7/19/2012 Attack Method: Unknown Application Weakness: Unknown Outcome: Leakage of Information Attacked Entity Field: Technology Attacked Entity Geography: Incident Description: Team GhostShell leaked what it said was 50,000 user accounts for an online jobs board that focuses on Wall Street. The site, ITWallStreet.com, allows users to upload their resumes for searching by recruiters. Reference: http://www.informationweek.com/security/attacks/hackers-claim-wall-street-resume-leak/240004023 |
Entry Title: WHID 2012-296: Tango Down: Anonymous takes down Syrian hackers??? website WHID ID: 2012-296 Date Occurred: 7/18/2012 Attack Method: Denial of Service Application Weakness: Insufficient Anti-automation Outcome: Downtime Attacked Entity Field: Blog Attacked Entity Geography: Incident Description: As events in Syria inch ever closer to a critical mass, Anonymous has hit the pro-Syrian hackers, the Syrian Electronic Army. Anonymous just announced that they have taken down the SEA???s website with a DDoS attack. Reference: http://www.deathandtaxesmag.com/186003/tango-down-anonymous-takes-down-syrian-hackers-website/ |
Entry Title: WHID 2012-295: Nike Gets Hacked by Brad Stephenson for $80,000+ in Sports Gear WHID ID: 2012-295 Date Occurred: 7/17/2012 Attack Method: Abuse of Functionality Application Weakness: Insufficient Process Validation Outcome: Fraud Attacked Entity Field: Retail Attacked Entity Geography: Incident Description: Nike Hacker Brad Stephenson went on a shopping spree for 5 months after he found a loophole in one of Nike's websites??_ until the Secret Service caught up with him. Read more: http://www.virtual-strategy.com/2012/07/17/nike-gets-hacked-brad-stephenson-80000-sports-gear#ixzz2ChXhise4 Read more at http://www.virtual-strategy.com/2012/07/17/nike-gets-hacked-brad-stephenson-80000-sports-gear#Bx1UQ6PdmTmmoSvY.99 Reference: http://www.virtual-strategy.com/2012/07/17/nike-gets-hacked-brad-stephenson-80000-sports-gear |
Entry Title: WHID 2012-294: Billabong website hacked; reveals passwords of 21,000 users WHID ID: 2012-294 Date Occurred: 7/14/2012 Attack Method: Unknown Application Weakness: Unknown Outcome: Leakage of Information Attacked Entity Field: Retail Attacked Entity Geography: Incident Description: According to a dump from their password database, Billabong stored all passwords in plain text - presumably this made it easier to tell a user what their password was if they'd forgotten it. It also made life very easy for any hackers who wished to masquerade as the users on the site. Reference: http://www.itwire.com/business-it-news/security/55708-billabong-website-hacked-reveals-passwords-of-21000-users |
Entry Title: WHID 2012-293: Nvidia and Android forums fall victim to hackers WHID ID: 2012-293 Date Occurred: 7/13/2012 Attack Method: Unknown Application Weakness: Unknown Outcome: Leakage of Information Attacked Entity Field: Forums Attacked Entity Geography: Incident Description: Add two more websites to the already long list of sites that have been hacked as of late. Nvidia???s developer forum and Phandroid???s AndroidForums.com have both been breached and it is believed that usernames and hashed passwords were among the data stolen during each attack Reference: http://www.techspot.com/news/49388-nvidia-and-android-forums-fall-victim-to-hackers.html |
Entry Title: WHID 2012-292: Microsoft patches Windows Live identity theft flaw WHID ID: 2012-292 Date Occurred: 7/12/2012 Attack Method: Cross-site Scripting (XSS) Application Weakness: Improper Output Handling Outcome: Session Hijacking Attacked Entity Field: Technology Attacked Entity Geography: Incident Description: Microsoft recently fixed an XSS flaw in its Windows Live service that allowed an attacker to steal victims' online identities. The vulnerability was disclosed by two security researchers from Morocco. Reference: http://www.zdnet.com/microsoft-patches-windows-live-identity-theft-flaw-7000000832/ |
Entry Title: WHID 2012-291: 50,000 sites compromised in sustained attack WHID ID: 2012-291 Date Occurred: 7/10/2012 Attack Method: SQL Injection Application Weakness: Improper Input Handling Outcome: Planting of Malware Attacked Entity Field: Blogs Attacked Entity Geography: Incident Description: Some 50,000 websites have been compromised as part of a sustained iframe injection attack campaign targeting vulnerable plug-ins for web servers and content management systems. Reference: http://www.scmagazine.com.au/News/308164,50000-sites-compromised-in-sustained-attack.aspx |
Entry Title: WHID 2012-290: Social site Formspring hacked, passwords disabled WHID ID: 2012-290 Date Occurred: 7/11/2012 Attack Method: Unknown Application Weakness: Unknown Outcome: Leakage of Information Attacked Entity Field: Social Attacked Entity Geography: Incident Description: Social networking site Formspring said Tuesday that it was disabling nearly 30 million registered users??? passwords after hundreds of thousands of them were leaked to the Web in their encrypted form. Reference: http://www.boston.com/business/technology/2012/07/11/formspring-site-hacked-passwords-leaked-web/qsm1Ytov74SW6zyuQnG18J/story.html |
Entry Title: WHID 2012-29: CIA Website Hacked, Struggles To Recover WHID ID: 2012-29 Date Occurred: 2/10/2012 Attack Method: Denial of Service Application Weakness: Insufficient Anti-automation Outcome: Downtime Attacked Entity Field: Government Attacked Entity Geography: Washington D.C. Incident Description: An Anonymous-related Twitter channel claimed Friday that the group had successfully taken down the CIA's public-facing website. Reference: http://www.informationweek.com/news/security/attacks/232600729 |
Entry Title: WHID 2012-289: State server hacked in ???war??? on graft WHID ID: 2012-289 Date Occurred: 7/10/2012 Attack Method: Unknown Application Weakness: Unknown Outcome: Leakage of Information Attacked Entity Field: Government Attacked Entity Geography: Incident Description: It has come to light that a group called ???OpIndia??? had hacked government servers and posted large files of complaints received online by the Tamil Nadu police and its responses on Anonymous India???s Facebook page. Reference: http://www.asianage.com/chennai/state-server-hacked-war-graft-644 |
Entry Title: WHID 2012-288: Best Buy says some customer accounts hacked WHID ID: 2012-288 Date Occurred: 7/7/2012 Attack Method: Brute Force Application Weakness: Insufficient Authentication Outcome: Account Takeover Attacked Entity Field: Retail Attacked Entity Geography: Incident Description: Best Buy says some customers' email accounts may have been hacked. The retail giant is notifying those customers via email, telling them their current passwords have been disabled and asking them to reset their passwords. Reference: http://www.nbcnews.com/technology/technolog/best-buy-says-some-customer-accounts-hacked-867048 |
Entry Title: WHID 2012-287: NetGear routers rooted by SQLi WHID ID: 2012-287 Date Occurred: 7/6/2012 Attack Method: SQL Injection Application Weakness: Improper Input Handling Outcome: Leakage of Information Attacked Entity Field: Technology Attacked Entity Geography: Incident Description: A BlackHat presenter has extracted passwords from temporary databases in consumer routers including Netgear using SQL Injection attacks. Reference: http://www.scmagazine.com.au/News/307818,netgear-routers-rooted-by-sqli.aspx |
Entry Title: WHID 2012-286: Jets??? Darrelle Revis: Trade Tweet Came From Hacker WHID ID: 2012-286 Date Occurred: 7/5/2012 Attack Method: Unknown Application Weakness: Unknown Outcome: Disinformation Attacked Entity Field: Social Attacked Entity Geography: Incident Description: A message was posted to Darrelle Revis??? Twitter page just after 6:30 p.m. on Wednesday, in which the star cornerback appeared to curse out agents Neil Schwartz and Jonathan Feinsod ??? along with business manager John Geiger ??? for ???getting me traded.??? Reference: http://newyork.cbslocal.com/2012/07/05/jets-darrelle-revis-trade-tweet-came-from-hacker/ |
Entry Title: WHID 2012-285: Al Jazeera's 'The Stream' Twitter Account Hacked By Assad Supporters WHID ID: 2012-285 Date Occurred: 7/5/2012 Attack Method: Unknown Application Weakness: Unknown Outcome: Disinformation Attacked Entity Field: Social Attacked Entity Geography: Incident Description: The Twitter account of Al-Jazeera's English-language social media show has been hacked by supporters of Syrian President Bashar Assad. Reference: http://www.huffingtonpost.com/2012/07/05/al-jazeera-stream-twitter-hacked-assad_n_1651410.html |
Entry Title: WHID 2012-284: Hackers skew poll on alcohol reform WHID ID: 2012-284 Date Occurred: 7/3/2012 Attack Method: Automation Application Weakness: Insufficient Anti-automation Outcome: Disinformation Attacked Entity Field: Government Attacked Entity Geography: Incident Description: He said voting on the poll jumped from about 100 votes to 4000 in the space of about 24 hours. He said the source of the votes couldn't be traced but said technicians suggested the source was either a robot or a programme which had been written to continuously vote on one option. Reference: http://www.rotoruadailypost.co.nz/news/hackers-skew-poll-on-alcohol-reform/1439503/ |
Entry Title: WHID 2012-283: Hackers take down Turkish Foreign Ministry website WHID ID: 2012-283 Date Occurred: 7/3/2012 Attack Method: Unknown Application Weakness: Unknown Outcome: Defacement Attacked Entity Field: Government Attacked Entity Geography: Turkey Incident Description: Socialist group RedHack brought down the Turkish Foreign Ministry website on July 3 morning, replacing its contents with pictures showing the Turkish prime minister embracing former Libyan dictator Muammar Gaddafi and Syrian President Bashar al-Assad. Reference: http://www.panarmenian.net/eng/news/114518/Hackers_take_down_Turkish_Foreign_Ministry_website |
Entry Title: WHID 2012-282: The Daily News website suffers hacking WHID ID: 2012-282 Date Occurred: 7/2/2012 Attack Method: Unknown Application Weakness: Unknown Outcome: Defacement Attacked Entity Field: Media Attacked Entity Geography: Zimbabwe Incident Description: One of Zimbabwe???s 3 most read daily newspapers, the Daily News, had its website hacked yesterday. An email tip we got, and a tweet early Sunday morning say the site was showing the page below instead of the usual content. Reference: http://www.techzim.co.zw/2012/07/the-daily-news-website-suffers-hacking/ |
Entry Title: WHID 2012-281: European aeronautical parts supplier website hacked WHID ID: 2012-281 Date Occurred: 6/27/2012 Attack Method: Unknown Application Weakness: Unknown Outcome: Planting of Malware Attacked Entity Field: Technology Attacked Entity Geography: Bangalore, India Incident Description: The Web site of a European aeronautical parts supplier had been hacked and a malicious attack ??? which exploits zero-day Microsoft security vulnerability ??? was planted Reference: http://www.thehindubusinessline.com/industry-and-economy/logistics/article3576021.ece?ref=wl_industry-and-economy |
Entry Title: WHID 2012-280: Russian opposition leader's Twitter and email accounts hacked WHID ID: 2012-280 Date Occurred: 6/27/2012 Attack Method: Unknown Application Weakness: Unknown Outcome: Disinformation Attacked Entity Field: Social Attacked Entity Geography: Incident Description: HACKERS have broken into a prominent Russian opposition leader's Twitter and email accounts, sending his followers abusive messages. Reference: http://www.theaustralian.com.au/australian-it/russian-opposition-leaders-twitter-and-email-accounts-hacked/story-e6frgakx-1226409706806 |
Entry Title: WHID 2012-28: Microsoft India's retail website hacked WHID ID: 2012-28 Date Occurred: 2/13/2012 Attack Method: Unknown Application Weakness: Unknown Outcome: Leakage of Information Attacked Entity Field: Technology Attacked Entity Geography: India Incident Description: Chinese hackers on Monday attacked Microsoft India's retail website and stole the usernames and passwords of its customers, forcing the company to shut it down temporarily. Reference: http://www.hindustantimes.com/technology/BusinessComputing-Updates/Microsoft-India-s-retail-website-hacked/SP-Article1-810639.aspx |
Entry Title: WHID 2012-279: 'Anonymous' hackers attack govt websites WHID ID: 2012-279 Date Occurred: 6/28/2012 Attack Method: Denial of Service Application Weakness: Insufficient Anti-automation Outcome: Downtime Attacked Entity Field: Government Attacked Entity Geography: Japan Incident Description: The international hackers group Anonymous has launched a series of cyber-attacks against Japanese government websites in an operation apparently triggered by the group's displeasure with the recent introduction of stiffer punishments for illegal downloads. Reference: http://www.yomiuri.co.jp/dy/national/T120627005770.htm |
Entry Title: WHID 2012-278: Gang hacks IRCTC website and books Tatkal tickets WHID ID: 2012-278 Date Occurred: 6/24/2012 Attack Method: Predictable Resource Location Application Weakness: Insufficient Process Validation Outcome: Monetary Loss Attacked Entity Field: Transportation Attacked Entity Geography: India Incident Description: But it has now emerged that a gang has been operating for a couple of years, hacking into the IRCTC website and buying Tatkal tickets even before you could log into the system. The gang, which was operating out of Uttar Pradesh, was making quite a killing, selling these Tatkal tickets at a commission ranging from Rs.500 to Rs.1,000. Read more at: http://indiatoday.intoday.in/story/gang-hacks-irctc-website-and-books-tatkal-tickets/1/202152.html Reference: http://indiatoday.intoday.in/story/gang-hacks-irctc-website-and-books-tatkal-tickets/1/202152.html |
Entry Title: WHID 2012-277: Colombian hackers attack govt, political website to protest justice reform WHID ID: 2012-277 Date Occurred: 6/23/2012 Attack Method: Unknown Application Weakness: Unknown Outcome: Defacement Attacked Entity Field: Government Attacked Entity Geography: Columbia Incident Description: Hackers shut down the websites of Colombia's Justice Ministry and a coalition party Friday to protest a widely criticized judicial reform. Hacker collective Anonymous announced the shut-down of the Justice Ministry website on Friday evening. The website was back online Saturday morning. Reference: http://colombiareports.com/colombia-news/news/24736-colombian-hackers-attack-govt-political-website-to-protest-justice-reform.html |
Entry Title: WHID 2012-276: Android Forums website hacked WHID ID: 2012-276 Date Occurred: 7/13/2012 Attack Method: SQL Injection Application Weakness: Improper Input Handling Outcome: Leakage of Information Attacked Entity Field: Forums Attacked Entity Geography: Ellicott City, MD Incident Description: Android fansite Phandroid has admitted that its website was hacked this week and details of more than 1,034,235 were exposed. Reference: http://news.techeye.net/security/android-forums-website-hacked |
Entry Title: WHID 2012-275: Yahoo Voice Website Reportedly Hacked, Over 453,000 User Accounts And Passwords Allegedly Exposed WHID ID: 2012-275 Date Occurred: 7/12/2012 Attack Method: SQL Injection Application Weakness: Improper Input Handling Outcome: Leakage of Information Attacked Entity Field: Telecommunications Attacked Entity Geography: Netherlands Incident Description: Yahoo has reportedly fallen prey to a latest cyber attack, in which hackers of a hacking group named D33Ds Company claimed to have breached a Yahoo Voice server and posted over 453,000 user accounts and passwords, retrieved in plaintext. Reference: http://www.ibtimes.com/yahoo-voice-website-reportedly-hacked-over-453000-user-accounts-and-passwords-allegedly-exposed |
Entry Title: WHID 2012-274: Social site Formspring hacked, passwords disabled WHID ID: 2012-274 Date Occurred: 7/9/2012 Attack Method: Unknown Application Weakness: Unknown Outcome: Leakage of Information Attacked Entity Field: Social Networking Attacked Entity Geography: San Francisco Incident Description: Social networking site Formspring said that it was disabling nearly 30 million registered users??? passwords after hundreds of thousands of them were leaked to the Web in their encrypted form. Reference: http://www.boston.com/business/technology/2012/07/11/formspring-site-hacked-passwords-leaked-web/qsm1Ytov74SW6zyuQnG18J/story.html |
Entry Title: WHID 2012-273: Tamil Nadu's police website hacked WHID ID: 2012-273 Date Occurred: 7/11/2012 Attack Method: Unknown Application Weakness: Unknown Outcome: Leakage of Information Attacked Entity Field: Law Enforcment Attacked Entity Geography: India Incident Description: The Cyber Crime Cell of Tamil Nadu Police has been directed to probe the hacking of the state police's website allegedly by a hacktivist group named 'Anonymous.' Reference: http://articles.timesofindia.indiatimes.com/2012-07-11/security/32631877_1_police-website-hacktivist-group-security-audit |
Entry Title: WHID 2012-272: Indian hacker defaces National Highway Authority website WHID ID: 2012-272 Date Occurred: 7/7/2012 Attack Method: Unknown Application Weakness: Unknown Outcome: Defacement Attacked Entity Field: Government Attacked Entity Geography: Pakistan Incident Description: The website of the National Highway Authority was defaced by an Indian hacker going by the alias Ashell. Reference: http://tribune.com.pk/story/404965/indian-hacker-defaces-national-highway-authority-website/ |
Entry Title: WHID 2012-271: Majid Michel???s website hacked WHID ID: 2012-271 Date Occurred: 7/6/2012 Attack Method: Malware Injection Application Weakness: Unknown Outcome: Downtime Attacked Entity Field: Entertainment Attacked Entity Geography: Ghana Incident Description: According to ZebraChild / Erawoc Brothers Group, handlers of actor Majid Michel???s official website, the website has been hacked on a grand scale, forcing them to put it offline for a while. Reference: http://www.ghanaweb.com/GhanaHomePage/NewsArchive/artikel.php?ID=243952 |
Entry Title: WHID 2012-270: Maldives websites report denial-of-service (DDoS) cyberattacks WHID ID: 2012-270 Date Occurred: 7/4/2012 Attack Method: Denial of Service Application Weakness: Insufficient Anti-automation Outcome: Downtime Attacked Entity Field: Telecommunications Attacked Entity Geography: Maldives Incident Description: Telecommunications firm Dhiraagu has confirmed that websites in the Maldives have been targeted in apparent Denial of Service (DDoS) cyberattacks. Reference: http://minivannews.com/society/maldives-websites-report-denial-of-service-ddos-cyberattacks-40282 |
Entry Title: WHID 2012-27: Teampoison hacktivists deface Daily Mail recipe page WHID ID: 2012-27 Date Occurred: 2/5/2012 Attack Method: Unknown Application Weakness: Unknown Outcome: Defacement Attacked Entity Field: Media Attacked Entity Geography: United Kingdom Incident Description: The Daily Mail, one of the UK???s leading newspapers, and generally considered to be politically right of center, has had its website defaced by the Teampoison hacking group. Reference: http://www.infosecurity-magazine.com/view/23720/teampoison-hacktivists-deface-daily-mail-recipe-page/ |
Entry Title: WHID 2012-269: Colombian hackers attack govt, political website to protest justice reform WHID ID: 2012-269 Date Occurred: 6/22/2012 Attack Method: Denial of Service Application Weakness: Unknown Outcome: Downtime Attacked Entity Field: Government Attacked Entity Geography: Columbia, South America Incident Description: Hackers shut down the websites of Colombia's Justice Ministry and a coalition party to protest a widely criticized judicial reform. Reference: http://colombiareports.com/colombia-news/news/24736-colombian-hackers-attack-govt-political-website-to-protest-justice-reform.html |
Entry Title: WHID 2012-268: Hackers hit US Navy, Homeland Security sites WHID ID: 2012-268 Date Occurred: 6/23/2012 Attack Method: SQL Injection Application Weakness: Unknown Outcome: Leakage of Information Attacked Entity Field: Government Attacked Entity Geography: United States Incident Description: Hackers claimed to break into the subdomains of two major United States government agencies, posting what appeared to be stolen data online. Reference: http://www.gmanetwork.com/news/story/262936/scitech/technology/hackers-hit-us-navy-homeland-security-sites |
Entry Title: WHID 2012-267: One more Gujarat government website hacked WHID ID: 2012-267 Date Occurred: 6/22/2012 Attack Method: Unknown Application Weakness: Unknown Outcome: Downtime Attacked Entity Field: Government Attacked Entity Geography: India Incident Description: If any one visits the official Gujarat Government website for Narmada and water supply department one would find it to be forbidden. Reference: http://articles.timesofindia.indiatimes.com/2012-06-22/ahmedabad/32368378_1_website-water-supply-state-government |
Entry Title: WHID 2012-266: Lebanese government Web sites hacked WHID ID: 2012-266 Date Occurred: 6/16/2012 Attack Method: Unknown Application Weakness: Unknown Outcome: Defacement Attacked Entity Field: Government Attacked Entity Geography: Lebanon, Beirut Incident Description: Two Lebanese government Web sites were hacked Saturday by a group associated with Anonymous. Reference: http://www.upi.com/Top_News/World-News/2012/06/16/Lebanese-government-Web-sites-hacked/UPI-61361339857705/?spt=hs&or=tn |
Entry Title: WHID 2012-265: Doug Ford's website hacked by "Dbuzz" WHID ID: 2012-265 Date Occurred: 6/12/2012 Attack Method: Unknown Application Weakness: Unknown Outcome: Defacement Attacked Entity Field: Canadian government Attacked Entity Geography: Toronto Incident Description: Anyone who visited Doug Ford's (Ward 2, Etobicoke North) website since at least yesterday afternoon didn't get the councillor's usual web presence. Reference: http://www.openfile.ca/toronto/blog/2012/doug-fords-website-hacked-dbuzz |
Entry Title: WHID 2012-264: Langley City website hacked WHID ID: 2012-264 Date Occurred: 6/6/2012 Attack Method: Unknown Application Weakness: Unknown Outcome: Defacement Attacked Entity Field: State government Attacked Entity Geography: Virginia Incident Description: The City of Langley website was hacked by a group calling themselves the LatinHackTeam against corruption of the governments. Reference: http://www.langleytimes.com/news/158504945.html |
Entry Title: WHID 2012-263: Wawa's Website Hacked WHID ID: 2012-263 Date Occurred: 6/8/2012 Attack Method: SQL Injection Application Weakness: Unknown Outcome: Defacement Attacked Entity Field: Gas sales Attacked Entity Geography: Pennsylvania Incident Description: Hackers caused problems for Wawa's website, www.wawa.com Reference: http://www.cspnet.com/news/technology/articles/update-wawas-website-hacked |
Entry Title: WHID 2012-262: Vice President Binay???s website hacked WHID ID: 2012-262 Date Occurred: 6/12/2012 Attack Method: Unknown Application Weakness: Unknown Outcome: Defacement Attacked Entity Field: Government Attacked Entity Geography: Philippines Incident Description: The website of the Office of the Vice President (OVP) was hacked Reference: http://technology.inquirer.net/12081/vice-president-binays-website-hacked |
Entry Title: WHID 2012-261: Russian sites go offline as protests begin WHID ID: 2012-261 Date Occurred: 6/12/2012 Attack Method: Denial of Service Application Weakness: Insufficient Anti-automation Outcome: Downtime Attacked Entity Field: Media Attacked Entity Geography: Russia Incident Description: The websites of Russia's main independent news sources became inaccessible on Tuesday as protesters gathered in Moscow for a march against President Vladimir Putin's third Kremlin term. Reference: http://www.abs-cbnnews.com/global-filipino/world/06/12/12/russian-sites-go-offline-protests-begin |
Entry Title: WHID 2012-260: Govt site taken down in censorship protest WHID ID: 2012-260 Date Occurred: 6/10/2012 Attack Method: Denial of Service Application Weakness: Insufficient Anti-automation Outcome: Downtime Attacked Entity Field: Internet Security Attacked Entity Geography: India Incident Description: Hours ahead of its planned protest against certain incidents of internet censorship in India , hacker collective Anonymous attacked andbroughtdown the website run by Computer Emergency Response Team India (CERT-I n), the country's premier agency dealing with cyber security contingencies . Reference: http://articles.timesofindia.indiatimes.com/2012-06-10/chennai/32155621_1_opindia-web-censorship-cert |
Entry Title: WHID 2012-26: Russia???s Largest BitTorrent Tracker Under Huge DDoS Attack WHID ID: 2012-26 Date Occurred: 2/6/2012 Attack Method: Denial of Service Application Weakness: Insufficient Anti-automation Outcome: Downtime Attacked Entity Field: Information Attacked Entity Geography: Russia Incident Description: RUTracker, Russia???s largest BitTorrent tracker, has been dealing with the effects of a DDoS attack over the past 48 hours. Reference: http://torrentfreak.com/russias-largest-bittorrent-tracker-under-huge-ddos-attack-120208/ |
Entry Title: WHID 2012-259: Anonymous all set for June 9 Nation-wide Protests against Censorship WHID ID: 2012-259 Date Occurred: 6/7/2012 Attack Method: Denial of Service Application Weakness: Unknown Outcome: Downtime Attacked Entity Field: Telekom Attacked Entity Geography: India Incident Description: Anonymous claims to have taken down the website of Telecom Company MTNL yesterday via a Distributed Denial of Service (DDoS) attack. Reference: http://www.cio.in/news/anonymous-all-set-june-9-nation-wide-protests-against-censorship-269642012 |
Entry Title: WHID 2012-258: 6.5 Million LinkedIn Passwords May Be In Hands of Hackers WHID ID: 2012-258 Date Occurred: 6/6/2012 Attack Method: SQL Injection Application Weakness: Unknown Outcome: Leakage of Information Attacked Entity Field: Social Networking Attacked Entity Geography: Mountain View, CA Incident Description: LinkedIn on Wednesday morning was still unable to confirm reports that 6.5 million user passwords had been exposed. But Sophos has discovered LinkedIn password information posted on a Russian hacker site. Reference: http://www.newsfactor.com/news/6-5M-LinkedIn-Passwords-May-Be-Stolen/story.xhtml?story_id=013000G54XRY |
Entry Title: WHID 2012-257: UMass website hacked, Google searchers get offer to sell Viagra WHID ID: 2012-257 Date Occurred: 6/6/2012 Attack Method: Search Engine Poisoning Application Weakness: Improper Output Handling Outcome: Spam Attacked Entity Field: United States University Attacked Entity Geography: Massachusetts Incident Description: A lot of people who did a Google search for UMass Amherst Wednesday morning found themselves with a bitter pill to swallow -- and it wasn't blue. Reference: http://www.masslive.com/business-news/index.ssf/2012/06/umass_website_hacked_google_searchers_ge.html |
Entry Title: WHID 2012-256: Defence, Panasonic hacked and defaced WHID ID: 2012-256 Date Occurred: 6/7/2012 Attack Method: Unknown Application Weakness: Unknown Outcome: Defacement Attacked Entity Field: Australian Department of Defense Attacked Entity Geography: Australia Incident Description: One of the Defence Materiel Organisation's (DMO) websites has been compromised by hackers, while Panasonic Australia has taken its website down after one of its subdomains was also hacked and then defaced. Reference: http://www.zdnet.com/defence-panasonic-hacked-and-defaced-1339339331/ |
Entry Title: WHID 2012-255: Indian ISPs Targeted in Anonymous Censorship Protest WHID ID: 2012-255 Date Occurred: 6/6/2012 Attack Method: Denial of Service Application Weakness: Insufficient Anti-automation Outcome: Downtime Attacked Entity Field: Internet Service Provider Attacked Entity Geography: India Incident Description: The websites of Indian government-run communications company Mahanagar Telephone Nigam and the Internet Service Providers Association of India faced DDoS (distributed denial of service) attacks from Anonymous. Reference: http://www.pcworld.com/businesscenter/article/257032/indian_isps_targeted_in_anonymous_censorship_protest.html |
Entry Title: WHID 2012-254: DigiCape website hacked WHID ID: 2012-254 Date Occurred: 6/4/2012 Attack Method: Unknown Application Weakness: Unknown Outcome: Defacement Attacked Entity Field: Online retail Attacked Entity Geography: South Africa Incident Description: Independent Apple retailer DigiCape is the victim of a cyber attack, with the company's website hacked. Reference: http://technology.iafrica.com/news/technology/798318.html |
Entry Title: WHID 2012-253: Cyber watchdog website hacked WHID ID: 2012-253 Date Occurred: 6/2/2012 Attack Method: Unknown Application Weakness: Unknown Outcome: Downtime Attacked Entity Field: Government Attacked Entity Geography: India Incident Description: Even after a series of government defacements by Anonymous, the website of the Indian Computer Emergency Response Team website was trolled and defaced by by Anonymous. Reference: http://www.deccanchronicle.com/channels/cities/hyderabad/cyber-watchdog-website-hacked-988 |
Entry Title: WHID 2012-252: Hosting firm suffers 'innocent' intrusion after billing system hacked WHID ID: 2012-252 Date Occurred: 4/30/2012 Attack Method: Unknown Application Weakness: Unknown Outcome: Leakage of Information Attacked Entity Field: Hosting Provider Attacked Entity Geography: Incident Description: Web-hosting firm eUKHost has been hacked by Pakistani hacking team UrduHack, which appeared to have gained access to its billing system. Reference: http://www.theregister.co.uk/2012/04/30/eukhost_billing_system_compromise/ |
Entry Title: WHID 2012-251: Quick fix for Hotmail password bug WHID ID: 2012-251 Date Occurred: 4/27/2012 Attack Method: Parameter Manipulation Application Weakness: Insufficient Password Recovery Outcome: Account Takeover Attacked Entity Field: Service Providers Attacked Entity Geography: Incident Description: The bug allowed a hacker to reset the password for a Hotmail account, locking out its owner and giving the attacker access to the inbox. The fix was put together because the bug was starting to be actively exploited online. Reference: http://www.bbc.co.uk/news/technology-17866897 |
Entry Title: WHID 2012-250: Just like the share price... Facebook goes down after being 'hacked by Anonymous' WHID ID: 2012-250 Date Occurred: 6/1/2012 Attack Method: Denial of Service Application Weakness: Insufficient Anti-automation Outcome: Downtime Attacked Entity Field: Social Networking Attacked Entity Geography: United States Incident Description: Facebook experienced service outages for portions of its 900 million users tonight after the social networking site was apparently targeted by hacking group Anonymous. Reference: http://www.dailymail.co.uk/sciencetech/article-2153081/Facebook-goes-just-like-share-price--Social-networking-giant-caps-end-week-forget-website-outages-apparently-hacked-Anonymous.html |
Entry Title: WHID 2012-25: Website of Vietnam's top Internet security firm hacked WHID ID: 2012-25 Date Occurred: 2/4/2012 Attack Method: Denial of Service Application Weakness: Insufficient Anti-automation Outcome: Downtime Attacked Entity Field: Technology Attacked Entity Geography: Hanoi, Vietnam Incident Description: The website of Vietnam???s leading internet security firm, the Hanoi-based Bach Khoa Internetwork Security Company, has been attacked by hackers, Vietnam News Agency (VNA) quoted its representative as saying Monday. Reference: http://www.thanhniennews.com/index/pages/20120206-vietnam-leading-internet-security-company-hacked.aspx |
Entry Title: WHID 2012-249: Agriboffins' site downed by DDoS after GM protest WHID ID: 2012-249 Date Occurred: 5/28/2012 Attack Method: Denial of Service Application Weakness: Unknown Outcome: Downtime Attacked Entity Field: Agriculture research Attacked Entity Geography: United Kingdom Incident Description: Agricultural research institute Rothamsted Research was pulled offline in a DDoS attack just hours after police stopped protestors destroying a GM crop trial at the facility. Reference: http://www.theregister.co.uk/2012/05/28/rothamsted_site_down_ddos/ |
Entry Title: WHID 2012-248: Yemeni tribal website hacked by US, divulges Hilary Clinton WHID ID: 2012-248 Date Occurred: 5/24/2012 Attack Method: Unknown Application Weakness: Unknown Outcome: Defacement Attacked Entity Field: Government Attacked Entity Geography: Yemin Incident Description: US Secretary of State Hilary Clinton admitted that cyber experts based at her department hacked Yemeni tribal websites, and tracked messages about killing Americans. Reference: http://www.globalnewsdesk.co.uk/north-america/us-hacking-al-qaeda/0992/ |
Entry Title: WHID 2012-247:123-reg outtage caused by DDoS attack from China WHID ID: 2012-247 Date Occurred: 5/23/2012 Attack Method: Denial of Service Application Weakness: Unknown Outcome: Downtime Attacked Entity Field: Web site hosting Attacked Entity Geography: United Kingdom Incident Description: It appears that 123-reg are having some network problems caused by a distributed denial of service attack from China. Reference: http://tamebay.com/2012/05/123-reg-outtage-caused-by-ddos-attack-from-china.html |
Entry Title: WHID 2012-246: Web Hosting Control Panel WHMCS Hit by DDoS and Social Engineering Attack WHID ID: 2012-246 Date Occurred: 5/22/2012 Attack Method: Denial of Service Application Weakness: Unknown Outcome: Downtime Attacked Entity Field: Client management Attacked Entity Geography: United Kingdom Incident Description: WHMCS experienced a DDoS and social engineering attack this week Reference: http://www.thewhir.com/web-hosting-news/web-hosting-control-panel-whmcs-hit-by-ddos-and-social-engineering-attack |
Entry Title: WHID 2012-245: Solar Impulse website hacked WHID ID: 2012-245 Date Occurred: 5/21/2012 Attack Method: Unknown Application Weakness: Unknown Outcome: Defacement Attacked Entity Field: Solar flight Attacked Entity Geography: Sitzerland Incident Description: The team of the Swiss airplane Solar Impulse warns its supporters that its website was hacked Reference: http://worldradio.ch/wrs/news/wrsnews/solar-impulse-website-hacked.shtml?30729 |
Entry Title: WHID 2012-244: Anonymous takes out Indian CERT as attacks continue WHID ID: 2012-244 Date Occurred: 5/20/2012 Attack Method: Denial of Service Application Weakness: Unknown Outcome: Downtime Attacked Entity Field: Government Attacked Entity Geography: India Incident Description: Hacktivist group Anonymous continued its attacks on the Indian government and creative industries. Reference: http://www.theregister.co.uk/2012/05/21/india_anonymous_cert_ddos/ |
Entry Title: WHID 2012-243: Anonymous Hackers Claim to Take Down Chicago Police Website WHID ID: 2012-243 Date Occurred: 5/20/2012 Attack Method: Denial of Service Application Weakness: Unknown Outcome: Downtime Attacked Entity Field: Law enforcement Attacked Entity Geography: Chicago Incident Description: The Chicago Police Department website is down, and ???hactivists??? from the group Anonymous are taking credit. Reference: http://mashable.com/2012/05/20/anonymous-hackers-police-website/ |
Entry Title: WHID 2012-242: Anonymous Launches Cyberattacks Against India WHID ID: 2012-242 Date Occurred: 5/18/2012 Attack Method: Denial of Service Application Weakness: Unknown Outcome: Downtime Attacked Entity Field: Government Attacked Entity Geography: India Incident Description: Websites belonging to India???s Supreme Court, the Ministry of Communications and Information Technology, the Department of Telecommunications, and both of the nation???s political parties were targets of an Anonymous-led hacking attack. Reference: http://www.redorbit.com/news/technology/1112538563/anonymous-launches-cyberattacks-against-india/ |
Entry Title: WHID 2012-241: Basketball TV website hacked WHID ID: 2012-241 Date Occurred: 5/18/2012 Attack Method: Unknown Application Weakness: Unknown Outcome: Defacement Attacked Entity Field: Sports Attacked Entity Geography: Phillipines Incident Description: The official website of local cable channel Basketball TV was compromised today, May 18, by hackers claiming to be Chinese. Reference: http://www.rappler.com/nation/5582-btv-website-hacked |
Entry Title: WHID 2012-240: Popular Eurovision website hacked in response to ???parade of homosexuals??? WHID ID: 2012-240 Date Occurred: 5/17/2012 Attack Method: Denial of Service Application Weakness: Unknown Outcome: Downtime Attacked Entity Field: News Attacked Entity Geography: Australia Incident Description: A group is reportedly targeting websites related to the Eurovision Song Contest in Azerbaijan in protest at a ???parade of homosexuals??? it believes will take place at the event. Reference: http://www.pinknews.co.uk/2012/05/17/popular-eurovision-website-hacked-in-response-to-parade-of-homosexuals/ |
Entry Title: WHID 2012-24: More fallout; Salt Lake City police website hacked WHID ID: 2012-24 Date Occurred: 2/1/2012 Attack Method: SQL Injection Application Weakness: Improper Input Handling Outcome: Leakage of Information Attacked Entity Field: Law Enforcement Attacked Entity Geography: Salt Lake City, Utah Incident Description: The Salt Lake City police department is asking their tipsters and informants to be careful after a hacker compromised their website Reference: http://www.abc4.com/content/news/slc/story/More-fallout-Salt-Lake-City-police-website-hacked/PiSspE768UiioitJ3K4gyQ.cspx |
Entry Title: WHID 2012-239: Pirate Bay Under DDoS Attack From Unknown Enemy WHID ID: 2012-239 Date Occurred: 5/16/2012 Attack Method: Denial of Service Application Weakness: Unknown Outcome: Downtime Attacked Entity Field: Media web site Attacked Entity Geography: United Kingdom Incident Description: After the site openly criticized Anonymous last week for DDoS???ing UK ISP Virgin Media, The Pirate Bay itself is now under attack. Reference: http://torrentfreak.com/pirate-bay-under-ddos-attack-from-unknown-enemy-120516/ |
Entry Title: WHID 2012-238: ICO blasted offline by DDoS cannon in Leveson protest WHID ID: 2012-238 Date Occurred: 5/15/2012 Attack Method: Denial of Service Application Weakness: Unknown Outcome: Downtime Attacked Entity Field: Information Rights Attacked Entity Geography: United Kingdom Incident Description: The UK's Information Commissioner's Office website has been blown offline by a distributed-denial-of-service attack that appears to be a hacktivist protest over the Leveson Inquiry. Reference: http://www.theregister.co.uk/2012/05/15/ico_downed_by_ddos_leveson/ |
Entry Title: WHID 2012-237: Amnesty UK website hacked to serve lethal Gh0st RAT Trojan WHID ID: 2012-237 Date Occurred: 5/11/2012 Attack Method: Hosting malicious code Application Weakness: Unknown Outcome: Planting of Malware Attacked Entity Field: Human Rights Attacked Entity Geography: United Kingdom Incident Description: Amnesty International's UK website was hacked to host the dangerous Gh0st RAT Trojan for two days. Reference: http://news.idg.no/cw/art.cfm?id=8D5B5FA7-FBEE-927B-4C5DADA27F1AE4AD |
Entry Title: WHID 2012-236: 4Chan vandalises Tea Party website, reveals private donors WHID ID: 2012-236 Date Occurred: 5/11/2012 Attack Method: Account compromise Application Weakness: Weak password Outcome: Defacement Attacked Entity Field: American political movement Attacked Entity Geography: United States Incident Description: The Tea Party has had its PAC website hacked by what looks like a legion of users from the notorious 4Chan image board. Reference: http://news.techeye.net/internet/4chan-vandalises-tea-party-website-reveals-private-donors |
Entry Title: WHID 2012-235: Activist hackers temporarily block Putin's website WHID ID: 2012-235 Date Occurred: 5/9/2012 Attack Method: Denial of Service Application Weakness: Unknown Outcome: Downtime Attacked Entity Field: Government Attacked Entity Geography: Russia Incident Description: Hackers temporarily blocked President Vladimir Putin's web site Reference: http://www.reuters.com/article/2012/05/09/us-russia-hackers-kremlin-idUSBRE8480L020120509 |
Entry Title: 2012-234: PAGASA website hacked WHID ID: 2012-234 Date Occurred: 5/9/2012 Attack Method: Unknown Application Weakness: Unknown Outcome: Defacement Attacked Entity Field: Science Attacked Entity Geography: Philipines Incident Description: The Philippine Atmospheric, Geophysical and Astronomical Services Administration (PAGASA) website was hacked. Reference: http://www.abs-cbnnews.com/nation/05/09/12/pagasa-website-hacked |
Entry Title: WHID 2012-231: Anonymous Hackers Target CIA, UK Supreme Court Over ???Pirate Bay??? Censorship WHID ID: 2012-233 Date Occurred: 5/4/2012 Attack Method: Denial of Service Application Weakness: Unknown Outcome: Downtime Attacked Entity Field: Government Attacked Entity Geography: United States and United Kingdom Incident Description: Hacktivist members of the online collective called "Anonymous" targeted the websites of the United Kingdom Supreme Court and the CIA. Reference: http://www.ibtimes.com/articles/337473/20120504/anonymous-hackers-cispa-cia-supreme-court-optpb.htm |
Entry Title: WHID 2012-232: 'Unknowns' hack European Space Agency WHID ID: 2012-232 Date Occurred: 5/3/2012 Attack Method: SQL Injection Application Weakness: Improper Input Handling Outcome: Leakage of Information Attacked Entity Field: Space Agency Attacked Entity Geography: Paris, France Incident Description: The European Space Agency has said that a group of hackers called 'The Unknowns' successfully hacked into external servers and got access to user identity information. Reference: http://www.zdnet.co.uk/blogs/security-bulletin-10000166/unknowns-hack-european-space-agency-10026071/ |
Entry Title: WHID 2012-231: Philippine Star's website hacked WHID ID: 2012-231 Date Occurred: 5/4/2012 Attack Method: Unknown Application Weakness: Unknown Outcome: Defacement Attacked Entity Field: Newspaper media Attacked Entity Geography: Phillipines Incident Description: The website of national newspaper Philippine Star was hacked. Reference: http://www.abs-cbnnews.com/nation/05/04/12/philippine-stars-website-hacked |
Entry Title: WHID 2012-230: Three Rivers Park District Website Hacked, Credit Card Information Safe WHID ID: 2012-230 Date Occurred: 4/19/2012 Attack Method: Information leakage Application Weakness: Unknown Outcome: Leakage of Information Attacked Entity Field: State Park Attacked Entity Geography: Minneapolis, Minnesota Incident Description: The Three Rivers Park District online reservation system was the target of a cyber attack. Reference: http://kaaltv.com/article/stories/S2603448.shtml?cat=10728 |
Entry Title: WHID 2012-23: Anonymous hackers access Greek ministry website WHID ID: 2012-23 Date Occurred: 2/3/2012 Attack Method: Unknown Application Weakness: Unknown Outcome: Defacement Attacked Entity Field: Government Attacked Entity Geography: Greece Incident Description: Hackers associated with the activist group Anonymous posted a protest against Greece's EU and IMF-inspired austerity policies on the website of the country's justice ministry Friday, a ministry spokeswoman said. Reference: http://www.reuters.com/article/2012/02/03/us-greece-hackers-idUSTRE8120D320120203 |
Entry Title: WHID 2012-229: ANCYL website hacked, league responds WHID ID: 2012-229 Date Occurred: 5/2/2012 Attack Method: Unknown Application Weakness: Unknown Outcome: Defacement Attacked Entity Field: Youth organization Attacked Entity Geography: Africa Incident Description: ANCYL website was defaced. Reference: http://mybroadband.co.za/news/security/49043-ancyl-website-hacked-league-responds.html |
Entry Title: WHID 2012-228: SOCA Website Downed By DDoS Attack WHID ID: 2012-228 Date Occurred: 5/2/2012 Attack Method: Denial of Service Application Weakness: Unknown Outcome: Downtime Attacked Entity Field: Law enforcement Attacked Entity Geography: United Kingdom Incident Description: The website of the Serious Organised Crime Agency, SOCA, has been hit by a distributed-denial-of-service attack. Reference: http://www.itproportal.com/2012/05/04/soca-website-downed-by-ddos-attack/ |
Entry Title: WHID 2012-227: Confidential information released in Lake County Sheriff's website hacking WHID ID: 2012-227 Date Occurred: 4/27/2012 Attack Method: Unknown Application Weakness: Unknown Outcome: Leakage of Information Attacked Entity Field: Law enforcement Attacked Entity Geography: Lake County,Florida Incident Description: Lake County sheriff's deputies have launched an investigation into how its computer system was hacked, which forced officials to shut down all electronic communication and Internet. Reference: http://www.clickorlando.com/news/Lake-County-Sheriff-s-Office-website-hacked-over-weekend/-/1637132/12246044/-/7j5xot/-/ |
Entry Title: WHID 2012-226: Philippines DBM site defaced WHID ID: 2012-226 Date Occurred: 4/25/2012 Attack Method: Unknown Application Weakness: Unknown Outcome: Defacement Attacked Entity Field: Government Attacked Entity Geography: Philippines Incident Description: The website of the Philippines Department of Budget and Management was defaced Wednesday afternoon and was quickly taken down for a "security audit". Reference: http://www.gmanetwork.com/news/story/256173/scitech/technology/dbm-site-defaced-other-govt-sites-down |
Entry Title: WHID 2012-225: Taliban Website Hacked As Afghan Cyberwar Heats Up WHID ID: 2012-225 Date Occurred: 4/26/2012 Attack Method: Unknown Application Weakness: Unknown Outcome: Defacement Attacked Entity Field: Political Group Attacked Entity Geography: Afghanistan Incident Description: Unidentified hackers have broken into the main website of the Afghan Taliban, replacing the usual militant claims of victories with images of executions carried out by the militants and messages condemning violence in English, Arabic, and Pashto. Reference: http://www.rferl.org/content/taliban_website_hacked/24562004.html |
Entry Title: WHID 2012-224: The Man Who Hacked Hollywood WHID ID: 2012-224 Date Occurred: 4/26/2012 Attack Method: Brute Force Application Weakness: Insufficient Password Recovery Outcome: Leakage of Information Attacked Entity Field: Service Providers Attacked Entity Geography: Multiple Incident Description: Describes how Chris Chaney used brute force techniques to gain access to celebrity email accounts. Reference: http://www.gq.com/news-politics/newsmakers/201205/chris-chaney-hacker-nude-photos-scarlett-johansson?printable=true |
Entry Title: WHID 2012-223: UK2.NET smashed offline by '10-million-strong' botnet WHID ID: 2012-223 Date Occurred: 4/26/2012 Attack Method: Denial of Service Application Weakness: Insufficient Anti-automation Outcome: Downtime Attacked Entity Field: Hosting Providers Attacked Entity Geography: UK Incident Description: British web hosting outfit UK2.NET was on the business end of a distributed denial-of-service attack last night that took down customers' websites. Reference: http://www.theregister.co.uk/2012/04/26/uk2net_outage_in_ddos_attack/ |
Entry Title: WHID 2012-222: DBM website hacked WHID ID: 2012-222 Date Occurred: 4/25/2012 Attack Method: Unknown Application Weakness: Unknown Outcome: Defacement Attacked Entity Field: Government Attacked Entity Geography: Manila, Philippines Incident Description: Purported Chinese hackers attacked the website of the Department of Budget and Management (DBM) on Wednesday. Reference: http://www.abs-cbnnews.com/nation/04/25/12/dbm-website-hacked |
Entry Title: WHID 2012-221: Local bank website hacked WHID ID: 2012-221 Date Occurred: 4/23/2012 Attack Method: Unknown Application Weakness: Unknown Outcome: Defacement Attacked Entity Field: Finance Attacked Entity Geography: Richmond, VA Incident Description: The bank executive said that they believe it was the work of an automated hacking tool that simply swapped their home page with the image that Grech saw. Management contends it was purely superficial and at no time were customer accounts at risk, putting some worries at ease. Reference: http://wtvr.com/2012/04/23/local-bank-website-hacked/ |
Entry Title: WHID 2012-220: CIA site downed as Anonymous claims attack WHID ID: 2012-220 Date Occurred: 4/24/2012 Attack Method: Denial of Service Application Weakness: Insufficient Anti-automation Outcome: Downtime Attacked Entity Field: Government Attacked Entity Geography: Langley, Virginia Incident Description: The CIA website is now back online following a DDoS attack reportedly perpetrated by the hacktivist group Anonymous. This is the latest attack in a series of assaults carried out against US government websites. Reference: https://rt.com/news/cia-site-claims-attack-807/ |
Entry Title: WHID 2012-22: Irish Aid website 'hacked' WHID ID: 2012-22 Date Occurred: 2/1/2012 Attack Method: Unknown Application Weakness: Unknown Outcome: Leakage of Information Attacked Entity Field: Government Attacked Entity Geography: Ireland Incident Description: The website of the Government???s overseas development programme, Irish Aid was taken down for a time last night after the email addresses and passwords of staff were posted online. Reference: http://www.irishtimes.com/newspaper/breaking/2012/0202/breaking6.html |
Entry Title: WHID 2012-219: Hacker strikes Parliament website WHID ID: 2012-219 Date Occurred: 4/22/2012 Attack Method: Unknown Application Weakness: Unknown Outcome: Defacement Attacked Entity Field: Government Attacked Entity Geography: Trinidad Incident Description: The Government's parliamentary website, www.ttparliament.org, was taken offline yesterday after a computer software hacker apparently breached the security codes of the site and left a mischievous message announcing the security break. Reference: http://www.trinidadexpress.com/news/Hacker_strikes_Parliament_website-148466945.html |
Entry Title: WHID 2012-218: Anonymous Shuts Down Formula 1 Website Ahead of Bahrain Grand Prix WHID ID: 2012-218 Date Occurred: 4/20/2012 Attack Method: Denial of Service Application Weakness: Insufficient Anti-automation Outcome: Downtime Attacked Entity Field: Sports Attacked Entity Geography: Bahrain Incident Description: Anonymous, a hacker collective, has shut down the official Formula 1 website after a series of violent protests ahead of its race in Bahrain. Reference: http://www.ibtimes.com/articles/331171/20120420/anonymous-formula-1-website-bahrain-grand-prix.htm |
Entry Title: WHID 2012-217: U.S. Web site covering China scandal disrupted by cyberattack WHID ID: 2012-217 Date Occurred: 4/20/2012 Attack Method: Denial of Service Application Weakness: Insufficient Anti-automation Outcome: Downtime Attacked Entity Field: Media Attacked Entity Geography: China Incident Description: A U.S.-based Web site that has aggressively covered China???s biggest political scandal in decades was the victim of a disruptive attack that was accompanied by threats to the service that registers its domain name, the site???s manager said Friday. Reference: http://www.washingtonpost.com/world/national-security/us-web-site-covering-china-scandal-disrupted-by-cyberattack/2012/04/20/gIQAZbRcWT_story.html |
Entry Title: WHID 2012-216: Cyber war: Palace websites attacked WHID ID: 2012-216 Date Occurred: 4/22/2012 Attack Method: Denial of Service Application Weakness: Insufficient Anti-automation Outcome: Downtime Attacked Entity Field: Government Attacked Entity Geography: Philipines Incident Description: Chinese hackers were at it again, and this time they attacked the presidential websites. Reference: http://globalnation.inquirer.net/34465/cyber-war-palace-websites-attacked |
Entry Title: WHID 2012-215: Berrien County government website hacked WHID ID: 2012-215 Date Occurred: 4/20/2012 Attack Method: Brute Force Application Weakness: Insufficient Anti-automation Outcome: Defacement Attacked Entity Field: Government Attacked Entity Geography: ST. JOSEPH, MI Incident Description: A group of hackers got into the Berrien County government website earlier this week and left behind profanity and their views on government, authorities said Thursday. Reference: http://www.mlive.com/news/kalamazoo/index.ssf/2012/04/berrien_county_government_webs.html |
Entry Title: WHID 2012-214: 'Chinese' hackers deface Philippine website WHID ID: 2012-214 Date Occurred: 4/20/2012 Attack Method: Unknown Application Weakness: Unknown Outcome: Defacement Attacked Entity Field: Education Attacked Entity Geography: Manila, Philippines Incident Description: Hackers claiming to come from China defaced the website of the Philippines' top university on Friday to assert their country's claim over the hotly disputed South China Sea, the government said. Reference: http://www.google.com/hostednews/afp/article/ALeqM5ieavMTCtsDq6Jzd8wBfyGQTNj4NA?docId=CNG.46b40181ee39a090b52dd63a46e30e61.421 |
Entry Title: WHID 2012-213: Hacker attack underlines Web role in China scandal WHID ID: 2012-213 Date Occurred: 4/20/2012 Attack Method: Denial of Service Application Weakness: Insufficient Anti-automation Outcome: Downtime Attacked Entity Field: Media Attacked Entity Geography: North Carolina Incident Description: A massive hacker attack has crippled an overseas website that has reported extensively on China's biggest political turmoil in years, underscoring the pivotal role the Internet has played in the unfolding scandal. Reference: https://www.ajc.com/news/nation-world/hacker-attack-underlines-web-1422689.html |
Entry Title: WHID 2012-212: D.C. government website downed by hackers WHID ID: 2012-212 Date Occurred: 4/19/2012 Attack Method: Denial of Service Application Weakness: Insufficient Anti-automation Outcome: Downtime Attacked Entity Field: Government Attacked Entity Geography: Washington, DC Incident Description: City government websites in the District failed to load for hours on Thursday, the apparent victims of hackers who wanted to target government sites. Reference: http://www.washingtontimes.com/news/2012/apr/19/dc-government-website-downed-hackers/ |
Entry Title: WHID 2012-211: Anti-abortion hacker jailed for stealing 10,000 records WHID ID: 2012-211 Date Occurred: 4/17/2012 Attack Method: Unknown Application Weakness: Unknown Outcome: Leakage of Information Attacked Entity Field: Healthcare Attacked Entity Geography: UK Incident Description: Anonymous member James Jeffery last month hacked into the British Pregnancy Advisory Service (BPAS) and stole 10,000 database records. He has now been sentenced to 32 months in jail. Reference: https://www.zdnet.com/blog/security/anti-abortion-hacker-jailed-for-stealing-10000-records/11558?tag=content;siu-container |
Entry Title: WHID 2012-210: 15-year-old arrested for hacking 259 companies WHID ID: 2012-210 Date Occurred: 4/17/2012 Attack Method: Unknown Application Weakness: Unknown Outcome: Leakage of Information Attacked Entity Field: Multiple Attacked Entity Geography: Multiple Incident Description: A 15-year-old boy has been arrested for hacking into 259 companies during a 90-day spree. In other words, during the last quarter he successfully attacked an average of three websites per day. Reference: https://www.zdnet.com/blog/security/15-year-old-arrested-for-hacking-259-companies/11585?tag=content;siu-container |
Entry Title: WHID 2012-21: Hackers attack law enforcement websites WHID ID: 2012-21 Date Occurred: 2/3/2012 Attack Method: Unknown Application Weakness: Unknown Outcome: Leakage of Information Attacked Entity Field: Law Enforcement Attacked Entity Geography: Virginia Incident Description: Saboteurs have hacked into the websites of several law enforcement agencies worldwide in attacks attributed to the collective called Anonymous, including in Boston and in Salt Lake City, where police say personal information of confidential informants and tipsters was accessed. Reference: http://www.washingtontimes.com/news/2012/feb/5/hackers-attack-law-enforcement-websites/ |
Entry Title: WHID 2012-209: Hundreds of thousands of medical records accessible WHID ID: 2012-209 Date Occurred: 4/19/2012 Attack Method: SQL Injection Application Weakness: Improper Input Handling Outcome: Leakage of Information Attacked Entity Field: Healthcare Attacked Entity Geography: Netherlands Incident Description: Medical and personal information of more than 300,000 employees through a leak in the software of the computer Humannet IT business VCD months been accessible to unauthorized persons. This is the finding of Zembla, in the episode "The police absenteeism II 'Friday, April 20. Reference: http://www.dutchnews.nl/news/archives/2012/04/new_online_medical_records_sca.php |
Entry Title: WHID 2012-208: Tosh UK rewards competition hopefuls by exposing their privates WHID ID: 2012-208 Date Occurred: 4/18/2012 Attack Method: Forceful Browsing Application Weakness: Predictable Resource Location Outcome: Leakage of Information Attacked Entity Field: Technology Attacked Entity Geography: UK Incident Description: "A security fault with the incremental numbering of the competition entrants registration URL created the potential for access to other customers' personal data for a two-month period," the regulator said. Reference: http://www.theregister.co.uk/2012/04/18/toshiba_slapped_by_ico/ |
Entry Title: WHID 2012-207: SHSU website hacked by black hat SEO techniques WHID ID: 2012-207 Date Occurred: 4/12/2012 Attack Method: Unknown Application Weakness: Unknown Outcome: Spam Attacked Entity Field: Education Attacked Entity Geography: Texas Incident Description: Changes have been restored to the Sam Houston State University catalog website after it was hacked on April 12, according to an email sent out to SHSU web developers by Jurden Bruce, web services manager. Reference: http://www.houstonianonline.com/news/shsu-website-hacked-by-black-hat-seo-techniques-1.2732151#.T5BPa5pWr6Q |
Entry Title: WHID 2012-206: FBI Charges Man In $1 Million Stock-Fraud Hacking Scheme WHID ID: 2012-206 Date Occurred: 4/18/2012 Attack Method: Unknown Application Weakness: Unknown Outcome: Monetary Loss Attacked Entity Field: Finance Attacked Entity Geography: Multiple Incident Description: Hacking crew used accounts under its control to conduct sham trades Reference: http://www.darkreading.com/security-monitoring/167901086/security/news/232900535/fbi-charges-man-in-1-million-stock-fraud-hacking-scheme.html |
Entry Title: WHID 2012-205: Nikjju Mass injection campaign (180k+ pages compromised) WHID ID: 2012-205 Date Occurred: 4/17/2012 Attack Method: SQL Injection Application Weakness: Improper Input Handling Outcome: Planting of Malware Attacked Entity Field: Multiple Attacked Entity Geography: Multiple Incident Description: Our research team have been tracking a new mass SQL injection campaign that started early this month. So far more than 180,000 URLs have been compromised. We will keep posting updates as we get them. Reference: http://blog.sucuri.net/2012/04/nikjju-mass-injection-campaign-150k-sites-compromised.html |
Entry Title: WHID 2012-204: GetMama ??? Conditional malware affecting thousands of sites WHID ID: 2012-204 Date Occurred: 4/10/2012 Attack Method: Unknown Application Weakness: Improper Output Handling Outcome: Planting of Malware Attacked Entity Field: Multiple Attacked Entity Geography: Multiple Incident Description: We have been tracking an interesting malware that is affecting thousands of compromised sites. We call it GetMama!! Reference: http://blog.sucuri.net/2012/04/getmama-conditional-malware-affecting-thousands-of-sites.html |
Entry Title: WHID 2012-203: Hackers Briefly Shut Down NYC.gov WHID ID: 2012-203 Date Occurred: 4/17/2012 Attack Method: Denial of Service Application Weakness: Insufficient Anti-automation Outcome: Downtime Attacked Entity Field: Government Attacked Entity Geography: New York, NY Incident Description: Hackers briefly shut down the official city website Tuesday. The city's information technology department says NYC.gov was the target of what's called a "denial of service attack" Tuesday. Reference: http://www.ny1.com/content/news_beats/political_news/159597/hackers-briefly-shut-down-nyc-gov |
Entry Title: WHID 2012-202: XS4ALL hit by massive DDoS attack WHID ID: 2012-202 Date Occurred: 4/18/2012 Attack Method: Denial of Service Application Weakness: Insufficient Anti-automation Outcome: Downtime Attacked Entity Field: Service Provider Attacked Entity Geography: Netherlands Incident Description: Dutch ISP XS4ALL has been hit by a large-scale DDoS attack, Tweakers.net reported. Customers are experiencing difficulties in accessing webmail; other services are also available on a limited basis. Reference: http://www.telecompaper.com/news/xs4all-hit-by-massive-ddos-attack |
Entry Title: WHID 2012-201: Cyber attack hits Melbourne firm York Butter Factory WHID ID: 2012-201 Date Occurred: 4/18/2012 Attack Method: Denial of Service Application Weakness: Insufficient Anti-automation Outcome: Downtime Attacked Entity Field: Media Attacked Entity Geography: Melbourne, Australia Incident Description: A LOW-SCALE cyber-attack on a US hosting company has created a headache for Melbourne tech-incubation space York Butter Factory. Reference: http://www.theaustralian.com.au/australian-it/cyber-attack-hits-melbourne-firm-york-butter-factory/story-e6frgakx-1226331872949 |
Entry Title: WHID 2012-200: Bersih website suffers DDoS attack WHID ID: 2012-200 Date Occurred: 4/17/2012 Attack Method: Denial of Service Application Weakness: Insufficient Anti-automation Outcome: Downtime Attacked Entity Field: Politics Attacked Entity Geography: Selangor, Malaysia Incident Description: The coalition for clean and fair elections Bersih claimed that its website was under a distributed denial-of-service (DDoS) attack for 13 hours yesterday. Reference: http://www.malaysiakini.com/news/195392 |
Entry Title: WHID 2012-20: Citigroup Inc. (NYSE:C) Hit By Hackers WHID ID: 2012-20 Date Occurred: 2/4/2012 Attack Method: Denial of Service Application Weakness: Insufficient Anti-automation Outcome: Downtime Attacked Entity Field: Finance Attacked Entity Geography: South America Incident Description: Hackers have attacked Brazilian financial websites, including Citigroup Inc. (NYSE:C). Reference: http://www.emoneydaily.com/citigroup-inc-nysec-hit-by-hackers/69823284/ |
Entry Title: WHID-2012-2: Hackers disable German right-wing websites WHID ID: 2012-2 Date Occurred: 1/1/2012 Attack Method: Denial of Service Application Weakness: Insufficient Anti-automation Outcome: Downtime Attacked Entity Field: Politics Attacked Entity Geography: Germany Incident Description: The websites of several right-wing extremists in Germany have been attacked by hackers. Reference: http://www.jta.org/news/article/2012/01/05/3091030/hackers-disable-german-right-wing-websites |
Entry Title: WHID 2012-199: Google Sends Out 20,000 Weird Redirect Hacked Notifications WHID ID: 2012-199 Date Occurred: 4/16/2012 Attack Method: Unknown Application Weakness: Improper Output Handling Outcome: Planting of Malware Attacked Entity Field: Search Engine Attacked Entity Geography: Mountain View, CA Incident Description: Yesterday, Google sent out about 20,000 warnings to webmasters that have had their sites compromised and may have no idea about it. Reference: http://www.seroundtable.com/google-hacked-redirect-warning-15022.html |
Entry Title: WHID 2012-198: 3 million bank accounts hacked in Iran WHID ID: 2012-198 Date Occurred: 4/16/2012 Attack Method: Unknown Application Weakness: Unknown Outcome: Leakage of Information Attacked Entity Field: Finance Attacked Entity Geography: Iran Incident Description: First, he warned of the security flaw in Iran???s banking system. Then he provided them with 1,000 bank account details. When they didn???t listen, he hacked 3 million accounts across at least 22 banks. Reference: https://www.zdnet.com/blog/security/3-million-bank-accounts-hacked-in-iran/11577 |
Entry Title: WHID 2012-197: Hackers take down 15 Lebanese government websites WHID ID: 2012-197 Date Occurred: 4/17/2012 Attack Method: Unknown Application Weakness: Unknown Outcome: Defacement Attacked Entity Field: Government Attacked Entity Geography: Beirut, Lebanon Incident Description: A group calling itself "Raise Your Voice" hacked into 15 Lebanese government websites on Tuesday, demanding an improvement in living standards and an end to widespread electricity and water shortages. Reference: http://www.reuters.com/article/2012/04/17/lebanon-hackers-idUSL6E8FH1P320120417 |
Entry Title: WHID 2012-196: US, UK govt. websites downed in Anonymous-claimed attack WHID ID: 2012-196 Date Occurred: 4/16/2012 Attack Method: Denial of Service Application Weakness: Insufficient Anti-automation Outcome: Downtime Attacked Entity Field: Government Attacked Entity Geography: Multiple Incident Description: More US and UK government websites have fallen prey to DDoS attacks by the hacktivist group Anonymous. The victims now include the US Department of Justice, CIA and two MI6 sites. Reference: https://rt.com/news/cia-ddos-attacks-usa-120/ |
Entry Title: WHID 2012-195: Zimbabwe International Trade Fair website hacked, taken down WHID ID: 2012-195 Date Occurred: 4/13/2012 Attack Method: Unknown Application Weakness: Unknown Outcome: Defacement Attacked Entity Field: Media Attacked Entity Geography: Zimbabwe Incident Description: We established this morning that the website belonging to the Zimbabwe International Trade Fair Company, www.zitf.net was hacked. Reference: http://www.techzim.co.zw/2012/04/zimbabwe-international-trade-fair-website-hacked/ |
Entry Title: WHID 2012-194: Dude, you???ve just been ???Likejacked??? by the Fortune 500 WHID ID: 2012-194 Date Occurred: 4/10/2012 Attack Method: Clickjacking Application Weakness: Insufficient Process Validation Outcome: Spam Attacked Entity Field: Social Attacked Entity Geography: Menlo Park, CA Incident Description: Facebook 'Likejacking' scams can fool even the savviest users. But behind the scammers lie some of the powerful marketing firms in the world. Reference: http://www.itworld.com/it-managementstrategy/266618/dude-you-ve-just-been-likejacked-fortune-500 |
Entry Title: WHID 2012-193: National Organization For Marriage Twitter Account Hacked WHID ID: 2012-193 Date Occurred: 4/11/2012 Attack Method: Unknown Application Weakness: Unknown Outcome: Disinformation Attacked Entity Field: Social Attacked Entity Geography: San Francisco, CA Incident Description: The hacker also put up a tweet on NOM's Twitter account, NOMTweets, reading, "Yes, creating a wedge between the black community and #lgbt was wrong. We vow to work on how we address our opponents in the future." Reference: http://www.huffingtonpost.com/2012/04/11/mitt-romney-endorsed-nom-national-organization-marriage_n_1417338.html?ref=mostpopular |
Entry Title: WHID 2012-192: National Organization For Marriage Website Hacked On Same Day Group Endorses Mitt Romney WHID ID: 2012-192 Date Occurred: 4/11/2012 Attack Method: Unknown Application Weakness: Unknown Outcome: Defacement Attacked Entity Field: Politics Attacked Entity Geography: San Francisco, CA Incident Description: On the same morning that the National Organization for Marriage announced that it was endorsing Mitt Romney, the group dedicated to stopping the marriage equality movement also found its website and social media outlets hacked with a promise to stop dividing Americans. Reference: http://www.huffingtonpost.com/2012/04/11/mitt-romney-endorsed-nom-national-organization-marriage_n_1417338.html?ref=mostpopular |
Entry Title: WHID 2012-191: Anonymous takes out Boeing website WHID ID: 2012-191 Date Occurred: 4/10/2012 Attack Method: Denial of Service Application Weakness: Insufficient Anti-automation Outcome: Downtime Attacked Entity Field: Technology Attacked Entity Geography: US Incident Description: Anonymous is taking responsibility for launching a coordinated cyberattack on Boeing's website, a high-profile takedown that's part of the hacking collective's campaign against what it believes is a stifling piece of federal legislation. Reference: http://www.technolog.msnbc.msn.com/technology/technolog/anonymous-takes-out-boeing-website-708942 |
Entry Title: WHID 2012-190: Anonymous Said to Be Behind Website Attacks on Trade Groups WHID ID: 2012-190 Date Occurred: 4/9/2012 Attack Method: Denial of Service Application Weakness: Insufficient Anti-automation Outcome: Downtime Attacked Entity Field: Technology Attacked Entity Geography: Washington, DC Incident Description: The hacker-activist group known as Anonymous led attacks on the websites of two technology trade associations for supporting cybersecurity legislation, the organizations said. Read more: http://www.sfgate.com/cgi-bin/article.cgi?f=/g/a/2012/04/09/bloomberg_articlesM283AE1A1I4G01-M28AL.DTL#ixzz1sOvvLODH Reference: http://www.sfgate.com/cgi-bin/article.cgi?f=/g/a/2012/04/09/bloomberg_articlesM283AE1A1I4G01-M28AL.DTL#ixzz1sOvjfa7v |
Entry Title: WHID 2012-19: Anonymous hackers claim hit on Swedish government WHID ID: 2012-19 Date Occurred: 2/4/2012 Attack Method: Denial of Service Application Weakness: Insufficient Anti-automation Outcome: Downtime Attacked Entity Field: Government Attacked Entity Geography: Sweden Incident Description: A group linked to the hacker network Anonymous on Saturday said it had attacked the Swedish government's website, bringing it down for periods of time by overloading it with traffic. Reference: http://www.deseretnews.com/article/700222228/Anonymous-hackers-claim-hit-on-Swedish-government.html |
Entry Title: WHID 2012-189: FP?? website hacked by Annonymous WHID ID: 2012-189 Date Occurred: 4/9/2012 Attack Method: Unknown Application Weakness: Unknown Outcome: Defacement Attacked Entity Field: Politics Attacked Entity Geography: Austria Incident Description: The website of the Austrian Freedom Party's (FP??) education institute was hacked on Easter Sunday with the slogan "Osterei statt Nazipartei" which translates as Easter eggs instead of Nazi Party. Reference: http://austrianindependent.com/news/General_News/2012-04-09/10827/FP%D6_website_hacked_by_Annonymous |
Entry Title: WHID 2012-188: Reports: Gulf Air's Facebook page gets hacked WHID ID: 2012-188 Date Occurred: 4/10/2012 Attack Method: Unknown Application Weakness: Unknown Outcome: Defacement Attacked Entity Field: Social Attacked Entity Geography: Menlo Park, CA Incident Description: Gulf Air, Bahrain's state airline, said that its Facebook page had been hacked on Monday and that the nation's Internet crime division is investigating, according to the Associated Press. Reference: http://travel.usatoday.com/flights/post/2012/04/gulf-airs-facebook-page-gets-hacked/667184/1 |
Entry Title: WHID 2012-187: Hacked Again: Lessons Learned WHID ID: 2012-187 Date Occurred: 4/8/2012 Attack Method: Remote File Inclusion (RFI) Application Weakness: Misconfiguration Outcome: Spam Attacked Entity Field: Blogs Attacked Entity Geography: San Francisco, CA Incident Description: Analysis: For the second time in two years my WordPress site was hacked, this time by Viagra spammers. Here are a few of the hard lessons I learned. Reference: https://www.pcworld.com/article/253408/hacked_again_lessons_learned.html |
Entry Title: WHID 2012-186: Hackers claiming ties to Anonymous target UK government website WHID ID: 2012-186 Date Occurred: 4/8/2012 Attack Method: Denial of Service Application Weakness: Insufficient Anti-automation Outcome: Downtime Attacked Entity Field: Government Attacked Entity Geography: UK Incident Description: Britain???s Home Office confirmed Sunday that its website was attacked overnight after hackers claimed responsibility for shutting it down. Reference: http://www.washingtonpost.com/world/europe/hackers-claiming-ties-to-anonymous-target-uk-government-website/2012/04/08/gIQAZZch3S_story.html |
Entry Title: WHID 2012-185: FedEx employee charged with cyber attack on Marlboro company WHID ID: 2012-185 Date Occurred: 4/6/2012 Attack Method: Brute Force Application Weakness: Insufficient Anti-automation Outcome: Account Takeover Attacked Entity Field: Healthcare Attacked Entity Geography: Marlborough, MA Incident Description: A 20-year-old FedEx employee is facing a charge in federal court after he allegedly launched a cyber attack on a Marlboro human resources company. Reference: http://www.telegram.com/article/20120406/NEWS/120409643/1116 |
Entry Title: WHID 2012-184: Hacker steals Chinese government defense contracts WHID ID: 2012-184 Date Occurred: 4/6/2012 Attack Method: Unknown Application Weakness: Unknown Outcome: Leakage of Information Attacked Entity Field: Government Attacked Entity Geography: China Incident Description: Hacktivist Hardcore Charlie says he has hacked China National Import & Export Corp (CEIC), a Chinese government defense contractor, and stole over 500MB worth of documents. Reference: https://www.zdnet.com/blog/security/hacker-steals-chinese-government-defense-contracts/11386 |
Entry Title: WHID 2012-183: European hackers suspected in Utah Medicaid files breach WHID ID: 2012-183 Date Occurred: 4/4/2012 Attack Method: Unknown Application Weakness: Unknown Outcome: Leakage of Information Attacked Entity Field: Healthcare Attacked Entity Geography: Salt Lake City, UT Incident Description: A data security breach at the Utah Health Department, believed to be the work of Eastern European hackers, has exposed 24,000 U.S. Medicaid files bearing names, Social Security numbers and other private information, state officials said on Wednesday. Reference: http://articles.chicagotribune.com/2012-04-04/news/sns-rt-us-usa-hackers-utahbre83404g-20120404_1_data-security-breach-cyber-attack-hackers |
Entry Title: WHID 2012-182: Anonymous hacks hundreds of Chinese government sites WHID ID: 2012-182 Date Occurred: 4/4/2012 Attack Method: Unknown Application Weakness: Unknown Outcome: Defacement Attacked Entity Field: Government Attacked Entity Geography: China Incident Description: Anonymous has hacked hundreds of Chinese government, company, and other general websites. The attacks range from basic defacements to personal data being compromised. Reference: https://www.zdnet.com/blog/security/anonymous-hacks-hundreds-of-chinese-government-sites/11303 |
Entry Title: WHID 2012-181: Hackers leak Czech PM's private data WHID ID: 2012-181 Date Occurred: 4/4/2012 Attack Method: Unknown Application Weakness: Unknown Outcome: Leakage of Information Attacked Entity Field: Government Attacked Entity Geography: Czechoslovakia Incident Description: Hackers posted on the internet the private data of Czech Prime Minister Petr Necas, including the numbers of his three mobile telephones, after a series of cyber attacks on government web sites, Czech media reported Wednesday. Reference: http://twocircles.net/2012apr04/hackers_leak_czech_pms_private_data.html |
Entry Title: WHID 2012-180: Coordinated cyberattack knocks Al Qaeda jihadi websites offline WHID ID: 2012-180 Date Occurred: 4/3/2012 Attack Method: Denial of Service Application Weakness: Insufficient Anti-automation Outcome: Downtime Attacked Entity Field: Politics Attacked Entity Geography: Pakistan Incident Description: Five jihadi websites that make up the core online forums promoting Al Qaeda were knocked out 12 days ago and remain mostly offline in what appears to be a major cyberattack against the group. Reference: http://www.alaskadispatch.com/article/coordinated-cyberattack-knocks-al-qaeda-jihadi-websites-offline |
Entry Title: WHID 2012-18: barnesville.com hit by denial of service attack WHID ID: 2012-18 Date Occurred: 2/1/2012 Attack Method: Denial of Service Application Weakness: Insufficient Anti-automation Outcome: Downtime Attacked Entity Field: Media Attacked Entity Geography: Barnesville, Georgia Incident Description: websites at barnesville.com and pikecountygeorgia.com were hit by a denial of service attack emanating from Chicago and various points in China. Reference: http://www.barnesville.com/archives/4414-barnesville.com-hit-by-denial-of-service-attack.html |
Entry Title: WHID 2012-179: Canadian opposition party targeted in botnet attack WHID ID: 2012-179 Date Occurred: 4/2/2012 Attack Method: Denial of Service Application Weakness: Insufficient Anti-automation Outcome: Downtime Attacked Entity Field: Politics Attacked Entity Geography: Canada Incident Description: A malicious attacker deliberately attempted to interfere with a crucial party leadership vote in Canada last month, according to a company commissioned to run the online voting system used. Reference: http://www.scmagazine.com/canadian-opposition-party-targeted-in-botnet-attack/article/234644/ |
Entry Title: WHID 2012-178: Denial of Service Attack Targets Epoch Times WHID ID: 2012-178 Date Occurred: 4/2/2012 Attack Method: Denial of Service Application Weakness: Insufficient Anti-automation Outcome: Downtime Attacked Entity Field: Media Attacked Entity Geography: New York, NY Incident Description: The Epoch Times was hit with a series of cyber attacks beginning on March 29, with an unsuccessful distributed denial of service attack first targeting epochtimes.com, before follow-up stories on connected servers on the morning of April 1. Reference: http://www.theepochtimes.com/n2/technology/denial-of-service-attack-targets-epoch-times-213907.html |
Entry Title: WHID 2012-177: Klout Hacked! WHID ID: 2012-177 Date Occurred: 4/2/2012 Attack Method: Cross-site Scripting (XSS) Application Weakness: Improper Output Handling Outcome: Fraud Attacked Entity Field: Social Attacked Entity Geography: US Incident Description: Some crafty Internet user recently announced that he/she has detected an exploitable XSS vulnerability that allows you to virtually inflate your score. Reference: http://www.digitalversus.com/klout-hacked-n23928.html |
Entry Title: WHID 2012-176: Computer hacker tries to steal $1.8 million from Arlington's bank account Read more here: http://www.star-telegram.com/2012/04/01/3850876/computer-hacker-tries-to-steal.html#storylink=cpy WHID ID: 2012-176 Date Occurred: 4/1/2012 Attack Method: Banking Trojan Application Weakness: Insufficient Process Validation Outcome: Monetary Loss Attacked Entity Field: Finance Attacked Entity Geography: Arlington, TX Incident Description: A computer hacker tried to steal $1.8 million from the city's bank account in late February, but officials won't release details, citing an ongoing investigation. Read more here: http://www.star-telegram.com/2012/04/01/3850876/computer-hacker-tries-to-steal.html#storylink=cpy Reference: http://www.star-telegram.com/2012/04/01/3850876/computer-hacker-tries-to-steal.html |
Entry Title: WHID 2012-175: Anonymous Takes Down And Defaces Chinese Government Web Sites WHID ID: 2012-175 Date Occurred: 3/30/2012 Attack Method: Unknown Application Weakness: Unknown Outcome: Defacement Attacked Entity Field: Government Attacked Entity Geography: China Incident Description: All has been relatively quiet on the Anonymous front as far as defacing Web sites are concerned. That has changed today as Anonymous China has attacked and defaced a number of Chinese government Web sites to protest the country???s censorship of the Internet. Reference: http://www.webpronews.com/anonymous-takes-down-and-defaces-chines-government-web-sites-2012-03 |
Entry Title: WHID 2012-174: Hackers Breach Credit Card Processor; 50K Cards Compromised WHID ID: 2012-174 Date Occurred: 3/30/2012 Attack Method: Unknown Application Weakness: Unknown Outcome: Leakage of Information Attacked Entity Field: Finance Attacked Entity Geography: Atlanta, GA Incident Description: Global Payments Inc, an Atlanta-based payments processor, has been broken into by hackers, leaving more than 50,000 card accounts potentially compromised, according to news reports. Reference: http://www.wired.com/threatlevel/2012/03/global-payments-breached/ |
Entry Title: WHID 2012-173: Hackers booby-trap WordPress site with botnet-weaving Trojan WHID ID: 2012-173 Date Occurred: 3/23/2012 Attack Method: Unknown Application Weakness: Improper Output Handling Outcome: Planting of Malware Attacked Entity Field: Blogs Attacked Entity Geography: US Incident Description: Malware-flingers are taking advantage of vulnerable WordPress sites as part of an attack ultimately designed to spread an information-stealing botnet agent. Reference: http://www.theregister.co.uk/2012/03/23/wordpress_vuln_botnet_exploit/ |
Entry Title: WHID 2012-172: Zappos CTO: hacking detected ???while it was in progress??? WHID ID: 2012-172 Date Occurred: 3/23/2012 Attack Method: SQL Injection Application Weakness: Improper Input Handling Outcome: Leakage of Information Attacked Entity Field: Retail Attacked Entity Geography: Nevada, US Incident Description: When a hacker targeted Amazon subsidiary Zappos.com in January, the attacker went after company servers in both Nevada and Kentucky. Reference: http://www.techflash.com/seattle/2012/03/zappos-cto-hacking-detected-in-progress.html |
Entry Title: WHID 2012-171: PayPal closes potential flaw in login pages WHID ID: 2012-171 Date Occurred: 3/23/2012 Attack Method: Cross-site Scripting (XSS) Application Weakness: Improper Output Handling Outcome: Account Takeover Attacked Entity Field: Finance Attacked Entity Geography: US Incident Description: PayPal has closed a potentially serious security hole on its site, which cyber criminals could have used to steal passwords belonging to users of the online payment service. Read more: http://www.computing.co.uk/ctg/news/2163065/paypal-closes-potential-flaw-login-pages#ixzz1sKLhwvyd Computing - Insight for IT leaders Claim your free subscription today. Reference: http://www.computing.co.uk/ctg/news/2163065/paypal-closes-potential-flaw-login-pages |
Entry Title: WHID 2012-170: Hackers attack Mexican websites over pope's visit WHID ID: 2012-170 Date Occurred: 3/20/2012 Attack Method: Unknown Application Weakness: Unknown Outcome: Defacement Attacked Entity Field: Religious Attacked Entity Geography: Mexico City, Mexico Incident Description: The group of cyberactivists known as Anonymous blocked access to two websites linked to the upcoming visit to Mexico by Pope Benedict XVI. Reference: http://en.europeonline-magazine.eu/hackers-attack-mexican-websites-over-popes-visit_197890.html |
Entry Title: WHID 2012-170: Qwest Datacenter "Held Hostage" by Hacker (Exclusive) WHID ID: 2012-170 Date Occurred: 3/19/2012 Attack Method: Unknown Application Weakness: Unknown Outcome: Downtime Attacked Entity Field: Service Provider Attacked Entity Geography: US Incident Description: The hacker known as BlackJester claims that he managed to breach a number of servers owned by Qwest Communications International, one of the largest telecoms carrier in the United States. Reference: http://news.softpedia.com/news/Qwest-Datacenter-quot-Held-Hostage-quot-by-Hacker-Exclusive-259500.shtml |
Entry Title: WHID 2012-8: Zappos website hacked; credit card database not affected, CEO says WHID ID: 2012-17 Date Occurred: 2/2/2012 Attack Method: Unknown Application Weakness: Unknown Outcome: Leakage of Information Attacked Entity Field: Retail Attacked Entity Geography: Australia Incident Description: Computer hackers have penetrated the database of Australia's biggest internet domain name auction house, possibly accessing client home addresses and encrypted credit card numbers Reference: http://www.theage.com.au/national/hackers-infiltrate-domain-name-auction-house-20120201-1qtgk.html |
Entry Title: WHID 2012-169: Presidenta's Website Hacked WHID ID: 2012-169 Date Occurred: 3/20/2012 Attack Method: Unknown Application Weakness: Unknown Outcome: Defacement Attacked Entity Field: Government Attacked Entity Geography: Costa Rica Incident Description: The Casa Presidencial website (www.casapres.go.cr) was in temporary control of hackers on Sunday night, according to Communications Minister, Francisco Chac?_n. Reference: http://www.insidecostarica.com/dailynews/2012/march/20/costarica12032005.htm |
Entry Title: WHID 2012-168: Doc outrage: Anonymous 'behind' web-siege on Russian TV channel WHID ID: 2012-168 Date Occurred: 3/20/2012 Attack Method: Denial of Service Application Weakness: Insufficient Anti-automation Outcome: Downtime Attacked Entity Field: Media Attacked Entity Geography: Russia Incident Description: The Russian faction of Anonymous has claimed responsibility for a cyber-attack on a Russian TV station's website. The outage follows a controversial documentary about Russian protestors produced by NTV. Reference: https://rt.com/news/tv-station-site-attacked-922/ |
Entry Title: WHID 2012-167: Hackers hit 112 Indian gov sites in three months WHID ID: 2012-167 Date Occurred: 3/16/2012 Attack Method: Unknown Application Weakness: Unknown Outcome: Defacement Attacked Entity Field: Government Attacked Entity Geography: India Incident Description: There was embarrassing news for the Indian government this week as one of its ministers was forced to admit that over 100 of its web sites had been hacked in just three months at the beginning of the year, including that of a state-owned telecoms company. Reference: http://www.theregister.co.uk/2012/03/16/indian_government_sites_hacked/ |
Entry Title: WHID 2012-166: Hackers expose Ancestry.com security bug WHID ID: 2012-166 Date Occurred: 3/14/2012 Attack Method: SQL Injection Application Weakness: Improper Input Handling Outcome: Leakage of Information Attacked Entity Field: Information Attacked Entity Geography: Provo, UT Incident Description: A security bug may exist on Ancestry.com that could leave the personal information of its registered users exposed and vulnerable to theft. Reference: http://www.msnbc.msn.com/id/46735808/ns/technology_and_science-security/#.T422QppWrUU |
Entry Title: WHID 2012-165: BBC hit with cyberattack, Iran link suspected WHID ID: 2012-165 Date Occurred: 3/14/2012 Attack Method: Denial of Service Application Weakness: Insufficient Anti-automation Outcome: Downtime Attacked Entity Field: Media Attacked Entity Geography: UK Incident Description: Hackers attacked the BBC earlier this month, leaving some parts of the organization without access to e-mail and Internet services, the BBC has confirmed. Reference: http://www.washingtonpost.com/business/technology/bbc-hit-with-cyberattack-iran-link-suspected/2012/03/14/gIQAvnL4BS_story.html |
Entry Title: WHID 2012-164: Anonymous Attacks Vatican For Third Time in One Week WHID ID: 2012-164 Date Occurred: 3/13/2012 Attack Method: Denial of Service Application Weakness: Insufficient Anti-automation Outcome: Downtime Attacked Entity Field: Religious Attacked Entity Geography: Rome, Italy Incident Description: It???s been a hard past week for the Vatican???s online presence. Since members of Anonymous declared war on religion last Monday, and as a part of the latest retaliatory cyber attacks following the indictment of several suspected hackers, Vatican servers have been targeted at least three times. First they took down the Vatican homepage, then they broke into a Vatican Radio Server, and now Anonymous-affiliated hacker Agent_Anon is claiming a DDoS of related site catholic.va, with a corresponding database dump on pastebin. Reference: http://www.webpronews.com/anonymous-attacks-vatican-for-third-time-in-one-week-2012-03 |
Entry Title: WHID 2012-163: Anonymous hacks Vatican again WHID ID: 2012-163 Date Occurred: 3/12/2012 Attack Method: Backdoor Application Weakness: Unknown Outcome: Defacement Attacked Entity Field: Religious Attacked Entity Geography: Rome, Italy Incident Description: The hacktivist group Anonymous has taken down the Vatican???s website for a second time. The attack is part of the organization???s recent declaration of war against religion. Reference: https://www.zdnet.com/blog/security/anonymous-hacks-vatican-again/10721 |
Entry Title: WHID 2012-162: Porn site Digital Playground hacked, hackers say ???too enticing to resist??? WHID ID: 2012-162 Date Occurred: 3/9/2012 Attack Method: Unknown Application Weakness: Unknown Outcome: Leakage of Information Attacked Entity Field: Entertainment Attacked Entity Geography: Luxembourg Incident Description: Yet another porn site was hacked this week, losing 73,000 e-mail addresses, user names, and passwords, and some 40,000 plain-text credit card numbers, including CCV numbers and expiration dates, according to SC Magazine. Reference: http://www.scmagazine.com/porn-site-digital-playground-hacked-to-expose-card-numbers/article/231472/ |
Entry Title: WHID 2012-161: Rogue Antivirus Campaign Targets WordPress WHID ID: 2012-161 Date Occurred: 3/8/2012 Attack Method: Unknown Application Weakness: Improper Output Handling Outcome: Planting of Malware Attacked Entity Field: Blogs Attacked Entity Geography: Multiple Incident Description: A new wave of mass-injections of a fake antivirus campaign that appears to be targeting sites hosted by popular blogging platform WordPress, according to Websense it has detected Reference: http://www.techweekeurope.co.uk/news/rogue-antivirus-campaign-targets-wordpress-65755 |
Entry Title: WHID 2012-160: Turkish police website hacked with password '123456' WHID ID: 2012-160 Date Occurred: 3/7/2012 Attack Method: Brute Force Application Weakness: Insufficient Anti-automation Outcome: Leakage of Information Attacked Entity Field: Law Enforcement Attacked Entity Geography: Turkey Incident Description: Internet security phail: for a group of Turkish hackers, breaking into the Ankara Police Department's website and stealing secret data was as simple as 123...456. Reference: http://www.gmanetwork.com/news/story/250626/scitech/technology/turkish-police-website-hacked-with-password-123456 |
Entry Title: WHID 2012-16: SLCPD website hacked by activist group WHID ID: 2012-16 Date Occurred: 1/31/2012 Attack Method: SQL Injection Application Weakness: Improper Input Handling Outcome: Downtime Attacked Entity Field: Law Enforcement Attacked Entity Geography: Salt Lake City, Utah Incident Description: The Salt Lake Police Department???s website has been hacked by the activist group ???Anonymous??? forcing a temporary shutdown on Tuesday afternoon. Reference: http://www.abc4.com/content/news/top_stories/story/SLCPD-website-hacked-by-activist-group/bnNbGp8-yESR9QSm9PhKGQ.cspx |
Entry Title: WHID 2012-159: Facebook Goes Down Temporarily in Parts of Europe WHID ID: 2012-159 Date Occurred: 3/7/2012 Attack Method: Denial of Service Application Weakness: Insufficient Anti-automation Outcome: Downtime Attacked Entity Field: Social Attacked Entity Geography: US Incident Description: Facebook was down temporarily in parts of Europe on Wednesday, with users in some countries outside the region also reporting problems. CERT.be, the federal cyberemergency team for Belgium, said Facebook was hit by a DDOS (distributed denial of service) attack. Reference: https://www.pcworld.com/article/251420/facebook_goes_down_temporarily_in_parts_of_europe.html |
Entry Title: WHID 2012-158: Allphones hacked, staff passwords exposed WHID ID: 2012-158 Date Occurred: 3/6/2012 Attack Method: SQL Injection Application Weakness: Improper Input Handling Outcome: Leakage of Information Attacked Entity Field: Retail Attacked Entity Geography: Australia Incident Description: Telecommunications retailer Allphones has had hundreds of staff usernames, passwords and company administrator logins exposed following a hacking attack. The breach occurred when the company's web administration interface was accessed through a SQL injection attack that targeted the Allphones website. Reference: http://www.scmagazine.com.au/News/292592,allphones-hacked-staff-passwords-exposed.aspx |
Entry Title: WHID 2012-157: Sony Says Michael Jackson Recordings Were Stolen From Its Site WHID ID: 2012-157 Date Occurred: 3/5/2012 Attack Method: Unknown Application Weakness: Unknown Outcome: Leakage of Information Attacked Entity Field: Entertainment Attacked Entity Geography: Japan Incident Description: This could be bad for Sony, in many senses of the word: that media giant has confirmed that several tracks recorded by Michael Jackson were stolen from its Web site after it was hacked Reference: http://artsbeat.blogs.nytimes.com/2012/03/05/sony-says-michael-jackson-recordings-were-stolen-from-its-site/ |
Entry Title: WHID 2012-156: How GitHub handled getting hacked WHID ID: 2012-156 Date Occurred: 3/4/2012 Attack Method: Mass Assignment Application Weakness: Insufficient Authorization Outcome: Account Takeover Attacked Entity Field: Technology Attacked Entity Geography: San Francisco, CA Incident Description: Here is the story of how GitHub was hacked, and how the company reacted to the event. The first response was very poor, but thankfully the second one was a significant improvement. Reference: https://www.zdnet.com/blog/security/how-github-handled-getting-hacked/10473 |
Entry Title: WHID 2012-155: Hackers Elect Futurama???s Bender to the Washington DC School Board WHID ID: 2012-155 Date Occurred: 3/2/2012 Attack Method: Code Injection Application Weakness: Improper Input Handling Outcome: Fraud Attacked Entity Field: Education Attacked Entity Geography: Washington, DC Incident Description: Electronic voting has earned a pretty bad reputation for being insecure and completely unreliable. Well, get ready to add another entry to e-voting's list of woes. Reference: https://www.pcworld.com/article/251187/hackers_elect_futuramas_bender_to_the_washington_dc_school_board.html |
Entry Title: WHID 2012-154: Linode hackers escape with $70K in daring bitcoin heist WHID ID: 2012-154 Date Occurred: 3/2/2012 Attack Method: Brute Force Application Weakness: Insufficient Anti-automation Outcome: Monetary Loss Attacked Entity Field: Finance Attacked Entity Geography: Nobby Beach, AU Incident Description: Popular web host Linode has been hacked by cyber-thieves who made off with a stash of bitcoins worth $71,000 (??44,736) in real money. Reference: http://www.theregister.co.uk/2012/03/02/linode_bitcoin_heist/ |
Entry Title: WHID 2012-153: Bug in Plesk administration software is being actively exploited WHID ID: 2012-153 Date Occurred: 3/1/2012 Attack Method: SQL Injection Application Weakness: Improper Input Handling Outcome: Leakage of Information Attacked Entity Field: Multiple Attacked Entity Geography: Multiple Incident Description: A critical security vulnerability in the Plesk administration program is currently being actively used to compromise affected servers. Plesk is used most often by hosting providers and provides a web front-end for administering rented servers. The vulnerability seems to be a SQL injection problem, which an attacker can exploit to gain full administrative access to a system. Reference: http://www.h-online.com/security/news/item/Bug-in-Plesk-administration-software-is-being-actively-exploited-1446587.html |
Entry Title: WHID 2012-152: Uznews.net server comes under DDoS attack WHID ID: 2012-152 Date Occurred: 3/2/2012 Attack Method: Denial of Service Application Weakness: Insufficient Anti-automation Outcome: Downtime Attacked Entity Field: Media Attacked Entity Geography: US Incident Description: The website of the Uznews.net independent news service has come under a Distributed Denial of Service (DDoS) attack which has rendered the site temporarily inaccessible. Reference: http://www.uznews.net/news_single.php?lng=en&sub=top&cid=3&nid=19245 |
Entry Title: WHID 2012-151: Hackers attack Ontario police chiefs' website WHID ID: 2012-151 Date Occurred: 2/25/2012 Attack Method: Unknown Application Weakness: Unknown Outcome: Defacement Attacked Entity Field: Law Enforcement Attacked Entity Geography: Ontario, Canada Incident Description: Anonymous -- the hacker group affiliated with a string of cyber attacks against corporations and law enforcement agencies -- has apparently added the Ontario Association of Chiefs of Police to its hit list. Reference: http://ottawa.ctv.ca/servlet/an/local/CTVNews/20120225/ontario-chiefs-of-police-website-hacked-120225/20120225/?hub=OttawaHome |
Entry Title: WHID 2012-150: Dayton FBI partner website hacked WHID ID: 2012-150 Date Occurred: 2/24/2012 Attack Method: Unknown Application Weakness: Unknown Outcome: Defacement Attacked Entity Field: Law Enforcement Attacked Entity Geography: Dayton, OH Incident Description: A Dayton-based partner organization to the FBI had its website vandalized Friday by hackers who claimed to be allied to the loose-knit Anonymous movement. Reference: http://www.daytondailynews.com/news/dayton-news/dayton-fbi-partner-website-hacked-1333986.html |
Entry Title: WHID 2012-15: Hackers Take Down Mexico Gov't Websites to Protest Anti-Piracy Bill WHID ID: 2012-15 Date Occurred: 1/27/2012 Attack Method: Denial of Service Application Weakness: Insufficient Anti-automation Outcome: Downtime Attacked Entity Field: Government Attacked Entity Geography: Mexico Incident Description: Hackers thought to be part of the Anonymous organization attacked and took down the web sites of Mexico's interior department and Senate, officials in both government bodies said. Reference: http://latino.foxnews.com/latino/news/2012/01/28/hackers-take-down-mexico-govt-websites-to-protest-anti-piracy-bill/ |
Entry Title: WHID 2012-149: Twilight author's website found hosting malware WHID ID: 2012-149 Date Occurred: 2/24/2012 Attack Method: Unknown Application Weakness: Improper Output Handling Outcome: Planting of Malware Attacked Entity Field: Media Attacked Entity Geography: US Incident Description: For a time, fans of the "Twilight" saga who regularly visit the official website of the series' writer Stephenie Meyer may be in for a real-life horror story. Meyer's website (www.stepheniemeyer.com) had been found to host "Crimepack," an exploit kit that installs malware on Windows PCs, security firm GFI labs reported. Reference: http://www.gmanetwork.com/news/story/249301/scitech/technology/twilight-author-s-website-found-hosting-malware |
Entry Title: WHID 2012-148: Hackers Target Sony Australia, Hit Reseller Instead WHID ID: 2012-148 Date Occurred: 2/23/2012 Attack Method: Unknown Application Weakness: Unknown Outcome: Defacement Attacked Entity Field: Retail Attacked Entity Geography: Australia Incident Description: The local domain sonyvaio.com.au has been hacked and a defacement page posted claiming credit for the attack. A Malaysian-based group bragged on a since-removed Facebook post, ???W00t SONY VAIO Australia hacked.??? However, Gizmodo AU checked whois records and found the domain actually belongs to TX Computer Solutions, an authorised Sony reseller. Reference: http://www.gizmodo.com.au/2012/02/hackers-target-sony-australia-hit-reseller-instead/ |
Entry Title: WHID 2012-147: Azerbaijani TV, AZAL websites hacked by Iranians WHID ID: 2012-147 Date Occurred: 2/23/2012 Attack Method: Unknown Application Weakness: Unknown Outcome: Defacement Attacked Entity Field: Media Attacked Entity Geography: Azerbaijan Incident Description: Iranian hackers attacked the websites of the Azerbaijan State Television & Radio Company, AzTV, and Azerbaijani Airlines (AZAL) on 22-23 February. Reference: http://www.news.az/articles/tech/55220 |
Entry Title: WHID 2012-146: Nagoya zoo website hacked to display messages on Nanjing Massacre: media WHID ID: 2012-146 Date Occurred: 2/23/2012 Attack Method: Unknown Application Weakness: Unknown Outcome: Defacement Attacked Entity Field: Government Attacked Entity Geography: Nagoya, Japan Incident Description: The website of a Nagoya city-run zoo was hacked Thursday and displayed messages saying that the massacre of civilians of eastern China's Nanjing City by Japanese soldiers in 1937 should be acknowledged, according to local media citing the city of Nagoya as saying. Reference: http://www.shanghaidaily.com/article/article_xinhua.asp?id=52830 |
Entry Title: WHID 2012-145: Newark city website attacked by hacker group WHID ID: 2012-145 Date Occurred: 2/22/2012 Attack Method: Unknown Application Weakness: Unknown Outcome: Defacement Attacked Entity Field: Government Attacked Entity Geography: Newark, NJ Incident Description: For the second time this month, the group CabinCr3w ??? an affiliate of the pro-free speech hackers Anonymous ??? is taking credit for infiltrating the city of Newark???s website and protesting corruption and police brutality, according to several city officials and statements by the group itself. Reference: http://www.nj.com/news/index.ssf/2012/02/newark_city_website_attacked_b.html |
Entry Title: WHID 2012-144: Hackers hit Los Angeles police canine group WHID ID: 2012-144 Date Occurred: 2/22/2012 Attack Method: Unknown Application Weakness: Unknown Outcome: Leakage of Information Attacked Entity Field: Law Enforcement Attacked Entity Geography: Los Angeles, California Incident Description: A group of hacktivists has leaked the names, addresses, phone numbers and email passwords of more than 100 police officers stolen from the database of the Los Angeles County Police Canine Association (LACPCA) website. Reference: http://www.msnbc.msn.com/id/46480682/ns/technology_and_science-security/#.T419t5pWrUU |
Entry Title: WHID 2012-143: FTC sites hacked by Anonymous WHID ID: 2012-143 Date Occurred: 2/17/2012 Attack Method: Unknown Application Weakness: Unknown Outcome: Defacement Attacked Entity Field: Government Attacked Entity Geography: US Incident Description: The hacking group known as Anonymous has claimed a new series of hacks against the U.S. Federal Trade Commission and consumer rights websites. Reference: http://www.usatoday.com/tech/news/story/2012-02-17/ftc-sites-hacked-anonymous/53128914/1 |
Entry Title: WHID 2012-142: East African firms caught up in hacking spree WHID ID: 2012-142 Date Occurred: 2/15/2012 Attack Method: SQL Injection Application Weakness: Improper Input Handling Outcome: Leakage of Information Attacked Entity Field: Retail Attacked Entity Geography: Africa Incident Description: A number of sites in East Africa were hacked starting last week by multiple hackers, in what appears to be an uncordinated hacking spree .The hacks come just after an overnight hack involving 103 Government of Kenya websites by an Indonesian hacker. This include the website of MTN, the largest mobile operator in Rwanda and a major player across the continent. Reference: http://news.idg.no/cw/art.cfm?id=10D8AA4C-9644-9A7D-E93200E945A6E32B |
Entry Title: WHID 2012-141: Hackers siphon Penticton man???s bank account WHID ID: 2012-141 Date Occurred: 2/14/2012 Attack Method: Banking Trojan Application Weakness: Insufficient Process Validation Outcome: Monetary Loss Attacked Entity Field: Finance Attacked Entity Geography: Penticton, B.C. Incident Description: A Penticton man is issuing a warning after $3,000 was drained from his bank account. Reference: http://www.pentictonwesternnews.com/news/139300688.html |
Entry Title: WHID 2012-140: Anonymous Hacked BTK Database WHID ID: 2012-140 Date Occurred: 2/15/2012 Attack Method: SQL Injection Application Weakness: Improper Input Handling Outcome: Leakage of Information Attacked Entity Field: Government Attacked Entity Geography: Istanbul Incident Description: The group got hold of four different databases of the BTK and published the according information on Twitter. Information about companies like Vodafone, TurkNet, Superonline, Avea or Turkcell was published encrypted. Data from the fourth database contained clear information on the full names of BTK employees, their user names, e-mails, passwords, mobile, home and office phone numbers, date of birth and their ID numbers. Reference: http://www.bianet.org/english/world/136178-anonymous-hacked-btk-database |
Entry Title: WHID 2012-15: Hackers Take Down Irish Gov't Websites to Protest Anti-Piracy Bill WHID ID: 2012-14 Date Occurred: 1/25/2012 Attack Method: Denial of Service Application Weakness: Insufficient Anti-automation Outcome: Downtime Attacked Entity Field: Government Attacked Entity Geography: Ireland Incident Description: Anonymous Sweden has claimed responsibility on Twitter for the over-night shutdown of two Irish government websites. The hacking was used in protest of new copyright legislation that is being considered by Ireland. Reference: http://www.irishcentral.com/news/Hacker-group-Anonymous-forces-Irish-government-sites-offline-over-Internet-privacy-act-138115538.html |
Entry Title: WHID 2012-139: Nasdaq Web Site Shut Down By Denial Of Service Attacks WHID ID: 2012-139 Date Occurred: 2/14/2012 Attack Method: Denial of Service Application Weakness: Insufficient Anti-automation Outcome: Downtime Attacked Entity Field: Finance Attacked Entity Geography: US Incident Description: Nasdaq.com is down for the count at the moment, apparently felled by a distributed denial-of-service attack from a group of hackers possibly connected with Anonymous, the hacking collective. Reference: http://www.forbes.com/sites/ericsavitz/2012/02/14/nasdaq-web-site-shut-down-by-denial-of-service-attacks/ |
Entry Title: WHID 2012-138: Breaches galore as Cryptome hacked to infect visitors with malware WHID ID: 2012-138 Date Occurred: 2/14/2012 Attack Method: Unknown Application Weakness: Improper Output Handling Outcome: Planting of Malware Attacked Entity Field: Media Attacked Entity Geography: US Incident Description: A breach that caused Cryptome.org to infect visitors with virulent malware was one of at least six attacks reported to hit high-profile sites or services in the past few days. Others affected included Ticketmaster, websites for Mexico and the state of Alabama, Dutch ISP KPN, and the Microsoft store in India. Reference: http://arstechnica.com/business/news/2012/02/breaches-galore-as-cryptome-hacked-to-infect-visitors-with-malware.ars |
Entry Title: WHID 2012-137: Hackers Target Thai Government Over Censorship Allegations WHID ID: 2012-137 Date Occurred: 2/14/2012 Attack Method: Unknown Application Weakness: Unknown Outcome: Defacement Attacked Entity Field: Government Attacked Entity Geography: Thailand Incident Description: The attack saw the two hackers target a Thai government website, defacing several of its pages. The defacements made contained an air of humour, with one of the more prominent changes making the site list Hax.r00t as the country's president and Saadi as its Prime Minister. Read more: http://www.ibtimes.co.uk/articles/298390/20120214/hackers-thai-government-censorship-online-saadi-hax.htm#ixzz1sFNCqQG0 Reference: http://www.ibtimes.co.uk/articles/298390/20120214/hackers-thai-government-censorship-online-saadi-hax.htm |
Entry Title: WHID 2012-136: 700,000 kroner stolen in NemID attack WHID ID: 2012-136 Date Occurred: 2/12/2012 Attack Method: Banking Trojan Application Weakness: Insufficient Process Validation Outcome: Monetary Loss Attacked Entity Field: Finance Attacked Entity Geography: Copenhagen Incident Description: Hackers used spy software to help them steal money from the online bank accounts of eight individuals by bypassing the NemID digital signature Reference: http://www.cphpost.dk/news/national/700000-kroner-stolen-nemid-attack |
Entry Title: WHID 2012-135: Hacker says porn site users compromised WHID ID: 2012-135 Date Occurred: 2/11/2012 Attack Method: SQL Injection Application Weakness: Improper Input Handling Outcome: Leakage of Information Attacked Entity Field: Entertainment Attacked Entity Geography: Luxembourg Incident Description: A hacker claims to have compromised the personal information of more than 350,000 users after breaking into a disused website operated by pornography provider Brazzers. Reference: http://www.usatoday.com/news/nation/story/2012-02-11/hackers-anonymous-brazzers-porn/53048096/1 |
Entry Title: WHID 2012-135: Anonymous attacks Croatian presidency website WHID ID: 2012-135 Date Occurred: 2/10/2012 Attack Method: Denial of Service Application Weakness: Insufficient Anti-automation Outcome: Downtime Attacked Entity Field: Government Attacked Entity Geography: Croatia Incident Description: Hacking collective Anonymous launched on February 9 a distributed denial of service (DDOS) attack on the website of the Croatian presidency after incumbent Ivo Josipovic defended the Anti-Counterfeiting Treaty Agreement (ACTA). Reference: http://www.sofiaecho.com/2012/02/10/1764013_anonymous-attacks-croatian-presidency-website |
Entry Title: WHID 2012-134: Hackers Claims to compromise Intel's Sensitive Data WHID ID: 2012-134 Date Occurred: 2/10/2012 Attack Method: SQL Injection Application Weakness: Improper Input Handling Outcome: Leakage of Information Attacked Entity Field: Technology Attacked Entity Geography: US Incident Description: A security researcher under the name of "WeedGrower", or "X-pOSed" has been on a roll since the start of 2012. He has ambushed huge sites such as AOL, NASA, Hotmail, Myspace, Xbox, USBank, Yahoo, and VISA, he has also leaked sensitive data on most of those websites. Reference: http://thehackernews.com/2012/02/hackers-claims-to-compromise-intels.html |
Entry Title: WHID 2012-133: TeamPoison Hackers Hit the United Nations WHID ID: 2012-133 Date Occurred: 2/9/2012 Attack Method: SQL Injection Application Weakness: Improper Input Handling Outcome: Leakage of Information Attacked Entity Field: Government Attacked Entity Geography: US Incident Description: Following on from the OpNigeria assault, a hacker operating under TeamPoison's banner has targeted the United Nations (UN), releasing the data stolen in a statement posted on Pastebin. Reference: http://www.ibtimes.co.uk/articles/295795/20120209/teampoison-hack-hackers-united-nations-un-cali.htm#ixzz1sEVVtO8X |
Entry Title: WHID 2012-132: Israel Today hacked; Israeli army jumps into cyber war WHID ID: 2012-132 Date Occurred: 2/9/2012 Attack Method: Denial of Service Application Weakness: Insufficient Anti-automation Outcome: Downtime Attacked Entity Field: Media Attacked Entity Geography: Israel Incident Description: Over the past few days, an unknown hacker or group of hackers pounded the israeltoday.co.il domain with so many requests that it repeatedly crashed. Reference: http://israeltoday.co.il/News/tabid/178/nid/23111/language/en-US/Default.aspx |
Entry Title: WHID 2012-131: United Russia Site Attacked by Hacker Group Anonymous WHID ID: 2012-131 Date Occurred: 2/10/2012 Attack Method: Denial of Service Application Weakness: Insufficient Anti-automation Outcome: Downtime Attacked Entity Field: Government Attacked Entity Geography: Moscow, Russia Incident Description: A United Russia party website was knocked offline Thursday after hackers from the group Anonymous claimed to have directed a denial of service attack on the site. Reference: http://www.themoscowtimes.com/news/article/united-russia-site-attacked-by-hacker-group-anonymous/452761.html |
Entry Title: WHID 2012-130: Citigroup Inc. (NYSE:C) Hit By Hackers WHID ID: 2012-130 Date Occurred: 2/6/2012 Attack Method: Denial of Service Application Weakness: Insufficient Anti-automation Outcome: Downtime Attacked Entity Field: Finance Attacked Entity Geography: Brazil Incident Description: Hackers have attacked Brazilian financial websites, including Citigroup Inc. (NYSE:C). Citigroup Inc. (NYSE:C) Hit By Hackers Citigroup, Inc. 34.35 +0.94 (+2.81%) Intraday 3 Month 6 Month 1 Year A group of Brazilian hackers named ???Anonymous Brazil??? have attacked a series of financial websites in Brazil, including Citigroup Inc. (NYSE:C), Febraban, Banco BMG and other institutions. Reference: http://www.emoneydaily.com/citigroup-inc-nysec-hit-by-hackers/69823284/ |
Entry Title: WHID 2012-13: MMA notes: UFC website hacked WHID ID: 2012-13 Date Occurred: 1/25/2012 Attack Method: DNS Hijacking Application Weakness: Unknown Outcome: Defacement Attacked Entity Field: Entertainment Attacked Entity Geography: Las Vegas, NV Incident Description: A criminal investigation is underway after UFC.com was hacked Sunday. Reference: http://www.torontosun.com/2012/01/25/mma-notes-ufc-website-hacked |
Entry Title: WHID 2012-129: Hackers block Slovenian largest bank NLB's website WHID ID: 2012-129 Date Occurred: 2/4/2012 Attack Method: Denial of Service Application Weakness: Insufficient Anti-automation Outcome: Downtime Attacked Entity Field: Finance Attacked Entity Geography: Slovenia Incident Description: Online hackers' group Anonymous blocked temporarily on Saturday the website of Slovenia's largest bank NLB, while thousands protested in Ljubljana against an anti-piracy pact. Reference: http://www.google.com/hostednews/afp/article/ALeqM5ilturtoKhGM1fSlrXKtodx5KAysw?docId=CNG.e27edd710da10fc1025f9684e4b281b4.471 |
Entry Title: WHID 2012-128: Department of Homeland Security website hacked by Anonymous WHID ID: 2012-128 Date Occurred: 2/4/2012 Attack Method: Denial of Service Application Weakness: Insufficient Anti-automation Outcome: Downtime Attacked Entity Field: Government Attacked Entity Geography: Washington, DC Incident Description: Only hours after two of its biggest releases ever, the online collective Anonymous is taking credit for crashing the website of the US Department of Homeland Security. Reference: https://rt.com/usa/news/homeland-security-website-anonymous-473/ |
Entry Title: WHID 2012-127: Hackers apparently hit Swedish government site WHID ID: 2012-127 Date Occurred: 2/4/2012 Attack Method: Denial of Service Application Weakness: Insufficient Anti-automation Outcome: Downtime Attacked Entity Field: Government Attacked Entity Geography: Stockholm, Sweden Incident Description: A group linked to the hacker network Anonymous on Saturday said it had attacked the Swedish government's website, bringing it down for periods of time by overloading it with traffic. Read more: http://www.foxnews.com/scitech/2012/02/04/hackers-apparently-hit-swedish-government-site/#ixzz1sEEKo9es Reference: http://www.foxnews.com/scitech/2012/02/04/hackers-apparently-hit-swedish-government-site/ |
Entry Title: WHID 2012-126: Daniel Negreanu???s PokerStars Account Hacked WHID ID: 2012-126 Date Occurred: 2/3/2012 Attack Method: Unknown Application Weakness: Unknown Outcome: Monetary Loss Attacked Entity Field: Entertainment Attacked Entity Geography: UK Incident Description: A computer hacker managed to compromise Daniel Negreanu???s PokerStars and e-mail accounts, sitting down at the virtual felt under the Canadian pro???s screen name and recklessly playing with Negreanu???s $100,000 in funds on account at the world???s top poker site. Reference: http://www.pokernewsreport.com/daniel-negreanus-pokerstars-account-hacked-7299 |
Entry Title: WHID 2012-125: Hackers outwit online banking identity security systems WHID ID: 2012-125 Date Occurred: 2/10/2012 Attack Method: Banking Trojan Application Weakness: Insufficient Process Validation Outcome: Monetary Loss Attacked Entity Field: Finance Attacked Entity Geography: UK Incident Description: Criminal hackers have found a way round the latest generation of online banking security devices given out by banks, the BBC has learned. Reference: http://www.bbc.co.uk/news/technology-16812064 |
Entry Title: WHID 2012-124: DHI website hacked thrice in a month WHID ID: 2012-124 Date Occurred: 2/3/2012 Attack Method: Unknown Application Weakness: Unknown Outcome: Defacement Attacked Entity Field: Finance Attacked Entity Geography: Bhutan Incident Description: With its website hacked thrice in the past month officials of Druk Holdings and Investments (DHI), a Nu 45 B company and the investment arm of the government, say the problem is partly because of lapses with Bhutan Telecom. Reference: http://www.kuenselonline.com/2011/?p=26344 |
Entry Title: WHID 2012-123: President's Website Comes Under Hacker Attack WHID ID: 2012-123 Date Occurred: 2/1/2012 Attack Method: Denial of Service Application Weakness: Insufficient Anti-automation Outcome: Downtime Attacked Entity Field: Government Attacked Entity Geography: Ukraine Incident Description: Ukrainian News Agency The President's website has come under hacker attack, the President's press secretary, Daria Chepak, writes in her blog at Ukrainska Pravda. "Unknown persons have been attacking the official website of the President of Ukraine since today's night," she said. Reference: http://un.ua/eng/article/373136.html |
Entry Title: WHID 2012-122: Fairfax microsites hacked WHID ID: 2012-122 Date Occurred: 2/1/2012 Attack Method: SQL Injection Application Weakness: Improper Input Handling Outcome: Leakage of Information Attacked Entity Field: Media Attacked Entity Geography: Australia Incident Description: Media giant Fairfax has confirmed that two of its microsites were hacked this month but claims that up to 10,000 unencrypted credit card details compromised in the same attack were not Fairfax customers. Reference: http://www.scmagazine.com.au/News/288661,fairfax-microsites-hacked.aspx |
Entry Title: WHID 2012-121: iTunes hackers are emptying accounts WHID ID: 2012-121 Date Occurred: 1/30/2012 Attack Method: Unknown Application Weakness: Unknown Outcome: Monetary Loss Attacked Entity Field: Retail Attacked Entity Geography: Cupertino, CA Incident Description: Emert isn???t alone. There is an ever-growing Apple support forum of people who have say their iTunes accounts have been hacked. It's been going on more than a year and now there are more than 65 pages in the forum with hundreds of replies. Most of them ask the same questions of Apple, wondering if they can get their money back. Emert was able to get a one-time refund. Reference: http://www.abc2news.com/dpp/money/consumer/scam_alerts/itunes-hackers-are-emptying-accounts |
Entry Title: WHID 2012-120: Hackers infect WordPress 3.2.1 blogs to distribute TDSS rootkit WHID ID: 2012-120 Date Occurred: 2/1/2012 Attack Method: Unknown Application Weakness: Improper Output Handling Outcome: Planting of Malware Attacked Entity Field: Blogs Attacked Entity Geography: Multiple Incident Description: Hackers are compromising WordPress 3.2.1 blogs in order to infect their visitors with the notorious TDSS rootkit, according to researchers from Web security firm Websense. Reference: http://www.techworld.com.au/article/413924/hackers_infect_wordpress_3_2_1_blogs_distribute_tdss_rootkit/?fp=16&fpid=1 |
Entry Title: WHID 2012-12: Anonymous takedown FBI as Megaupload Shutdown retaliation WHID ID: 2012-12 Date Occurred: 1/20/2012 Attack Method: Denial of Service Application Weakness: Insufficient Anti-automation Outcome: Downtime Attacked Entity Field: Government Attacked Entity Geography: United States Incident Description: After FBI Federal agents executed a shutdown on the files sharing website Megaupload on Thursday, the response of Internet comes rapidly from none other than Anonymous. Reference: http://www.nationalturk.com/en/anonymous-takedown-fbi-as-megaupload-shutdown-retaliation-16006 |
Entry Title: WHID 2012-119: Hackers Attack Website of Brazil's Itau; May Try Other Banks WHID ID: 2012-119 Date Occurred: 1/30/2012 Attack Method: Denial of Service Application Weakness: Insufficient Anti-automation Outcome: Downtime Attacked Entity Field: Finance Attacked Entity Geography: Sao Paulo, Brazil Incident Description: Hackers from the Anonymous Movement group fought out a day-long attack against websites of Brazil's Banco Itau SA on Monday, shutting down service on several occasions, and threatened more action during the week. Reference: http://online.wsj.com/article/SB10001424052970204652904577193920234068442.html |
Entry Title: WHID 2012-118: Universal Music Portugal database dumped by Hackers WHID ID: 2012-118 Date Occurred: 1/29/2012 Attack Method: SQL Injection Application Weakness: Improper Input Handling Outcome: Leakage of Information Attacked Entity Field: Entertainment Attacked Entity Geography: Portugal Incident Description: Another Latest Tip come in my Inbox today about the leak of Database of Universal Music Portugal's website. Hacker did not mention his name,or Codename, But he enumerate the Database and Extract it by Hacking the Site. 100's of Tables from Database and Users Data has been leaked via a pastebin File. It includes the Usernames, Passwords and Emails ID's of Users of Site. Reference: http://thehackernews.com/2012/01/universal-music-portugal-database.html |
Entry Title: WHID 2012-117: UFC president hacked after scrapping with Anonymous WHID ID: 2012-117 Date Occurred: 1/27/2012 Attack Method: Denial of Service Application Weakness: Insufficient Anti-automation Outcome: Downtime Attacked Entity Field: Entertainment Attacked Entity Geography: US Incident Description: Dana White loves a good fight. But the Ultimate Fighting Championship president may have second thoughts about mixing it up with members of the hacker collective Anonymous on Thursday night on Twitter, where he was on the receiving end of a brutal punch. Reference: http://www.cnn.com/2012/01/27/tech/web/ufc-anonymous-sopa/index.html |
Entry Title: WHID 2012-116: Scalpers aggressively go after Bruce Springsteen tickets, disappoint fans WHID ID: 2012-116 Date Occurred: 1/29/2012 Attack Method: Denial of Service Application Weakness: Insufficient Anti-automation Outcome: Downtime Attacked Entity Field: Retail Attacked Entity Geography: US Incident Description: According to a statement from Ticketmaster, scalpers with ???sophisticated??? computer programs are to blame. Scalpers targeted the site with Distributed Denial of Service attacks, which generated extra junk traffic, resulting in the unresponsiveness of the site. Read more at http://www.inquisitr.com/187910/scalpers-aggressively-go-after-bruce-springsteen-tickets-disappoint-fans/#HYCdxfUHLpbzUS9E.99 Reference: http://www.inquisitr.com/187910/scalpers-aggressively-go-after-bruce-springsteen-tickets-disappoint-fans/#HYCdxfUHLpbzUS9E.99 |
Entry Title: WHID 2012-115: Forbes Exploited: XSS Vulnerabilities Allow Phishers to Hijack Sessions & Steal Logins Read more: Forbes Exploited: XSS Vulnerabilities Allow Phishers to Hijack Sessions & Steal Logins WHID ID: 2012-115 Date Occurred: 1/27/2012 Attack Method: Cross-site Scripting (XSS) Application Weakness: Improper Output Handling Outcome: Account Takeover Attacked Entity Field: Media Attacked Entity Geography: US Incident Description: Here's another delicious Byte. Ucha Gobejishvili, a Georgian Security Researcher under the handle of longrifle0x, discovered two cross site scripting (XSS) vulnerabilities on the official website of Forbes. Read more: http://null-byte.wonderhowto.com/blog/forbes-exploited-xss-vulnerabilities-allow-phishers-hijack-sessions-steal-logins-0133051/#ixzz1sDnk6Vc7 Reference: http://null-byte.wonderhowto.com/blog/forbes-exploited-xss-vulnerabilities-allow-phishers-hijack-sessions-steal-logins-0133051/#ixzz1sDnUwuwm |
Entry Title: WHID 2012-114: NLC???s website hacked WHID ID: 2012-114 Date Occurred: 1/28/2012 Attack Method: Unknown Application Weakness: Unknown Outcome: Defacement Attacked Entity Field: Government Attacked Entity Geography: Nigeria Incident Description: The official website of the Nigeria Labour Congress (NLC) came under attack yesterday from a group calling itself NaijaCyber Hacktivites. The hackers defaced the website and called two leaders of the union traitors for allegedly selling out to the Federal Government over the oil subsidy removal. Reference: http://www.thenationonlineng.net/2011/index.php/news-update/34830-nlc%E2%80%99s-website-hacked.html |
Entry Title: WHID 2012-113: Students busted for hacking computers, changing grades WHID ID: 2012-113 Date Occurred: 1/27/2012 Attack Method: Stolen Credentials Application Weakness: Insufficient Authentication Outcome: Fraud Attacked Entity Field: Education Attacked Entity Geography: California Incident Description: Three high school juniors have been arrested after they devised a sophisticated hacking scheme to up their grades and make money selling quiz answers to their classmates. Reference: http://www.theregister.co.uk/2012/01/27/students_hack_teachers_computers/ |
Entry Title: WHID 2012-112: Lithuanian central bank hit by cyber-attack WHID ID: 2012-112 Date Occurred: 1/27/2012 Attack Method: Denial of Service Application Weakness: Insufficient Anti-automation Outcome: Downtime Attacked Entity Field: Finance Attacked Entity Geography: Vilnius, Lithuania Incident Description: Lithuania's central bank said Friday it had been hit by a cyber-attack, but had eventually overcome the assault on its website and other online services. Reference: http://www.google.com/hostednews/afp/article/ALeqM5ifPzsAaVafW485uqxHES1G5YjxgQ?docId=CNG.db52691d2005cab46bbe09fa2b685ee4.ee1 |
Entry Title: WHID 2012-111: Israeli Hacker Steals 85,000 Arabs' Facebook Logins WHID ID: 2012-111 Date Occurred: 1/25/2012 Attack Method: Unknown Application Weakness: Unknown Outcome: Leakage of Information Attacked Entity Field: Social Attacked Entity Geography: San Francisco, CA Incident Description: An Israeli hacker calling himself Hannibal stole and exposed the Facebook login credentials of 85,000 Arabs earlier this week. It's the latest retaliatory strike in a politically motivated battle between Israeli and Arab hackers that's been going strong since the beginning of the month. Reference: http://www.msnbc.msn.com/id/46133351/ns/technology_and_science-security/#.T4w5lZpWrUU |
Entry Title: WHID 2012-110: 'Anonymous' hackers target FTC WHID ID: 2012-110 Date Occurred: 1/24/2012 Attack Method: Denial of Service Application Weakness: Insufficient Anti-automation Outcome: Downtime Attacked Entity Field: Government Attacked Entity Geography: Washington, DC Incident Description: Infamous hacking enclave Anonymous continued its quest for retribution Tuesday, claiming responsibility for shutting down OnGuardOnline.com, a Website managed by the U.S. Federal Trade Commission (FTC) Reference: http://news.medill.northwestern.edu/chicago/news.aspx?id=199000 |
Entry Title: WHID 2012-11: Mercier Bridge website hacked WHID ID: 2012-11 Date Occurred: 1/19/2012 Attack Method: Unknown Application Weakness: Unknown Outcome: Defacement Attacked Entity Field: Government Attacked Entity Geography: Canada Incident Description: With construction work shutting down the inbound lanes of the Mercier Bridge later today you may find yourself looking for information on the Mercier Bridge website. Reference: http://www.cjad.com/CJADLocalNews/entry.aspx?BlogEntryID=10337095 |
Entry Title: WHID 2012-109: Hackers crash Government websites WHID ID: 2012-109 Date Occurred: 1/25/2012 Attack Method: Denial of Service Application Weakness: Insufficient Anti-automation Outcome: Downtime Attacked Entity Field: Government Attacked Entity Geography: Ireland Incident Description: ONLINE hackers have shut down the websites of the two of the Government's biggest departments. Reference: http://www.herald.ie/news/hackers-crash-government-websites-2999104.html |
Entry Title: WHID 2012-108: Facebook under Denial of Service Attack, confirms AnonSec WHID ID: 2012-108 Date Occurred: 1/26/2012 Attack Method: Denial of Service Application Weakness: Insufficient Anti-automation Outcome: Downtime Attacked Entity Field: Social Attacked Entity Geography: San Francisco, CA Incident Description: On the afternoon of January 25, 2012 around 5:30pm Pacific Time, the world's largest social network underwent a Denial of Service attack and service outages were reported in several countries. Reference: http://www.fudzilla.com/home/item/25713-facebook-under-denial-of-service-attack-confirms-anonsec |
Entry Title: WHID 2012-107: Hackers immobilize websites of two Israeli hospitals WHID ID: 2012-107 Date Occurred: 1/25/2012 Attack Method: Denial of Service Application Weakness: Insufficient Anti-automation Outcome: Downtime Attacked Entity Field: Healthcare Attacked Entity Geography: Tel-Aviv, Israel Incident Description: Tel Aviv - Unknown hackers immobilized the websites of two Israeli hospitals Wednesday, after targeting them with denial of service attacks, the latest salvo in the cyber war between pro-Israelis and pro-Palestinians. Reference: http://news.monstersandcritics.com/middleeast/news/article_1687401.php/LEAD-Hackers-immobilize-websites-of-two-Israeli-hospitals |
Entry Title: WHID 2012-106: Sen. Grassley???s Twitter Account Hacked by SOPA Protesters WHID ID: 2012-106 Date Occurred: 1/23/2012 Attack Method: Brute Force Application Weakness: Insufficient Authentication Outcome: Disinformation Attacked Entity Field: Social Attacked Entity Geography: San Francisco, CA Incident Description: Republican Iowa Sen. Chuck Grassley???s twitter account was hacked today by the group ???Anonymous,??? protesting the anti-piracy bills being considered in Congress. Reference: http://abcnews.go.com/blogs/politics/2012/01/sen-grassleys-twitter-account-hacked-by-sopa-protesters/ |
Entry Title: WHID 2012-105: Kevin Bacon - Kevin Bacon's Twitter Blog Hacked WHID ID: 2012-105 Date Occurred: 1/22/2012 Attack Method: Unknown Application Weakness: Unknown Outcome: Spam Attacked Entity Field: Social Attacked Entity Geography: San Francisco, CA Incident Description: Kevin Bacon has warned fans to beware of hoax Twitter.com posts advertising a weightloss product after his blog was targeted by hackers. Reference: http://www.contactmusic.com/news/kevin-bacons-twitter-blog-hacked_1285736 |
Entry Title: WHID 2012-104: How 103 Kenya govt sites were hacked WHID ID: 2012-104 Date Occurred: 1/22/2012 Attack Method: Brute Force Application Weakness: Insufficient Authentication Outcome: Defacement Attacked Entity Field: Government Attacked Entity Geography: Kenya Incident Description: We spoke about it last year, and this year, it has happened again. Yes, against every imaginable possibility, 103 government web sites were hacked by an individual calling himself Direxer. Reference: http://www.nation.co.ke/Tech/How+103+govt+sites+were+hacked+/-/1017288/1312336/-/item/0/-/a8i6bj/-/index.html |
Entry Title: WHID 2012-103: 'The Daily Show' And 'Colbert Report' Twitter Accounts Hacked By Anonymous Sympathizers WHID ID: 2012-103 Date Occurred: 1/23/2012 Attack Method: Unknown Application Weakness: Unknown Outcome: Disinformation Attacked Entity Field: Social Attacked Entity Geography: San Francisco, CA Incident Description: Late Sunday evening, both "The Daily Show" and "The Colbert Report" official Twitter accounts were hacked. Reference: http://www.huffingtonpost.com/2012/01/23/the-daily-show-colbert-report-twitter-hacked_n_1223267.html |
Entry Title: WHID 2012-102: Anonymous attacks Polish government websites WHID ID: 2012-102 Date Occurred: 1/23/2012 Attack Method: Denial of Service Application Weakness: Insufficient Anti-automation Outcome: Downtime Attacked Entity Field: Government Attacked Entity Geography: Warsaw, PL Incident Description: Hackers' group Anonymous brought down several Polish government websites over the weekend, including the websites of the Sejm (Poland's lower house of parliament), the Prime Minister's Chancellery, the Ministry of Culture, the Ministry of Justice and the Internal Security Agency. Even the prime minster's daughter's blog was targeted. Reference: http://www.wbj.pl/article-57691-anonymous-attacks-polish-government-websites.html?typ=wbj |
Entry Title: WHID 2012-101: CBS is offline and its servers are wiped WHID ID: 2012-101 Date Occurred: 1/23/2012 Attack Method: DNS Hijacking Application Weakness: Unknown Outcome: Defacement Attacked Entity Field: Entertainment Attacked Entity Geography: New York, NY Incident Description: Hackactivist outfit Anonymous has had a busy weekend and appears to have done a little more than its trademark denial-of-service attack against CBS. According to Gizmodo, Anonymous not only managed to take down the CBS.com website yesterday but it managed to wipe every file it found in its servers. Reference: http://news.techeye.net/security/cbs-is-offline-and-its-servers-are-wiped#ixzz1sDE7V5ir |
Entry Title: WHID 2012-100: Stockbrokers hit by cyber hack WHID ID: 2012-100 Date Occurred: 1/20/2012 Attack Method: Stolen Credentials Application Weakness: Insufficient Authentication Outcome: Monetary Loss Attacked Entity Field: Finance Attacked Entity Geography: Sydney, Australia Incident Description: The Australian Securities & Investment Commission has warned stockbrokers and shareholders of hacking events involving unauthorised online account access and tradin Read more: http://www.smh.com.au/it-pro/security-it/stockbrokers-hit-by-cyber-hack-20120123-1qdox.html#ixzz1sDCs9pqh Reference: http://www.smh.com.au/it-pro/security-it/stockbrokers-hit-by-cyber-hack-20120123-1qdox.html |
Entry Title: WHID 2012-10: Rancho Mirage city website hacked WHID ID: 2012-10 Date Occurred: 1/17/2012 Attack Method: Unknown Application Weakness: Unknown Outcome: Defacement Attacked Entity Field: Government Attacked Entity Geography: California Incident Description: A hacker or hackers took over the front page of the city website, leaving a message that could be seen Tuesday supporting the Occupy movement and denouncing the proposed Stop Online Piracy Act. Reference: http://www.mydesert.com/article/20120117/NEWS01/120117002/Rancho-Mirage-city-website-hacked |
Entry Title: WHID-2012-1: PrivateX hacker group defaces Office of Vice President site again WHID ID: 2012-1 Date Occurred: 1/1/2012 Attack Method: Unknown Application Weakness: Unknown Outcome: Defacement Attacked Entity Field: Government Attacked Entity Geography: Phillipines Incident Description: Hackers struck twice on New Year's Day, defacing another government website on Sunday evening and calling anew for "information security" but this time, also appearing to taunt its target. Reference: http://www.gmanetwork.com/news/story/243236/scitech/technology/privatex-hacker-group-defaces-office-of-vice-president-site-again |
Entry Title: WHID 2011-99: FTC settles data breach charges against two firms WHID ID: 2011-99 Date Occurred: 10/1/2009 Attack Method: Predictable Resource Location Application Weakness: Insufficient Authorization Outcome: Leakage of Information Attacked Entity Field: Information Services Attacked Entity Geography: Palo Alto, CA Incident Description: In October and December 2009, an employee of a Lookout customer was able to gain access to the product's database by typing a URL into a Web browser, the FTC said in its complaint. The intruder was able to gain access to personal information, including Social Security numbers, of about 37,000 consumers, the FTC said. Reference: http://news.idg.no/cw/art.cfm?id=2761F224-1A64-67EA-E41CDB96A756125A |
Entry Title: WHID 2011-98: Sony Darkens Another Network As Breach Investigation Widens WHID ID: 2011-98 Date Occurred: 5/2/2011 Attack Method: Unknown Application Weakness: Unknown Outcome: Leakage of Information Attacked Entity Field: Entertainment Attacked Entity Geography: Tokyo, Japan Incident Description: Sony Corp. took further steps to contain a serious data breach: temporarily shuttering the Website of Sony Online Entertainment and station.com, another of the technology company's online gaming networks, even as it signaled the slow return of its PlayStation Network to operation. Reference: http://threatpost.com/en_us/blogs/sony-darkens-another-network-breach-investigation-widens-050211 |
Entry Title: WHID 2011-97: Man who liveblogged Bin Laden raid was hacked WHID ID: 2011-97 Date Occurred: 5/2/2011 Attack Method: Unknown Application Weakness: Improper Output Handling Outcome: Planting of Malware Attacked Entity Field: Blogs Attacked Entity Geography: Berkeley, CA Incident Description: The Pakistani programmer who dubbed himself "the guy who liveblogged the Osama raid without knowing about it" is also the guy who got his website hacked without knowing about it. Reference: http://www.computerworld.com/s/article/9216341/Man_who_liveblogged_Bin_Laden_raid_was_hacked |
Entry Title: WHID 2011-96: Click-jacking on Facebook WHID ID: 2011-96 Date Occurred: 5/2/2011 Attack Method: Clickjacking Application Weakness: Application Misconfiguration Outcome: Link Spam Attacked Entity Field: Web 2.0 Attacked Entity Geography: Palo Alto, CA Incident Description: WebSense analyzes a recent click-jacking attack against FaceBook users. Reference: http://community.websense.com/blogs/securitylabs/archive/2011/05/02/a-weekend-of-click-jacking-on-facebook.aspx |
Entry Title: WHID 2011-95: Researchers Catch Targeted Attack On Popular Soccer Website WHID ID: 2011-95 Date Occurred: 5/2/2011 Attack Method: Unknown Application Weakness: Improper Output Handling Outcome: Planting of Malware Attacked Entity Field: Sports Attacked Entity Geography: Luxembourg Incident Description: A popular sports website late last week was spotted serving up malware in what researchers say appears to be a targeted attack and not part of a mass SQL injection campaign. Reference: http://www.darkreading.com/advanced-threats/167901091/security/application-security/229402594/researchers-catch-targeted-attack-on-popular-soccer-website.html |
Entry Title: WHID 2011-94: High school hackers expose security gap in Seattle Public Schools WHID ID: 2011-94 Date Occurred: 5/1/2011 Attack Method: Stolen Credentials Application Weakness: Insufficient Authentication Outcome: Disinformation Attacked Entity Field: Education Attacked Entity Geography: Seattle, WA Incident Description: District officials suspect a student, or several, swiped teachers' passwords for online grade books, possibly using a key-logger device or keystroke-recording software that captures every keystroke, including IDs and passwords Reference: http://seattletimes.nwsource.com/html/editorials/2014914193_edit02grades.html |
Entry Title: WHID 2011-93: Hacker posts screenshot of sex video on SPAD website WHID ID: 2011-93 Date Occurred: 5/2/2011 Attack Method: Unknown Application Weakness: Improper Output Handling Outcome: Defacement Attacked Entity Field: Government Attacked Entity Geography: Malaysia Incident Description: The Land Public Transport Commission (SPAD) website was hacked yesterday and a screenshot of the controversial sex video allegedly involving a top politician was posted on its main page. Reference: http://thestar.com.my/news/story.asp?file=/2011/5/2/nation/8591951&sec=nation |
Entry Title: WHID 2011-92: Anonymous attacks Iranian state websites WHID ID: 2011-92 Date Occurred: 5/2/2011 Attack Method: Denial of Service Application Weakness: Insufficient Anti-automation Outcome: Downtime Attacked Entity Field: Government Attacked Entity Geography: Iran Incident Description: The infamous Anonymous hacking group has crippled a string of Iranian state websites including those of the Office of the Supreme Leader, state police and the Islamic Revolutionary Guards in attacks launched yesterday. Reference: http://www.securecomputing.net.au/News/256057,anonymous-attacks-iranian-state-websites.aspx |
Entry Title: WHID 2011-91: Rabobank network floored by cyber attack WHID ID: 2011-91 Date Occurred: 5/2/2011 Attack Method: Denial of Service Application Weakness: Insufficient Anti-automation Outcome: Downtime Attacked Entity Field: Finance Attacked Entity Geography: Netherlands Incident Description: Internet and mobile banking at the Rabobank has been badly hit by an attack on its computer network, the company reported on Monday. The denial of service attack, in which the target computer is saturated with external communications requests, has made the network unavailable to its customers. Reference: http://www.dutchnews.nl/news/archives/2011/05/rabobank_network_floored_by_cy.php |
Entry Title: WHID 2011-91: Anonymous takes down El Salvadoran sites WHID ID: 2011-90 Date Occurred: 4/28/2011 Attack Method: SQL Injection Application Weakness: Improper Input Handling Outcome: Leakage of Information Attacked Entity Field: News Attacked Entity Geography: USA Incident Description: Subscribers to ISP news and review site DSLReports.com have been notified that their e-mail addresses and passwords may have been exposed during an attack on the Web site earlier this week. The site was targeted in an SQL injection attack yesterday and about 8 percent of the subscribers' e-mail addresses and passwords were stolen, Justin Beech, founder of DSLReports.com, wrote in an e-mail to members. That would be about 8,000 random accounts of the 9,000 active and 90,000 old or inactive accounts created during the site's 10-year history, Beech said in an e-mail to CNET today. Reference: http://news.cnet.com/8301-27080_3-20058471-245.html |
Entry Title: WHID 2011-9: Hacker Attacked Runes of Magic Database, Holding Users' Info as Hostages WHID ID: 2011-9 Date Occurred: 1/18/2011 Attack Method: SQL Injection Application Weakness: Improper Input Handling Outcome: Extortion Attacked Entity Field: Entertainment Attacked Entity Geography: Sacramento, CA Incident Description: It's reported that a Runes of Magic player called 'augustus87' has hacked Frogster's database and threatened to release the data that contain over 3.5 million players' info to public, and even shut down the game's servers unless Frogster meet his demands. Reference: http://news.mmosite.com/content/2011-01-18/hacker_attacked_runes_of_magic_database_holding_users_info_as_hostages.shtml |
Entry Title: WHID 2011-89: China Implicated In Hacking Of SMB Online Bank Accounts WHID ID: 2011-89 Date Occurred: 4/26/2011 Attack Method: Banking Trojan Application Weakness: Insufficient Authentication Outcome: Monetary Loss Attacked Entity Field: Finance Attacked Entity Geography: Incident Description: This time it wasn't an "advanced persistent threat" that China was associated with: a fraud alert issued by the FBI today implicates China in a cybercrime operation that bilked U.S.-based small- to midsize businesses of $11 million over the past year. Reference: http://www.informationweek.com/news/security/vulnerabilities/229402300 |
Entry Title: WHID 2011-88: Yahoo! PH Purple Hunt 2.0 Ad Compromised WHID ID: 2011-88 Date Occurred: 4/24/2011 Attack Method: Malvertising Application Weakness: Improper Output Handling Outcome: Planting of Malware Attacked Entity Field: Search Engine Attacked Entity Geography: USA Incident Description: Earlier the other day, I was browsing through the Yahoo! PH site and the Yahoo! Purple Hunt 2.0 ad caught my attention. Curious, I clicked the ad and found my browser downloading a suspicious file named com.com. Reference: http://blog.trendmicro.com/yahoo-ph-purple-hunt-2-0-ad-compromised/ |
Entry Title: WHID 2011-87: PSN Admin Dev Accounts Got Hacked WHID ID: 2011-87 Date Occurred: 4/24/2011 Attack Method: Brute Force Application Weakness: Insufficient Anti-automation Outcome: Account Takeover Attacked Entity Field: Entertainment Attacked Entity Geography: Tokyo, Japan Incident Description: Sony???s PlayStation Network has been down since Wednesday and stayed kaput throughout the weekend. Sony has admitted that the outage was due to their network being hacked but has not given any further details. But now, a source closely connected with Sony Computer Entertainment Europe (SCEE) reports that the attack is much deeper than admitted by Sony. The source claims that the PSN sustained a LOIC attack (which created a denial-of-service attack) that damaged the server. Plus, it received concentrated attacks on the servers holding account information and breached the Admin Dev accounts. Reference: http://www.slashgear.com/psn-admin-dev-accounts-got-hacked-source-claims-service-to-return-by-tuesday-24148081/ |
Entry Title: WHID 2011-86: Cybercrime Extracts $399,000 from Florida Dentist???s Account WHID ID: 2011-86 Date Occurred: 4/25/2011 Attack Method: Banking Trojan Application Weakness: Insufficient Authentication Outcome: Monetary Loss Attacked Entity Field: Online Trading Attacked Entity Geography: Omaha, NE Incident Description: ???Before the cybercriminals launched their TDoS attack, they found a way to obtain Dr. Thousand???s Ameritrade account information and password. Victims in these cases are often targeted through phishing attempts or by clicking an innocuous-looking email link that downloads malware to their system. In this manner, criminals are able to capture account details, passwords and other personal information. Once they have access to an account, they can then change the contact numbers and impersonate the victim when communicating with the bank or broker.??? Reference: http://www.prweb.com/releases/2011/4/prweb8338409.htm |
Entry Title: WHID 2011-85: IIM-B website hacked WHID ID: 2011-85 Date Occurred: 4/25/2011 Attack Method: Unknown Application Weakness: Improper Output Handling Outcome: Link Spam Attacked Entity Field: Education Attacked Entity Geography: Incident Description: NEW DELHI: The website of the Indian Institute of Management-Bangalore has been hijacked by hackers peddling erectile dysfunction products like Viagra. The website, www.iimb.ernet.in, has been out of service for at least ten days. Reference: http://timesofindia.indiatimes.com/tech/news/internet/IIM-B-website-hacked/articleshow/8080736.cms??prtpage=1 |
Entry Title: WHID 2011-84:Hackers access personal info of Lancaster County students WHID ID: 2011-84 Date Occurred: 4/19/2011 Attack Method: SQL Injection Application Weakness: Improper Input Handling Outcome: Leakage of Information Attacked Entity Field: Education Attacked Entity Geography: South Carolina Incident Description: LANCASTER, S.C. -- The Lancaster County School District says hackers may have stolen the personal information of 25,000 students in the district's database. Schools officials are now trying to contact everyone who might have been affected. Information stored in the database goes back 10 years. Reference: http://www.wcnc.com/news/local/Personal-Information-of-Thousands-exposed-to-Internet-Hackers-120316064.html |
Entry Title: WHID 2011-83: Minn. man accused of hacking Facebook accounts WHID ID: 2011-83 Date Occurred: 4/21/2011 Attack Method: Social Engineering Application Weakness: Insufficient Password Recovery Outcome: Account Takeover Attacked Entity Field: Web 2.0 Attacked Entity Geography: Palo Alto, CA Incident Description: Prosecutors have accused a Minnesota man of hacking into other people's Facebook and other computer accounts and stealing photos of women to post on adult websites. Prosecutors charged Timothy Peter Noirjean, 26, of Woodbury, with 13 counts of identity theft, alleging that from February 2010 through March 2010 he contacted women online and duped them into providing him with personal information that allowed him to hack their Facebook and other accounts. After hacking a Facebook account, prosecutors say Noirjean would pose as the owner to make contact with that person's friends and try to gain access to more computer accounts. Read more: http://www.foxnews.com/us/2011/04/20/minn-man-accused-hacking-facebook-accounts/#ixzz1KBSiqxBX Reference: http://www.foxnews.com/us/2011/04/20/minn-man-accused-hacking-facebook-accounts/ |
Entry Title: WHID 2011-82: Sony fears Anonymous hack as PSN stays down WHID ID: 2011-82 Date Occurred: 4/21/2011 Attack Method: Denial of Service Application Weakness: Insufficient Anti-automation Outcome: Downtime Attacked Entity Field: Entertainment Attacked Entity Geography: Tokyo, Japan Incident Description: It's looking more likely that loose-knit 'hacktivist' collective Anonymous may have pulled off the "biggest ever" attack on Sony's PlayStation network (PSN), as company engineers are investigating the possibility that the online gaming service has been hacked. Reference: http://www.thinq.co.uk/2011/4/21/sony-fears-anonymous-hack-psn-stays-down/ |
Entry Title: WHID 2011-81: AlArabiya.net Hacked??_Again WHID ID: 2011-81 Date Occurred: 4/21/2011 Attack Method: Unknown Application Weakness: Unknown Outcome: Defacement Attacked Entity Field: News Attacked Entity Geography: Saudi Arabia Incident Description: Being one of the region???s leading news agencies, Al-Arabiya which is part of MBC Group, the largest broadcasting company in the Middle East has been hacked by an unknown group signed only with ???Crack_Man??? stating it has been ???powered morocco???. The hacked website comes in a long lasting tradition of security flaws in the website leading to the recurrent event of the portal being hacked during political instability hits the region usually as an expression of disagreeing with what many consider the news agency???s Western oriented liberal point of view. Reference: http://thenextweb.com/me/2011/04/21/alarabiya-net-hacked-again/ |
Entry Title: WHID 2011-80: Ashampoo server hacked, customer names and e-mail addresses stolen WHID ID: 2011-80 Date Occurred: 4/21/2011 Attack Method: SQL Injection Application Weakness: Improper Input Handling Outcome: Leakage of Information Attacked Entity Field: Retail Attacked Entity Geography: Incident Description: Rolf Hilchner, CEO of Ashampoo, has posted on the company???s website explaining exactly what has happened. Apparently hackers managed to break into one of Ashampoo???s servers that held customer data. There was a hole in their security and by using it Ashampoo customer names and e-mail addresses have been taken, but no payment and billing information was accessed. Reference: http://www.geek.com/articles/geek-pick/ashampoo-server-hacked-customer-names-and-e-mail-addresses-stolen-20110421/ |
Entry Title: WHID 2011-8: Casino Gambler Databases Becoming A Key Tool For Hackers WHID ID: 2011-8 Date Occurred: 1/19/2011 Attack Method: SQL Injection Application Weakness: Improper Input Handling Outcome: Monetary Loss Attacked Entity Field: Entertainment Attacked Entity Geography: Nevada Incident Description: Players club points can be a valuable commodity when it comes to casinos, and hackers are now taking aim at player accounts. Several cases have been reported in Las Vegas of hackers getting into players club accounts and stealing the accumulated points. When a gambler signs up for a player club card, they are usually rewarded with fifty or one hundred players points. As the gambler plays at the tables and on the slot machines, points are accumulated and used for such things as free hotel rooms and food. The points can sometimes be used as free play on the slot machines. The Nevada Gaming Control Board is now investigating the cases of players having their points stolen. The Board is not only targeting the hackers, but also the casinos that have players information in their databases. Reference: http://www.casinogamblingweb.com/gambling-news/casino-gambling/casino_gambler_databases_becoming_a_key_tool_for_hackers_56344.html |
Entry Title: WHID 2011-79: Change.org Victim of DDoS Attack From China WHID ID: 2011-79 Date Occurred: 4/19/2011 Attack Method: Denial of Service Application Weakness: Insufficient Anti-automation Outcome: Downtime Attacked Entity Field: Politics Attacked Entity Geography: Incident Description: Change.org, an online petitioning platform, has come under an ongoing distributed denial of service (DDoS) attack originating from China after the site hosted a call urging Chinese authorities to release artist Ai Weiwei from custody. Reference: http://www.pcworld.com/printable/article/id,225672/printable.html |
Entry Title: WHID 2011-78: The Children's Place, popular kid's clothing retailer, hit with database breach WHID ID: 2011-78 Date Occurred: 4/19/2011 Attack Method: Unknown Application Weakness: Unknown Outcome: Phishing Attacked Entity Field: Retail Attacked Entity Geography: Cambridge, MA Incident Description: The Children's Place Retail Stores Inc. said Tuesday that its customer email address database was recently accessed by an unauthorized third party. The database is stored at an external email service provider, according to company officials. The external service provider confirmed that only email addresses were accessed and no other personal information was obtained. Reference: http://www.csoonline.com/article/679983/the-children-s-place-popular-kid-s-clothing-retailer-hit-with-database-breach |
Entry Title: WHID 2011-77: Scottish news site hit by 'DDoS attack' in run-up to elections WHID ID: 2011-77 Date Occurred: 4/19/2011 Attack Method: Unknown Application Weakness: Application Misconfiguration Outcome: Downtime Attacked Entity Field: Government Attacked Entity Geography: Scotland Incident Description: Politically-motivated hackers are thought to be behind a DDoS attack on alternative news site Newsnet Scotland, launched on Monday days before Scotland is due to vote in fiercely contested local elections. The attack, if that's what it is, left the site unavailable from Monday afternoon into the early hours of Tuesday morning. Reference: http://www.theregister.co.uk/2011/04/19/scottish_news_site_ddos/ |
Entry Title: WHID 2011-76: Auto Trader website attacked WHID ID: 2011-76 Date Occurred: 4/19/2011 Attack Method: Denial of Service Application Weakness: Insufficient Anti-automation Outcome: Downtime Attacked Entity Field: Automotive Attacked Entity Geography: Incident Description: According to a story released on the Auto Trader blog page, the Auto Trader website was subject to an attack from midday on Apil 19th until the early hours of April 20th. The attack disrupted access to the site, causing it to run slowly or not open at all. According to the blog the attack originated from abroad. Such attacks, called denial of service, or DDOS attacks, are designed to disrupt web traffic and not to access personal details. Reference: http://www.honestjohn.co.uk/news/buying-and-selling/2011-04/auto-trader-website-attacked/ |
Entry Title: WHID 2011-75: Manila Water's website hacked WHID ID: 2011-75 Date Occurred: 4/17/2011 Attack Method: SQL Injection Application Weakness: Improper Input Handling Outcome: Defacement Attacked Entity Field: Energy Attacked Entity Geography: Manila, Philippines Incident Description: The website of water concessionaire Manila Water was hacked early Sunday, with visitors to the site seeing a small window indicating the breach. WHID Analysis - looking at the html in the pages, it appears as though sql injection was the attack vector - Reference: http://www.gmanews.tv/story/218014/nation/manila-waters-website-hacked |
Entry Title: WHID 2011-74: Wind Power Company Hacked WHID ID: 2011-74 Date Occurred: 4/18/2011 Attack Method: Brute Force Application Weakness: Insufficient Authentication Outcome: Leakage of Information Attacked Entity Field: SCADA Attacked Entity Geography: New Mexico, USA Incident Description: In an email interview with the IDG News Service, Bigr R, said he was a former employee of NextEra's parent company, Florida Power & Light. He said he used a bug in the Cisco Security Device Manager software used by NextEra to break into the site. "They gave to it public IP, so it was easy to hack into it through the Web," he said. "They used default passwords, which I got from one of administrators. Then I obtained level 15 priv. (superuser), and understood the topology of SCADA networks. Then it was easily to detect SCADA and turn it off." Reference: http://www.computerworld.com/s/article/9215881/Wind_power_company_sees_no_evidence_of_reported_hack |
Entry Title: WHID 2011-73: Royal Navy hacker claims to have broken into space agency site WHID ID: 2011-73 Date Occurred: 4/18/2011 Attack Method: SQL Injection Application Weakness: Improper Input Handling Outcome: Leakage of Information Attacked Entity Field: Government Attacked Entity Geography: San Jose, CA Incident Description: Login credentials for database, email and other key systems that a poster claims belong to the European Space Agency were posted on a full disclosure mailing list over the weekend. Reference: http://www.eweekeurope.co.uk/news/european-space-agency-confirms-ftp-server-hack-26976 |
Entry Title: WHID 2011-72: WordPress Hack Could Put Premium Users at Risk WHID ID: 2011-72 Date Occurred: 4/13/2011 Attack Method: Unknown Application Weakness: Unknown Outcome: Leakage of Information Attacked Entity Field: Blogs Attacked Entity Geography: USA Incident Description: Malicious hackers have successfully breached WordPress.com servers and potentially made off with sensitive bits of the publishing platform's underlying code. The breach could impact premium customers using Wordpress for their websites, including Flickr, NASA, Yahoo, and The New York Times. Reference: http://www.pcworld.com/article/225158/wordpress_hack_could_put_premium_users_at_risk.html |
Entry Title: WHID 2011-71: Malaysiakini under DDOS attack ahead of Sarawak election tomorrow WHID ID: 2011-71 Date Occurred: 4/15/2011 Attack Method: Denial of Service Application Weakness: Insufficient Anti-automation Outcome: Downtime Attacked Entity Field: Government Attacked Entity Geography: Malaysia Incident Description: Malaysian online news portal Malaysiakini has been inaccessible since late afternoon ahead of the Sarawak state election which will be held tomorrow. Malaysiakini, together with Sarawak Report, another site critical of the Sarawakian government under long-serving Chief Minister Taib Mahmud, have been under relentless denial-of-service (DDOS) attacks which temporarily brought them down in last few days Reference: http://www.temasekreview.com/2011/04/15/malaysiakini-under-ddos-attack-ahead-of-sarawak-election-tomorrow/ |
Entry Title: WHID 2011-70: US Postal Service Website Hit With 'Blackhole' Exploit WHID ID: 2011-70 Date Occurred: 4/8/2011 Attack Method: Unknown Application Weakness: Improper Output Handling Outcome: Planting of Malware Attacked Entity Field: Retail Attacked Entity Geography: Cambridge, MA Incident Description: The US Postal Service website received an unwelcome delivery this week of a new attack rapidly spreading among legitimate websites. USPS became the latest victim of the so-called "Blackhole" toolkit, a wildly popular website attack kit that's easy to use and provides obfuscation features that help it evade antivirus detection. Reference: http://www.darkreading.com/advanced-threats/167901091/security/attacks-breaches/229401258/us-postal-service-website-hit-with-blackhole-exploit.html |
Entry Title: WHID 2011-7: Hacker Breaks Into UConn Husky Store Website WHID ID: 2011-7 Date Occurred: 1/12/2011 Attack Method: SQL Injection Application Weakness: Improper Input Handling Outcome: Leakage of Information Attacked Entity Field: Education Attacked Entity Geography: Hartford, Connecticut Incident Description: A hacker gained access to a database with the credit card information of 18,000 customers of the UConn Co-op's HuskyDirect.com website, the UConn Co-op said. Reference: http://www.courant.com/business/hc-uconn-coop-data-breach-20110112,0,6878993.story |
Entry Title: WHID 2011-69: Credit Information at Hyundai Capital Leaked to Hacker WHID ID: 2011-69 Date Occurred: 4/11/2011 Attack Method: SQL Injection Application Weakness: Improper Input Handling Outcome: Leakage of Information Attacked Entity Field: Automotive Attacked Entity Geography: Incident Description: Korea's major lending company and a financial unit of Hyundai Motor Group announced on Sunday that confidential credit information on its customers was leaked during a recent hacker attack which investigators say seems to have been carried out via servers in Brazil and the Philippines. Reference: http://www.arirang.co.kr/News/News_View.asp?nseq=114741&code=Ne4&category=3 |
Entry Title: WHID 2011-68: Hack attack spills web security firm's (Barracuda) confidential data WHID ID: 2011-68 Date Occurred: 4/11/2011 Attack Method: SQL Injection Application Weakness: Improper Input Handling Outcome: Leakage of Information Attacked Entity Field: Technology Attacked Entity Geography: Incident Description: Try this for irony: The website of web application security provider Barracuda Networks has sustained an attack that appears to have exposed sensitive data concerning the company's partners and employee login credentials, according to an anonymous post. Barracuda representatives didn't respond to emails seeking confirmation of the post, which claims the data was exposed as the result of a SQL injection attack. Reference: http://www.theregister.co.uk/2011/04/11/barracuda_networks_attack/ |
Entry Title: WHID 2011-67: Hackers attack iTunes WHID ID: 2011-67 Date Occurred: 4/4/2011 Attack Method: Brute Force Application Weakness: Insufficient Anti-automation Outcome: Fraud Attacked Entity Field: Retail Attacked Entity Geography: Incident Description: Hackers have taken control of the iTunes accounts of many users, using them to make fraudulent purchases. Cyber criminals are able to crack the accounts by using brute force attacks, where an automated system tries thousands of popular passwords with each account name. Reference: http://www.computing.co.uk/ctg/news/2039945/hackers-attack-itunes |
Entry Title: WHID 2011-66: Epsilon Data Breach WHID ID: 2011-66 Date Occurred: 4/4/2011 Attack Method: SQL Injection Application Weakness: Improper Input Handling Outcome: Leakage of Information Attacked Entity Field: Marketing Attacked Entity Geography: Incident Description: Epsilon--the largest distributor of permission-based email in the world--revealed that millions of individual email addresses were exposed in an attack on its servers. While no other information was apparently compromised, security experts are warning users to brace for a tidal wave of more precise spear phishing attacks. Reference: http://www.pcworld.com/businesscenter/article/224192/epsilon_data_breach_expect_a_surge_in_spear_phishing_attacks.html |
Entry Title: WHID 2011-65: Sony sites offline after Anonymous attack threats WHID ID: 2011-65 Date Occurred: 4/6/2011 Attack Method: Denial of Service Application Weakness: Insufficient Anti-automation Outcome: Downtime Attacked Entity Field: Entertainment Attacked Entity Geography: Incident Description: Several Sony Web sites were offline today only days after the Anonymous hacker group threatened to target the company over its lawsuit against PlayStation 3 hacker George Hotz. Reference: http://news.cnet.com/8301-27080_3-20051482-245.html |
Entry Title: WHID 2011-64: Facebook Bully Video Actually a XSS Exploit WHID ID: 2011-64 Date Occurred: 4/7/2011 Attack Method: Cross Site Request Forgery (CSRF) Application Weakness: Insufficient Process Validation Outcome: Worm Attacked Entity Field: Web 2.0 Attacked Entity Geography: USA Incident Description: A security researcher has identified a bully video as a malicious app exploiting yet another cross-site-scripting vulnerability on Facebook with a very sophisticated payload. Reference: http://www.eweek.com/c/a/Security/Facebook-Bully-Video-Actually-a-XSS-Exploit-121829/ |
Entry Title: WHID 2011-63: LiveJournal under DDoS attack right now WHID ID: 2011-63 Date Occurred: 4/6/2011 Attack Method: Denial of Service Application Weakness: Insufficient Anti-automation Outcome: Downtime Attacked Entity Field: Blogs Attacked Entity Geography: Incident Description: LiveJournal Russian blog platform again stopped working some 35-40 minutes ago. This is already the 3rd hack attack over the past two weeks. Popular Russian blogger and SUP expert Roustem Adagamov tweeted that LiveJournal is under DDoS attack right now. Reference: http://www.panarmenian.net/eng/it_telecom/news/66359/LiveJournal_under_DDoS_attack_right_now |
Entry Title: WHID 2011-62: Another Xbox Live director hacked! WHID ID: 2011-62 Date Occurred: 4/6/2011 Attack Method: Social Engineering Application Weakness: Insufficient Process Validation Outcome: Account Takeover Attacked Entity Field: Entertainment Attacked Entity Geography: Incident Description: A hacker known as ???Predator??? has been able to phish information from Xbox Live???s Director of Policy and Enforcement, Stephen Toulouse (aka ???Stepto???), gaining email and address information via his personal website server and was then able to alter the Chief???s details online. Reference: http://blog.gadgethelpline.com/xbox-live-director-hacked/ |
Entry Title: WHID 2011-61: LizaMoon Mass SQL Injection Attack Points to Rogue AV Site WHID ID: 2011-61 Date Occurred: 3/29/2011 Attack Method: SQL Injection Application Weakness: Improper Input Handling Outcome: Planting of Malware Attacked Entity Field: Multiple Attacked Entity Geography: Incident Description: Attackers have launched a large-scale SQL injection attack that has compromised several thousand legitimate Websites, including a few catalog pages from Apple's iTunes music store. Reference: http://www.eweek.com/c/a/Security/LizaMoon-Mass-SQL-Injection-Attack-Points-to-Rogue-AV-Site-852537/ |
Entry Title: WHID 2011-60: Anonymous DDoS attack takes down Warner Bros Records: #OpPayBack WHID ID: 2011-60 Date Occurred: 3/29/2011 Attack Method: Denial of Service Application Weakness: Insufficient Anti-automation Outcome: Downtime Attacked Entity Field: Media Attacked Entity Geography: USA Incident Description: The Internet hacktivist collective known as "Anonymous" successfully conducted a DDoS attack on Warner Bros Records, temporarily taking down the company website Tuesday afternoon (12:21 p.m. PST). In addition, several reports also indicate that the company's website was temporarily taken down Monday as well. Reference: http://www.examiner.com/anonymous-in-national/anonymous-ddos-attack-takes-down-warner-bros-records-oppayback |
Entry Title: WHID 2011-6: Whirlpool ISP hit by DDoS attack WHID ID: 2011-6 Date Occurred: 1/21/2011 Attack Method: Denial of Service Application Weakness: Insufficient Anti-automation Outcome: Downtime Attacked Entity Field: Service Providers Attacked Entity Geography: Australia Incident Description: User forum Whirlpool was hit by a distributed denial-of-service (DDoS) attack last night, according to the site's hosting provider BulletProof Networks. Although BulletProof Networks chief operating officer (COO) Lorenzo Modesto first said that Whirlpool was the only one of its customers to be affected by the attack, he said later that its public and private managed cloud customers were experiencing intermittent degraded network performance also. Reference: http://www.zdnet.com.au/whirlpool-hit-by-ddos-attack-339308730.htm |
Entry Title: WHID 2011-59: Oracle's Sun.com Hit Along with MySQL.com in SQL Injection Attack WHID ID: 2011-59 Date Occurred: 3/29/2011 Attack Method: SQL Injection Application Weakness: Improper Input Handling Outcome: Leakage of Information Attacked Entity Field: Technology Attacked Entity Geography: USA Incident Description: The hackers who compromised MySQL.com also targeted Sun.com with a SQL injection attack, exposing database names and email addresses. Reference: http://www.eweek.com/c/a/Security/Oracles-Suncom-Hit-Along-with-MySQLCom-in-SQL-Injection-Attack-727118/ |
Entry Title: WHID 2011-58: Facebook XSS flaw misused for automatic Wall posting WHID ID: 2011-58 Date Occurred: 3/29/2011 Attack Method: Cross Site Request Forgery (CSRF) Application Weakness: Insufficient Process Validation Outcome: Disinformation Attacked Entity Field: Web 2.0 Attacked Entity Geography: USA Incident Description: A currently unpatched XSS vulnerability in the mobile API version of Facebook is currently being exploited to post messages to users' Walls, which serve as a gateway to the specially crafted website exploiting the flaw. The flaw has been misused for a while now, but has only recently been used widely. Indonesian users are currently targeted by various groups using the vulnerability to their advantage. "It allows any website to include, for example, a maliciously prepared iframe element that contains JavaScript or use the http-equiv attribute???s ???refresh??? value to redirect the browser to the prepared URL containing the JavaScript," explains Symantec. "Any user who is logged into Facebook and visits a site that contains such an element will automatically post an arbitrary message to his or her wall." Reference: http://www.net-security.org/secworld.php?id=10814 |
Entry Title: WHID 2011-57: MySQL.com hacked via... SQL injection vuln WHID ID: 2011-57 Date Occurred: 3/28/2011 Attack Method: SQL Injection Application Weakness: Improper Input Handling Outcome: Leakage of Information Attacked Entity Field: Technology Attacked Entity Geography: USA Incident Description: MySQL.com was hacked over the weekend via an attack which used a blind SQL injection exploit to pull off the pawnage. Hackers extracted usernames and password hashes from the site, which were subsequently posted to pastebin.com. Reference: http://www.theregister.co.uk/2011/03/28/mysql_hack/ |
Entry Title: WHID 2011-56: China accused of hacking Gmail to suppress dissent WHID ID: 2011-56 Date Occurred: 3/24/2011 Attack Method: Unknown Application Weakness: Insufficient Authentication Outcome: Session Hijacking Attacked Entity Field: Service Providers Attacked Entity Geography: USA Incident Description: A few days ago, Google accused the government of China for the second time to have hacked into Gmail accounts in order to quash protest. Numerous problems of Chinese customers have been signalled over the past month for both sending and flagging messages. Reference: http://www.htlounge.net/art/15053/china-accused-of-hacking-gmail-to-suppress-dissent.html |
Entry Title: WHID 2011-55: State website hacked - Officials say 1000 people affected have been notified WHID ID: 2011-55 Date Occurred: 3/25/2011 Attack Method: Unknown Application Weakness: Unknown Outcome: Leakage of Information Attacked Entity Field: Government Attacked Entity Geography: Maine, USA Incident Description: Credit card information may have been stolen for some people who bought state park passes on line. The Maine Bureau of Parks and Lands learned in February that their online system for the sale of state park passes, provided by a private vendor, was hacked by "malware." Reference: http://www.wabi.tv/news/18888/state-website-hacked-officials-say-1000-people-affected-have-been-notified |
Entry Title: WHID 2011-54: Internal Affairs website back online after outage WHID ID: 2011-54 Date Occurred: 3/25/2011 Attack Method: Denial of Service Application Weakness: Insufficient Anti-automation Outcome: Downtime Attacked Entity Field: Government Attacked Entity Geography: New Zealand Incident Description: The Department of Internal Affairs website is now back up and running after it was shut down - only days before it was due to be hacked by international cyber activist group. Reference: http://m.nzherald.co.nz/technology/news/article.php?c_id=5&objectid=10714882 |
Entry Title: WHID 2011-53: Expedia's TripAdvisor Member Data Stolen in Possible SQL Injection Attack WHID ID: 2011-53 Date Occurred: 3/24/2011 Attack Method: SQL Injection Application Weakness: Improper Input Handling Outcome: Leakage of Information Attacked Entity Field: Hospitality Attacked Entity Geography: USA Incident Description: TripAdvisor discovered a data breach in its systems that allowed attackers to grab a portion of the Website's membership list from its database. Reference: http://mobile.eweek.com/c/a/Security/Expedias-TripAdvisor-Member-Data-Stolen-in-Possible-SQL-Injection-Attack-522785/ |
Entry Title: WHID 2011-53: Thousands of home computers infiltrated after hackers infect high-profile websites with booby-trapped ads WHID ID: 2011-53 Date Occurred: 3/3/2011 Attack Method: Malvertising Application Weakness: Improper Output Handling Outcome: Planting of Malware Attacked Entity Field: Finance Attacked Entity Geography: Incident Description: Tens of thousands of people are feared to have had their computers infected by booby-trapped adverts on websites including the London Stock Exchange as the full extent of a cyber-attack which began on Sunday becomes apparent. The scam, which also involved ads on Autotrader, Vue and six other websites, began on Sunday after cyber-criminals hacked into an ad firm's IT system. Malicious adverts were then released which caused fake virus warnings to pop-up on computers belonging to those surfing the affected sites. Reference: http://www.dailymail.co.uk/sciencetech/article-1362205/Thousands-home-computers-infiltrated-hackers-infect-high-profile-websites-booby-trapped-ads.html |
Entry Title: WHID 2011-52: S. Korea's major web sites hit by DDoS attacks WHID ID: 2011-52 Date Occurred: 3/4/2011 Attack Method: Denial of Service Application Weakness: Insufficient Anti-automation Outcome: Downtime Attacked Entity Field: Government Attacked Entity Geography: Seoul, South Korea Incident Description: SEOUL, March 4 (Xinhua) -- A fresh wave of cyber attacks hit major South Korean Web sites, including that of the presidential office Cheong Wa Dae, on Friday, local media reported, citing industrial sources. Starting 10 a.m. Friday, 40 web sites, including the ones of presidential office Cheong Wa Dae, the Ministry of Foreign Affairs and Trade and top lender Kookmin Bank, came under distributed denial-of-service (DDoS) attacks, Yonhap News Agency reported, citing AhnLab, South Korea's top information security company. Reference: http://news.xinhuanet.com/english2010/world/2011-03/04/c_13760843.htm |
Entry Title: WHID 2011-51: WordPress Hit by Second Massive Attack in Two Days WHID ID: 2011-51 Date Occurred: 3/4/2011 Attack Method: Denial of Service Application Weakness: Insufficient Anti-automation Outcome: Downtime Attacked Entity Field: Blogs Attacked Entity Geography: USA Incident Description: The main WordPress.com site was the target of a major DDoS attack yesterday that knocked the popular blogging platform offline for a couple of hours, and another attack that hit the site again Friday morning. The service is back online now, but the attacks may be an indication that the service could be collateral damage in some politically motivated attacks against WordPress blogs. Reference: http://threatpost.com/en_us/blogs/wordpress-hit-second-massive-attack-two-days-030411 |
Entry Title: WHID 2011-50: Celebrity Ashton Kutcher Firesheep'd at TED Conference WHID ID: 2011-50 Date Occurred: 3/3/2011 Attack Method: Stolen Credentials Application Weakness: Insufficient Transport Layer Protection Outcome: Session Hijacking Attacked Entity Field: Web 2.0 Attacked Entity Geography: USA Incident Description: High profile celebrity Ashton Kutcher had his Twitter account hijacked at the celebrity infested Technology, Entertainment, Design (TED) Conference, TED2011, in Long Beach, California, on Wednesday. Kutcher, best known for his role on the sitcom That 70's Show and, later, as host of MTV's Punk'd prank show, found himself Punk'd Toorcon style, when an unknown attacker hijacked an insecure Web session to post a message to Kutcher's Twitter account, @aplusk. "Ashton, you've been Punk'd. This account is not secure. Dude, where's my SSL?" read the first message, which was posted around 17:30 Pacific Time on Wednesday. A few moments later, another message went out to Kutcher's 6.4 million Twitter followers: Reference: https://threatpost.com/en_us/blogs/celebrity-ashton-kutcher-firesheepd-ted-conference-030311 |
Entry Title: WHID 2011-5: Dominos Pizza Hacked WHID ID: 2011-5 Date Occurred: 1/23/2011 Attack Method: SQL Injection Application Weakness: Improper Input Handling Outcome: Leakage of Information Attacked Entity Field: Retail Attacked Entity Geography: India Incident Description: Domimos Pizza's online ordering system in India was hacked. Reference: http://www.slipperybrick.com/2011/01/dominos-pizza-website-hacked-customer-data-leaked/ |
Entry Title: WHID 2011-49: WordPress hit by 'extremely large' DDoS attack WHID ID: 2011-49 Date Occurred: 3/3/2011 Attack Method: Denial of Service Application Weakness: Insufficient Anti-automation Outcome: Downtime Attacked Entity Field: Blogs Attacked Entity Geography: USA Incident Description: Blog host WordPress.com was the target of a distributed denial-of-service (DDoS) attack earlier today described by the company as the largest in its history. As a result, a number of blogs--including those that are a part of WordPress' VIP service--suffered connectivity issues. That includes the Financial Post, the National Post, TechCrunch, along with the service's nearly 18 million hosted blogs. Reference: http://news.cnet.com/8301-1009_3-20038874-83.html |
Entry Title: WHID 2011-48: Pro-Iranian Cyber Hackers Attack Voice of America WHID ID: 2011-48 Date Occurred: 2/23/2011 Attack Method: DNS Hijacking Application Weakness: Insufficient Authentication Outcome: Defacement Attacked Entity Field: Media Attacked Entity Geography: Washington, DC Incident Description: The board for VOA said cyber hackers hacked into Voice of America???s primary domain name (VOANews.com), and then redirected visitors to another web site claiming to be run by the "Iranian Cyber Army," Numerous related domains registered with Network Solutions were also hacked into, and web visitors were also redirected to the web site supposedly run by the ???Iranian Cyber Army.??? Reference: http://www.foxbusiness.com/markets/2011/02/23/pro-iranian-cyber-hackers-attack-voice-america/ |
Entry Title: WHID 2011-47: DDoS attack forces Dutch bank offline WHID ID: 2011-47 Date Occurred: 2/19/2011 Attack Method: Denial of Service Application Weakness: Insufficient Anti-automation Outcome: Downtime Attacked Entity Field: Finance Attacked Entity Geography: Denmark Incident Description: The outage of Dutch bank Rabobank last weekend was caused by a massive DDoS attack. The perpetrators are still unknown. The bank reports the attack to the police. Reference: http://news.idg.no/cw/art.cfm?id=3F6822FF-1A64-6A71-CE67724BB606D61C |
Entry Title: WHID 2011-46: Kansas Car Dealership Bank Accounts Hacked WHID ID: 2011-46 Date Occurred: 2/23/2011 Attack Method: Banking Trojan Application Weakness: Insufficient Authentication Outcome: Monetary Loss Attacked Entity Field: Finance Attacked Entity Geography: Kansas Incident Description: An online bank robbery in which computer crooks stole $63,000 from a Kansas car dealership illustrates the deftness with which cyber thieves are flouting the meager security measures protecting commercial accounts at many banks. Reference: http://krebsonsecurity.com/2011/02/sold-a-lemon-in-internet-banking/ |
Entry Title: WHID 2011-45: Facebook users subjected to more clickjacking WHID ID: 2011-45 Date Occurred: 2/22/2011 Attack Method: Clickjacking Application Weakness: Application Misconfiguration Outcome: Fraud Attacked Entity Field: Web 2.0 Attacked Entity Geography: USA Incident Description: Facebook users have been subjected to another round of clickjacking attacks that force them to authorize actions they had no intention of approving. The latest episode in this continuing saga, according to Sophos researchers, is a set of campaigns aimed at Italian-speaking users of the social network. The come-ons promise shocking videos about such things as the real ingredients of Coca Cola. Instead, they are forced into registering their approval of the videos using Facebook's ???Like??? button Reference: http://www.theregister.co.uk/2011/02/22/facebook_clickjacking_attacks/ |
Entry Title: WHID 2011-44: Credit cards compromised as hackers target beauty site WHID ID: 2011-44 Date Occurred: 2/15/2011 Attack Method: SQL Injection Application Weakness: Improper Input Handling Outcome: Leakage of Information Attacked Entity Field: Retail Attacked Entity Geography: New Zealand Incident Description: The Lush UK website was recently compromised and the company says while the New Zealand and Australian sites are not linked to the UK site, both have also been targeted by hackers. It says personal data may have been obtained by the hackers and customers should contact their banks to discuss cancelling their credit cards. Reference: http://www.radionz.co.nz/news/national/68729/credit-cards-compromised-as-hackers-target-beauty-site |
Entry Title: WHID 2011-43: BBC music websites get hacked WHID ID: 2011-43 Date Occurred: 2/16/2011 Attack Method: Unknown Application Weakness: Improper Output Handling Outcome: Planting of Malware Attacked Entity Field: Entertainment Attacked Entity Geography: UK Incident Description: THE BBC'S MUSIC WEBSITES have been hacked to stream malware using drive-by downloads for anyone browsing the infected webpages. Hackers set the drive-by malware up at the BBC's 6 Music website and the BBC 1Xtra radio station website. Researchers at the insecurity outfit Websense found the exploits and put its report up on its security labs blog. "The BBC - 6 Music Web site has been injected with a malicious iframe, as have areas of the BBC 1Xtra radio station Web site," an anonymous Websense insecurity researcher wrote. Websense claims the injected iframe is at the bottom of the BBC 6 Music webpage and has been set up to automatically download some dodgy code from a .cc website. Apparently the hack is exactly the same on the BBC's 1Xtra website. Reference: http://www.theinquirer.net/inquirer/news/2026766/bbc-music-websites-hacked |
Entry Title: WHID 2011-42: Irish recruitment website hacked WHID ID: 2011-42 Date Occurred: 2/8/2011 Attack Method: SQL Injection Application Weakness: Improper Input Handling Outcome: Leakage of Information Attacked Entity Field: Recruitment Attacked Entity Geography: Ireland Incident Description: The Irish job website RecruitIreland.com was hacked earlier this week, resulting in breached systems and the theft of the credentials of 400,000 users. According to media reports, the website was temporarily taken offline after the breach was discovered on the 8th February. A statement on the website said that as per its security guidelines and structures, it has a process in place for eventualities such as this. It said: ???The present indicators are that our database was breached to get email addresses and names for spamming Reference: http://www.scmagazineuk.com/irish-recruitment-website-hacked-leading-to-the-breach-of-around-400000-user-details/article/196142/ |
Entry Title: WHID 2011-41: English Defence League site pulled offline after defacement WHID ID: 2011-41 Date Occurred: 2/11/2011 Attack Method: Unknown Application Weakness: Unknown Outcome: Defacement Attacked Entity Field: Government Attacked Entity Geography: England Incident Description: The website of the far right English Defence League remained unavailable on Friday following a hack attack on Wednesday. Reference: http://www.theregister.co.uk/2011/02/11/edl_defacement/ |
Entry Title: WHID 2011-40: eHarmony Hacked WHID ID: 2011-40 Date Occurred: 2/10/2011 Attack Method: SQL Injection Application Weakness: Improper Input Handling Outcome: Leakage of Information Attacked Entity Field: Entertainment Attacked Entity Geography: USA Incident Description: Joseph Essas, chief technology officer at eHarmony, said Russo found a SQL injection vulnerability in one of the third party libraries that eHarmony has been using for content management on the company???s advice site ??? advice.eharmony.com. Essas said there were no signs that accounts at its main user site ??? eharmony.com ??? were affected. ???The SQL dump contained screen names, email addresses, and hashed passwords for account login on the Advice site. Reference: http://krebsonsecurity.com/2011/02/eharmony-hacked/ |
Entry Title: WHID 2011-4: Trapster Hacked WHID ID: 2011-4 Date Occurred: 1/20/2011 Attack Method: Unknown Application Weakness: Unknown Outcome: Leakage of Information Attacked Entity Field: Web 2.0 Attacked Entity Geography: Incident Description: A website that helps drivers avoid speeding tickets is warning its 10 million registered users that their email addresses and passwords may be in the hands of hackers who breached the site's security. The advisory was issued on Thursday by Trapster, which boasts more than 10 million users on its front page. The site uses crowd-sourcing techniques to compile locations of police who are using radar to catch speeding drivers. Trapster said the hack amounted to a ???single event,??? and that the company has since taken steps to ???prevent this type of attack from happening again, and continue to implement additional security measures to further protect your data.??? Trapster didn't say whether it planned to begin hashing passwords, which is considered a basic security precaution to prevent their disclosure. Reference: http://www.theregister.co.uk/2011/01/21/trapster_website_hack/ |
Entry Title: WHID 2011-39: Hackers Breach Tech Systems of Oil Companies WHID ID: 2011-39 Date Occurred: 2/10/2011 Attack Method: SQL Injection Application Weakness: Improper Input Handling Outcome: Leakage of Information Attacked Entity Field: Energy Attacked Entity Geography: Incident Description: At least five multinational oil and gas companies suffered computer network intrusions from a persistent group of computer hackers based in China, according to a report released Wednesday night by a Silicon Valley computer security firm. According to the report, the intruders used widely available attack methods known as SQL injection and spear phishing to compromise their targets. Once they gained access to computers on internal company networks, they would install remote administration software that gave them complete control of those systems. That made it possible for the intruders to search for documents as well as stage attacks on other computers connected to corporate networks. Reference: http://www.nytimes.com/2011/02/10/business/global/10hack.html?_r=1 |
Entry Title: WHID 2011-38: HBGary Federal Hacked by Anonymous WHID ID: 2011-38 Date Occurred: 2/7/2011 Attack Method: SQL Injection Application Weakness: Improper Input Handling Outcome: Leakage of Information Attacked Entity Field: IT Services Attacked Entity Geography: USA Incident Description: In a phone interview late Sunday evening, Hoglund said that unlike the more traditional Web-site attacking activities of Anonymous, the hackers who infiltrated HBGary???s system showed real skills, even social engineering a network administrator into giving them complete control over rootkit.com, a security research site Hoglund has long maintained. ???They broke into one of HBGary???s servers that was used for tech support, and they got emails through compromising an insecure Web server at HBGary Federal,??? Hoglund said. ???They used that to get the credentials for Aaron, who happened to be an administrator on our email system, which is how they got into everything else. So it???s a case where the hackers break in on a non-important system, which is very common in hacking situations, and leveraged lateral movement to get onto systems of interest over time.??? Reference: http://krebsonsecurity.com/2011/02/hbgary-federal-hacked-by-anonymous/ |
Entry Title: WHID 2011-37: Nasdaq admits hackers planted malware on web portal WHID ID: 2011-37 Date Occurred: 2/7/2011 Attack Method: SQL Injection Application Weakness: Improper Input Handling Outcome: Planting of Malware Attacked Entity Field: Finance Attacked Entity Geography: USA Incident Description: Nasdaq admitted on Saturday that unidentified hackers had succeeded in planting malware on one of its portals. The US stock exchange is keen to stress that trading systems were not affected by suspicious files found on Directors Desk, a web-based dashboard application used by an estimated 10,000 execs worldwide. In a statement, Nasdaq said that there was no evidence that customer information had been exposed by breach. It adds that it is likely that the Directors Desk hack was designed to plant malware on the systems of users via drive-by-download attacks. Reference: http://www.theregister.co.uk/2011/02/07/nasdaq_malware_breach/ |
Entry Title: WHID 2011-36: Credit report resellers settle with US FTC after data losses WHID ID: 2011-36 Date Occurred: 2/3/2011 Attack Method: Unknown Application Weakness: Insufficient Authorization Outcome: Leakage of Information Attacked Entity Field: Finance Attacked Entity Geography: Incident Description: As part of the Federal Trade Commission???s ongoing campaign to protect consumers??? personal information, three companies whose business is reselling consumers??? credit reports have agreed to settle FTC charges that they did not take reasonable steps to protect consumers??? personal information, failures that allowed computer hackers to access that data. The settlements require the companies to strengthen their data security procedures and submit to audits for 20 years. These are the FTC???s first cases against credit report resellers for their clients??? data security failures. ???These cases should send a strong message that companies giving their clients online access to sensitive consumer information must have reasonable procedures to secure it,??? said David Vladeck, Director of the FTC???s Bureau of Consumer Protection. ???Had these three companies taken adequate steps to ensure the use of basic computer security measures, they might have foiled the hackers who wound up gaining access to extensive personal information in the consumer reporting system.??? According to administrative complaints issued by the FTC, the three resellers buy credit reports from the three nationwide consumer reporting agencies (Equifax, Experian, and TransUnion) and combine them into special reports they sell to mortgage brokers and others to determine consumers??? eligibility for credit. Due to their lack of information security policies and procedures, the companies allegedly allowed clients without basic security measures, such as firewalls and updated antivirus software, to access their reports. As a result, hackers accessed more than 1,800 credit reports without authorization via the clients??? computer networks. In addition, even after becoming aware of the data breaches, the companies did not make reasonable efforts to protect against future breaches. Reference: http://www.ftc.gov/opa/2011/02/settlement.shtm |
Entry Title: WHID 2011-35: 'Dating site' takes pictures and names of 250,000 unsuspecting Facebook users WHID ID: 2011-35 Date Occurred: 2/4/2011 Attack Method: Process Automation Application Weakness: Insufficient Anti-automation Outcome: Disinformation Attacked Entity Field: Web 2.0 Attacked Entity Geography: USA Incident Description: Creators of a fake dating site have taken personal information from 250,000 Facebook profiles - and reproduced it without the knowledge of the members of the popular social networking site. However, bosses at Facebook have hit out at the misuse of the information held on their site and said they will 'take appropriate action'. 'Scraping people???s information violates our terms. We have taken, and will continue to take, aggressive legal action against organisations that violate these terms,' Facebook???s director of policy communications, Barry Schnitt, told Wired.com. Reference: http://www.dailymail.co.uk/news/article-1353643/Facebook-profiles-hacked-Dating-site-lifts-250-000-pictures-names.html |
Entry Title: WHID 2011-34: Al Jazeera site 'hacked by opponents of pro-democracy movement' in Egypt WHID ID: 2011-34 Date Occurred: 2/4/2011 Attack Method: Unknown Application Weakness: Improper Output Handling Outcome: Defacement Attacked Entity Field: Media Attacked Entity Geography: Dubai, Dubai Incident Description: Al Jazeera's Arabic news website was hacked into today following its coverage of anti-government protests in Egypt, according to the Qatar-based broadcaster. In a release, Al Jazeera claimed that for two hours this morning ??? from 6.30am to 8.30am Doha time ??? a banner advertisement was replaced with a slogan saying 'Together for the collapse of Egypt', which linked to a page criticising the broadcaster. Reference: http://www.journalism.co.uk/news/al-jazeera-site-hacked-by-opponents-of-pro-democracy-movement-in-egypt/s2/a542649/ |
Entry Title: WHID 2011-33: Anonymous Hackers Attack Yemeni Government WHID ID: 2011-33 Date Occurred: 2/2/2011 Attack Method: Denial of Service Application Weakness: Insufficient Anti-automation Outcome: Downtime Attacked Entity Field: Government Attacked Entity Geography: Yemin Incident Description: Anonymous took down Egyptian government websites today to protest the country's Internet censorship. Old news. Now they've moved on to Yemen, where an Egypt-style "day of rage" is scheduled for tomorrow. Hackers have already taken down the Ministry of Information. Reference: http://gawker.com/5750513/anonymous-hackers-already-taking-down-yemeni-websites |
Entry Title: WHID 2011-32: European Carbon Trading Systems Hacked WHID ID: 2011-32 Date Occurred: 1/19/2011 Attack Method: Unknown Application Weakness: Unknown Outcome: Monetary Loss Attacked Entity Field: Energy Attacked Entity Geography: Incident Description: Cyberattacks on national registries caused the closure of the ETS system last wednesday, right after from Czech Republic came the news that the firm Blackstone Global Ventures discovered to be missing something close to 9 million US dollars of carbon allowances. Reference: http://www.estonianfreepress.com/2011/01/ets-carbon-cyberattack/ |
Entry Title: WHID 2011-31: Hacker admits stealing $12million worth of poker chips from US gaming company WHID ID: 2011-31 Date Occurred: 2/2/2011 Attack Method: Unknown Application Weakness: Unknown Outcome: Loss of Sales Attacked Entity Field: Entertainment Attacked Entity Geography: San Francisco, CA Incident Description: A COMPUTER hacker from Paignton has admitted stealing $12million worth of poker chips from an American gaming company. Ashley Mitchell, 29, of Little Park Road, Paignton, admitted accessing the system belonging to the Zynga Corporation and stealing 400 billion chips. He then sold some of the virtual chips on the black market for ??53,000. Reference: http://www.thisissouthdevon.co.uk/news/HACKER-ADMITS-STEALING-12m-POKER-CHIPS/article-3170994-detail/article.html |
Entry Title: WHID 2011-30: Facebook plugs gnarly authentication flaw WHID ID: 2011-30 Date Occurred: 2/2/2011 Attack Method: Content Spoofing Application Weakness: Insufficient Authentication Outcome: Leakage of Information Attacked Entity Field: Web 2.0 Attacked Entity Geography: Palo Alto, CA Incident Description: the vulnerability stems from a bug in one of Facebook???s authentication mechanisms, Rui explained. The vulnerability enables the malicious website to impersonate any other websites to cheat Facebook, and obtain the same data access permissions on Facebook those websites receive. Bing.com by default has the permission to access any Facebook users' basic information such as name, gender, etc, so our malicious website is able to de-anonymize the users by impersonating Bing.com. In addition, due to business needs, there are many websites requesting more permissions, including accessing to a user's private data, and publishing content on Facebook on her behalf. Therefore, by impersonating those websites, our website can obtain the same permissions to steal the private data or post phishing messages on Facebook on the user's behalf. The exploit is generic, so we do not need to write an exploit for each Facebook app/website. The only parameter we need is the app ID of a Facebook app/website. Reference: http://www.theregister.co.uk/2011/02/02/facebook_plugs_authentication_flaw/ |
Entry Title: WHID 2011-3: Hacked Military and Government Sites Just Scratch the Surface WHID ID: 2011-3 Date Occurred: 1/21/2011 Attack Method: SQL Injection Application Weakness: Improper Input Handling Outcome: Leakage of Information Attacked Entity Field: Government Attacked Entity Geography: Incident Description: The Web has been abuzz with the revelation that hacked government and military Web sites, as well as databases of personal information are available for less than $500. As concerning as that may be, what should keep IT admins awake at night is the broader realization that these are only the hacked sites that were discovered on the hacker underground. There are more, and your site could be one of them. Reference: http://www.pcworld.com/businesscenter/article/217472/hacked_military_and_government_sites_just_scratch_the_surface.html |
Entry Title: WHID 2011-29: PlentyofFish Site Hacked WHID ID: 2011-29 Date Occurred: 1/31/2011 Attack Method: SQL Injection Application Weakness: Improper Input Handling Outcome: Leakage of Information Attacked Entity Field: Entertainment Attacked Entity Geography: Yarmouth, Nova Scotia Incident Description: "The vulnerability was properly documented by our team, without exposing any confidential user information," he writes. "This was an error based MSSQL injection, that could allow any attacker to make a full backup of the databases used by the websever, and or gain direct access into the site." Reference: http://www.net-security.org/secworld.php?id=10514 |
Entry Title: WHID 2011-289: Hacked! Environmental activism site Care2, users exposed WHID ID: 2011-289 Date Occurred: 12/30/2011 Attack Method: Unknown Application Weakness: Unknown Outcome: Leakage of Information Attacked Entity Field: Environmental Protection Attacked Entity Geography: Redwood, CA Incident Description: Care2.com, a site dedicated to environmental awareness, petitioning, and charitible donation with more than 17 million members has been hacked, according to a message from the company Friday morning. Reference: http://betanews.com/2011/12/30/hacked-environmental-activism-site-care2-users-exposed/ |
Entry Title: WHID 2011-288: Hacker group Anonymous steals sensitive info from Stratfor security firm WHID ID: 2011-288 Date Occurred: 12/24/2011 Attack Method: Unknown Application Weakness: Unknown Outcome: Defacement, Leakage of Information Attacked Entity Field: Research Attacked Entity Geography: Austin, TX Incident Description: Hacker collective Anonymous claims to have stolen credit card data and other sensitive details from U.S. security think tank Stratfor, with plans to donate $1 million in stolen cash to charity. Reference: http://venturebeat.com/2011/12/25/anonymous-hackers-steals-data-stratfor-security/ |
Entry Title: WHID-2011-286: Chinese gaming sites hacked: Millions of users affected WHID ID: 2011-287 Date Occurred: 12/22/2011 Attack Method: Unknown Application Weakness: Unknown Outcome: Leakage of Information Attacked Entity Field: Gaming Attacked Entity Geography: China Incident Description: The accounts of millions of Chinese web users have been compromised in a series of hacking attacks on several gaming websites, with account information leaking online Reference: http://www.zdnet.com/blog/asia/chinese-gaming-sites-hacked-millions-of-users-affected/579 |
Entry Title: WHID-2011-287: Chinese gaming sites hacked: Millions of users affected WHID ID: 2011-286 Date Occurred: 11/22/2011 Attack Method: Phishing Application Weakness: Insufficient Authentication Outcome: Monetary Loss Attacked Entity Field: Entertainment Attacked Entity Geography: Tempe, AZ Incident Description: Thousands of accounts belonging to Xbox Live customers have been hacked into by online criminals who have stolen millions of pounds, it has been reported Reference: http://www.telegraph.co.uk/technology/video-games/Xbox/8906043/Xbox-Live-customers-hacked-in-fresh-cyber-fraud-case.html |
Entry Title: WHID 2011-285: Cong site hacked, Sonia???s profile page defaced WHID ID: 2011-285 Date Occurred: 12/9/2011 Attack Method: Unknown Application Weakness: Unknown Outcome: Defacement Attacked Entity Field: Government Attacked Entity Geography: India Incident Description: Amid the raging debate over the government???s proposal to crack down on ???unacceptable??? internet content, hackers broke into Congress websites on Friday and defaced party chief Sonia Gandhi's profile page with objectionable material. Reference: http://www.hindustantimes.com/News-Feed/newdelhi/Congress-website-hacked-Sonia-s-profile-page-defaced/Article1-780256.aspx |
Entry Title: WHID 2011-284: Websites downed in Russia poll 'hack attack' WHID ID: 2011-284 Date Occurred: 12/4/2011 Attack Method: Denial of Service Application Weakness: Unknown Outcome: Downtime Attacked Entity Field: Radio station Attacked Entity Geography: Russia Incident Description: Websites which revealed violations in Russia's legislative polls were targeted in a mass hacking attack Sunday their operators said was aimed at preventing the exposure of mass election fraud. Reference: http://www.google.com/hostednews/afp/article/ALeqM5hAnXDOHgstjNt-eH4tBzon2B96Aw?docId=CNG.5b3137d37ca033f82d1946db0c21911c.151 |
Entry Title: WHID 2011-283: United Nations Website Hacked WHID ID: 2011-283 Date Occurred: 11/30/2011 Attack Method: Unknown Application Weakness: Unknown Outcome: Leakage of Information Attacked Entity Field: United Nations Attacked Entity Geography: New York Incident Description: Hacking attacks continue to happen all over the world. This time, a hacker group, which calls itself "Teampoison", attacked the website of the United Nations and posted personal information belonging to UN members on Pastebin. Reference: http://www.shortnews.com/start.cfm?id=91152 |
Entry Title: WHID 2011-282: Mexican weekly goes offline after cyberattack WHID ID: 2011-282 Date Occurred: 11/25/2011 Attack Method: Denial of Service Application Weakness: Insufficient Anti-automation Outcome: Downtime Attacked Entity Field: Newspaper Attacked Entity Geography: Mexico Incident Description: The Committee to Protect Journalists is concerned by reports of a cyberattack on Mexican weekly R?_odoce that forced its website offline on Friday. Reference: http://www.cpj.org/2011/11/mexican-weekly-goes-offline-after-cyberattack.php |
Entry Title: WHID 2011-281: City's website hacked, no information compromised WHID ID: 2011-281 Date Occurred: 11/27/2011 Attack Method: Unknown Application Weakness: Unknown Outcome: Defacement Attacked Entity Field: Government Attacked Entity Geography: Kentucky Incident Description: The city of Bowling Green's website is back to normal after being broken into by hackers over the weekend. Reference: http://www.fox19.com/story/16137276/citys-website-hacked-no-information-compromised |
Entry Title: WHID 2011-280: State TV website hacked to protest clashes coverage WHID ID: 2011-280 Date Occurred: 11/20/2011 Attack Method: Unknown Application Weakness: Unknown Outcome: Downtime Attacked Entity Field: Television Attacked Entity Geography: Egypt Incident Description: Egypt???s official State Television Network website was attacked on Sunday by hackers who left a message on the site???s main page condemning state media coverage of Saturday ???s clashes in Tahrir Square between protesters and security forces. Reference: http://english.ahram.org.eg/NewsContent/1/64/27062/Egypt/Politics-/State-TV-website-hacked-to-protest-clashes-coverag.aspx |
Entry Title: WHID 2011-28: Mysterious 'Roy Castillo' haunts Facebook WHID ID: 2011-28 Date Occurred: 1/27/2011 Attack Method: Cross Site Scripting (XSS) Application Weakness: Improper Output Handling Outcome: Spam Attacked Entity Field: Web 2.0 Attacked Entity Geography: Incident Description: He arrived on Wednesday, around the same time Facebook CEO Mark Zuckerburg???s Facebook fan page was hacked. Roy Castillo ??? the ghost "friend"with a man???s name and a profile pic of a teenage girl wearing sunglasses ??? popped up in the Facebook newsfeeds with the curt status: "Off to Danao City." Facebook did not respond to Technolog???s request for comment. But according to French security site Zazak, the bug that opened the door for Roy yesterday was reported, and slammed shut today. Zazak reports that the hacker(s) behind Roy Castillo took advantage of a cross site scripting vulnerability (XSS) that allows outsiders to add script to Web pages. Reference: http://technolog.msnbc.msn.com/_news/2011/01/27/5935542-mysterious-roy-castillo-haunts-facebook |
Entry Title: WHID 2011-279: Steam game service hacked, credit card theft investigated WHID ID: 2011-279 Date Occurred: 11/11/2011 Attack Method: SQL Injection Application Weakness: Improper Input Handling Outcome: Leakage of Information Attacked Entity Field: Entertainment Attacked Entity Geography: Maple Valley, WA Incident Description: Valve Corporation has become the latest game company to fall victim to a major hacking intrusion that has left gamers' personal information and potentially even credit card numbers exposed. Reference: http://ingame.msnbc.msn.com/_news/2011/11/10/8742607-steam-game-service-hacked-credit-card-theft-investigated |
Entry Title: WHID 2011-278: St. Louis mayor's website hacked by Occupy sympathizer WHID ID: 2011-278 Date Occurred: 11/9/2011 Attack Method: Unknown Application Weakness: Unknown Outcome: Defacement Attacked Entity Field: Government Attacked Entity Geography: St. Louis, MO Incident Description: A hacker claiming to be part of the network Anonymous broke into the mayor of St. Louis's website and left a message of support for anti-Wall Street protesters threatened with eviction from their campsite. Reference: http://www.wtvr.com/sns-rt-us-protests-hacking-stlouistre7a90c4-20111109,0,3618302.story |
Entry Title: WHID 2011-277: Cyber attacks hit Fujitsu local government system WHID ID: 2011-277 Date Occurred: 11/10/2011 Attack Method: Denial of Service Application Weakness: Insufficient Anti-automation Outcome: Downtime Attacked Entity Field: Government Attacked Entity Geography: Fukuoka, Japan Incident Description: A Fujitsu computer system run by about 200 Japanese local governments has been hit by a series of cyber attacks and is in a vulnerable condition, the company said Thursday. Reference: http://news.yahoo.com/cyber-attacks-hit-fujitsu-local-government-system-075757705.html |
Entry Title: WHID 2011-276: Hackers poison Brazilian ISP DNS to infect users with banking Trojan WHID ID: 2011-276 Date Occurred: 11/9/2011 Attack Method: DNS Hijacking Application Weakness: Unknown Outcome: Planting of Malware Attacked Entity Field: Service Providers Attacked Entity Geography: Brazil Incident Description: DNS servers from multiple Brazilian ISPs were compromised to direct users to malicious websites Reference: http://news.techworld.com/security/3317148/hackers-poison-brazilian-isp-dns-to-infect-users-with-banking-trojan/ |
Entry Title: WHID 2011-275: Certificate Authority Uncovers Old Breach WHID ID: 2011-275 Date Occurred: 11/8/2011 Attack Method: Unknown Application Weakness: Unknown Outcome: Monetary Loss Attacked Entity Field: Retail Attacked Entity Geography: Amersfoort, NE Incident Description: KPN announced this week that it has suspended issuing certificates after discovering the breach of a PKI-related Web server with a distributed denial-of-service tool that apparently had been sitting on the server for at least four years. Reference: http://www.informationweek.com/news/security/attacks/231902582 |
Entry Title: WHID 2011-274: Turkish hacker shuts down French magazine website for Islamic prophet cartoon WHID ID: 2011-274 Date Occurred: 11/7/2011 Attack Method: Unknown Application Weakness: Unknown Outcome: Downtime Attacked Entity Field: Media Attacked Entity Geography: France Incident Description: A Turkish hacker has claimed credit for bringing down the website of a French satirical weekly that published an issue named ???Charia Hebdo,??? with a caricature of the Islamic prophet Muhammad on the cover. Reference: http://www.taiwannews.com.tw/etn/news_content.php?id=1751509 |
Entry Title: WHID 2011-273: DoS attack takes Palestinians offline WHID ID: 2011-273 Date Occurred: 11/7/2011 Attack Method: Denial of Service Application Weakness: Insufficient Anti-automation Outcome: Downtime Attacked Entity Field: Government Attacked Entity Geography: Nablus, PS Incident Description: Large denial of service attacks have rocked Palestinian, severing internet service to the West Bank and Gaza late last week. Reference: http://www.itnews.com.au/News/279230,dos-attack-takes-palestinians-offline.aspx |
Entry Title: WHID 2011-272: Anonymous downs official sites in El Salvador WHID ID: 2011-272 Date Occurred: 11/7/2011 Attack Method: Denial of Service Application Weakness: Insufficient Anti-automation Outcome: Downtime Attacked Entity Field: Government Attacked Entity Geography: El Salvador Incident Description: Hacktivist group Anonymous has attacked the websites of El Salvador's presidency and government ministries, forcing several to be shut down. The group's "Operation Justice El Salvador" comes two weeks after Anonymous threatened several government websites, according to Australian reports. The website of the presidency was suspended at the weekend after it was bombarded with 30 million hits on Saturday in a denial-of-service (DoS) attack. Reference: http://www.computerweekly.com/Articles/2011/11/07/248383/Anonymous-downs-official-sites-in-El-Salvador.htm |
Entry Title: WHID 2011-271: Hacked MIT server is blamed for brute force web site attacks WHID ID: 2011-271 Date Occurred: 11/3/2011 Attack Method: Unknown Application Weakness: Unknown Outcome: Planting of Malware Attacked Entity Field: Education Attacked Entity Geography: Cambridge, MA Incident Description: A report on the firm's security blog, called Malware City, claims that a hacking attack against the MIT.edu infrastructure started with a malicious script on one MIT server. Reference: http://www.theinquirer.net/inquirer/news/2122546/hacked-mit-server-blamed-brute-force-web-site-attacks |
Entry Title: WHID 2011-270: Attackers Trick Facebook Users Into Exposing Secret Security Codes WHID ID: 2011-270 Date Occurred: 10/27/2011 Attack Method: Social Engineering Application Weakness: Insufficient Process Validation Outcome: Account Takeover Attacked Entity Field: Web 2.0 Attacked Entity Geography: Palo Alto, CA Incident Description: New social engineering attacks are tricking Facebook users into exposing anti-CSRF tokens associated with their sessions. These security codes allow attackers to make unauthorized requests through the victim's browser. Reference: http://www.pcworld.com/businesscenter/article/242711/attackers_trick_facebook_users_into_exposing_secret_security_codes.html |
Entry Title: WHID 2011-27: FarmVille possibly hacked WHID ID: 2011-27 Date Occurred: 1/26/2011 Attack Method: Unknown Application Weakness: Insufficient Authorization Outcome: Disinformation Attacked Entity Field: Web 2.0 Attacked Entity Geography: Incident Description: For those who aren't normally lurking the FarmVille forums, they've been in an uproar over a FarmVille player known as Ek????n Man. According to several forum users, this player has been posting messages on their Walls via the FarmVille app, but none of them are actually friends with him. Reference: http://blog.games.com/2011/01/26/farmville-possibly-hacked/ |
Entry Title: WHID 2011-269: Massive Swedish Hacks Leak 400,000 Account Details WHID ID: 2011-269 Date Occurred: 10/27/2011 Attack Method: SQL Injection Application Weakness: Improper Input Handling Outcome: Leakage of Information Attacked Entity Field: Blogs Attacked Entity Geography: Sweden Incident Description: The source of the passwords turned out to be blogging site Bloggtoppen.se, which was vulnerable to an SQL injection attack. Its user database, which included details for approximately 94,000 accounts, was published back in September on a site called Flashback, and then distributed via Twitter, as well. Reference: http://www.pcworld.com/businesscenter/article/242700/massive_swedish_hacks_leak_400000_account_details.html |
Entry Title: WHID 2011-268: Hackers hit Nigeria anti-fraud agency website WHID ID: 2011-268 Date Occurred: 10/28/2011 Attack Method: Unknown Application Weakness: Unknown Outcome: Defacement Attacked Entity Field: Government Attacked Entity Geography: Lagos, Nigeria Incident Description: Hackers have hit the website of Nigeria's top anti-corruption agency over a government official suggesting tighter Internet control in Africa's most populous nation. Reference: http://www.google.com/hostednews/ap/article/ALeqM5gM03EX-AyBLqhTSCq3aFLSG0KZ2Q?docId=9d74815d22d84a989110e038db9f9330 |
Entry Title: WHID 2011-267: Anonymous shuts down hidden child abuse hub WHID ID: 2011-267 Date Occurred: 10/24/2011 Attack Method: SQL Injection Application Weakness: Improper Input Handling Outcome: Leakage of Information Attacked Entity Field: File Sharing Attacked Entity Geography: Incident Description: Anonymous then began a series of denial-of-service attacks aimed at Freedom Hosting, and most particularly Lolita City. The user database of the site was extracted using a SQL injection attack, ars technica reports. Reference: http://www.theregister.co.uk/2011/10/24/anonymous_fight_child_abuse_network/ |
Entry Title: WHID 2011-266: Air travel website Cheaptickets.nl hacked WHID ID: 2011-266 Date Occurred: 10/24/2011 Attack Method: SQL Injection Application Weakness: Improper Input Handling Outcome: Leakage of Information Attacked Entity Field: Travel Attacked Entity Geography: Weert, NL Incident Description: The personal details of 715,000 people who booked a flight through website CheapTickets.nl in 2008 and 2009 are in the hands of a hacker, website webwereld.nl reports on Monday. Reference: http://www.dutchnews.nl/news/archives/2011/10/air_travel_website_cheapticket.php |
Entry Title: WHID 2011-265: 4Chan Hackers Attack Yakoozo.com WHID ID: 2011-265 Date Occurred: 10/12/2011 Attack Method: SQL Injection Application Weakness: Improper Input Handling Outcome: Defacement Attacked Entity Field: Search Engine Attacked Entity Geography: United Kingdom Incident Description: UK based hotel search engine Yakoozo.com ground to a halt recently after being subject to a major cyber-attack by users of the notorious image posting website 4chan. The attack took place on 12/10/2011 when internet users visiting Yakoozo where faced with explicit pornographic images, defaced pages and abusive text throughout the yakoozo website. 4Chan users coordinated the attack from the websites community posting real-time threads issuing instruction, orders and commands to users. This resulted in large traffic spikes, whilst up to 100 hackers breached website security. It is believed the attackers used SQL injection techniques to gain access, similar to the attacks on Nokia, world governments and countless other high profile attacks. Administrators have now removed the threads from their website. Reference: http://www.webwire.com/ViewPressRel.asp?aId=147869 |
Entry Title: WHID 2011-264: Team Swastika group hacks 10,000 global Facebook account details WHID ID: 2011-264 Date Occurred: 10/18/2011 Attack Method: Unknown Application Weakness: Unknown Outcome: Leakage of Information Attacked Entity Field: Web 2.0 Attacked Entity Geography: Palo Alto, CA Incident Description: Security experts are warning web users to ensure they use strong passwords and vary their credentials from site to site after a new hacking group published log-in details of what it claimed to be more than 10,000 Facebook users. Reference: http://www.v3.co.uk/v3-uk/news/2117965/team-swastika-hacks-global-facebook-accounts |
Entry Title: WHID 2011-263: Adidas websites go offline after security breach WHID ID: 2011-263 Date Occurred: 11/3/2011 Attack Method: Unknown Application Weakness: Unknown Outcome: Downtime Attacked Entity Field: Retail Attacked Entity Geography: Incident Description: Adidas said it became aware of a "sophisticated, criminal cyber-attack" on its various web sites on 3 November but the firm claimed it found no evidence that customers' data had been stole Reference: http://www.theinquirer.net/inquirer/news/2123016/adidas-websites-offline-security-breach |
Entry Title: WHID 2011-262: Hackers 'Timthumb' Their Noses At Vulnerability To Compromise 1.2 Million Sites WHID ID: 2011-262 Date Occurred: 11/2/2011 Attack Method: Remote File Inclusion Application Weakness: Improper Input Handling Outcome: Planting of Malware Attacked Entity Field: Multiple Attacked Entity Geography: Multiple Incident Description: A vulnerability in an obscure WordPress add-on script that was discovered in August is currently being used to compromise more than 1.2 million websites -- and could be easily used to siphon data out of databases hosted on servers also hosting the compromised websites, security experts warned today. Reference: http://www.darkreading.com/database-security/167901020/security/news/231902162/hackers-timthumb-their-noses-at-vulnerability-to-compromise-1-2-million-sites.html |
Entry Title: WHID 2011-261: Hackers mistake French rugby site for German stock exchange WHID ID: 2011-261 Date Occurred: 11/4/2011 Attack Method: Denial of Service Application Weakness: Insufficient Anti-automation Outcome: Downtime Attacked Entity Field: Sports Attacked Entity Geography: France Incident Description: Hacktivists mistakenly attacked a French rugby fansite instead of their intended target, the German stock exchange. Reference: http://www.theregister.co.uk/2011/11/04/french_rugby_site_hacktivist_maul/ |
Entry Title: WHID 2011-260: Boston police website hacked, user info posted online WHID ID: 2011-260 Date Occurred: 10/22/2011 Attack Method: Unknown Application Weakness: Unknown Outcome: Leakage of Information Attacked Entity Field: Law Enforcement Attacked Entity Geography: Boston, Massachusettes Incident Description: A Boston Police Department website was hacked. At least 2,000 names and passwords have been posted online. Reference: http://www.msnbc.msn.com/id/45001308/ns/local_news-boston_ma/#.TqV6OXEzLdo |
Entry Title: WHID 2011-26: Tunisian government harvesting usernames and passwords WHID ID: 2011-26 Date Occurred: 1/4/2011 Attack Method: Content Injection Application Weakness: Insufficient Transport Layer Protection Outcome: Stolen Credentials Attacked Entity Field: Web 2.0 Attacked Entity Geography: Incident Description: The Tunisian Internet Agency (Agence tunisienne d'Internet or ATI) is being blamed for the presence of injected JavaScript that captures usernames and passwords. The code has been discovered on login pages for Gmail, Yahoo, and Facebook, and said to be the reason for the recent rash of account hijackings reported by Tunisian protesters. Reference: http://www.thetechherald.com/article.php/201101/6651/Tunisian-government-harvesting-usernames-and-passwords |
Entry Title: WHID 2011-259: 4Chan Hackers Attack Yakoozo.com WHID ID: 2011-259 Date Occurred: 12/10/2010 Attack Method: SQL Injection Application Weakness: Improper Input Handling Outcome: Defacement Attacked Entity Field: Search Engine Attacked Entity Geography: England Incident Description: UK based hotel search engine Yakoozo.com ground to a halt recently after being subject to a major cyber-attack by users of the notorious image posting website 4chan. Reference: http://www.webwire.com/ViewPressRel.asp?aId=147869 |
Entry Title: WHID 2011-258: Mass ASP.NET attack causes websites to turn on visitors WHID ID: 2011-258 Date Occurred: 10/14/2011 Attack Method: SQL Injection Application Weakness: Improper Input Handling Outcome: Planting of Malware Attacked Entity Field: Attacked Entity Geography: United Kingdom Incident Description: An infection that causes poorly configured websites to silently bombard visitors with malware attacks has hit almost 614,000 webpages, Google searches show. Reference: http://www.theregister.co.uk/2011/10/14/mass_website_inection_grows/ |
Entry Title: WHID 2011-257: WineHQ database hacked, passwords stolen WHID ID: 2011-257 Date Occurred: 10/12/2011 Attack Method: Unknown Application Weakness: Unknown Outcome: Leakage of Information Attacked Entity Field: Technology Attacked Entity Geography: Saint Paul, MN Incident Description: Malicious hackers exploit vulnerabilities in phpmyadmin to gain access to WineHQ???s database. Usernames and passwords were stolen. Reference: http://www.zdnet.com/blog/security/winehq-database-hacked-passwords-stolen/9604 |
Entry Title: WHID 2011-256: Sony Detects Suspicious Behavior, Locks 93,000 Online Accounts WHID ID: 2011-256 Date Occurred: 10/12/2011 Attack Method: Brute Force Application Weakness: Insufficient Anti-automation Outcome: Account Takeover Attacked Entity Field: Entertainment Attacked Entity Geography: Tokyo, Japan Incident Description: Sony locked the accounts of some 93,000 individuals on the Playstation Network (PSN), the Sony Entertainment Network (SEN), and Sony Online Entertainment (SOE) services following a mass log-in attempt using username-password combinations obtained from an unnamed source. Reference: http://threatpost.com/en_us/blogs/sony-detects-suspicious-behavior-locks-93000-online-accounts-101211 |
Entry Title: WHID 2011-255:Unijobs.com.au website hacked, more than 600 passwords exposed WHID ID: 2011-255 Date Occurred: 10/7/2011 Attack Method: SQL Injection Application Weakness: Improper Input Handling Outcome: Leakage of Information Attacked Entity Field: Attacked Entity Geography: Australia Incident Description: Citigroup acknowledged on Thursday that unidentified hackers had breached its security and gained access to the data of hundreds of thousands of its bank card customers. Reference: http://news.com.com/2100-1017-245372.html?legacy=cnet |
Entry Title: WHID 2011-254: Computer hackers stole ??44million by discovering bank Pins WHID ID: 2011-254 Date Occurred: 10/3/2011 Attack Method: Banking Trojan Application Weakness: Insufficient Authentication Outcome: Monetary Loss Attacked Entity Field: Finance Attacked Entity Geography: Incident Description: The international group used a virus called Zeus to access Pins for bank accounts in Europe and the US. The money was then transferred to other accounts and withdrawn from cash machines. Reference: http://www.metro.co.uk/news/877460-computer-hackers-stole-44million-by-discovering-bank-pins |
Entry Title: WHID 2011-253: Thousands of sites compromised following hosting provider hack WHID ID: 2011-253 Date Occurred: 9/28/2011 Attack Method: Unknown Application Weakness: Improper Output Handling Outcome: Planting of Malware Attacked Entity Field: Hosting Providers Attacked Entity Geography: Santa Monica, CA Incident Description: California-based hosting provider InMotion has suffered a compromise that resulted in the defacement of thousands of home pages of websites hosted on their infrastructure, which were allegedly set to serve malware. Reference: http://www.net-security.org/secworld.php?id=11703 |
Entry Title: WHID 2011-252: Hacker group briefly hits USA Today's Twitter page WHID ID: 2011-252 Date Occurred: 9/27/2011 Attack Method: Unknown Application Weakness: Unknown Outcome: Disinformation Attacked Entity Field: Web 2.0 Attacked Entity Geography: Incident Description: Hacker group The Script Kiddies successfully hacked another news organization when it logged onto USA Today's Twitter page and posted false statements Sunday evening. USA Today promptly removed the messages and posted a statement about the hack. Reference: http://www.cnn.com/2011/09/26/us/usa-today-twitter-hack/ |
Entry Title: WHID 2011-251: MySQL.com Hacked to Serve Malware WHID ID: 2011-251 Date Occurred: 9/26/2011 Attack Method: Unknown Application Weakness: Improper Output Handling Outcome: Planting of Malware Attacked Entity Field: Technology Attacked Entity Geography: Sweden Incident Description: The website for the open-source MySQL database was hacked and used to serve malware to visitors Monday. Reference: http://www.pcworld.com/businesscenter/article/240609/mysqlcom_hacked_to_serve_malware.html |
Entry Title: WHID 2011-250: NetRegistry suffers DDoS attack WHID ID: 2011-250 Date Occurred: 9/26/2011 Attack Method: Denial of Service Application Weakness: Insufficient Anti-automation Outcome: Downtime Attacked Entity Field: Hosting Providers Attacked Entity Geography: Australia Incident Description: Australian web host NetRegistry has been hit with a continuing Distributed Denial of Service (DDoS) attack leaving many customers unable to access their websites or virtual private servers (VPS) over the course of the day. Reference: http://itechreport.com.au/2011/09/26/netregistry-suffers-ddos-attack/ |
Entry Title: WHID 2011-25: Mail & Guardian website taken down after hacker attack WHID ID: 2011-25 Date Occurred: 1/26/2011 Attack Method: Unknown Application Weakness: Unknown Outcome: Downtime Attacked Entity Field: News Attacked Entity Geography: South Africa Incident Description: The Mail & Guardian Online, one of South Africa???s oldest news website, has been taken offline. Mail & Guardian editor Nic Dawes said on Twitter that the website is ???under sustained attack by hackers??? and that it was taken offline to protect the security of their users. According to Dawes the attacks originate in Russia. Reference: http://mybroadband.co.za/news/security/17999-Mail-Guardian-website-taken-down-after-hacker-attack.html |
Entry Title: WHID 2011-249: Jonesboro Police investigate hacking of library bank accounts WHID ID: 2011-249 Date Occurred: 9/22/2011 Attack Method: Banking Trojan Application Weakness: Insufficient Authentication Outcome: Monetary Loss Attacked Entity Field: Finance Attacked Entity Geography: Jonesboro, AR Incident Description: Computer hackers have left the Jonesboro Public Library high and dry after stealing over $37,000 Reference: http://www.kait8.com/story/15513612/jonesboro-police-investigate-hacking-of-library-bank-accounts |
Entry Title: WHID 2011-248: uTorrent.com hacked, serving scareware WHID ID: 2011-248 Date Occurred: 9/19/2011 Attack Method: Unknown Application Weakness: Improper Output Handling Outcome: Planting of Malware Attacked Entity Field: File Sharing Attacked Entity Geography: Santa Ana, CA Incident Description: The popular file sharing web sites were compromised for a brief period of a few hours, with the links to the BitTorrent client replaced by a scareware (Security Shield) download. Reference: http://www.zdnet.com/blog/security/utorrentcom-hacked-serving-scareware/9413 |
Entry Title: WHID 2011-247: Japan govt websites hit by cyberattacks WHID ID: 2011-247 Date Occurred: 9/19/2011 Attack Method: Denial of Service Application Weakness: Insufficient Anti-automation Outcome: Downtime Attacked Entity Field: Government Attacked Entity Geography: Japan Incident Description: Websites of some Japanese government agencies were hit by cyberattacks over the weekend, temporarily blocking access to them, Kyodo news agency reported Monday, citing national police. Reference: http://www.google.com/hostednews/afp/article/ALeqM5iR92sOHnpWdW86haDoaKWwijvpnA?docId=CNG.12aaa9e587061958aecf129b4e395403.21 |
Entry Title: WHID 2011-246: Hundreds of Go Daddy sites hacked, redirected to malware WHID ID: 2011-246 Date Occurred: 9/17/2011 Attack Method: Malware Application Weakness: Insufficient Authentication Outcome: Planting of Malware Attacked Entity Field: Hosting Providers Attacked Entity Geography: Incident Description: It was reported today that hundreds of the company???s sites were compromised. Visitors coming to those sites from search engines were redirected to a page containing malware. Reference: http://www.myce.com/news/hundreds-of-go-daddy-sites-hacked-redirected-to-malware-51876/ |
Entry Title: WHID 2011-245: Hacker "soldier" steals $3.2 million from U.S. companies WHID ID: 2011-245 Date Occurred: 9/15/2011 Attack Method: Banking Trojan Application Weakness: Insufficient Authentication Outcome: Monetary Loss Attacked Entity Field: Finance Attacked Entity Geography: Incident Description: A hacker known in the cybercriminal underground as ???soldier??? has stolen $3.2 million from major U.S. corporations in the past six months, according to researchers at anti-virus firm Trend Micro. The attacker, believed to be in his early 20s and residing in Russia, used various toolkits, such as SpyEye and Zeus, to plunder millions of dollars from corporate bank accounts since January, Jamz Yaneza, threat research manager at Trend Micro, told SCMagazineUS.com on Thursday Reference: http://www.scmagazineus.com/hacker-soldier-steals-32-million-from-us-companies/article/212070/ |
Entry Title: WHID 2011-244: Anonymous group hacks Mexican government websites under operation OpIndependencia WHID ID: 2011-244 Date Occurred: 9/16/2011 Attack Method: Denial of Service Application Weakness: Insufficient Anti-automation Outcome: Downtime Attacked Entity Field: Government Attacked Entity Geography: Mexico, MX Incident Description: Hacker group Anonymous after having created havoc throughout the cyber space in recent times, has once again got activated with the hacking of government sites in Mexico, reports Reuters. Reference: http://socialbarrel.com/anonymous-group-hacks-mexican-government-websites-under-operation-opindependencia/20602/ |
Entry Title: WHID 2011-243: Spanish feds mend website clobbered by Anonymous WHID ID: 2011-243 Date Occurred: 9/16/2011 Attack Method: Denial of Service Application Weakness: Insufficient Anti-automation Outcome: Downtime Attacked Entity Field: Law Enforcement Attacked Entity Geography: Spain Incident Description: Spanish national police have reactivated their website following attacks by hacking supergroup Anonymous. The assault on policia.es on Thursday coincided with the publication of the names of 30 bodyguards working for Spanish prime minister Jose Rodriguez Zapatero. Reference: http://www.theregister.co.uk/2011/09/16/spain_police_hacktivism_attack/ |
Entry Title: WHID 2011-242: Armenians hack website of US-based Karabakh Foundation WHID ID: 2011-242 Date Occurred: 9/16/2011 Attack Method: Denial of Service Application Weakness: Insufficient Anti-automation Outcome: Downtime Attacked Entity Field: Politics Attacked Entity Geography: Absecon, US Incident Description: The website of the Foundation was fully destroyed as a result of DDOS attack. An initial investigation revealed that the hacker attack has been committed from Armenia. The website was restored in short. Reference: http://www.news.az/articles/tech/44625 |
Entry Title: WHID 2011-241: BitCoin forum hacked by donor WHID ID: 2011-241 Date Occurred: 9/12/2011 Attack Method: SQL Injection Application Weakness: Improper Input Handling Outcome: Leakage of Information Attacked Entity Field: User Forum Attacked Entity Geography: Dallas, TX Incident Description: A hacker has used a zero day flaw to steal email addresses, hashed passwords and read personal messages from the bitcointalk.org forum. Reference: http://www.scmagazine.com.au/News/271688,bitcoin-forum-hacked-by-donor.aspx |
Entry Title: WHID 2011-240: Russia's embassy in UK says hackers hit website WHID ID: 2011-240 Date Occurred: 9/11/2011 Attack Method: Denial of Service Application Weakness: Insufficient Anti-automation Outcome: Downtime Attacked Entity Field: Government Attacked Entity Geography: Plano, TX Incident Description: Russia's embassy in London said on Sunday its website crashed in a suspected hacking attack just before Prime Minister David Cameron begins the first visit by a British leader to Moscow since the 2006 killing in London of a Kremlin critic. Reference: http://www.reuters.com/article/2011/09/11/us-russia-britain-website-idUSTRE78A1P620110911 |
Entry Title: WHID 2011-24: Twitter worm hits goo.gl, redirects to fake anti-virus WHID ID: 2011-24 Date Occurred: 1/20/2011 Attack Method: Unknown Application Weakness: Unknown Outcome: Planting of Malware Attacked Entity Field: Web 2.0 Attacked Entity Geography: Incident Description: A fast-moving Twitter worm is in circulation, using Google???s goo.gl redirection service to push unsuspecting users to a notorious scareware (fake anti-virus) malware campaign. Reference: http://www.zdnet.com/blog/security/twitter-worm-hits-googl-redirects-to-fake-anti-virus/7938 |
Entry Title: WHID 2011-239: NBC Twitter account hacked, issued false reports WHID ID: 2011-239 Date Occurred: 9/9/2011 Attack Method: Unknown Application Weakness: Unknown Outcome: Disinformation Attacked Entity Field: Web 2.0 Attacked Entity Geography: Incident Description: The NBC News Twitter account, @NBCNews, was hacked late Friday, resulting in false reports about an airplane attack at Ground Zero, the Manhattan site of the original 9/11 attacks. The Twitter account was quickly taken offline, and has since been restored, with the false tweets removed. Reference: http://technolog.msnbc.msn.com/_news/2011/09/09/7692776-nbc-twitter-account-hacked-issued-false-reports |
Entry Title: WHID 2011-238: US uni warned, then hacked WHID ID: 2011-238 Date Occurred: 9/8/2011 Attack Method: SQL Injection Application Weakness: Improper Input Handling Outcome: Defacement Attacked Entity Field: Education Attacked Entity Geography: San Francisco, CA Incident Description: A frustrated hacker has defaced the web site of the University of Vermont after multiple cross site scripting (XSS) vulnerability disclosures allegedly went ignored. The hacker Codeine said the university was advised of XSS holes exactly one month ago but failed to patch the holes despite allegedly claiming to be doing so soon after the disclosure. The disclosure was posted on PacketStorm.org. Reference: http://www.scmagazine.com.au/News/271391,us-uni-warned-then-hacked.aspx |
Entry Title: WHID 2011-237: Turkish Hackers Strike Websites With DNS Hack WHID ID: 2011-237 Date Occurred: 4/21/2011 Attack Method: SQL Injection Application Weakness: Improper Input Handling Outcome: Defacement Attacked Entity Field: Retail Attacked Entity Geography: Incident Description: Turkguvenligi managed to hack NetName's DNS servers through a SQL injection attack, which involves putting commands into a web-based form to see if the back-end database responds. If those commands aren't scanned for malicious code, an attacker could gain access to the system. In the case of NetNames, Turkguvenligi put a redelegation order into the company's system and changed the address of the master DNS servers that served data for the websites, according to a statement from NetNames. Reference: http://www.pcworld.com/businesscenter/article/239501/turkish_hackers_strike_websites_with_dns_hack.html |
Entry Title: WHID 2011-236: Hollywood is being hacked by Anonymous offshoot WHID ID: 2011-236 Date Occurred: 9/1/2011 Attack Method: Credential/Session Prediction Application Weakness: Insufficient Password Recovery Outcome: Leakage of Information Attacked Entity Field: Entertainment Attacked Entity Geography: Incident Description: Another hacking group hits the scene. This time they're not even attempting a message or purpose. A new faction that claims to be an offshoot of Anonymous named Hollywood Leaks has targeted celebrity emails and Twitter accounts. According Chen the group isn't particularly tech savvy, "they say they've broken into accounts mostly by guessing bad security questions." Reference: http://www.cbsnews.com/8301-501465_162-20100452-501465.html |
Entry Title: WHID 2011-235: Xbox 360 Accounts Being Hacked WHID ID: 2011-235 Date Occurred: 8/31/2011 Attack Method: Brute Force Application Weakness: Insufficient Anti-automation Outcome: Account Takeover Attacked Entity Field: Entertainment Attacked Entity Geography: Redmond, WA Incident Description: There have been a lot of reports over the past day of Xbox 360 accounts being hacked and user accounts being locked. The common ground is an Xbox account and Windows Live ID, with users reporting fraudulent charges on their accounts. Reference: http://www.evdoinfo.com/content/view/3711/64/ |
Entry Title: WHID 2011-234: DDoS Attack Sends Wikileaks.org Website Down WHID ID: 2011-234 Date Occurred: 8/31/2011 Attack Method: Denial of Service Application Weakness: Insufficient Anti-automation Outcome: Downtime Attacked Entity Field: News Attacked Entity Geography: San Mateo, CA Incident Description: The famed whistle blowing organisation Wikileaks has admitted that its website, Wikileaks.org, had suffered at the hands of an organised Distributed Denial of Service (DDoS) attack. Reference: http://www.webhostdir.com/news/ShowItem.aspx?ID=90625 |
Entry Title: WHID 2011-233: Nokia developer forums hacked: 'Significant number' of records stolen WHID ID: 2011-233 Date Occurred: 8/29/2011 Attack Method: SQL Injection Application Weakness: Improper Input Handling Outcome: Leakage of Information Attacked Entity Field: Technology Attacked Entity Geography: Cambridge, MA Incident Description: In a statement on the Nokia community pages, which have since been closed amid the hack, the phone giant warns that members??? personal information, including dates of birth and email addresses, may have been stolen. The statement details how database tables containing the personal information were accessed by exploiting a vulnerability in the bulletin board software, through means of ???an SQL injection attack???. Reference: http://www.zdnet.com/blog/btl/nokia-developer-forums-hacked-significant-number-of-records-stolen/56456 |
Entry Title: WHID 2011-232: Ron Paul's Fundraising Drive Disrupted by DDoS Attack WHID ID: 2011-232 Date Occurred: 8/23/2011 Attack Method: Denial of Service Application Weakness: Insufficient Anti-automation Outcome: Monetary Loss Attacked Entity Field: Politics Attacked Entity Geography: San Antonio, TX Incident Description: A fundraising drive organized by Texas Congressman Ron Paul was disrupted because his campaign website became the target of a distributed denial-of-service (DDoS) attack. Reference: http://news.softpedia.com/news/Ron-Paul-s-Fundraising-Drive-Disrupted-by-DDoS-Attack-218265.shtml |
Entry Title: WHID 2011-231: Firm at heart of biggest oil spill spews toxic web attack WHID ID: 2011-231 Date Occurred: 8/25/2011 Attack Method: Unknown Application Weakness: Improper Output Handling Outcome: Planting of Malware Attacked Entity Field: Energy Attacked Entity Geography: Jersey City, NJ Incident Description: Researchers at web security firm Websense said deepwater.com, Transocean's official website, has been hosting malicious exploit code that attempts to install malware on the machines of people who visit the site. Reference: http://www.theregister.co.uk/2011/08/25/transocean_website_compromise/ |
Entry Title: WHID 2011-230: Botnet attacks pizza delivery service WHID ID: 2011-230 Date Occurred: 8/25/2011 Attack Method: Denial of Service Application Weakness: Insufficient Anti-automation Outcome: Downtime Attacked Entity Field: Retail Attacked Entity Geography: Germany Incident Description: One of the most prominent victims is pizza.de. During one attack, the company registered attacks from approximately 50,000 IP addresses generating 20,000 ??? 30,000 requests per second over the course of three hours. Reference: http://www.pcworld.com/businesscenter/article/239501/turkish_hackers_strike_websites_with_dns_hack.html |
Entry Title: WHID 2011-23: Anonymous attacks websites in Egypt WHID ID: 2011-23 Date Occurred: 1/26/2011 Attack Method: Denial of Service Application Weakness: Insufficient Anti-automation Outcome: Downtime Attacked Entity Field: Government Attacked Entity Geography: Egypt Incident Description: Following the recent uprising in Tunisia, thousands of demonstrators took to the streets in Egypt yesterday to demand an end to President Hosni Mubarak's rule. The online collective known as Anonymous has joined in the protests by orchestrating distributed denial of service attacks against key Egyptian websites. Reference: http://news.netcraft.com/archives/2011/01/26/anonymous-attacks-websites-in-egypt.html |
Entry Title: WHID 2011-229: Yale Social Security Numbers Exposed In Latest Case Of 'Google Hacking' WHID ID: 2011-229 Date Occurred: 8/24/2011 Attack Method: Abuse of Functionality Application Weakness: Insecure Indexing Outcome: Leakage of Information Attacked Entity Field: Education Attacked Entity Geography: New Haven, CT Incident Description: A recent data breach at Yale University marks the latest example of a security flaw exposed by "Google hacking," which involves querying the popular search engine for website vulnerabilities. Reference: http://www.huffingtonpost.com/2011/08/24/yale-social-security-numbers-google-hacking_n_935400.html |
Entry Title: WHID 2011-228: Epson Korea Website Hacked WHID ID: 2011-228 Date Occurred: 8/24/2011 Attack Method: Unknown Application Weakness: Unknown Outcome: Leakage of Information Attacked Entity Field: Retail Attacked Entity Geography: Seoul, KR Incident Description: A report by ZDNet says the HSBC Korea website was also hacked, as was the Epson Korea website where 350,000 users information was leaked, prompting the company to urge customers to change their passwords. Reference: http://www.thewhir.com/web-hosting-news/082411_South_Korean_Domain_Registrar_Gabia_Epson_Korea_Websites_Hacked |
Entry Title: WHID 2011-227: South Korean Domain Registrar Gabia Hacked WHID ID: 2011-227 Date Occurred: 8/24/2011 Attack Method: Unknown Application Weakness: Unknown Outcome: Downtime Attacked Entity Field: Hosting Providers Attacked Entity Geography: South Korea Incident Description: Gabia (www.gabia.com), a South Korean domain registrar was hacked on Saturday, affecting the online connection with 100,000 registered domains, according to a report Monday by the Korea Herald. Reference: http://www.thewhir.com/web-hosting-news/082411_South_Korean_Domain_Registrar_Gabia_Epson_Korea_Websites_Hacked |
Entry Title: WHID 2011-226: Nokia Developer forum hacked WHID ID: 2011-226 Date Occurred: 8/22/2011 Attack Method: Unknown Application Weakness: Improper Output Handling Outcome: Defacement Attacked Entity Field: Technology Attacked Entity Geography: Cambridge, MA Incident Description: A hacker who goes by the name of mrNRG recently broke into the Nokia Developer forum, and defaced it by redirecting anyone who visited it to another page Reference: http://www.ubergizmo.com/2011/08/nokia-developer-forum-hacked/ |
Entry Title: WHID 2011-225: Hackers deface Libya's top level domain registry with anti-Gadaffi message WHID ID: 2011-225 Date Occurred: 8/22/2011 Attack Method: Unknown Application Weakness: Unknown Outcome: Defacement Attacked Entity Field: Hosting Providers Attacked Entity Geography: Tripoli, LY Incident Description: Hackers calling themselves "Electr0n" have defaced the nic.ly website, the main registry which administers .ly domain names (the ".ly" stands for "Libya") and replaced it with a defiant message Reference: http://nakedsecurity.sophos.com/2011/08/22/hackers-deface-libya-anti-gadaffi/ |
Entry Title: WHID 2011-224: Foreign bank???s net banking attacked by hacker WHID ID: 2011-224 Date Occurred: 8/22/2011 Attack Method: Unknown Application Weakness: Improper Output Handling Outcome: Defacement Attacked Entity Field: Finance Attacked Entity Geography: Central District, HK Incident Description: The internet banking service of HSBC Korea was temporarily shut down on Saturday after its official Web site was attacked by hackers, HSBC Korea said. Reference: http://joongangdaily.joins.com/article/view.asp?aid=2940509 |
Entry Title: WHID 2011-223: Anonymous AntiSec Breaches Defense Contractor Vanguard Network WHID ID: 2011-223 Date Occurred: 8/18/2011 Attack Method: Unknown Application Weakness: Unknown Outcome: Leakage of Information Attacked Entity Field: Technology Attacked Entity Geography: Houston, TX Incident Description: The attack seems to have exploited vulnerabilities in the popular WordPress blogging platform. VDI apparently had not upgraded two out-dated plug-ins, leaving security holes wide open for the cyber-attackers to waltz through. Reference: http://www.eweek.com/c/a/Security/Anonymous-AntiSec-Breaches-Defense-Contractor-Vanguard-Network-502551/ |
Entry Title: WHID 2011-222: MetService website hacked during busiest week WHID ID: 2011-222 Date Occurred: 8/17/2011 Attack Method: Malvertising Application Weakness: Insufficient Process Validation Outcome: Planting of Malware Attacked Entity Field: Media Attacked Entity Geography: New Zealand Incident Description: Visitors to the MetService website this week may have been exposed to a computer virus, after its ad server was hacked. Reference: http://www.nzherald.co.nz/nz/news/article.cfm?c_id=1&objectid=10745663 |
Entry Title: WHID 2011-221: French newspaper Le Devoir hacked, posts fake story about Charest's death WHID ID: 2011-221 Date Occurred: 8/16/2011 Attack Method: Unknown Application Weakness: Insufficient Process Validation Outcome: Disinformation Attacked Entity Field: Media Attacked Entity Geography: Montreal, CA Incident Description: The website for the French-language newspaper Le Devoir was hacked early Tuesday morning. Whoever took over the newspaper site published an article stating that Premier Jean Charest had died of a heart attack -- something which is completely false. Reference: http://montreal.ctv.ca/servlet/an/local/CTVNews/20110816/mtl_ledevoir_110816/20110816/?hub=MontrealHome |
Entry Title: WHID 2011-220: Hacker used social media to steal from neighbours' accounts WHID ID: 2011-220 Date Occurred: 8/15/2011 Attack Method: Brute Force Application Weakness: Insufficient Password Recovery Outcome: Account Takeover Attacked Entity Field: Finance Attacked Entity Geography: Incident Description: A hacker used social networking sites Facebook and Friends Reunited to crack passwords used by his neighbours for online banking services, and stole ??35,000 over two years. Read more: http://www.computing.co.uk/ctg/news/2101779/hacker-social-media-steal-neighbours-accounts#ixzz1VyFC9D5A Computing - Insight for IT leaders Claim your free subscription today. Reference: http://www.computing.co.uk/ctg/news/2101779/hacker-social-media-steal-neighbours-accounts |
Entry Title: WHID 2011-22: Zuckerberg's Facebook page hacked WHID ID: 2011-22 Date Occurred: 1/26/2011 Attack Method: Predictable Resource Location Application Weakness: Insufficient Authentication Outcome: Disinformation Attacked Entity Field: Web 2.0 Attacked Entity Geography: Incident Description: Mark Zuckerberg's Facebook page was hacked on Tuesday to promote an alternative business plan for the social network site. Unknown pranksters defaced the page with a message suggesting that Facebook ought to allow ordinary users to invest in the site in a "social way", rather than getting its financing from the banks. It's unclear how the hack took place, but weak password security by the team of minions maintaining the page is the most likely explanation. Reference: http://news.cnet.com/8301-27080_3-20029630-245.html |
Entry Title: WHID 2011-219: Anonymous hacks BART, creating even more innocent victims WHID ID: 2011-219 Date Occurred: 8/14/2011 Attack Method: SQL Injection Application Weakness: Improper Input Handling Outcome: Leakage of Information Attacked Entity Field: Government Attacked Entity Geography: Oakland, CA Incident Description: They performed a SQL injection (SQLi) attack against the site and were able to extract more than 2,000 records containing names, usernames, passwords (plain text), emails, phone numbers, addresses and zip codes. Reference: http://nakedsecurity.sophos.com/2011/08/15/anonymous-hacks-bart-creating-even-more-innocent-victims/ |
Entry Title: WHID 2011-218: Anonymous defaces BART site, leaks user data WHID ID: 2011-218 Date Occurred: 8/14/2011 Attack Method: Unknown Application Weakness: Improper Output Handling Outcome: Defacement Attacked Entity Field: Government Attacked Entity Geography: Oakland, CA Incident Description: Anonymous has apparently made good on a promise to wreak havoc on the Web site of the Bay Area Rapid Transit System today, although not exactly as planned. Read more: http://news.cnet.com/8301-1023_3-20092221-93/anonymous-defaces-bart-site-leaks-user-data/#ixzz1VyASpfWT Reference: http://news.cnet.com/8301-1023_3-20092221-93/anonymous-defaces-bart-site-leaks-user-data/ |
Entry Title: WHID 2011-217: Hong Kong stock exchange website hacked WHID ID: 2011-217 Date Occurred: 8/10/2011 Attack Method: Denial of Service Application Weakness: Insufficient Anti-automation Outcome: Downtime Attacked Entity Field: Finance Attacked Entity Geography: Hong Kong Incident Description: The Hong Kong stock exchange was forced to suspend trading in stocks including HSBC Holdings after hackers broke into the exchange's website on Wednesday, preventing investors from accessing company announcements made during the midday break. Reference: http://www.ciol.com/Global-News/Global-News/News-Reports/Hong-Kong-stock-exchange-website-hacked/153268/0/ |
Entry Title: WHID 2011-216: Potential account theft with XSS hole in eBay.de WHID ID: 2011-216 Date Occurred: 8/10/2011 Attack Method: Cross Site Scripting (XSS) Application Weakness: Improper Output Handling Outcome: Session Hijacking Attacked Entity Field: Web 2.0 Attacked Entity Geography: Campbell, CA Incident Description: A serious security hole in eBay.de enabled attackers to steal other users' cookies and take control of their accounts. It is not believed that this particular flaw affected any other national eBay sites. Reference: http://www.h-online.com/security/news/item/Potential-account-theft-with-XSS-hole-in-eBay-de-1320908.html |
Entry Title: WHID 2011-215: Hacker group hits NASA site WHID ID: 2011-215 Date Occurred: 8/9/2011 Attack Method: SQL Injection Application Weakness: Improper Input Handling Outcome: Leakage of Information Attacked Entity Field: Government Attacked Entity Geography: Incident Description: Meanwhile, TeaMp0isoN attacked the NASA discussion forum, saying it is vulnerable to SQL injection. Reference: http://www.thehackernews.com/2011/08/teamp0ison-nasa-forum-is-vulnerable-sql.html |
Entry Title: WHID 2011-214: BlackBerry blog hacked with riot-related threats WHID ID: 2011-214 Date Occurred: 8/9/2011 Attack Method: Unknown Application Weakness: Improper Output Handling Outcome: Defacement Attacked Entity Field: Technology Attacked Entity Geography: Plano, TX Incident Description: RIM's corporate blog has been defaced with threats as part of a protest against the BlackBerry maker's plans to hand over information on London rioters to the police. Reference: http://www.theregister.co.uk/2011/08/09/blackberry_blog_riot_hack/ |
Entry Title: WHID 2011-213: Malware Wave Infects Six Million e-Commerce Pages WHID ID: 2011-213 Date Occurred: 8/8/2011 Attack Method: Known Vulnerability Application Weakness: Application Misconfiguration Outcome: Planting of Malware Attacked Entity Field: Multiple Attacked Entity Geography: Multiple Incident Description: A malware infection, based on known flaws, has hit millions of e-commerce Web pages in the past two weeks Reference: http://www.eweekeurope.co.uk/news/malware-wave-infects-six-million-e-commerce-pages-36281 |
Entry Title: WHID 2011-212: AntiSec hackers dump data after hacking police websites WHID ID: 2011-212 Date Occurred: 8/7/2011 Attack Method: Unknown Application Weakness: Unknown Outcome: Leakage of Information Attacked Entity Field: Law Enforcement Attacked Entity Geography: Incident Description: AntiSec said that it had compromised servers at Brooks-Jeffrey, a Mountain Home, Ark. company that runs a computer store and online marketing firm. Brooks-Jeffrey Marketing builds websites for sheriff's agencies throughout the southern United States. "It took less than 24 hours to root BJM's server and copy all their data to our private servers," AntiSec said in a statement posted Saturday. Reference: http://www.computerworld.com/s/article/9218961/AntiSec_hackers_dump_data_after_hacking_police_websites |
Entry Title: WHID 2011-211: North Korean Hackers Stealing Gaming Money for Government WHID ID: 2011-211 Date Occurred: 8/5/2011 Attack Method: Process Automation Application Weakness: Insufficient Anti-automation Outcome: Monetary Loss Attacked Entity Field: Entertainment Attacked Entity Geography: South Korea Incident Description: North Korea's cash-strapped government has begun deploying hackers who pilfer points at South Korean gaming sites which they then convert into cash, according to The New York Times. Reference: http://www.ibtimes.com/articles/193025/20110805/north-korean-hackers-north-korea-gaming-korea-gaming-hackers-south-korea-online-gaming-chinese-gold.htm |
Entry Title: WHID 2011-210: Zimbabwe Stock Exchange website hacked WHID ID: 2011-210 Date Occurred: 8/4/2011 Attack Method: Unknown Application Weakness: Unknown Outcome: Downtime Attacked Entity Field: Finance Attacked Entity Geography: Harare, ZW Incident Description: The Zimbabwe Stock Exchange's website has been hacked, forcing the ZSE to temporarily close the website pending investigations and maintenance of the site. Reference: http://bulawayo24.com/index-id-news-sc-national-byo-6207-article-zimbabwe+stock+exchange+website+hacked.html |
Entry Title: WHID 2011-21: Fedora servers breached after external compromise WHID ID: 2011-21 Date Occurred: 1/22/2011 Attack Method: Brute Force Application Weakness: Insufficient Authentication Outcome: Session Hijacking Attacked Entity Field: Technology Attacked Entity Geography: Incident Description: On January 22, 2011 a Fedora contributor received an email from the Fedora Accounts System indicating that his account details had been changed. He contacted the Fedora Infrastructure Team indicating that he had received the email, but had not made changes to his FAS account. The Infrastructure Team immediately began investigating, and confirmed that the account had indeed been compromised. Reference: http://www.theregister.co.uk/2011/01/25/fedora_server_compromised/ |
Entry Title: WHID 2011-209: Over 100 Indian Govt. Websites Defaced Since January WHID ID: 2011-209 Date Occurred: 8/4/2011 Attack Method: Unknown Application Weakness: Improper Output Handling Outcome: Defacement Attacked Entity Field: Government Attacked Entity Geography: India Incident Description: A total of 117 Indian government websites were defaced by hackers from January to June this year, prompting the government to take additional security measures, a federal minister told Parliament. Reference: http://www.pcworld.com/businesscenter/article/237286/over_100_indian_govt_websites_defaced_since_january.html |
Entry Title: WHID 2011-208: Morocco: Activist Website Sustains DDoS Attack WHID ID: 2011-208 Date Occurred: 7/31/2011 Attack Method: Denial of Service Application Weakness: Insufficient Anti-automation Outcome: Downtime Attacked Entity Field: Politics Attacked Entity Geography: San Francisco, CA Incident Description: The Moroccan activist website Mamfakinch! came under a distributed denial-of-service (DDoS) attack on Sunday 31 July, 2011, which blocked access to its main platform for several hours. The website is now back online. Reference: http://globalvoicesonline.org/2011/08/03/morocco-militant-website-sustains-ddos-attack/ |
Entry Title: WHID 2011-207: Hershey's Website Hacked... To Change Recipe WHID ID: 2011-207 Date Occurred: 8/3/2011 Attack Method: Unknown Application Weakness: Unknown Outcome: Disinformation Attacked Entity Field: Retail Attacked Entity Geography: Cambridge. MA Incident Description: While a number of websites and mailing lists have fallen victim to attacks intent on stealing personal information or just proving that the hack was possible, whoever managed to penetrate the security of the Hershey's Chocolate website had a much more insidious goal: changing recipes. Reference: http://consumerist.com/2011/08/hersheys-website-hacked-to-change-recipe.html |
Entry Title: WHID 2011-206: Anonymous attacks PasteBin to test new DDoS attack tool WHID ID: 2011-206 Date Occurred: 8/2/2011 Attack Method: Denial of Service Application Weakness: Improper Input Handling Outcome: Downtime Attacked Entity Field: Technology Attacked Entity Geography: Incident Description: Anonymous is building a bigger, more vicious weapon to replace its current DDoS tool. The new attack program, called #RefRef, is being developed in time for the Blackhat conference in Las Vegas and was recently tested on the currently unhappy Pastebin website. Reference: http://www.digitaltrends.com/web/anonymous-attacks-pastebin-to-test-new-ddos-attack-tool/ |
Entry Title: WHID 2011-205: Sneaky Trojan exploits e-commerce flaws WHID ID: 2011-205 Date Occurred: 8/1/2011 Attack Method: Directory Traversal Application Weakness: Improper Input Handling Outcome: Planting of Malware Attacked Entity Field: Retail Attacked Entity Geography: Incident Description: More details have emerged of an e-commerce software flaw linked to the theft of credit card information from numerous websites. A security flaw in osCommerce, an open source e-commerce package, created a means for criminals to compromise 90,000 web pages with redirection scripts that ultimately directed surfers towards a site serving up an exploit toolkit designed to compromise visitors' PCs. Reference: http://www.theregister.co.uk/2011/08/01/banking_trojan_exploits_ecommerce_website_flaws/ |
Entry Title: WHID 2011-204: LiveJournal groans under 'immense' DDos attack WHID ID: 2011-204 Date Occurred: 6/27/2011 Attack Method: Denial of Service Application Weakness: Insufficient Anti-automation Outcome: Downtime Attacked Entity Field: Web 2.0 Attacked Entity Geography: San Francisco, US Incident Description: LiveJournal is weathering a massive web attack that has meant service disruptions for people who read and write the more than 16 million journals hosted on the community and blogging service. Reference: http://www.theregister.co.uk/2011/07/27/livejournal_ddos_attack/ |
Entry Title: WHID 2011-203: Anonymous hacks NATO servers WHID ID: 2011-203 Date Occurred: 7/22/2011 Attack Method: SQL Injection Application Weakness: Improper Input Handling Outcome: Leakage of Information Attacked Entity Field: Politics Attacked Entity Geography: Brussels, BE Incident Description: A simple SQL injection was apparently all it took to break into the server. Anonymous says that it will be putting more "interesting data" online over the next few days. Reference: http://www.h-online.com/security/news/item/Anonymous-hacks-NATO-servers-1284000.html |
Entry Title: WHID 2011-202: LulzSec Hacks The Times with Brutal Murdoch Death Notice WHID ID: 2011-202 Date Occurred: 7/18/2011 Attack Method: Local File Inclusion (LFI) Application Weakness: Improper Input Handling Outcome: Disinformation Attacked Entity Field: Media Attacked Entity Geography: USA Incident Description: Well, seems like LulzSec has returned, and moved beyond the DDOS attack! Not content to merely shut down one of Rupert Murdoch's paper's websites, the hacking group has instead planted a bizarro-Onionesque account of the mogul's death-by-palladium on a Times redesign page masquerading as The Sun. Reference: http://gizmodo.com/5822392/anonymous-hacks-the-sun-with-brutal-murdoch-death-notice |
Entry Title: WHID 2011-201: Hacked SBS links to risky content WHID ID: 2011-201 Date Occurred: 7/18/2011 Attack Method: Unknown Application Weakness: Improper Output Handling Outcome: Planting of Malware Attacked Entity Field: Media Attacked Entity Geography: Findon, AU Incident Description: The website of the Special Broadcasting Service (SBS) has been victim of a hacking attack over the weekend, with users visiting the site exposed to malware. Reference: http://www.zdnet.com.au/hacked-sbs-links-to-risky-content-339318734.htm |
Entry Title: WHID 2011-200: Toshiba: US Unit's Server Has Been Hacked WHID ID: 2011-200 Date Occurred: 7/16/2011 Attack Method: Unknown Application Weakness: Unknown Outcome: Leakage of Information Attacked Entity Field: Technology Attacked Entity Geography: Irvine, CA Incident Description: TOKYO (Dow Jones)-Toshiba Corp. (6502.TO) said Saturday that its U.S. sales subsidiary's server has been hacked and e-mail addresses and passwords for 681 customers have been compromised. Read more: http://www.foxbusiness.com/industries/2011/07/16/toshiba-us-units-server-has-been-hacked/#ixzz1VmhuIq1l Reference: http://www.foxbusiness.com/industries/2011/07/16/toshiba-us-units-server-has-been-hacked/ |
Entry Title: WHID 2011-20: Hackers Get Access to New Jersey School Data System WHID ID: 2011-20 Date Occurred: 1/24/2011 Attack Method: Brute Force Application Weakness: Insufficient Anti-automation Outcome: Session Hijacking Attacked Entity Field: Education Attacked Entity Geography: New Jersey Incident Description: Users of the 4chan online message board managed to get access to the online student information system used by a New Jersey school district after the school's administrative password was posted to 4chan last week. Reference: http://www.pcworld.com/businesscenter/article/217601/hackers_get_access_to_new_jersey_school_data_system.html |
Entry Title: WHID 2011-2: Attacks on Lush website expose credit-card details WHID ID: 2011-2 Date Occurred: 1/20/2011 Attack Method: SQL Injection Application Weakness: Improper Input Handling Outcome: Credit Card Leakage Attacked Entity Field: Retail Attacked Entity Geography: United Kingdom Incident Description: Cosmetics company Lush has warned customers that its UK website has been hacked repeatedly over the past three months, exposing credit-card details to fraudulent use. The website of cosmetics retailer Lush has been hacked repeatedly over the last three months. Lush did not release technical details of the attack, nor specify the number of customers compromised or the security techniques used to handle the data involved, but anecdotal evidence indicates that some customers have been the victims of fraud. The company sent an email statement to customers on Thursday outlining the incident and urging them to contact their banks. Reference: http://www.zdnet.co.uk/news/security/2011/01/21/attacks-on-lush-website-expose-credit-card-details-40091520/ |
Entry Title: WHID 2011-199: Lady Gaga website hacked and fans' details stolen WHID ID: 2011-199 Date Occurred: 7/16/2011 Attack Method: SQL Injection Application Weakness: Improper Input Handling Outcome: Leakage of Information Attacked Entity Field: Entertainment Attacked Entity Geography: United Kingdom Incident Description: LADY Gaga has called in police after thousands of her fans??? personal details were stolen from her website. Her record label Univeral acted after the site was hacked into by US cyber attackers SwagSec. Read more: http://www.mirror.co.uk/celebs/news/2011/07/16/lady-gaga-website-hacked-and-fans-details-stolen-115875-23274356/#ixzz1VmgaY2wp Go Camping for 95p! Vouchers collectable in the Daily and Sunday Mirror until 11th August . Click here for more information Reference: http://www.mirror.co.uk/celebs/news/2011/07/16/lady-gaga-website-hacked-and-fans-details-stolen-115875-23274356/ |
Entry Title: WHID 2011-198: AntiSec leaks secret IRC Federal security data WHID ID: 2011-198 Date Occurred: 7/10/2011 Attack Method: SQL Injection Application Weakness: Improper Input Handling Outcome: Leakage of Information Attacked Entity Field: Government Attacked Entity Geography: Washington, DC Incident Description: According to the Pastebin post, the members of Anonymous who are involved in the AntiSec hacking campaign were able to gain initial access to IRC Federal by using a SQL injection attack. Reference: http://blogs.computerworld.com/18593/anonymous_hacks_fbi_contractor_antisec_leaks_secret_irc_federal_security_data?source=rss_blogs |
Entry Title: 2011-197: Anonymous Hackers Attack Government-Contracted Company IRC Federal WHID ID: 2011-197 Date Occurred: 7/9/2011 Attack Method: Denial of Service Application Weakness: Insufficient Anti-automation Outcome: Downtime Attacked Entity Field: Government Attacked Entity Geography: Scottsdale, AZ Incident Description: The group incapacitated IRC Federal???s website with a Denial of Service (DoS) attack early on July 8, and simultaneously breached the website???s networks. They also posted information stolen in the cyber-attack on PasteBin, a text posting website. Reference: http://www.theepochtimes.com/n2/technology/anonymous-hackers-attack-government-affiliated-company-irc-federal-58864.html |
Entry Title: WHID 2011-196: Kiplinger Warns Customers Hackers Got Account, Credit Card Information WHID ID: 2011-196 Date Occurred: 7/9/2011 Attack Method: Unknown Application Weakness: Unknown Outcome: Leakage of Information Attacked Entity Field: Finance Attacked Entity Geography: Washington, DC Incident Description: Kiplinger Washington Editors Inc., the publisher of Kiplinger???s Personal Finance, warned customers that hackers breached its computer network at least as early as June 25 and stole account data, including credit card numbers. Reference: http://www.bloomberg.com/news/2011-07-08/kiplinger-warns-customers-hackers-got-account-information-1-.html |
Entry Title: WHID 2011-195: Florida Election Servers Hacked Again WHID ID: 2011-195 Date Occurred: 7/8/2011 Attack Method: SQL Injection Application Weakness: Improper Input Handling Outcome: Leakage of Information Attacked Entity Field: Government Attacked Entity Geography: Florida Incident Description: For the second time in a week, a hacker has broken into systems connected with voting in Florida, stolen data, and released it to the public. Reference: http://www.informationweek.com/news/security/attacks/231001248 |
Entry Title: WHID 2011-194: Hacker tries to steal $83,000 from Atascadero city bank account WHID ID: 2011-194 Date Occurred: 7/8/2011 Attack Method: Banking Trojan Application Weakness: Insufficient Anti-automation Outcome: Monetary Loss Attacked Entity Field: Finance Attacked Entity Geography: Atascadero, CA Incident Description: ???We???re still trying to uncover all the details,??? said McKinney, ???but it looks like we got a virus in one of the computers, then when we connected with Rabobank for a wire transfer, it got mirrored and sent out other transfers. We???re looking into how it got around all of the security measures.??? Read more: http://www.sanluisobispo.com/2011/07/07/1674252/atascadero-bank-account-hacked.html#ixzz1VmEgzLAp Reference: http://www.sanluisobispo.com/2011/07/07/1674252/atascadero-bank-account-hacked.html |
Entry Title: WHID 2011-193: Washington Post Jobs website hacked WHID ID: 2011-193 Date Occurred: 7/7/2011 Attack Method: Unknown Application Weakness: Unknown Outcome: Leakage of Information Attacked Entity Field: Media Attacked Entity Geography: USA Incident Description: The Post says the hackers obtained user IDs and e-mail addresses, but ???no passwords or other personal information was affected.??? The paper is pursuing the matter with law enforcement. A letter to customers about the hack is after the jump. Reference: http://www.poynter.org/latest-news/romenesko/138263/washington-post-jobs-website-hacked/ |
Entry Title: WHID 2011-192: PayPal UK Twitter account hacked WHID ID: 2011-192 Date Occurred: 7/5/2011 Attack Method: Unknown Application Weakness: Unknown Outcome: Account Takeover Attacked Entity Field: Retail Attacked Entity Geography: San Francisco, CA Incident Description: A disgruntled customer appears to have taken control of PayPal UK's Twitter account and has used it to complain about the service in a series of angry tweets on the service. Reference: http://www.guardian.co.uk/technology/blog/2011/jul/05/paypal-uk-twitter-hack-customer |
Entry Title: WHID 2011-191: Sony Music Ireland website hacked WHID ID: 2011-191 Date Occurred: 7/5/2011 Attack Method: Unknown Application Weakness: Unknown Outcome: Disinformation Attacked Entity Field: Entertainment Attacked Entity Geography: McLean, VA Incident Description: Sony Music Ireland has said it is looking into an incident on its website after three fake news stories appeared on its homepage this morning. The website has been removed and the www.sonymusic.ie domain is re-directing to the company's Facebook page. Reference: http://www.rte.ie/news/2011/0705/sony.html |
Entry Title: WHID 2011-190: Hacker group ???hijacks??? news site???s Twitter account, claims Obama is dead WHID ID: 2011-190 Date Occurred: 7/4/2011 Attack Method: Unknown Application Weakness: Unknown Outcome: Disinformation Attacked Entity Field: Web 2.0 Attacked Entity Geography: San Francisco, US Incident Description: For some hours Monday, a hacker group "hijacked" the Twitter account of US-based news outfit Fox News, using its Twitter account to post fake messages, including those that claimed US President Barack Obama II was shot dead. Reference: http://www.gmanews.tv/story/225234/technology/hacker-group-hijacks-news-sites-twitter-account-claims-obama-is-dead |
Entry Title: WHID 2011-19: Living Social Hacked (Update) WHID ID: 2011-19 Date Occurred: 1/19/2011 Attack Method: Hidden Parameter Manipulation Application Weakness: Improper Input Handling Outcome: Monetary Loss Attacked Entity Field: Retail Attacked Entity Geography: Incident Description: Living Social doesn't do server side quantity validation (at least they didn't yesterday). Who cares you say? Well Amazon.com for one. Their latest offer of a $20 gift certificate for $10 has the explicit restriction of ONE per customer and no gifts. You see, Amazon actually only wants to discount their product for new customers or existing customers only on $20 of merchandise. If Amazon knew there was a way to buy say 100 vouchers and receive $2000 of Amazon merchandise for $1000, they would probably blow a gasket. Reference: http://www.deepgreencrystals.com/archives/2011/01/living-social-h.html |
Entry Title: WHID 2011-189: Anonymous Teases SQL-Based Apple Hack With 27 Stolen Account Names WHID ID: 2011-189 Date Occurred: 7/3/2011 Attack Method: SQL Injection Application Weakness: Improper Input Handling Outcome: Leakage of Information Attacked Entity Field: Technology Attacked Entity Geography: Cupertino, US Incident Description: Three hours ago Anonymous tweeted that they managed to steal 27 usernames and passwords from Apple.com (from this link here) when attacked with a basic SQL injection. Now, at this time only 27 accounts have been compromised and they aren???t usernames pertaining to the public. Nonetheless, it???s alarming given Apple???s claims about security ??? to be hacked using a simple SQL based method ??? as well as the fact that Anonymous claims Apple could be their next target. Reference: http://gadgetsteria.com/2011/07/03/anonymous-teases-sql-based-apple-hack-with-27-stolen-account-names-says-they-could-be-next-target/ |
Entry Title: WHID 2011-188: WWF site attacked again; hacker leaves 'tips' WHID ID: 2011-188 Date Occurred: 7/1/2011 Attack Method: SQL Injection Application Weakness: Improper Input Handling Outcome: Leakage of Information Attacked Entity Field: Politics Attacked Entity Geography: Provo, US Incident Description: Two days after a hacker defaced its site, the World Wildlife Fund Philippine chapter suffered another attack Friday, with the hacker leaving behind tips to improve its security. Reference: http://www.gmanews.tv/story/224956/technologoy/wwf-site-attacked-again-hacker-leaves-tips |
Entry Title: WHID 2011-187: Hackers hit church's collection plate WHID ID: 2011-187 Date Occurred: 6/30/2011 Attack Method: Banking Trojan Application Weakness: Insufficient Authentication Outcome: Monetary Loss Attacked Entity Field: Finance Attacked Entity Geography: Des Moines, IA Incident Description: The Iowa heist is part of latest wave of cyber-crime: account takeover fraud. In it, crime gangs, many located in Eastern Europe, target small towns, community banks and civic organizations which often lack high-tech defenses. Reference: http://www.cbsnews.com/stories/2011/06/30/eveningnews/main20075926.shtml |
Entry Title: WHID 2011-186: First Weibo Attack is CSRF Worm WHID ID: 2011-186 Date Occurred: 6/30/2011 Attack Method: Cross Site Request Forgery (CSRF) Application Weakness: Improper Output Handling Outcome: Worm Attacked Entity Field: Web 2.0 Attacked Entity Geography: Beijing, CN Incident Description: ZDNet China revealed that the attacker exploited a cross-site scripting (XSS) vulnerability to run a malware program in Weibo's Web pages, causing the number of affected users to increase multiple fold. While no personal information was breached, users were reminded to clear their cache for security purposes. Reference: http://www.zdnetasia.com/no-data-breach-in-first-weibo-attack-62301014.htm |
Entry Title: WHID 2011-185: Hacking group targets Zimbabwe government website WHID ID: 2011-185 Date Occurred: 6/29/2011 Attack Method: Unknown Application Weakness: Unknown Outcome: Leakage of Information Attacked Entity Field: Government Attacked Entity Geography: Harare, ZW Incident Description: A group known as Lulz Security (LulzSec) has announced that it has hacked into the Zimbabwe government website (http://www.gta.gov.zw) and taken material on ???everything??? there is to know about the government???s internet database. Reference: http://www.swradioafrica.com/news290611/hacking290611.htm |
Entry Title: WHID 2011-184: Magazine's database of US military personnel is hacked WHID ID: 2011-184 Date Occurred: 6/29/2011 Attack Method: SQL Injection Application Weakness: Improper Input Handling Outcome: Leakage of Information Attacked Entity Field: Media Attacked Entity Geography: McLean, VA Incident Description: A magazine subscriptions database which held personal information of members of the US armed forces has been hacked into, according to an American media company. Reference: http://www.guardian.co.uk/technology/2011/jun/29/hackers-us-military-magazine-defense-news |
Entry Title: WHID 2011-183: Mastercard blitzed again in further DDoS attack WHID ID: 2011-183 Date Occurred: 6/28/2011 Attack Method: Denial of Service Application Weakness: Insufficient Anti-automation Outcome: Downtime Attacked Entity Field: Finance Attacked Entity Geography: Cambridge, MA Incident Description: Updated MasterCard's website became difficult to reach on Tuesday following the launch of an apparent denial of service attack. Twitter user @ibomhacktivist claimed responsibility for the reported assault, which it said had been motivated by Mastercard's decision to suspend an account maintained by WikiLeaks in the wake of the whistle-blowing site's decision to start releasing leaked US diplomatic cables last November. Or something like that. Reference: http://www.theregister.co.uk/2011/06/28/mastercard_ddos_again/ |
Entry Title: WHID 2011-182: Groupon India (SoSasta.com) Suffers Security Issue, User Account Information Possibly Compromised WHID ID: 2011-182 Date Occurred: 6/27/2011 Attack Method: Unknown Application Weakness: Unknown Outcome: Leakage of Information Attacked Entity Field: Web 2.0 Attacked Entity Geography: India Incident Description: Groupon, a leading daily deals store which entered into the Indian markets via acquisition of Kolkata based local deals shop SoSasta.com, suffered a ???security issue??? on their systems. The break-in happened over the weekend and it is highly likely that all usernames and passwords were stolen. Reference: http://techie-buzz.com/tech-news/groupon-india-sosasta-com-suffers-security-issue-user-account-information-possibly-compromised.html |
Entry Title: WHID 2011-181: Anonymous hacktivists assault Turkish government websites WHID ID: 2011-181 Date Occurred: 6/10/2011 Attack Method: Denial of Service Application Weakness: Insufficient Anti-automation Outcome: Downtime Attacked Entity Field: Government Attacked Entity Geography: Ankara, TR Incident Description: Hacker group Anonymous said on Thursday it has launched DDoS (distributed denial of service) attacks on some Turkish government websites, in protest against government plans to introduce Internet filtering. The move comes a few days before Turkey holds parliamentary elections on Sunday. Reference: http://news.techworld.com/security/3285182/anonymous-hacktivists-assault-turkish-government-websites/ |
Entry Title: WHID 2011-180: Hackers break into Tony Blair's webmail server, disclose former PM's address book WHID ID: 2011-180 Date Occurred: 6/25/2011 Attack Method: SQL Injection Application Weakness: Improper Input Handling Outcome: Leakage of Information Attacked Entity Field: Hosting Providers Attacked Entity Geography: United Kingdom Incident Description: We don't know what specific flaws were exploited in this attack, but seeing that it is a webmail server the most likely method was SQL injection. It is extremely important to keep web servers patched and up to date, especially if they are running Linux using commonly exploited CMSs, webmail solutions and blogging software. Reference: http://nakedsecurity.sophos.com/2011/06/25/hackers-break-into-tony-blairs-webmail-server-disclose-former-pms-address-book/ |
Entry Title: WHID 2011-18: French president recovers from Facebook hack WHID ID: 2011-18 Date Occurred: 1/24/2011 Attack Method: Stolen Credentials Application Weakness: Insufficient Authentication Outcome: Disinformation Attacked Entity Field: Web 2.0 Attacked Entity Geography: Palo Alto, CA Incident Description: The Facebook account of Nicolas Sarkozy was hacked over the weekend to post the false rumour that the French president would not seek re-election next year. Reference: http://www.theregister.co.uk/2011/01/24/french_pres_facebook_hack/ |
Entry Title: WHID 2011-179: T & T Supermarket website hacked WHID ID: 2011-179 Date Occurred: 6/24/2011 Attack Method: Unknown Application Weakness: Unknown Outcome: Leakage of Information Attacked Entity Field: Retail Attacked Entity Geography: Brampton, CA Incident Description: Hackers may now have access to the personal information for 60-thousand T&T Supermarket customers.The company is warning people who used T&T's website this month. Reference: http://www.news1130.com/news/local/article/245594--t-t-supermarket-website-hacked |
Entry Title: WHID 2011-178: Part II: PBS Hacked Again. Entire Database Exposed With Simple SQL Injection WHID ID: 2011-178 Date Occurred: 6/24/2011 Attack Method: SQL Injection Application Weakness: Improper Input Handling Outcome: Leakage of Information Attacked Entity Field: Media Attacked Entity Geography: Arlington, VA Incident Description: After being hacked by LulzSec several weeks ago, PBS appears to have learned nothing. A new hack by ???Warv0x??? (AKA Kaihoe) uses the same basic SQL injection technique LulzSec has been using on their many victims, and once again has exposed PBS.org???s entire database. Reference: http://gadgetsteria.com/2011/06/24/part-ii-pbs-hacked-again-entire-database-exposed-with-simple-sql-injection/ |
Entry Title: WHID 2011-177: NATO website 'hacked' WHID ID: 2011-177 Date Occurred: 6/24/2011 Attack Method: Unknown Application Weakness: Unknown Outcome: Leakage of Information Attacked Entity Field: Government Attacked Entity Geography: Brussels, BE Incident Description: NATO said that one of its websites was the subject of a probable data breach, but it did not contain any classified data. Reference: http://timesofindia.indiatimes.com/tech/news/internet/NATO-website-hacked/articleshow/8973297.cms |
Entry Title: WHID 2011-176: Brazil government latest victim of hacker attack WHID ID: 2011-176 Date Occurred: 6/22/2011 Attack Method: Denial of Service Application Weakness: Insufficient Anti-automation Outcome: Downtime Attacked Entity Field: Government Attacked Entity Geography: Brazil Incident Description: Hackers briefly disabled three websites belonging to the Brazilian government early on Wednesday in the latest of an international wave of cyber attacks on companies and organizations. Reference: http://www.reuters.com/article/2011/06/22/us-cybersecurity-brazil-hackers-idUSTRE75L31K20110622 |
Entry Title: WHID 2011-175: LulzSec rogue suspected of Bitcoin hack WHID ID: 2011-175 Date Occurred: 6/22/2011 Attack Method: SQL Injection Application Weakness: Improper Input Handling Outcome: Monetary Loss Attacked Entity Field: Finance Attacked Entity Geography: Mountain View, CA Incident Description: Due to the recent events at MtGox.com, we at Britcoin have decided to move our servers to a new location," read a Britcoin statement. "MtGox suffered an SQL injection [a form of hacking attack that creates direct access to databases and files] which means access to the site's funds were in the hands of the malicious hacker. Reference: http://www.guardian.co.uk/technology/2011/jun/22/lulzsec-rogue-suspected-of-bitcoin-hack |
Entry Title: WHID 2011-174: Network Solutions suffers two DDoS attacks WHID ID: 2011-174 Date Occurred: 6/21/2011 Attack Method: Denial of Service Application Weakness: Insufficient Anti-automation Outcome: Downtime Attacked Entity Field: Service Providers Attacked Entity Geography: Herndon, VA Incident Description: Two attacks on consecutive days left Web host and domain name registry Network Solutions' customers unable to access their Web sites and servers. A distributed denial-of-service (DDoS) attack was carried out against Network Solutions on yesterday afternoon, and again this morning, according to a post on the company's official blog by spokesman Shashi Bellamkonda. Read more: http://news.cnet.com/8301-31021_3-20073054-260/network-solutions-suffers-two-ddos-attacks/#ixzz1Q7eXdQJd Reference: http://news.cnet.com/8301-31021_3-20073054-260/network-solutions-suffers-two-ddos-attacks/ |
Entry Title: WHID 2011-173: LulzSec takes out Serious Organised Crime Agency WHID ID: 2011-173 Date Occurred: 6/20/2011 Attack Method: Denial of Service Application Weakness: Insufficient Anti-automation Outcome: Downtime Attacked Entity Field: Government Attacked Entity Geography: United Kingdom Incident Description: Mischief makers LulzSec say they have downed the website of the UK's Serious Organised Crime Agency (Soca). The site www.soca.gov.uk disappeared completely from the web this afternoon and is now timing out regularly although is occasionally accessible. The site appears to be the victim of a DDoS attack. Read more: http://www.thinq.co.uk/2011/6/20/lulzsec-takes-out-serious-organised-crime-agency/#ixzz1Q7c7o8M0 Reference: http://www.thinq.co.uk/2011/6/20/lulzsec-takes-out-serious-organised-crime-agency/ |
Entry Title: WHID 2011-172: Sony Pictures French Website Hacked... Again! WHID ID: 2011-172 Date Occurred: 6/20/2011 Attack Method: SQL Injection Application Weakness: Improper Input Handling Outcome: Leakage of Information Attacked Entity Field: Entertainment Attacked Entity Geography: France Incident Description: According to a plain text post on Pastebin, Idahc claims that they found a SQL injection on sonypictures.fr but they will not publish the entire database and that they didn't upload a shell. They said that this was a POC while claiming not to be black hats. They said data retrieved from the site includes personal user information and there are a total of 177172 email addresses. Reference: http://tech2.in.com/news/general/sony-pictures-french-website-hacked-again/226062 |
Entry Title: WHID 2011-171: CIA website taken down by DDoS attack WHID ID: 2011-171 Date Occurred: 6/16/2011 Attack Method: Denial of Service Application Weakness: Insufficient Anti-automation Outcome: Downtime Attacked Entity Field: Government Attacked Entity Geography: Vienna, VA Incident Description: The hacking group LulzSec has hit the US government for the second time in a week, taking down the website of the CIA. A spokesperson told Reuters that its website was taken down, but that the group were prevented from accessing any sensitive data. According to the news agency, this attack was similar to the attack on the Senate in that hackers broke into the public site and downloaded information. Reference: http://www.scmagazineuk.com/cia-website-taken-down-by-ddos-attack/article/205403/ |
Entry Title: WHID 2011-170: Internet hackers take down major online spa management system WHID ID: 2011-170 Date Occurred: 6/17/2011 Attack Method: Denial of Service Application Weakness: Insufficient Anti-automation Outcome: Downtime Attacked Entity Field: Retail Attacked Entity Geography: Sunnyvale, CA Incident Description: Over the last two days MindBodyOnline.com has joined the ranks of those attacked by Internet hackers. Using a Denial of Service Attack hackers have successfully shutdown the online software program which provide services to thousands of day spas, massage facilities, yoga and pilates studios and similar clients in over 50 countries. Reference: http://www.examiner.com/massage-therapy-in-national/internet-hackers-take-down-major-online-spa-management-system |
Entry Title: WHID 2011-17: DNS Hack Brings Down Google Bangladesh For Many WHID ID: 2011-17 Date Occurred: 1/10/2011 Attack Method: DNS Hijacking Application Weakness: Application Misconfiguration Outcome: Defacement Attacked Entity Field: Search Engine Attacked Entity Geography: Bangladesh Incident Description: On Saturday, Google Bangladesh appeared to have been hacked. When some users went to the Google site, they saw a message from the TiGER-M@TE hacker group that the site was taken over. Reports came in at the Google Webmaster Help forum where we learned the issue was around DNS servers being taken over and some users who replied on those DNS servers were being taken from Google.com.bd to this hacked version. Reference: http://www.seroundtable.com/google-bangladesh-dns-hack-12773.html |
Entry Title: WHID 2011-169: Sega Pass Database Hacked, Account Information Compromised WHID ID: 2011-169 Date Occurred: 6/17/2011 Attack Method: SQL Injection Application Weakness: Improper Input Handling Outcome: Leakage of Information Attacked Entity Field: Entertainment Attacked Entity Geography: United Kingdom Incident Description: Over the past few months, a slew of hacks, DDoS attacks and data breaches have rocked the gaming world. After the infamous hack of the PlayStation Network, many thought that it would be the end of the attacks, but publishers like Nintendo, Bethesda, Codemasters and Epic have all suffered from various breaches in security. The hackers have struck again, this time infiltrating Sega???s database. Only moments ago, Sega sent out an email to their Sega Pass users informing them of the hack Reference: http://playstationlifestyle.net/2011/06/17/sega-pass-database-hacked/ |
Entry Title: WHID 2011-168: Hacker Group Lulz Security attacks CIA's website WHID ID: 2011-168 Date Occurred: 6/16/2011 Attack Method: Denial of Service Application Weakness: Insufficient Anti-automation Outcome: Downtime Attacked Entity Field: Government Attacked Entity Geography: Vienna, VA Incident Description: Lulz Security continues grabbing the lime light with its hacking activities and this time its latest target is the public website of the U.S. Central Intelligence Agency (CIA). There recent attack brought the CIA website down for couple of hours and remained inaccessible for all that time, however,the hack claim could not immediately be verified. It was not clear if the distortion was due to LulzSec's efforts or due to the large number of internet users trying to check the site. The group claimed the attack to be carried out by them on its Twitter feed where they displayed a message saying "Tango down - cia.gov - for the lulz," Reference: http://www.siliconindia.com/shownews/Hacker-Group-Lulz-Security-attacks-CIAs-website-nid-84765.html?utm_source=clicktrack&utm_medium=banner&utm_campaign=DontMiss |
Entry Title: WHID 2011-167: Report: U.S. Senate site hacked again WHID ID: 2011-167 Date Occurred: 6/16/2011 Attack Method: Unknown Application Weakness: Unknown Outcome: Leakage of Information Attacked Entity Field: Government Attacked Entity Geography: Washington, DC Incident Description: The U.S. Senate site was hacked again yesterday, Reuters reports. According to the news service, hackers breached the site and stole information, though the type of data taken was not divulged. Martina Bradford, the U.S. Senate's deputy sergeant at arms, confirmed the breach to Reuters yesterday. However, she said, the hackers are "getting nothing" of value and the Senate so far has "been able to stay ahead of the hackers and keep them out of the main separate network." Read more: http://news.cnet.com/8301-13506_3-20071538-17/report-u.s-senate-site-hacked-again/#ixzz1PY70GqZ8 Reference: http://news.cnet.com/8301-13506_3-20071538-17/report-u.s-senate-site-hacked-again/ |
Entry Title: WHID 2011-166: Lulzsec gets hacking downunder WHID ID: 2011-166 Date Occurred: 6/11/2011 Attack Method: Unknown Application Weakness: Unknown Outcome: Leakage of Information Attacked Entity Field: Hosting Providers Attacked Entity Geography: Australia Incident Description: Notorious hackivist group Lulzsec has brought down Australian domain registrar and web hosts Distribute.IT and publicly published a list of 62,000 international email addresses and passwords. Reference: http://www.theregister.co.uk/2011/06/17/lulzsec_release_aus_data/ |
Entry Title: WHID 2011-165: Alberta gaming company hit by hackers WHID ID: 2011-165 Date Occurred: 6/17/2011 Attack Method: Unknown Application Weakness: Unknown Outcome: Leakage of Information Attacked Entity Field: Entertainment Attacked Entity Geography: Alberta, CA Incident Description: A local gaming company is the latest to fall victim to online hackers. In a statement posted on its website Tuesday, BioWare said a hacker gained unauthorized access to the decade-old BioWare community server system associated with the Neverwinter Nights forums. Reference: http://www.torontosun.com/2011/06/17/alberta-gaming-company-hit-by-hackers |
Entry Title: WHID 2011-164: Hackers strike Malaysian websites for a 2nd day WHID ID: 2011-164 Date Occurred: 6/17/2011 Attack Method: Denial of Service Application Weakness: Insufficient Anti-automation Outcome: Downtime Attacked Entity Field: Government Attacked Entity Geography: Malaysia Incident Description: Hackers struck Malaysian websites for a second day on Friday, an Internet regulator said, as the country scrambled to bring its government portal back online after the latest outbreak in a cyberwar waged by online activists. Reference: http://www.reuters.com/article/2011/06/17/malaysia-hackers-idUSL3E7HH1D220110617 |
Entry Title: WHID 2011-163: LulzSec Targets Gaming Websites in its Titanic Takeover Tuesday WHID ID: 2011-163 Date Occurred: 6/15/2011 Attack Method: Denial of Service Application Weakness: Insufficient Anti-automation Outcome: Downtime Attacked Entity Field: Entertainment Attacked Entity Geography: Incident Description: The number of websites targeted by LulzSec is steadily increasing. After targeting Bethesda, Sony and a whole lot of websites, they have now launched a series of distributed denial of service (DDoS) attacks on Escapist magazine, as well as other gaming websites. They have termed the day ??? Titanic Takeover Tuesday. Reference: http://tech2.in.com/news/general/lulzsec-targets-gaming-websites-in-its-titanic-takeover-tuesday/225312 |
Entry Title: WHID 2011-162: Games co Epic resets passwords after hack attack WHID ID: 2011-162 Date Occurred: 6/13/2011 Attack Method: Unknown Application Weakness: Unknown Outcome: Leakage of Information Attacked Entity Field: Entertainment Attacked Entity Geography: Cary, NC Incident Description: Games developer Epic Games has reset user passwords following the discovery of a hack attack against its websites. Criminal miscreants made off with email addresses and encrypted passwords of forum users after breaking into Epic's forum site. Epic's main web site was also hit, according to an email sent by the firm over the weekend and forwarded by readers to El Reg. Reference: http://www.theregister.co.uk/2011/06/13/games_firm_epic_breach/ |
Entry Title: WHID 2011-161: Price watch portal hacked WHID ID: 2011-161 Date Occurred: 6/11/2011 Attack Method: SQL Injection Application Weakness: Improper Input Handling Outcome: Leakage of Information Attacked Entity Field: Retail Attacked Entity Geography: Ipoh, MY Incident Description: Lowyat.net founder and chief executive officer Vijandren Ramadass said an SQL injection (a code injection technique that exploits a security vulnerability in the database) could be used on the price watch portal to retrieve the entire database remotely. Reference: http://thestar.com.my/news/story.asp?file=/2011/6/11/nation/8883275&sec=nation |
Entry Title: WHID 2011-160: Hackers Hit UK Game Publisher Codemasters WHID ID: 2011-160 Date Occurred: 6/3/2011 Attack Method: Unknown Application Weakness: Unknown Outcome: Leakage of Information Attacked Entity Field: Entertainment Attacked Entity Geography: United Kingdom Incident Description: Another day, another hack. This time, the Web site for UK game developer Codemasters has been compromised. In a Thursday note posted on the company's forums, Codemasters said that hackers gained unauthorized entry to Codemasters.com on Friday, June 3. "As soon as the intrusion was detected, we immediately took codemasters.com and associated web services offline in order to prevent any further intrusion," a spokeswoman said. Reference: http://www.pcmag.com/article2/0,2817,2386727,00.asp |
Entry Title: WHID 2011-16: North Korea: South Korea Cyber Attack Accusation After Website Hacked WHID ID: 2011-16 Date Occurred: 1/11/2011 Attack Method: Unknown Application Weakness: Unknown Outcome: Defacement Attacked Entity Field: Government Attacked Entity Geography: North Korea Incident Description: Political Hacktivism. North Korea is accusing South Korean Internet users of hacking into one of its websites, calling the behavior a provocation aimed at undermining its national dignity. The North's government-run Uriminzokkiri website said Tuesday that South Korean Internet users recently deleted articles on the site and posted messages slandering the North's dignity. Reference: http://www.huffingtonpost.com/2011/01/11/north-korea-accuses-south_1_n_807436.html |
Entry Title: WHID 2011-159: Sony Portugal latest to fall to hackers WHID ID: 2011-159 Date Occurred: 6/9/2011 Attack Method: SQL Injection Application Weakness: Improper Input Handling Outcome: Leakage of Information Attacked Entity Field: Entertainment Attacked Entity Geography: Muenchen, DE Incident Description: The same Lebanese hacker who targeted Sony Europe on Friday has now dumped a database from Sony Portugal. The hacker claims to be a grey hat, not a black hat, according to his post to pastebin.com. "I am not a black hat to dump all the database I am Grey hat" Instead of dumping the entire database like many previous Sony attackers, idahc only dumped the email addresses from one table in Sony's database. He claims to have discovered three different flaws on SonyMusic.pt, including SQL injection, XSS (cross-site scripting) and iFrame injection. Reference: http://nakedsecurity.sophos.com/2011/06/09/sony-portugal-latest-to-fall-to-hackers/ |
Entry Title: WHID 2011-158: Citigroup Card Customers??? Data Hacked WHID ID: 2011-158 Date Occurred: 6/9/2011 Attack Method: Predictable Resource Location Application Weakness: Insufficient Authorization Outcome: Leakage of Information Attacked Entity Field: Finance Attacked Entity Geography: New York, NY Incident Description: Citigroup acknowledged on Thursday that unidentified hackers had breached its security and gained access to the data of hundreds of thousands of its bank card customers. Reference: http://dealbook.nytimes.com/2011/06/09/citigroup-card-customers-data-hacked/ |
Entry Title: WHID 2011-157: MI6 replace al-Qaeda bomb-making instructions with cupcake recipes WHID ID: 2011-157 Date Occurred: 6/6/2011 Attack Method: Unknown Application Weakness: Unknown Outcome: Disinformation Attacked Entity Field: Information Services Attacked Entity Geography: Yemen Incident Description: The British goverment???s Secrect Intelligence Service department called MI6 has carried out a rather amusing, but also very important website hack. The terrorist organization al-Qaeda has a number of ways to get new recruits, or teach existing members how to make bombs, and generally cause upset and violence in whatever area of the world they operate. One such information point is a new English-language online magazine that had information on how to make bombs using common househols items in your kitchen. Reference: http://www.geek.com/articles/geek-cetera/mi6-replace-al-qaeda-bomb-making-instructions-with-cupcake-recipes-2011066/ |
Entry Title: WHID 2011-156: Conservative Party website hacked WHID ID: 2011-156 Date Occurred: 6/7/2011 Attack Method: Unknown Application Weakness: Unknown Outcome: Disinformation Attacked Entity Field: Government Attacked Entity Geography: Ottawa, CA Incident Description: A local MP's Twitter account fell victim to part of a hoax about Prime Minister Stephen Harper Tuesday. False information on the hacked Conservative Party website said the prime minister was rushed to Toronto General Hospital by helicopter after his wife called 911. Reference: http://www.newsdurhamregion.com/news/article/178825 |
Entry Title: WHID 2011-155: Hacker breaks into MIT website WHID ID: 2011-155 Date Occurred: 6/8/2011 Attack Method: SQL Injection Application Weakness: Improper Input Handling Outcome: Leakage of Information Attacked Entity Field: Education Attacked Entity Geography: Cambridge, MA Incident Description: Despite its vaunted technological knowhow, even the Massachussetts Institute of Technology (MIT) was not spared from hackers who broke into its website and posted the stolen data online. The hacker named Cyber_Owner broke into MIT's International Liaison Program site (ilp.mit.edu), The Hacker News reported Wednesday. Reference: http://www.gmanews.tv/story/222877/technology/hacker-breaks-into-mit-website |
Entry Title: 2011-154: Hundreds of websites in Vietnam hacked WHID ID: 2011-154 Date Occurred: 6/6/2011 Attack Method: Unknown Application Weakness: Improper Output Handling Outcome: Defacement Attacked Entity Field: Government Attacked Entity Geography: Hanoi, VN Incident Description: VietNamNet Bridge ??? Just within several days of early June, technology and security forums have reckoned hundreds of ???.vn??? websites which have been hacked, including the websites of government agencies and ministries. Reference: http://english.vietnamnet.vn/en/science-technology/9213/hundreds-of-websites-in-vietnam-hacked.html |
Entry Title: WHID 2011-153: FBI Partner Organization Website Hacked WHID ID: 2011-153 Date Occurred: 6/6/2011 Attack Method: SQL Injection Application Weakness: Improper Input Handling Outcome: Leakage of Information Attacked Entity Field: Government Attacked Entity Geography: Atlanta, GA Incident Description: nfraGard Atlanta Members Alliance said Sunday that about 180 passwords belonging to members of the FBI partner organization have been stolen and leaked to the Internet. Paul Farley, president of the organization, told The Associated Press (AP) that the logins belonged to members of the local chapter of InfraGard, a public-private partnership devoted to sharing information about threats to U.S. physical and Internet infrastructure. "Someone did compromise the website," Farley told AP. "We do not at this time know how the attack occurred or the method used to reveal the passwords." Reference: http://www.redorbit.com/news/technology/2059174/fbi_partner_organization_website_hacked/ |
Entry Title: WHID 2011-152: DDoS attack takes down Atlassian's SaaS platform WHID ID: 2011-152 Date Occurred: 6/6/2011 Attack Method: Denial of Service Application Weakness: Insufficient Anti-automation Outcome: Downtime Attacked Entity Field: Technology Attacked Entity Geography: Saint Louis, MO Incident Description: A distributed denial-of-service (DDoS) attack against Atlassian's hosting provider took the company's Software-as-a-Service (SaaS) platform down for a few hours this morning, with services returning this afternoon. Reference: http://www.zdnet.com.au/atlassian-downed-by-ddos-attack-339316263.htm |
Entry Title: WHID 2011-151: Hacker Arrested for Stealing Nude Photos WHID ID: 2011-151 Date Occurred: 6/6/2011 Attack Method: Phishing Application Weakness: Insufficient Authentication Outcome: Leakage of Information Attacked Entity Field: Hosting Providers Attacked Entity Geography: Incident Description: According to police, Joseph B. Campbell used phishing to trick his victims -- some of whom he knew from high-school -- into divulging their passwords. He'd get email addresses from their Facebook pages, and then send his victims phoney electronic greeting cards that would ask them for login information for Web mail accounts, said Thomas Edwards, chief of police with the Belleair Police Department. Reference: http://www.computerworld.com/s/article/9217319/Police_Man_stole_nude_photos_from_hacked_e_mail_accounts |
Entry Title: WHID 2011-150: Yahoo!, Hotmail accounts targeted by hackers WHID ID: 2011-150 Date Occurred: 6/6/2011 Attack Method: Cross Site Scripting (XSS) Application Weakness: Improper Output Handling Outcome: Session Hijacking Attacked Entity Field: Hosting Providers Attacked Entity Geography: Redmond, WA Incident Description: Trend???s researchers in Taiwan also identified attacks that exploit a vulnerability in the Microsoft Hotmail web email service. ???Rather than clicking a malicious link, even the simple act of previewing the malicious email message can compromise a user???s account???, noted Villeneuve. ???This phishing email pretended to be from the Facebook security team.??? Reference: http://www.infosecurity-us.com/view/18446/yahoo-hotmail-accounts-targeted-by-hackers/ |
Entry Title: WHID 2011-15: Hacker Code Lingered on Home Depot Website WHID ID: 2011-15 Date Occurred: 1/11/2011 Attack Method: Unknown Application Weakness: Improper Output Handling Outcome: Planting of Malware Attacked Entity Field: Retail Attacked Entity Geography: Incident Description: An IT analyst has uncovered the lingering remnants of a 2009 breach of security on the website of the major retailer: secret code hidden on the website that redirected the user's browser to a site that served up malware. "Somebody managed to deface the site and inject that code, so that anyone visiting the site would have loaded the malicious code from this other site," explained Mike Menefee, founder of security website Infosec Island, which discovered the hack. Reference: http://www.foxnews.com/scitech/2011/01/11/home-depot-website-compromised/ |
Entry Title: WHID 2011-149: Sony Investigating Two Possible Hacker Attacks, Suspends Brazil Music Site WHID ID: 2011-149 Date Occurred: 6/7/2011 Attack Method: Unknown Application Weakness: Unknown Outcome: Downtime Attacked Entity Field: Entertainment Attacked Entity Geography: Brazil Incident Description: The company suspended its Brazilian music entertainment website while it looks into a possible breach, it said today. Sony also is investigating a hacker group???s claim that it stole data related to the company???s game operation. Reference: http://www.bloomberg.com/news/2011-06-07/sony-says-brazil-music-website-suspended-after-suspected-attack-by-hackers.html |
Entry Title: WHID 2011-148: India???s fight against corruption mounts, govt website hacked WHID ID: 2011-148 Date Occurred: 6/7/2011 Attack Method: Unknown Application Weakness: Improper Output Handling Outcome: Defacement Attacked Entity Field: Government Attacked Entity Geography: New Delhi, India Incident Description: Well, well, well, what do we have here? The fight against corruption in India spawned a twitter app to spread the word the other day. The Twitterverse went on a mission of findingmanmohan yesterday, and today, an anonymous group has hacked a particular government website with a message to Mr. Prime Minister and others (Kapil Sibal probably). Reference: http://asiancorrespondent.com/56835/hacked-india%E2%80%99s-fight-against-corruption-goes-berserk-govt-website-hacked/ |
Entry Title: WHID 2011-147: Now Nintendo Admits It Was Hacked, Says No Customer Data Stolen WHID ID: 2011-147 Date Occurred: 6/6/2011 Attack Method: Unknown Application Weakness: Unknown Outcome: Leakage of Information Attacked Entity Field: Entertainment Attacked Entity Geography: Redmond, WA Incident Description: Nintendo acknowledged a security breach in a statement yesterday, explaining that its U.S. servers came under cyber-fire a few weeks ago, but stressed that no personal user data was in breach. Reference: http://techland.time.com/2011/06/06/now-nintendo-admits-it-was-hacked-says-no-customer-data-stolen/#ixzz1OWrKxZOC |
Entry Title: WHID 2011-146: LulzSec has compromised SonyPictures.RU WHID ID: 2011-146 Date Occurred: 6/5/2011 Attack Method: SQL Injection Application Weakness: Improper Input Handling Outcome: Leakage of Information Attacked Entity Field: Entertainment Attacked Entity Geography: Russian Federation Incident Description: In addition to the attack detailed above, the hacking group known as LulzSec has compromised SonyPictures.RU through another SQL injection flaw. No personal information was disclosed in the attack; it appears to have been designed just to continue to point out security flaws in Sony's infrastructure to create PR problems for the media giant. In the note, LulzSec left a message: "In Soviet Russia, SQL injects you..." Reference: http://nakedsecurity.sophos.com/2011/06/04/sony-europe-hacked-by-lebanese-hacker-again/ |
Entry Title: WHID 2011-145: Sony Europe hacked by Lebanese hacker... Again WHID ID: 2011-145 Date Occurred: 6/4/2011 Attack Method: SQL Injection Application Weakness: Improper Output Handling Outcome: Leakage of Information Attacked Entity Field: Entertainment Attacked Entity Geography: Belgium Incident Description: By my count this is unlucky hack number 13 for Sony. A Lebanese hacker known as Idahc dumped another user database at Sony Europe containing approximately 120 usernames, passwords (plain text), mobile phone numbers, work emails and website addresses. Reference: http://nakedsecurity.sophos.com/2011/06/04/sony-europe-hacked-by-lebanese-hacker-again/ |
Entry Title: WHID 2011-144: IC3 Cautions of Osama-Related XSS Assaults WHID ID: 2011-144 Date Occurred: 6/6/2011 Attack Method: Cross Site Request Forgery (CSRF) Application Weakness: Insufficient Process Validation Outcome: Link Spam Attacked Entity Field: Web 2.0 Attacked Entity Geography: Apple Valley, CA Incident Description: Reportedly, a related online scam has been detected as XSS (cross-site scripting). It (the scam) lets cyber-criminals to run a malware program on the attacked site via an end-user's Web-browser through values created within the attacked website's URL, forms of the web, alternatively during instances wherein websites invite visitors to post content straight away. Reference: http://www.spamfighter.com/News-16247-IC3-Cautions-of-Osama-Related-XSS-Assaults.htm |
Entry Title: WHID 2011-143: Anonymous steals 10,000 Iranian government emails, plans DDoS attack WHID ID: 2011-143 Date Occurred: 6/3/2011 Attack Method: Unknown Application Weakness: Unknown Outcome: Downtime Attacked Entity Field: Government Attacked Entity Geography: Iran Incident Description: Anonymous has hacked into Iranian government servers and procured over 10,000 email messages from the Ministry of Foreign Affairs. The Ministry???s website is still down as of this writing, and the servers are under Anonymous control. One of the Iranian members of Anonymous involved with the operation sent me a message from the compromised email servers as evidence that they were still under Anonymous control. Reference: http://thenextweb.com/industry/2011/06/03/anonymous-steals-10000-iranian-government-emails-plans-ddos-attack/ |
Entry Title: WHID 2011-142: New Sony Hack Claims Over a Million User Passwords WHID ID: 2011-142 Date Occurred: 6/2/2011 Attack Method: SQL Injection Application Weakness: Improper Input Handling Outcome: Leakage of Information Attacked Entity Field: Entertainment Attacked Entity Geography: Tokyo, Japan Incident Description: "SonyPictures.com was owned by a very simple SQL injection, one of the most primitive and common vulnerabilities, as we should all know by now. From a single injection, we accessed EVERYTHING. Why do you put such faith in a company that allows itself to become open to these simple attacks? What's worse is that every bit of data we took wasn't encrypted. Sony stored over 1,000,000 passwords of its customers in plaintext, which means it's just a matter of taking it. This is disgraceful and insecure: they were asking for it." Reference: http://techland.time.com/2011/06/02/new-sony-hack-claims-one-million-user-passwords/ |
Entry Title: WHID 2011-141: Google says Chinese hackers broke into Gmail WHID ID: 2011-141 Date Occurred: 6/1/2011 Attack Method: Cross Site Request Forgery (CSRF) Application Weakness: Insufficient Process Validation Outcome: Account Takeover Attacked Entity Field: Hosting Providers Attacked Entity Geography: Mountain View, CA Incident Description: Computer hackers in China broke into the Gmail accounts of several hundred people, including senior U.S. government officials, military personnel and political activists, Google Inc. said Wednesday. Reference: http://www.huffingtonpost.com/huff-wires/20110601/us-tec-google-hacking-attack/ |
Entry Title: WHID 2011-140: Scammers targeting dealers??? Auto Trader accounts and ripping off buyers WHID ID: 2011-140 Date Occurred: 6/2/2011 Attack Method: Unknown Application Weakness: Unknown Outcome: Disinformation Attacked Entity Field: Automotive Attacked Entity Geography: Overland Park, KS Incident Description: Several dealers have been in touch with Car Dealer with tales of woe after their accounts with the online classified website were compromised. Reference: http://www.cardealermagazine.co.uk/publish/scammers-targeting-dealers-auto-trader-accounts-and-ripping-off-buyers/52641 |
Entry Title: WHID 2011-14: Hacker Hits FOX23 School Closings WHID ID: 2011-14 Date Occurred: 1/11/2011 Attack Method: Unknown Application Weakness: Unknown Outcome: Disinformation Attacked Entity Field: Media Attacked Entity Geography: Oklahoma, USA Incident Description: FOX23 distributes top secret information to school districts so they can post school closings to our website. Tuesday morning, that information fell into the wrong hands, and for five minutes students in Broken Arrow thought they had a day off school. This morning at 7:33 Broken Arrow mom Becki Santucci heard a ding in her purse. ???I got a text message saying Broken Arrow schools are closed.??? The sender, ???FOX23. (It was) my email alert about school closings.??? But school was not closed. Someone logged on to FOX23.com and posted the closing without anyone's permission. Reference: http://www.fox23.com/news/local/story/Hacker-Hits-FOX23-School-Closings/nJlTwic8fEqLIhxpEs2Vow.cspx |
Entry Title: WHID 2011-139: DILG website still down WHID ID: 2011-139 Date Occurred: 6/1/2011 Attack Method: Unknown Application Weakness: Improper Output Handling Outcome: Defacement Attacked Entity Field: Government Attacked Entity Geography: Makati, PH Incident Description: The Department of Interior and Local Government's (DILG's) website is still down as of Wednesday morning, following a hack on Tuesday that led the site to display the logo of a porn site as one of its "news items". Reference: http://www.gmanews.tv/story/222221/technology/dilg-website-hacked |
Entry Title: WHID 2011-138: 'Dark forces' attack Chinese leftist website in resurgent culture war WHID ID: 2011-138 Date Occurred: 6/1/2011 Attack Method: Denial of Service Application Weakness: Insufficient Anti-automation Outcome: Downtime Attacked Entity Field: Politics Attacked Entity Geography: Beijing, China Incident Description: The flagship website of China's resurgent New Left movement was brought down by hackers yesterday, interrupting its ferocious campaign against critics of Chairman Mao Zedong. Read more: http://www.smh.com.au/technology/security/dark-forces-attack-chinese-leftist-website-in-resurgent-culture-war-20110531-1fere.html#ixzz1O3stL6am Reference: http://www.smh.com.au/technology/security/dark-forces-attack-chinese-leftist-website-in-resurgent-culture-war-20110531-1fere.html |
Entry Title: WHID 2011-137: Hacked PBS reports Tupac, Biggie alive WHID ID: 2011-137 Date Occurred: 5/30/2011 Attack Method: SQL Injection Application Weakness: Improper Input Handling Outcome: Leakage of Information Attacked Entity Field: News Attacked Entity Geography: Arlington, VA Incident Description: Hacking group LulzSec broke into the site after it cracked the security on the media stalwart website, and obtained access credentials held in databases. Reference: http://www.scmagazine.com.au/News/258976,hacked-pbs-reports-tupac-biggie-alive.aspx |
Entry Title: WHID 2011-136: Apple under fire as hacked iTunes complaints swell WHID ID: 2011-136 Date Occurred: 6/7/2011 Attack Method: Unknown Application Weakness: Unknown Outcome: Monetary Loss Attacked Entity Field: Technology Attacked Entity Geography: Cambridge, MA Incident Description: Apple is facing mounting criticism as a possible iTunes hack attack has seen customers' gift certificate accounts drained. Several pages on Apple's forums highlight the security flaw, with dozens of users blaming a Sega app called Kingdom Conquest for removing funds ??? even if they have never downloaded the game. Various other apps have also been blamed for draining accounts using a similar technique. Reference: http://www.pcpro.co.uk/news/security/367855/apple-under-fire-as-hacked-itunes-complaints-swell |
Entry Title: WHID 2011-135: Hackers steal owner data from Honda WHID ID: 2011-135 Date Occurred: 5/27/2011 Attack Method: SQL Injection Application Weakness: Improper Input Handling Outcome: Leakage of Information Attacked Entity Field: Automotive Attacked Entity Geography: Toronto, Canada Incident Description: Honda Canada has informed thousands of its Honda and Acura customers that some of their personal information was stolen when its systems were hacked. Reference: http://www.cbc.ca/news/technology/story/2011/05/27/honda-hackers-data.html |
Entry Title: WHID 2011-134: Codemasters Admits Weekend Hack Attack WHID ID: 2011-134 Date Occurred: 5/20/2011 Attack Method: SQL Injection Application Weakness: Improper Input Handling Outcome: Leakage of Information Attacked Entity Field: Entertainment Attacked Entity Geography: United Kingdom Incident Description: Codemasters, best known as the publisher of the Operation Flashpoint and Grid games, acknowledged to GamesIndustry that hackers were able to breach its security on May 20 and gain access to user data, which was then posted online. Reference: http://www.escapistmagazine.com/news/view/110400-Codemasters-Admits-Weekend-Hack-Attack |
Entry Title: WHID 2011-133: Nigerian government agency website hacked by ???Cyberhacktivists??? WHID ID: 2011-133 Date Occurred: 5/26/2011 Attack Method: Unknown Application Weakness: Improper Output Handling Outcome: Defacement Attacked Entity Field: Government Attacked Entity Geography: Nigeria Incident Description: A group of Nigerian hackers who call themselves ???Naija Cyber Hacktivists??? broke into the Niger Delta Development Committee???s website, a Nigerian agency set up to develop the region, yesterday. Reference: http://thenextweb.com/africa/2011/05/26/nigerian-government-agency-website-hacked-by-cyberhacktivists/ |
Entry Title: WHID 2011-132: Turkish Online News Sites Face Cyber-attack WHID ID: 2011-132 Date Occurred: 5/25/2011 Attack Method: Denial of Service Application Weakness: Insufficient Anti-automation Outcome: Downtime Attacked Entity Field: News Attacked Entity Geography: Turkey Incident Description: Recently, several Turkish online news portals suffered cyber-attack. The website of Birgun, a left-wing daily newspaper operated from Istanbul was the first news portal to suffer cyber-attack. Reference: http://www.release-news.com/index.php/technology/112749-turkish-online-news-sites-face-cyber-attack.html |
Entry Title: WHID 2011-131: Hackers Compromise Sony Music Japan WHID ID: 2011-131 Date Occurred: 5/25/2011 Attack Method: SQL Injection Application Weakness: Improper Input Handling Outcome: Leakage of Information Attacked Entity Field: Entertainment Attacked Entity Geography: Tokyo, Japan Incident Description: On the weekend, it was Sony BMG Greece that was compromised and today, it was Sony Music Japan. Unfortunately, Sony didn???t learn from the BMG Greece issue as the same exploit, an SQL injection flaw was used to compromise Sony Music Japan. At this time, there is no indication of any data being compromised or stolen. The folks that were able to perform this exploit was Lulz Security, a group of hackers whose self proclaimed mission is to identify and highlight security flaws in networks. Reference: http://www.coated.com/hackers-compromise-sony-music-japan/ |
Entry Title: WHID 2011-130: NIIT Technologies GIS subsidiary???s server hacked WHID ID: 2011-130 Date Occurred: 5/25/2011 Attack Method: SQL Injection Application Weakness: Improper Input Handling Outcome: Leakage of Information Attacked Entity Field: Technology Attacked Entity Geography: USA Incident Description: A server belonging to NIIT GIS Limited, an NIIT Technologies subsidiary, was compromised last week using a SQL injection attack by a hacking group calling itself the ???Tigers of Indian Cyber??? (TIC). TIC posted the disclosure in an open security forum giving proof of concept, and a complete list of account credentials. It has since come to light that NIIT GIS??? server was compromised ??? not the servers at NIIT Technologies. Reference: http://searchsecurity.techtarget.in/news/2240036131/NIIT-Technologies-GIS-subsidiarys-server-hacked |
Entry Title: WHID 2011-13: Hackers deface IBM DeveloperWorks website WHID ID: 2011-13 Date Occurred: 1/11/2011 Attack Method: Unknown Application Weakness: Unknown Outcome: Defacement Attacked Entity Field: Technology Attacked Entity Geography: USA Incident Description: An IBM site for developers was defaced over the weekend, with attackers replacing some of the web pages on the site with ones containing their own messages, IBM confirmed Monday. Reference: http://www.cio.co.uk/news/3256323/hackers-deface-ibm-developerworks-website/ |
Entry Title: WHID 2011-129: Anonymous Targets US Chamber of Commerce WHID ID: 2011-129 Date Occurred: 5/24/2011 Attack Method: Denial of Service Application Weakness: Insufficient Anti-automation Outcome: Downtime Attacked Entity Field: Government Attacked Entity Geography: Richmond, Canada Incident Description: Hactivist collective launches DDoS attack against the business lobbying group over it???s support for the legislation to fight online infringement that many fear will great expand the govt???s ability to filter the Internet. Reference: http://www.zeropaid.com/news/93531/anonymous-targets-us-chamber-of-commerce-for-protect-ip-act/ |
Entry Title: WHID 2011-128: Hackers Steal Hotmail Messages Thanks to Web Flaw WHID ID: 2011-128 Date Occurred: 5/24/2011 Attack Method: Cross Site Request Forgery (CSRF) Application Weakness: Insufficient Process Validation Outcome: Leakage of Information Attacked Entity Field: Hosting Providers Attacked Entity Geography: Redmond, WA Incident Description: Criminals recently spent more than a week siphoning e-mail messages from Hotmail users' accounts, thanks to a programming bug in Microsoft's website. Reference: http://www.pcworld.com/businesscenter/article/228609/hackers_steal_hotmail_messages_thanks_to_web_flaw.html |
Entry Title: WHID 2011-127: Sony says hacker stole 2,000 records from Canadian site WHID ID: 2011-127 Date Occurred: 5/24/2011 Attack Method: SQL Injection Application Weakness: Improper Input Handling Outcome: Leakage of Information Attacked Entity Field: Entertainment Attacked Entity Geography: Canada Incident Description: The problems keep coming for Sony. On Tuesday the company confirmed that someone had hacked into its website and stolen about 2,000 customer names and e-mail addresses. Close to 1,000 of the records have already been posted online by a hacker calling himself Idahc, who says he's a "Lebanese grey-hat hacker." Idahc found a common Web programming error, called an SQL injection flaw, that allowed him to dig up the records on the Canadian version of the Official Sony Ericsson eShop, an online store for mobile phones and accessories. Reference: http://www.computerworld.com/s/article/9217028/Sony_says_hacker_stole_2_000_records_from_Canadian_site?taxonomyId=140 |
Entry Title: WHID 2011-126: New hack on Comodo reseller exposes private data WHID ID: 2011-126 Date Occurred: 5/24/2011 Attack Method: SQL Injection Application Weakness: Improper Input Handling Outcome: Leakage of Information Attacked Entity Field: Technology Attacked Entity Geography: Lansing, MI Incident Description: Yet another official reseller of SSL certificate authority Comodo has suffered a security breach that allowed attackers to gain unauthorized access to data. Brazil-based ComodoBR is at least the fourth Comodo partner to be compromised this year. Reference: http://www.theregister.co.uk/2011/05/24/comodo_reseller_hacked/ |
Entry Title: WHID 2011-125: TrafficShop.com Experiencing DDoS Attack WHID ID: 2011-125 Date Occurred: 5/23/2011 Attack Method: Denial of Service Application Weakness: Insufficient Anti-automation Outcome: Downtime Attacked Entity Field: Retail Attacked Entity Geography: Netherlands Incident Description: TrafficShop.com is currently experiencing a denial-of-service attack, according to the site???s sales manager, Chris 2.0. The perpetrators of the attack are unknown at this time but attempts to access the site result in a white screen. Reference: http://news.avn.com/articles/TrafficShop-com-Experiencing-DDoS-Attack-436445.html |
Entry Title: WHID 2011-124: Hackers target student group websites WHID ID: 2011-124 Date Occurred: 5/23/2011 Attack Method: Unknown Application Weakness: Improper Output Handling Outcome: Link Spam Attacked Entity Field: Education Attacked Entity Geography: Stanford, WA Incident Description: everal Stanford websites were taken offline May 9 after being targeted by hackers looking to sell cheap software. The affected sites, currently offline and inaccessible, are those for the Stanford Concert Network, the Green Alliance for Innovative Action and the ASSU. Reference: http://www.stanforddaily.com/2011/05/23/hackers-target-student-group-websites/ |
Entry Title: WHID 2011-123: Thai Democrat website hacked WHID ID: 2011-123 Date Occurred: 5/23/2011 Attack Method: Unknown Application Weakness: Improper Output Handling Outcome: Defacement Attacked Entity Field: Government Attacked Entity Geography: Bangkok, Thailand Incident Description: A website of the Democrat Party, set up to attract young people, was hacked on Sunday ni Reference: http://www.bangkokpost.com/news/politics/238438/democrat-website-hacked |
Entry Title: WHID 2011-122: Sony BMG Greece the latest hacked Sony site WHID ID: 2011-122 Date Occurred: 5/22/2011 Attack Method: SQL Injection Application Weakness: Improper Input Handling Outcome: Leakage of Information Attacked Entity Field: Entertainment Attacked Entity Geography: Greece Incident Description: In what seems to be a neverending nightmare it appears that the website of Sony BMG in Greece has been hacked and information dumped. An anonymous poster has uploaded a user database to pastebin.com, including the usernames, real names and email addresses of users registered on SonyMusic.gr. Reference: http://nakedsecurity.sophos.com/2011/05/22/sony-bmg-greece-the-latest-hacked-sony-site/ |
Entry Title: WHID 2011-121: State highway police website hacked WHID ID: 2011-121 Date Occurred: 5/23/2011 Attack Method: Unknown Application Weakness: Unknown Outcome: Disinformation Attacked Entity Field: Government Attacked Entity Geography: New Delhi, India Incident Description: The state highway police's website was allegedly hacked by an unknown person, who changed the accident figures to show a steep decline in the number of deaths for the year 2010. Reference: http://www.hindustantimes.com/State-highway-police-website-hacked/Article1-700790.aspx |
Entry Title: WHID 2011-120: Nepal Government???s official Website Hacked WHID ID: 2011-120 Date Occurred: 5/22/2011 Attack Method: Denial of Service Application Weakness: Insufficient Anti-automation Outcome: Downtime Attacked Entity Field: Government Attacked Entity Geography: Nepal Incident Description: It has been reported that the official website of Nepal Government (http://www.nepalgov.gov.np/) has been hacked by anonymous group #OpEverest using the Denial of Service attack. Reference: http://www.groundreport.com/Media_and_Tech/Nepal-Government-s-official-Website-Hacked/2939137 |
Entry Title: WHID 2011-12: Cyber Criminals Attack A Hundred Online Casino Sites WHID ID: 2011-12 Date Occurred: 1/13/2011 Attack Method: Denial of Service Application Weakness: Insufficient Anti-automation Outcome: Monetary Loss Attacked Entity Field: Entertainment Attacked Entity Geography: South Korea Incident Description: A South Korean web hosting company that allegedly hosted an illegal gambling site is in trouble with authorities for organising a series of ???cyber attacks??? on competing illegal online casinos in order to grab gambling business from rival gangsters. Between November 21st and December 15th, 2010, Lee, 32, head of the computer server company along with Park, 37, a hacker working for an Incheon based crime gang which owned the gambling site, organised distributed denial-of-service attacks (DDoS Reference: http://www.onlinepoker.net/poker-news/general-poker-news/cyber-criminals-attack-online-casino-sites/9141 |
Entry Title: WHID 2011-119: Sony site used for phishing WHID ID: 2011-119 Date Occurred: 5/20/2011 Attack Method: Unknown Application Weakness: Improper Output Handling Outcome: Phishing Attacked Entity Field: Entertainment Attacked Entity Geography: Tokyo, Japan Incident Description: Sony has been hacked, and one of its servers used to host a phishing site, according to Finnish company F-Secure. Reference: http://www.zdnet.co.uk/blogs/security-bullet-in-10000166/sony-site-used-for-phishing-10022513/ |
Entry Title: WHID 2011-118: Online Intruder Broke Into Sony Internet Subsidiary's User Accounts WHID ID: 2011-118 Date Occurred: 5/20/2011 Attack Method: Brute Force Application Weakness: Insufficient Anti-automation Outcome: Monetary Loss Attacked Entity Field: Entertainment Attacked Entity Geography: Tokyo, Japan Incident Description: So-net Entertainment Corp., an Internet service provider subsidiary of Sony Corp. (6758.TO, SNE), said an online intruder accessed its customer rewards site earlier this week and stole customers' redeemable gift points worth about 100,000 yen ($1,225). Read more: http://www.foxbusiness.com/industries/2011/05/20/online-intruder-broke-sony-internet-subsidiarys-user-accounts/#ixzz1O2GNDqzB Reference: http://www.foxbusiness.com/industries/2011/05/20/online-intruder-broke-sony-internet-subsidiarys-user-accounts/ |
Entry Title: WHID 2011-117: Colombia's Senate website hacked WHID ID: 2011-117 Date Occurred: 5/20/2011 Attack Method: Unknown Application Weakness: Improper Output Handling Outcome: Defacement Attacked Entity Field: Government Attacked Entity Geography: Columbia Incident Description: Colombian hacker collective "Anonymous" hacked the website of the country's Senate Friday, replacing the page with an alternative website protesting a new law regarding internet copyright. Reference: http://colombiareports.com/colombia-news/news/16402-colombias-senate-website-hacked.html |
Entry Title: WHID 2011-116: New attack vector in DDoS observed WHID ID: 2011-116 Date Occurred: 5/19/2011 Attack Method: Denial of Service Application Weakness: Insufficient Anti-automation Outcome: Downtime Attacked Entity Field: Multiple Attacked Entity Geography: USA Incident Description: We described above a new way of the Denial of Ser?_vice attack. We do believe this method of the attack poses an increased risk to all the DNS servers as there are no pro?_tec?_tive coun?_ter?_mea?_sures avail?_able. The seri?_ous?_ness of the sit?_u?_a?_tion is under?_lined with the fact that this kind of attack was observed on the Inter?_net as fully working. Reference: http://www.zone-h.org/news/id/4739 |
Entry Title: WHID 2011-115: Facebook privacy vulnerability WHID ID: 2011-115 Date Occurred: 5/17/2011 Attack Method: Predictable Resource Location Application Weakness: Insufficient Authorization Outcome: Leakage of Information Attacked Entity Field: Web 2.0 Attacked Entity Geography: USA Incident Description: The privacy vulnerability, which can affect all Facebook users if a hacker has enough time, allows for privacy-protected photos to be accessed without being the user's "friend". Read more: http://www.smh.com.au/technology/security/security-experts-go-to-war-wife-targeted-20110517-1eqsm.html#ixzz1O2AO9MCX Reference: http://www.smh.com.au/technology/security/security-experts-go-to-war-wife-targeted-20110517-1eqsm.html |
Entry Title: WHID 2011-114: Civil-service union hit by invisible DDoS is back up WHID ID: 2011-114 Date Occurred: 5/18/2011 Attack Method: Denial of Service Application Weakness: Insufficient Anti-automation Outcome: Downtime Attacked Entity Field: Politics Attacked Entity Geography: United Kingdom Incident Description: The attack started on Wednesday 11 May and left the website "struggling to cope with average hourly traffic 1,000 times greater than normal," according to the union. Curiously, the attack failed to hit the radar screens of Arbor Networks, the firm that supplies traffic management and DDoS mitigation tools to the vast majority of the world's biggest telcos Reference: http://www.theregister.co.uk/2011/05/18/pcs_ddos_folow_up/ |
Entry Title: WHID 2011-113: French Anti-piracy Agency Hit By A Simple Hack WHID ID: 2011-113 Date Occurred: 5/18/2011 Attack Method: Predictable Resource Location Application Weakness: Insufficient Authorization Outcome: Leakage of Information Attacked Entity Field: Government Attacked Entity Geography: France Incident Description: The French battle against illegal file sharers suffers a setback as its surveillance agency TMG is hacked Reference: http://www.eweekeurope.co.uk/news/french-anti-piracy-agency-hit-by-a-simple-hack-29557 |
Entry Title: WHID 2011-112: Hackers breach Sony's password reset system WHID ID: 2011-112 Date Occurred: 5/19/2011 Attack Method: Stolen Credentials Application Weakness: Insufficient Password Recovery Outcome: Account Takeover Attacked Entity Field: Entertainment Attacked Entity Geography: Japan Incident Description: Sony's PlayStation Network is under fire again, with a new security breach hitting the beleaguered company. Just days after the network was resurrected following a massive data breach, there is mounting evidence that hackers have circumvented protections put in place via a password reset page. According to the Nyleveia gaming website, hackers have discovered an exploit that allows them to change user passwords using only a PlayStation Network account email and date of birth - information which could have been harvested during the recent attack. Reference: http://www.pcauthority.com.au/News/257912,hackers-breach-sonys-password-reset-system.aspx |
Entry Title: WHID 2011-111: Hacker steals customer data from small brokerage WHID ID: 2011-111 Date Occurred: 5/19/2011 Attack Method: SQL Injection Application Weakness: Improper Input Handling Outcome: Leakage of Information Attacked Entity Field: Finance Attacked Entity Geography: Seoul, South Korea Incident Description: An unidentified hacker has broken into the computer system of a small South Korean brokerage house to steal the firm's customer data, the financial regulator said Thursday, adding concerns over financial firms' computer security maintenance. The Financial Supervisory Service (FSS) said the hacker infiltrated the computer server of Leading Investment & Securities Co. and stole 12,000 customers' personal data last week. The stolen data includes their names, social security numbers, addresses and phone numbers, it said. Reference: http://english.yonhapnews.co.kr/business/2011/05/19/85/0503000000AEN20110519004500320F.HTML |
Entry Title: WHID 2011-110: Facebook Fails to Stop Spammers... Again WHID ID: 2011-110 Date Occurred: 5/17/2011 Attack Method: Clickjacking Application Weakness: Application Misconfiguration Outcome: Link Spam Attacked Entity Field: Web 2.0 Attacked Entity Geography: Incident Description: Facebook has recently launched new security features to block spam, but merely after its inception, tons of new ones have emerged, bypassing these security implementations. Reference: http://tech2.in.com/news/social-networking/facebook-spammers-bypassing-new-security-features/219322 |
Entry Title: WHID 2011-11: Educational, government and military sites hit by hackers WHID ID: 2011-11 Date Occurred: 1/17/2011 Attack Method: Known Vulnerability Application Weakness: Application Misconfiguration Outcome: Link Spam Attacked Entity Field: Hosting Providers Attacked Entity Geography: Utah Incident Description: A software security issue with a popular US-based web hosting provider is reportedly allowing hackers to secretly add dozens of web pages to military, educational, financial and government sites in a bid to promote so-called pharma retailing sites. Reference: http://www.infosecurity-magazine.com/view/15209/educational-government-and-military-sites-hit-by-hackers/ |
Entry Title: WHID 2011-109: PCS Union website downed by ideological DDoS WHID ID: 2011-109 Date Occurred: 5/17/2011 Attack Method: Denial of Service Application Weakness: Insufficient Anti-automation Outcome: Downtime Attacked Entity Field: Politics Attacked Entity Geography: United Kingdom Incident Description: The prominent Public and Commercial and Services union (PCS) is struggling to get its website back online after being hit by a huge DDoS attack nearly a week ago. Government aside, sustained attacks against websites with a political theme are extremely rare in UK, and what has befallen the PCS ??? whose members include large numbers of public sector and government workers - could rank as the first time the country has seen a large-scale ideological attack of this kind. Starting on 11 May, the union???s website was hit by traffic 1,000 times its normal level, taking the site down. As of 16 May, the site is still unavailable beyond a static homepage that announces the problem, with a fix unlikely for at least a day or two. Reference: http://www.computerworlduk.com/news/public-sector/3280224/pcs-union-website-downed-by-ideological-ddos/ |
Entry Title: WHID 2011-108: Teenagers prosecuted for hacking and bringing down web hosting company WHID ID: 2011-108 Date Occurred: 4/1/2009 Attack Method: Unknown Application Weakness: Unknown Outcome: Downtime Attacked Entity Field: Hosting Providers Attacked Entity Geography: Incident Description: According to the Met, using the alias 'Colonel Root', Woodham hacked into web hosting company ???Punkyhosting' in April 2009. It detected the attack and made attempts to prevent it. In response, Woodham repeatedly attacked the company over a number of weeks, causing it to cease trading. He then sent a taunting email gloating about his actions. Reference: http://www.scmagazineuk.com/teenagers-prosecuted-for-hacking-and-bringing-down-web-hosting-company/article/202997/ |
Entry Title: WHID 2011-107: Geek.com Site Hacked Via Exploit Kit WHID ID: 2011-107 Date Occurred: 5/17/2011 Attack Method: Unknown Application Weakness: Improper Output Handling Outcome: Planting of Malware Attacked Entity Field: Technology Attacked Entity Geography: USA Incident Description: Hackers inserted malicious code on the first article on the Geek.com homepage, among others, the researchers say. "As this is first article is highlighted --and 'Call of Duty' is a very popular game -- one can assume that many people have fallen victim to this attack," the blog says. The article was published on May 13th. and the malicious Iframe is injected at the bottom of the page, the researchers say. Reference: http://www.darkreading.com/security/attacks-breaches/229500721/geek-com-site-hacked-via-exploit-kit.html |
Entry Title: WHID 2011-106: Final Fantasy maker Square Enix hacked WHID ID: 2011-106 Date Occurred: 5/13/2011 Attack Method: SQL Injection Application Weakness: Improper Input Handling Outcome: Leakage of Information Attacked Entity Field: Entertainment Attacked Entity Geography: Incident Description: Hackers have broken into two websites belonging to Japanese video games maker Square Enix. The company confirmed that the e-mail addresses of up to 25,000 customers who had registered for product updates may have been stolen as a result. Reference: http://www.bbc.co.uk/news/technology-13394968 |
Entry Title: WHID 2011-105: Hackers Take Over Twitter Accounts of Fox-Affiliates WHID ID: 2011-105 Date Occurred: 5/10/2011 Attack Method: Stolen Credentials Application Weakness: Insufficient Authentication Outcome: Account Takeover Attacked Entity Field: Web 2.0 Attacked Entity Geography: USA Incident Description: A group of hackers has gained access to a database of fox.com email accounts and last night took over the Twitter accounts of two Fox-affiliates: WFQX in Michigan???s Upper Peninsulas and KADN in Lafayette, LA. Calling itself Lulz Security, the group posted defamatory tweets under the accounts of WFQX and KADN and, using its own Twitter account (@LulzSec), has today been teasing future attacks. ???Lots of Facebook logins,??? the group tweeted this morning. Reference: http://www.mediabistro.com/tvspy/hackers-take-over-twitter-accounts-of-fox-affiliates_b9977 |
Entry Title: WHID 2011-104: NASA website hacked WHID ID: 2011-104 Date Occurred: 5/11/2011 Attack Method: Unknown Application Weakness: Improper Output Handling Outcome: Link Spam Attacked Entity Field: Government Attacked Entity Geography: USA Incident Description: Software scammers offering cheap Adobe software have hacked into numerous web pages of NASA, just days before its final launch of the shuttle Endeavor, and Stanford University. Reference: http://articles.timesofindia.indiatimes.com/2011-05-11/internet/29531808_1_nasa-website-shuttle |
Entry Title: WHID 2011-103: bianet. org Hit by Massive Cyber Attack WHID ID: 2011-103 Date Occurred: 5/18/2011 Attack Method: Denial of Service Application Weakness: Insufficient Anti-automation Outcome: Downtime Attacked Entity Field: News Attacked Entity Geography: Istanbul, Turkey Incident Description: bianet.org became the target of a heavy cyber attack that started at 3.30 pm on Tuesday (18 May). Broadcasting was resumed at 11.20 pm after the attack has been continuing non-stop. This cyber attack was not related to a hacking attempt. Access to the bianet.org site was prevented due to a Distributed Denial-of-Service (DDoS) caused by a very large number of computers that were connected to the server at the same time. Our information suggests that this was an organized attack and that tens of thousands of computers were controlled for the attack via Trojans. Reference: http://www.bianet.org/english/freedom-of-expression/130062-bianet-org-hit-by-massive-cyber-attack |
Entry Title: WHID 2011-102: Group says its website calling for democracy protests in China was hacked WHID ID: 2011-102 Date Occurred: 5/12/2011 Attack Method: Unknown Application Weakness: Unknown Outcome: Data Loss Attacked Entity Field: Hosting Providers Attacked Entity Geography: Beijing, China Incident Description: A group that has issued calls for pro-democracy protests in China said its Google-hosted site was hacked Thursday, amid a far-reaching government crackdown on activists. Reference: http://www.washingtonpost.com/world/group-says-its-website-calling-for-democracy-protests-in-china-was-hacked/2011/05/12/AFBAEtxG_story.html |
Entry Title: WHID 2011-101: Fox.com hacked WHID ID: 2011-101 Date Occurred: 4/29/2011 Attack Method: Unknown Application Weakness: Unknown Outcome: Leakage of Information Attacked Entity Field: News Attacked Entity Geography: USA Incident Description: Hackers have broken into a Fox.com extranet site, designed as a repository of research statistics, programming details and ratings for clients and affiliates, and stolen the emails and passwords for hundreds of Fox Broadcasting employees. Reference: http://www.politico.com/blogs/onmedia/0511/Foxcom_hacked.html |
Entry Title: WHID 2011-100: Banking Trojan gang busted by Finnish police WHID ID: 2011-100 Date Occurred: 5/10/2011 Attack Method: Banking Trojan Application Weakness: Insufficient Authentication Outcome: Monetary Loss Attacked Entity Field: Finance Attacked Entity Geography: Sweden Incident Description: Updated Finnish police closed on investigation on Tuesday after arresting 17 people suspected of involvement in a banking Trojan scam used to siphon off hundreds of thousands of euros held in accounts with Nordea Bank. Reference: http://www.theregister.co.uk/2011/05/10/finnish_banking_trojan_investigation/ |
Entry Title: WHID 2011-10: US Hospital Server Hacked by ???Call of Duty: Black Op???s??? Fans WHID ID: 2011-10 Date Occurred: 1/17/2011 Attack Method: Unknown Application Weakness: Unknown Outcome: Leakage of Information Attacked Entity Field: Health Attacked Entity Geography: Rochester, New Hampshire Incident Description: Seacoast Radiology in Rochester, New Hampshire, announced last week it had informed over 231,000 patients that their details were accessed after their server was hacked back in November. Although the names, dates of birth, addresses, Social Security numbers and medical procedure codes could have been accessed by the hackers, Don Wood, Seacoast Radiology???s business manager, has said that there has been no report of identity theft as a result of the hack. Reference: http://www.dedicatedserverdir.com/news/ShowItem.aspx?ID=74516 |
Entry Title: WHID 2011-1: Hackers hit Tunisian websites WHID ID: 2011-1 Date Occurred: 1/2/2011 Attack Method: Denial of Service Application Weakness: Insufficient Anti-automation Outcome: Downtime Attacked Entity Field: Government Attacked Entity Geography: Tunisia Incident Description: Online activists have attacked and at least momentarily disabled several Tunisian government websites in the latest act of protest against the country's embattled leadership. As of Monday afternoon, local time, at least eight websites had been affected, including those for the president, prime minister, ministry of industry, ministry of foreign affairs, and the stock exchange. The attack, which began on Sunday night, coincided with a national strike, planned to take place on Monday, that organisers said would be the biggest popular event of its size since Zine El Abidine Ben Ali assumed the presidency. The strike comes on the day that school students return from their holiday. Ben Ali's administration has tightly restricted the flow of information out of Tunisia since widespread protests began on December 17, following 26-year-old Mohamed Bouazizi's suicide attempt. But reports of civil disobedience and police action filtered out on Twitter on Monday, with some users reporting the use of tear gas by security forces. The loosely organised hacker group Anonymous claimed responsibility for the cyber attack, which it called "Operation Tunisia", an apparent arm of the group's broader effort - termed "Operation Payback" - aimed at taking retribution against governments and businesses viewed as hostile to the similarly amorphous document-leaking group WikiLeaks. Reference: http://english.aljazeera.net/news/africa/2011/01/201113111059792596.html |
Entry Title: WHID 2010-99: Got an iTunes account? That's music to a cyber fraudster's ears WHID ID: 2010-99 Date Occurred: 5/22/2010 Attack Method: Brute Force Application Weakness: Insufficient Password Recovery Outcome: Session Hijacking Attacked Entity Field: Web 2.0 Attacked Entity Geography: USA Incident Description: Up to 125million people worldwide have accounts set up on the site. But computer security experts say hackers are easily hijacking accounts by pretending they are a customer who has forgotten their password. As with many websites, iTunes tells users to select a socalled 'security question' from a list of options when they first set up their account. These are fairly basic and include 'what is your mother's maiden name?' and 'where did you spend your honeymoon?'. Customers who have forgotten their passwords are prompted with the question they first selected when they set up their profile - as long as they give the correct answer, they can access the account. Security analysts claim this is leaving the website wide open to fraud. Hackers simply pretend they are a customer who has forgotten their password and can easily work out the answer to the personal question using information that users have posted on social-networking websites such as Facebook and Twitter. Reference: http://www.dailymail.co.uk/news/article-1280354/Got-iTunes-account-Thats-music-cyber-fraudsters-ears.html |
Entry Title: WHID 2010-98: Man charged with attacking O'Reilly, Coulter websites WHID ID: 2010-98 Date Occurred: 5/19/2010 Attack Method: Denial of Service Application Weakness: Insufficient Anti-automation Outcome: Downtime Attacked Entity Field: Media Attacked Entity Geography: USA Incident Description: A former college student has been charged with using the school's computer network to control a botnet and launch distributed denial-of-service (DDoS) attacks against conservative websites belonging to Bill O'Reilly, Ann Coulter and Rudy Giuliani. Reference: http://www.scmagazineus.com/man-charged-with-attacking-oreilly-coulter-websites/article/170524/ |
Entry Title: WHID 2010-97: Microsoft files two lawsuits for "click laundering" WHID ID: 2010-97 Date Occurred: 5/20/2010 Attack Method: Cross Site Request Forgery (CSRF) Application Weakness: Abuse of Functionality Outcome: Fraud Attacked Entity Field: Technology Attacked Entity Geography: USA Incident Description: Microsoft this week filed two lawsuits in federal court in Seattle against alleged perpetrators of a new, technologically advanced form of online advertising click fraud being dubbed "click laundering." According to Microsoft, click fraud is an online advertising scam that occurs when a person or computer program imitates a legitimate user and clicks on an online ad for the purpose of generating a fraudulent ???charge-per-click,??? without having any interest in the ad. Click laundering, meanwhile, is a more advanced form of click fraud designed to outwit fraud detection systems by hiding the origin of fake clicks. Reference: http://www.scmagazineus.com/microsoft-files-two-lawsuits-for-click-laundering/article/170621/ |
Entry Title: WHID 2010-96: Facebook scrambles to close CSRF hole exposing private data WHID ID: 2010-96 Date Occurred: 5/19/2010 Attack Method: Cross Site Request Forgery (CSRF) Application Weakness: Insufficient Process Validation Outcome: Leakage of Information Attacked Entity Field: Web 2.0 Attacked Entity Geography: USA Incident Description: Facebook engineers are finishing a patch for a critical vulnerability that exposed user birthdays and other sensitive data even when they were designated as private, a security researcher said Wednesday. At time of writing, much of the CSRF (cross-site request forgery) bug appeared to have been patched, Keith said. However, as noted earlier by IDG News, attackers still could exploit the flaw to control a user's "like" functions, which are used to endorse ads and other types of content. The flaw involved a piece of code Facebook engineers dubbed "post_form_id," which is used to ensure that commands can be issued only by browsers that have previously logged into the website. Keith discovered a simple way to bypass the security token: by omitting it altogether, Facebook servers no longer attempted to validate browsers. Reference: http://www.theregister.co.uk/2010/05/19/facebook_private_data_leak/ |
Entry Title: WHID 2010-95: Fraud Bazaar Carders.cc Hacked WHID ID: 2010-95 Date Occurred: 5/18/2010 Attack Method: Misconfiguration Application Weakness: Improper Filesystem Permissions Outcome: Leakage of Information Attacked Entity Field: Hacking Attacked Entity Geography: Germany Incident Description: Carders.cc, a German online forum dedicated to helping criminals trade and sell financial data stolen through hacking, has itself been hacked. The once-guarded contents of its servers are now being traded on public file-sharing networks, leading to the exposure of potentially identifying information on the forum???s users as well as countless passwords and credit card accounts swiped from unsuspecting victims. Reference: http://krebsonsecurity.com/2010/05/fraud-bazaar-carders-cc-hacked/ |
Entry Title: WHID 2010-94: Hacker steals 22,000 e-mail address, demands Astley tune WHID ID: 2010-94 Date Occurred: 5/19/2010 Attack Method: SQL Injection Application Weakness: Improper Input Handling Outcome: Leakage of Information Attacked Entity Field: Media Attacked Entity Geography: Netherlands Incident Description: Dutch hacker Darkc0ke hijacked a radio station database containing 22,000 e-mail addresses and threatened to publish them unless the station play Rick Astley's "Never Gonna Give You Up," a variation of an Internet meme known as "rickrolling." "It was a joke," Darkc0ke said via e-mail. "They didn't play the song. Why can't they do someone a favor, just for once?" Darkc0ke said he cracked the database using a basic SQL injection to exploit a security vulnerability. The hacker is known for breaking into databases. Last year, he stole a database containing 46,000 e-mail addresses from the Dutch magazine Autoweek. Reference: http://news.idg.no/cw/art.cfm?id=B143BFED-1A64-6A71-CE6E57CCCFC37786 |
Entry Title: WHID 2010-93: Huge 'sexiest video ever' attack hits Facebook WHID ID: 2010-93 Date Occurred: 5/18/2010 Attack Method: Rogue 3rd Party App Application Weakness: Insufficient Process Validation Outcome: Planting of Malware Attacked Entity Field: Web 2.0 Attacked Entity Geography: USA Incident Description: A huge attack by a rogue Facebook application last weekend infected users' PCs with popup-spewing adware, a security researcher said Monday. On Saturday, AVG Technologies received more than 300,000 reports of the malicious Facebook app, said Roger Thompson, AVG's chief research officer. AVG came up with its tally by counting the number of reports from its LinkScanner software, a free browser add-on that detects potentially poisoned pages. "It was stunning, really, the number," said Thompson in an interview via instant message late Monday. "And stunning that it was not viral or wormy [but that] Facebook did it all by itself." The volume of reports on Saturday's rogue Facebook software was highest during the nine-hour period between midnight and 9 a.m. Eastern, with spikes of approximately 40,000 per hour coming at 7 a.m. and noon. For the day, AVG received more than 300,000 reports, triple that of AVG's second-most-reported piece of spyware. According to Thompson, Facebook eradicated the rogue application about 15 hours after the attack started. Facebook's only acknowledgment of the attack came on its security page, where a "Tip of the Week" Monday morning read: "Don't click on suspicious-looking links, even if they've been sent or posted by friends." Reference: http://www.computerworld.com/s/article/9176905/Huge_sexiest_video_ever_attack_hits_Facebook |
Entry Title: WHID 2010-92: SQL Injection attack used in breach of 168,000 Netherlands travelers WHID ID: 2010-92 Date Occurred: 5/18/2010 Attack Method: SQL Injection Application Weakness: Improper Input Handling Outcome: Leakage of Information Attacked Entity Field: Government Attacked Entity Geography: Netherlands Incident Description: An attacker has discovered a serious flaw in a website set up to encourage the use of smart cards for public transportation in the Netherlands, resulting in the leakage of personal information of more than 168,000 travelers. The website offered a coupon for a free trip using the OV smart card system and was set up to promote the new system which is being slowly rolled out throughout the region. According to Webwerld, a tech publication based in the Netherlands, the names, addresses and telephone numbers of individuals who signed up were publicly available as a result of the flaw. Information about the flaw was exposed by an anonymous hacker who gave the magazine a video demonstrating the error using a SQL injection attack. The hacker told the magazine that he made the flaw publicly available because there is no excuse for simple website mistakes. The website has since been taken offline. Reference: http://itknowledgeexchange.techtarget.com/security-bytes/sql-injection-attack-used-in-breach-of-168000-netherlands-travelers/ |
Entry Title: WHID 2010-91: Twitter software bug forces followers WHID ID: 2010-91 Date Occurred: 5/10/2010 Attack Method: Misconfiguration Application Weakness: Insufficient Process Validation Outcome: Disinformation Attacked Entity Field: Web 2.0 Attacked Entity Geography: USA Incident Description: Twitter users had a big shock on Monday when they checked into the micro-blogging service. Their follower and following numbers were at 0, meaning they were suddenly very unpopular or something was seriously wrong with the site. It was the latter, of course. To kill a bug that allowed a user to force other users to follow him or her, Twitter temporarily reset all follower/following counts to zero, according to the Twitter Status blog. Everything was back to normal by 11 a.m. Pacific. Reference: http://www.pcworld.com/article/195962/ |
Entry Title: WHID 2010-90: Facebook Board Member's Account Compromised WHID ID: 2010-90 Date Occurred: 5/10/2010 Attack Method: Unknown Application Weakness: Insufficient Authentication Outcome: Phishing Attacked Entity Field: Web 2.0 Attacked Entity Geography: USA Incident Description: A Facebook message sent out on Saturday from the account of company board member Jim Breyer to over 2,300 "friends" turns out to have been too good to be true. The message, an invitation to an event at which attendees would be given a "Facebook phone number," was a phishing attack, designed to capture information from recipients. The incident underscores the risk of supplying Facebook with data that might be better kept private. Facebook's appeal to cybercriminals arises from the high level of trust that users extend to Facebook messages, which are generally presumed to come from friends. Compromising someone's Facebook account also provides immediate access to a pool of new potential victims: the friends of the person whose account has been hacked. Reference: http://www.informationweek.com/news/software/showArticle.jhtml?articleID=224701441 |
Entry Title: WHID 2010-9: Pakistani cyber crime website hit by hacker who is able to access database WHID ID: 2010-9 Date Occurred: 1/11/2010 Attack Method: SQL Injection Application Weakness: Improper Input Handling Outcome: Defacement Attacked Entity Field: Government Attacked Entity Geography: Pakistan Incident Description: Details of a political website, the Pakistani National Response Center for Cyber Crimes, part of the Federal Investigation Authority, being hacked has been reported when a sensitive site was hit by a hacker who managed to gain access to the email database. Reference: http://www.scmagazineuk.com/pakistani-cyber-crime-website-hit-by-hacker-who-is-able-to-access-database/article/160969/ |
Entry Title: WHID 2010-89: Breaking News: WordPress Hacked with Zettapetta on DreamHost WHID ID: 2010-89 Date Occurred: 5/6/2010 Attack Method: Unknown Application Weakness: Improper Output Handling Outcome: Planting of Malware Attacked Entity Field: Service Providers Attacked Entity Geography: USA Incident Description: Early this morning, we received reports that WordPress blogs were hacked on Linux shared-hosting at DreamHost, as well as other hosting companies. This is dangerous scareware which tries to install a virus on your visitor's computer. WordPress, Zencart and other php-based platforms were hit. Our earliest hacked site report is of 5/6/2010 @ 9:17am. This malware was just detected and is not showing up on website malware scanners yet. We have notified sucuri.net of this latest infection so that they can immediately update their malware detections systems. Reference: http://www.wpsecuritylock.com/breaking-news-wordpress-hacked-with-zettapetta-on-dreamhost/ |
Entry Title: WHID 2010-88: phpnuke.org has been compromised WHID ID: 2010-88 Date Occurred: 5/7/2010 Attack Method: Unknown Application Weakness: Improper Output Handling Outcome: Planting of Malware Attacked Entity Field: Technology Attacked Entity Geography: USA Incident Description: Websense?? Security Labs??? ThreatSeeker??? Network has discovered that the popular Web site, phpnuke.org, has been compromised. PHP-Nuke is a popular Web content management system (CMS), based on PHP and a database such as MySQL, PostgreSQL, Sybase, or Adabas. Earlier versions were open source and free software protected by GNU Public License, but since then it has become commercial software. As it is still very popular in the Internet community, it is not surprising that it has become a target of blackhat attacks. The injected iframe hijacks the browser to a malicious site, where through several steps of iframe redirections the user finally ends up on a highly obfuscated malicious page. Reference: http://community.websense.com/blogs/securitylabs/archive/2010/05/07/phpnuke-org-has-been-compromised.aspx |
Entry Title: WHID 2010-87: Facebook hacker jailed after falsely accusing boyfriend of rape WHID ID: 2010-87 Date Occurred: 5/6/2010 Attack Method: Brute Force Application Weakness: Insufficient Authentication Outcome: Disinformation Attacked Entity Field: Web 2.0 Attacked Entity Geography: USA Incident Description: A young mother who had accused her ex-boyfriend of rape hacked into his Facebook site to post a threat to herself to bolster her fakery. Zoe Williams was described as "really wicked" by the judge, who jailed her for four months. A court heard she tried to set up her ex-boyfriend partner after accused him of raping her several times after the end of their five-year relationship in 2007. Reference: http://www.telegraph.co.uk/technology/facebook/7685381/Facebook-hacker-jailed-after-falsely-accusing-boyfriend-of-rape.html |