11324 lines
990 KiB
HTML
11324 lines
990 KiB
HTML
<!DOCTYPE HTML><html><head>
|
|
<title>OWASP/WASC Web Hacking Incident Database (WHID) - Google Fusion Tables</title>
|
|
<style type="text/css">
|
|
html, body {
|
|
margin: 0;
|
|
padding: 0;
|
|
height: 100%;
|
|
}
|
|
</style></head>
|
|
<body><table cellpadding="0" cellspacing="0"><tr><td><div class="googft-card-view" style="font-family:sans-serif;width:450px;padding:4px;border:1px solid #ccc;overflow:hidden">
|
|
<b>Entry Title:</b> WHID 2015-090: RubyGems.org hacked, interrupting Heroku services and putting sites using Rails at risk<br>
|
|
<b>WHID ID:</b> 2015-090<br>
|
|
<b>Date Occurred:</b> 1/30/2015<br>
|
|
<b>Attack Method:</b> Code Injection<br>
|
|
<b>Application Weakness:</b> Improper Input Handling<br>
|
|
<b>Outcome:</b> Leakage of Information<br>
|
|
<b>Attacked Entity Field:</b> Technology<br>
|
|
<b>Attacked Entity Geography:</b> <br>
|
|
<b>Incident Description:</b> A user uploaded a malicious gem that contained a malicious gem manifest (YAML file). The manifest contained embedded Ruby with this payload. This is the only known incident involving this vulnerability, but the vulnerability involved is a remote code execution exploit, so the usual rules apply.<br>
|
|
<b>Reference:</b> <a href="http://venturebeat.com/2013/01/30/rubygems-org-hacked-interrupting-heroku-services-and-putting-millions-of-sites-using-rails-at-risk/" target="_blank">http://venturebeat.com/2013/01/30/rubygems-org-hacked-interrupting-heroku-services-and-putting-millions-of-sites-using-rails-at-risk/</a>
|
|
</div></td> <td><div class="googft-card-view" style="font-family:sans-serif;width:450px;padding:4px;border:1px solid #ccc;overflow:hidden">
|
|
<b>Entry Title:</b> WHID 2015-089: Rogue Payday loan brokers hacking websites to increase website traffic<br>
|
|
<b>WHID ID:</b> 2015-089<br>
|
|
<b>Date Occurred:</b> 1/29/2015<br>
|
|
<b>Attack Method:</b> Unknown<br>
|
|
<b>Application Weakness:</b> Unknown<br>
|
|
<b>Outcome:</b> SPAM Links<br>
|
|
<b>Attacked Entity Field:</b> Multiple<br>
|
|
<b>Attacked Entity Geography:</b> <br>
|
|
<b>Incident Description:</b> An investigation by Sky News has revealed that some Payday loan brokers have been involved in hacking popular websites in order to increase their rankings on Google and the number of visitors to their sites<br>
|
|
<b>Reference:</b> <a href="http://www.financialreporter.co.uk/finance-news/rogue-payday-loan-brokers-hacking-websites-to-increase-website-traffic.html" target="_blank">http://www.financialreporter.co.uk/finance-news/rogue-payday-loan-brokers-hacking-websites-to-increase-website-traffic.html</a>
|
|
</div></td></tr> <tr><td><div class="googft-card-view" style="font-family:sans-serif;width:450px;padding:4px;border:1px solid #ccc;overflow:hidden">
|
|
<b>Entry Title:</b> WHID 2015-088: Citizens Bank website brought down by Iranian hackers<br>
|
|
<b>WHID ID:</b> 2015-088<br>
|
|
<b>Date Occurred:</b> 1/26/2015<br>
|
|
<b>Attack Method:</b> Denial of Service<br>
|
|
<b>Application Weakness:</b> Insufficient Anti-Automation<br>
|
|
<b>Outcome:</b> Downtime<br>
|
|
<b>Attacked Entity Field:</b> Finance<br>
|
|
<b>Attacked Entity Geography:</b> <br>
|
|
<b>Incident Description:</b> The bank's website was down on Thursday because of what the bank called "a temporary disruption due to an unusually high volume of Internet traffic."<br>
|
|
<b>Reference:</b> <a href="http://www.wcvb.com/money/Citizens-Bank-website-brought-down-by-Iranian-hackers/18291048" target="_blank">http://www.wcvb.com/money/Citizens-Bank-website-brought-down-by-Iranian-hackers/18291048</a>
|
|
</div></td> <td><div class="googft-card-view" style="font-family:sans-serif;width:450px;padding:4px;border:1px solid #ccc;overflow:hidden">
|
|
<b>Entry Title:</b> WHID 2015-087: Anonymous Hacks US Government Site, Threatens Supreme 'Warheads'<br>
|
|
<b>WHID ID:</b> 2015-087<br>
|
|
<b>Date Occurred:</b> 1/26/2015<br>
|
|
<b>Attack Method:</b> Unknown<br>
|
|
<b>Application Weakness:</b> Unknown<br>
|
|
<b>Outcome:</b> Defacement<br>
|
|
<b>Attacked Entity Field:</b> Government<br>
|
|
<b>Attacked Entity Geography:</b> <br>
|
|
<b>Incident Description:</b> The hacktivist group Anonymous hacked the U.S. federal sentencing website early Saturday, using the page to make a brazen and boisterous declaration of "war" on the U.S. government.<br>
|
|
<b>Reference:</b> <a href="http://mashable.com/2013/01/26/anonymous-hack-government-website-declares-war/" target="_blank">http://mashable.com/2013/01/26/anonymous-hack-government-website-declares-war/</a>
|
|
</div></td></tr> <tr><td><div class="googft-card-view" style="font-family:sans-serif;width:450px;padding:4px;border:1px solid #ccc;overflow:hidden">
|
|
<b>Entry Title:</b> WHID 2015-086: Buy Way Hit by Extortionist Rex Mundi Hackers<br>
|
|
<b>WHID ID:</b> 2015-086<br>
|
|
<b>Date Occurred:</b> 1/25/2015<br>
|
|
<b>Attack Method:</b> SQL Injection<br>
|
|
<b>Application Weakness:</b> Improper Input Handling<br>
|
|
<b>Outcome:</b> Leakage of Information<br>
|
|
<b>Attacked Entity Field:</b> Retail<br>
|
|
<b>Attacked Entity Geography:</b> <br>
|
|
<b>Incident Description:</b> Hacker group Rex Mundi, which recently attempted to extort $15,000 from AmeriCash Advance and $50,000 from Drake International, now claim to have breached the servers of Belgian company Buy Way<br>
|
|
<b>Reference:</b> <a href="http://www.esecurityplanet.com/hackers/buy-way-hit-by-extortionist-rex-mundi-hackers.html" target="_blank">http://www.esecurityplanet.com/hackers/buy-way-hit-by-extortionist-rex-mundi-hackers.html</a>
|
|
</div></td> <td><div class="googft-card-view" style="font-family:sans-serif;width:450px;padding:4px;border:1px solid #ccc;overflow:hidden">
|
|
<b>Entry Title:</b> WHID 2015-085: Texas Credit Union Hit by DDoS Attackers<br>
|
|
<b>WHID ID:</b> 2015-085<br>
|
|
<b>Date Occurred:</b> 1/25/2015<br>
|
|
<b>Attack Method:</b> Denial of Service<br>
|
|
<b>Application Weakness:</b> Insufficient Anti-Automation<br>
|
|
<b>Outcome:</b> Downtime<br>
|
|
<b>Attacked Entity Field:</b> Finance<br>
|
|
<b>Attacked Entity Geography:</b> <br>
|
|
<b>Incident Description:</b> University Federal Credit Union, the $1.5 billion institution headquartered in Austin, Texas, confirmed Friday that it was taken down ?for around two and one-half hours? on Thursday in a cyber attack<br>
|
|
<b>Reference:</b> <a href="http://www.cutimes.com/2013/01/25/texas-credit-union-hit-by-ddos-attackers?ref=hp" target="_blank">http://www.cutimes.com/2013/01/25/texas-credit-union-hit-by-ddos-attackers?ref=hp</a>
|
|
</div></td></tr> <tr><td><div class="googft-card-view" style="font-family:sans-serif;width:450px;padding:4px;border:1px solid #ccc;overflow:hidden">
|
|
<b>Entry Title:</b> WHID 2015-084: After Ransom Request, Trading Firm Repelled Hacker Attacks<br>
|
|
<b>WHID ID:</b> 2015-084<br>
|
|
<b>Date Occurred:</b> 1/25/2015<br>
|
|
<b>Attack Method:</b> Denial of Service<br>
|
|
<b>Application Weakness:</b> Insufficient Anti-Automation<br>
|
|
<b>Outcome:</b> Downtime<br>
|
|
<b>Attacked Entity Field:</b> Finance<br>
|
|
<b>Attacked Entity Geography:</b> <br>
|
|
<b>Incident Description:</b> The last in a year-long series of hacker attacks on Henyep Capital Markets (UK) Ltd., an online trading platform, was quickly repelled last October<br>
|
|
<b>Reference:</b> <a href="http://blogs.wsj.com/cio/2013/01/25/after-ransom-request-trading-firm-repelled-hacker-attacks/" target="_blank">http://blogs.wsj.com/cio/2013/01/25/after-ransom-request-trading-firm-repelled-hacker-attacks/</a>
|
|
</div></td> <td><div class="googft-card-view" style="font-family:sans-serif;width:450px;padding:4px;border:1px solid #ccc;overflow:hidden">
|
|
<b>Entry Title:</b> WHID 2015-083: Web server hackers install rogue Apache modules and SSH backdoors<br>
|
|
<b>WHID ID:</b> 2015-083<br>
|
|
<b>Date Occurred:</b> 1/24/2015<br>
|
|
<b>Attack Method:</b> Unknown<br>
|
|
<b>Application Weakness:</b> Unknown<br>
|
|
<b>Outcome:</b> Planting of Malware<br>
|
|
<b>Attacked Entity Field:</b> Multiple<br>
|
|
<b>Attacked Entity Geography:</b> <br>
|
|
<b>Incident Description:</b> A group of hackers that are infecting Web servers with rogue Apache modules are also backdooring their SSH (Secure Shell) services in order to steal login credentials from administrators and users.<br>
|
|
<b>Reference:</b> <a href="http://www.infoworld.com/article/2612975/hacking/web-server-hackers-install-rogue-apache-modules-and-ssh-backdoors--researchers-say.html" target="_blank">http://www.infoworld.com/article/2612975/hacking/web-server-hackers-install-rogue-apache-modules-and-ssh-backdoors--researchers-say.html</a>
|
|
</div></td></tr> <tr><td><div class="googft-card-view" style="font-family:sans-serif;width:450px;padding:4px;border:1px solid #ccc;overflow:hidden">
|
|
<b>Entry Title:</b> WHID 2015-082: Capital One Website Disrupted, Cyber Protestors Claim Attack<br>
|
|
<b>WHID ID:</b> 2015-082<br>
|
|
<b>Date Occurred:</b> 1/24/2015<br>
|
|
<b>Attack Method:</b> Denial of Service<br>
|
|
<b>Application Weakness:</b> Insufficient Anti-Automation<br>
|
|
<b>Outcome:</b> Downtime<br>
|
|
<b>Attacked Entity Field:</b> Finance<br>
|
|
<b>Attacked Entity Geography:</b> <br>
|
|
<b>Incident Description:</b> The website for Capital One was inaccessible for online banking customers for hours overnight, possibly the latest salvo in a long-running cyber protest targeting major Western financial institutions over an anti-Islam movie.<br>
|
|
<b>Reference:</b> <a href="http://abcnews.go.com/blogs/headlines/2013/01/capital-one-website-disrupted-cyber-protestors-claim-attack/" target="_blank">http://abcnews.go.com/blogs/headlines/2013/01/capital-one-website-disrupted-cyber-protestors-claim-attack/</a>
|
|
</div></td> <td><div class="googft-card-view" style="font-family:sans-serif;width:450px;padding:4px;border:1px solid #ccc;overflow:hidden">
|
|
<b>Entry Title:</b> WHID 2015-081: More Zimbabwean bank websites hacked<br>
|
|
<b>WHID ID:</b> 2015-081<br>
|
|
<b>Date Occurred:</b> 1/24/2015<br>
|
|
<b>Attack Method:</b> Unknown<br>
|
|
<b>Application Weakness:</b> Unknown<br>
|
|
<b>Outcome:</b> Defacement<br>
|
|
<b>Attacked Entity Field:</b> Finance<br>
|
|
<b>Attacked Entity Geography:</b> <br>
|
|
<b>Incident Description:</b> Metropolitan Bank, the hacking of whose website we reported here two days ago, were not the only local financial institution to suffer at the hands of site defacers in the past couple of weeks. - See more at: http://www.techzim.co.zw/2013/01/more-zimbabwean-bank-websites-hacked-mbca-tetrad-and-others/#sthash.DMxZ56S1.dpuf<br>
|
|
<b>Reference:</b> <a href="http://www.techzim.co.zw/2013/01/more-zimbabwean-bank-websites-hacked-mbca-tetrad-and-others/" target="_blank">http://www.techzim.co.zw/2013/01/more-zimbabwean-bank-websites-hacked-mbca-tetrad-and-others/</a>
|
|
</div></td></tr> <tr><td><div class="googft-card-view" style="font-family:sans-serif;width:450px;padding:4px;border:1px solid #ccc;overflow:hidden">
|
|
<b>Entry Title:</b> WHID 2015-080: Sri Lanka govt Web sites hit in spate of attacks<br>
|
|
<b>WHID ID:</b> 2015-080<br>
|
|
<b>Date Occurred:</b> 1/23/2015<br>
|
|
<b>Attack Method:</b> Unknown<br>
|
|
<b>Application Weakness:</b> Unknown<br>
|
|
<b>Outcome:</b> Defacement<br>
|
|
<b>Attacked Entity Field:</b> Government<br>
|
|
<b>Attacked Entity Geography:</b> <br>
|
|
<b>Incident Description:</b> A hacker on Tuesday breached the Web site of Sri Lanka Port Authority (SLPA), and also attacked and leaked the Web sites of two Sri Lankan TV channels and the Bureau of Foreign Employment over the last weekend.<br>
|
|
<b>Reference:</b> <a href="http://www.zdnet.com/article/sri-lanka-govt-web-sites-hit-in-spate-of-attacks/" target="_blank">http://www.zdnet.com/article/sri-lanka-govt-web-sites-hit-in-spate-of-attacks/</a>
|
|
</div></td> <td><div class="googft-card-view" style="font-family:sans-serif;width:450px;padding:4px;border:1px solid #ccc;overflow:hidden">
|
|
<b>Entry Title:</b> WHID 2015-079: Hackers steal thousands from Vancouver church<br>
|
|
<b>WHID ID:</b> 2015-079<br>
|
|
<b>Date Occurred:</b> 1/22/2015<br>
|
|
<b>Attack Method:</b> Banking Trojan<br>
|
|
<b>Application Weakness:</b> Insufficient Process Validation<br>
|
|
<b>Outcome:</b> Monetary Loss<br>
|
|
<b>Attacked Entity Field:</b> Finance<br>
|
|
<b>Attacked Entity Geography:</b> <br>
|
|
<b>Incident Description:</b> It?s very likely that hackers were simply using a banking trojan in a consumer-focused info-stealing campaign and just happened to ensnare the church?s account details from the home computer.<br>
|
|
<b>Reference:</b> <a href="http://www.infosecurity-magazine.com/news/hackers-steal-thousands-from-vancouver-church/" target="_blank">http://www.infosecurity-magazine.com/news/hackers-steal-thousands-from-vancouver-church/</a>
|
|
</div></td></tr> <tr><td><div class="googft-card-view" style="font-family:sans-serif;width:450px;padding:4px;border:1px solid #ccc;overflow:hidden">
|
|
<b>Entry Title:</b> WHID 2015-078: UNSW confirms hacking breach<br>
|
|
<b>WHID ID:</b> 2015-078<br>
|
|
<b>Date Occurred:</b> 1/21/2015<br>
|
|
<b>Attack Method:</b> Unknown<br>
|
|
<b>Application Weakness:</b> Unknown<br>
|
|
<b>Outcome:</b> Downtime<br>
|
|
<b>Attacked Entity Field:</b> Education<br>
|
|
<b>Attacked Entity Geography:</b> <br>
|
|
<b>Incident Description:</b> The University of NSW has been the target of a "concerted effort" to hack its systems in December and January forcing the shutdown of 25 of its servers, a spokesman confirmed.<br>
|
|
<b>Reference:</b> <a href="http://www.theage.com.au/it-pro/security-it/unsw-confirms-hacking-breach-20130121-2d272.html" target="_blank">http://www.theage.com.au/it-pro/security-it/unsw-confirms-hacking-breach-20130121-2d272.html</a>
|
|
</div></td> <td><div class="googft-card-view" style="font-family:sans-serif;width:450px;padding:4px;border:1px solid #ccc;overflow:hidden">
|
|
<b>Entry Title:</b> WHID 2015-077: Metropolitan Bank website hacked<br>
|
|
<b>WHID ID:</b> 2015-077<br>
|
|
<b>Date Occurred:</b> 1/21/2015<br>
|
|
<b>Attack Method:</b> Unknown<br>
|
|
<b>Application Weakness:</b> Unknown<br>
|
|
<b>Outcome:</b> Defacement<br>
|
|
<b>Attacked Entity Field:</b> Finance<br>
|
|
<b>Attacked Entity Geography:</b> <br>
|
|
<b>Incident Description:</b> We?re gathering that the websites belonging to Zimbabwean bank, Metropolitan Bank (www.metbank.co.zw) was defaced and subsequently taken down ?for maintenance?. - See more at: http://www.techzim.co.zw/2013/01/metropolitan-bank-website-hacked/#sthash.9ykIzLxt.dpuf<br>
|
|
<b>Reference:</b> <a href="http://www.techzim.co.zw/2013/01/metropolitan-bank-website-hacked/" target="_blank">http://www.techzim.co.zw/2013/01/metropolitan-bank-website-hacked/</a>
|
|
</div></td></tr> <tr><td><div class="googft-card-view" style="font-family:sans-serif;width:450px;padding:4px;border:1px solid #ccc;overflow:hidden">
|
|
<b>Entry Title:</b> WHID 2015-076: Altech website hacked<br>
|
|
<b>WHID ID:</b> 2015-076<br>
|
|
<b>Date Occurred:</b> 1/21/2015<br>
|
|
<b>Attack Method:</b> Unknown<br>
|
|
<b>Application Weakness:</b> Unknown<br>
|
|
<b>Outcome:</b> Defacement<br>
|
|
<b>Attacked Entity Field:</b> Technology<br>
|
|
<b>Attacked Entity Geography:</b> <br>
|
|
<b>Incident Description:</b> Australian distributor Altech Computers fell victim to a hacking attack on Sunday after attackers gained access to a page on the company?s website and uploaded images of a pornographic nature.<br>
|
|
<b>Reference:</b> <a href="http://www.crn.com.au/News/329486,altech-website-hacked-replaced-with-porn.aspx" target="_blank">http://www.crn.com.au/News/329486,altech-website-hacked-replaced-with-porn.aspx</a>
|
|
</div></td> <td><div class="googft-card-view" style="font-family:sans-serif;width:450px;padding:4px;border:1px solid #ccc;overflow:hidden">
|
|
<b>Entry Title:</b> WHID 2015-075: Phys.Org Hacked, serving up malware<br>
|
|
<b>WHID ID:</b> 2015-075<br>
|
|
<b>Date Occurred:</b> 1/16/2015<br>
|
|
<b>Attack Method:</b> Unknown<br>
|
|
<b>Application Weakness:</b> Unknown<br>
|
|
<b>Outcome:</b> Planting of Malware<br>
|
|
<b>Attacked Entity Field:</b> Education<br>
|
|
<b>Attacked Entity Geography:</b> <br>
|
|
<b>Incident Description:</b> Phys.Org admitted it was hacked, but says there is no threat. Chrome and Firefox via Google are blocking the malware "attack" site, but Bing and IE do nothing to warn users that "this site may harm your computer."<br>
|
|
<b>Reference:</b> <a href="http://www.networkworld.com/article/2223853/microsoft-subnet/phys-org-hacked--serving-up-malware--google-blocks-site--but-bing-doesn-t.html" target="_blank">http://www.networkworld.com/article/2223853/microsoft-subnet/phys-org-hacked--serving-up-malware--google-blocks-site--but-bing-doesn-t.html</a>
|
|
</div></td></tr> <tr><td><div class="googft-card-view" style="font-family:sans-serif;width:450px;padding:4px;border:1px solid #ccc;overflow:hidden">
|
|
<b>Entry Title:</b> WHID 2015-074: Hackers Disrupt Mexican Defense Ministry?s Website<br>
|
|
<b>WHID ID:</b> 2015-074<br>
|
|
<b>Date Occurred:</b> 1/17/2015<br>
|
|
<b>Attack Method:</b> Unknown<br>
|
|
<b>Application Weakness:</b> Unknown<br>
|
|
<b>Outcome:</b> Defacement<br>
|
|
<b>Attacked Entity Field:</b> Government<br>
|
|
<b>Attacked Entity Geography:</b> <br>
|
|
<b>Incident Description:</b> Hackers claimed a cyberattack on the Mexican defense ministry website on Jan. 16, posting a manifesto from the Zapatista rebel group for two hours.<br>
|
|
<b>Reference:</b> <a href="http://www.defensenews.com/article/20130117/DEFREG02/301170013/Hackers-Disrupt-Mexican-Defense-Ministry-8217-s-Website?odyssey=nav%7Chead" target="_blank">http://www.defensenews.com/article/20130117/DEFREG02/301170013/Hackers-Disrupt-Mexican-Defense-Ministry-8217-s-Website?odyssey=nav%7Chead</a>
|
|
</div></td> <td><div class="googft-card-view" style="font-family:sans-serif;width:450px;padding:4px;border:1px solid #ccc;overflow:hidden">
|
|
<b>Entry Title:</b> WHID 2015-073: EMG website hacked by Red Army<br>
|
|
<b>WHID ID:</b> 2015-073<br>
|
|
<b>Date Occurred:</b> 1/16/2015<br>
|
|
<b>Attack Method:</b> Unknown<br>
|
|
<b>Application Weakness:</b> Unknown<br>
|
|
<b>Outcome:</b> Defacement<br>
|
|
<b>Attacked Entity Field:</b> Media<br>
|
|
<b>Attacked Entity Geography:</b> <br>
|
|
<b>Incident Description:</b> The webpage, http://news-eleven.com, of Eleven Media Group has today been hacked by Red Army (a combination of six different hacker groups namely Blink Hacker Group, Myanmar Hack3rs Unite4m, Myanmar Cyber Army, Black Hack Area, Myanmar Cyber Defence Army, and Cyber Vampire Team).<br>
|
|
<b>Reference:</b> <a href="http://www.nationmultimedia.com/breakingnews/EMG-website-hacked-by-Red-Army-30198022.html" target="_blank">http://www.nationmultimedia.com/breakingnews/EMG-website-hacked-by-Red-Army-30198022.html</a>
|
|
</div></td></tr> <tr><td><div class="googft-card-view" style="font-family:sans-serif;width:450px;padding:4px;border:1px solid #ccc;overflow:hidden">
|
|
<b>Entry Title:</b> WHID 2015-072: Culture Ministry website hacked by "Bad Piggies"<br>
|
|
<b>WHID ID:</b> 2015-072<br>
|
|
<b>Date Occurred:</b> 1/16/2015<br>
|
|
<b>Attack Method:</b> Unknown<br>
|
|
<b>Application Weakness:</b> Unknown<br>
|
|
<b>Outcome:</b> Defacement<br>
|
|
<b>Attacked Entity Field:</b> Government<br>
|
|
<b>Attacked Entity Geography:</b> <br>
|
|
<b>Incident Description:</b> The official website of the Cultural Ministry was still off the air on Wednesday, as police continued to hunt for hackers who tampered with the website yesterday and again today.<br>
|
|
<b>Reference:</b> <a href="http://www.nationmultimedia.com/national/Culture-Ministry-website-hacked-by-Bad-Piggies-30198031.html" target="_blank">http://www.nationmultimedia.com/national/Culture-Ministry-website-hacked-by-Bad-Piggies-30198031.html</a>
|
|
</div></td> <td><div class="googft-card-view" style="font-family:sans-serif;width:450px;padding:4px;border:1px solid #ccc;overflow:hidden">
|
|
<b>Entry Title:</b> WHID 2015-071: PhonCert Hacked<br>
|
|
<b>WHID ID:</b> 2015-071<br>
|
|
<b>Date Occurred:</b> 1/31/2015<br>
|
|
<b>Attack Method:</b> SQL Injection<br>
|
|
<b>Application Weakness:</b> Improper Input Handling<br>
|
|
<b>Outcome:</b> Leakage of Information<br>
|
|
<b>Attacked Entity Field:</b> Entertainment<br>
|
|
<b>Attacked Entity Geography:</b> <br>
|
|
<b>Incident Description:</b> DB Dump<br>
|
|
<b>Reference:</b> <a href="http://siph0n.net/exploits.php?id=3676" target="_blank">http://siph0n.net/exploits.php?id=3676</a>
|
|
</div></td></tr> <tr><td><div class="googft-card-view" style="font-family:sans-serif;width:450px;padding:4px;border:1px solid #ccc;overflow:hidden">
|
|
<b>Entry Title:</b> WHID 2015-070: Women's Resource Centre website hacked by people claiming to support Isis<br>
|
|
<b>WHID ID:</b> 2015-070<br>
|
|
<b>Date Occurred:</b> 1/30/2015<br>
|
|
<b>Attack Method:</b> Unknown<br>
|
|
<b>Application Weakness:</b> Unknown<br>
|
|
<b>Outcome:</b> Defacement<br>
|
|
<b>Attacked Entity Field:</b> Politics<br>
|
|
<b>Attacked Entity Geography:</b> <br>
|
|
<b>Incident Description:</b> After the hacking last week, the umbrella body has been unable to restore its website to working order, and does not know why it has been targeted<br>
|
|
<b>Reference:</b> <a href="http://www.thirdsector.co.uk/womens-resource-centre-website-hacked-people-claiming-support-isis/communications/article/1331684" target="_blank">http://www.thirdsector.co.uk/womens-resource-centre-website-hacked-people-claiming-support-isis/communications/article/1331684</a>
|
|
</div></td> <td><div class="googft-card-view" style="font-family:sans-serif;width:450px;padding:4px;border:1px solid #ccc;overflow:hidden">
|
|
<b>Entry Title:</b> WHID 2015-069: Website of Bulgaria's Energy Watchdog Hacked<br>
|
|
<b>WHID ID:</b> 2015-069<br>
|
|
<b>Date Occurred:</b> 1/8/2015<br>
|
|
<b>Attack Method:</b> Unknown<br>
|
|
<b>Application Weakness:</b> Unknown<br>
|
|
<b>Outcome:</b> Defacement<br>
|
|
<b>Attacked Entity Field:</b> Government<br>
|
|
<b>Attacked Entity Geography:</b> <br>
|
|
<b>Incident Description:</b> Hackers have taken down the website of DKEVR, the Bulgarian energy regulator. - See more at: http://www.novinite.com/articles/165828/Website+of+Bulgaria%27s+Energy+Watchdog+Hacked#sthash.zKOcddf7.dpuf<br>
|
|
<b>Reference:</b> <a href="http://www.novinite.com/articles/165828/Website+of+Bulgaria%27s+Energy+Watchdog+Hacked" target="_blank">http://www.novinite.com/articles/165828/Website+of+Bulgaria%27s+Energy+Watchdog+Hacked</a>
|
|
</div></td></tr> <tr><td><div class="googft-card-view" style="font-family:sans-serif;width:450px;padding:4px;border:1px solid #ccc;overflow:hidden">
|
|
<b>Entry Title:</b> WHID 2015-068: Higher Education Commission Pakistan Hacked<br>
|
|
<b>WHID ID:</b> 2015-068<br>
|
|
<b>Date Occurred:</b> 1/29/2015<br>
|
|
<b>Attack Method:</b> SQL Injection<br>
|
|
<b>Application Weakness:</b> Improper Input Handling<br>
|
|
<b>Outcome:</b> Leakage of Information<br>
|
|
<b>Attacked Entity Field:</b> Education<br>
|
|
<b>Attacked Entity Geography:</b> <br>
|
|
<b>Incident Description:</b> DB Dump<br>
|
|
<b>Reference:</b> <a href="http://siph0n.net/exploits.php?id=3670" target="_blank">http://siph0n.net/exploits.php?id=3670</a>
|
|
</div></td> <td><div class="googft-card-view" style="font-family:sans-serif;width:450px;padding:4px;border:1px solid #ccc;overflow:hidden">
|
|
<b>Entry Title:</b> WHID 2015-067: Some University of Washington websites hacked<br>
|
|
<b>WHID ID:</b> 2015-067<br>
|
|
<b>Date Occurred:</b> 1/27/2015<br>
|
|
<b>Attack Method:</b> Unknown<br>
|
|
<b>Application Weakness:</b> Unknown<br>
|
|
<b>Outcome:</b> Defacement<br>
|
|
<b>Attacked Entity Field:</b> Education<br>
|
|
<b>Attacked Entity Geography:</b> <br>
|
|
<b>Incident Description:</b> A group of University of Washington websites was hacked Thursday morning, and pages were replaced by an extremist message that promised death to Americans in Iraq.<br>
|
|
<b>Reference:</b> <a href="http://q13fox.com/2015/01/29/some-university-of-washington-websites-hacked-extremist-group-claims-responsibility/" target="_blank">http://q13fox.com/2015/01/29/some-university-of-washington-websites-hacked-extremist-group-claims-responsibility/</a>
|
|
</div></td></tr> <tr><td><div class="googft-card-view" style="font-family:sans-serif;width:450px;padding:4px;border:1px solid #ccc;overflow:hidden">
|
|
<b>Entry Title:</b> WHID 2015-066: Top adult site xhamster victim of large malvertising campaign<br>
|
|
<b>WHID ID:</b> 2015-066<br>
|
|
<b>Date Occurred:</b> 1/27/2015<br>
|
|
<b>Attack Method:</b> Unknown<br>
|
|
<b>Application Weakness:</b> Unknown<br>
|
|
<b>Outcome:</b> Planting of Malware<br>
|
|
<b>Attacked Entity Field:</b> Adult<br>
|
|
<b>Attacked Entity Geography:</b> <br>
|
|
<b>Incident Description:</b> We are observing a particular large malvertising campaign in progress from popular adult site xhamster[.]com, a site that boasts half a billion visits a month.<br>
|
|
<b>Reference:</b> <a href="https://blog.malwarebytes.org/exploits-2/2015/01/top-adult-site-xhamster-victim-of-large-malvertising-campaign/" target="_blank">https://blog.malwarebytes.org/exploits-2/2015/01/top-adult-site-xhamster-victim-of-large-malvertising-campaign/</a>
|
|
</div></td> <td><div class="googft-card-view" style="font-family:sans-serif;width:450px;padding:4px;border:1px solid #ccc;overflow:hidden">
|
|
<b>Entry Title:</b> WHID 2015-065: Taylor Swift hacked on Twitter and Instagram<br>
|
|
<b>WHID ID:</b> 2015-065<br>
|
|
<b>Date Occurred:</b> 1/27/2015<br>
|
|
<b>Attack Method:</b> Unknown<br>
|
|
<b>Application Weakness:</b> Unknown<br>
|
|
<b>Outcome:</b> Account Takeover<br>
|
|
<b>Attacked Entity Field:</b> Social<br>
|
|
<b>Attacked Entity Geography:</b> <br>
|
|
<b>Incident Description:</b> Taylor Swift may be the victim of a recent hack on both of her confirmed Twitter and Instagram accounts. The now-deleted tweets tag Twitter users @Veriuser and @Lizzard and encourages her fans to follow them.<br>
|
|
<b>Reference:</b> <a href="http://mashable.com/2015/01/27/taylor-swift-hack/" target="_blank">http://mashable.com/2015/01/27/taylor-swift-hack/</a>
|
|
</div></td></tr> <tr><td><div class="googft-card-view" style="font-family:sans-serif;width:450px;padding:4px;border:1px solid #ccc;overflow:hidden">
|
|
<b>Entry Title:</b> WHID 2015-064: Rex Mundi dumps more data after another entity doesn?t pay extortion demands<br>
|
|
<b>WHID ID:</b> 2015-064<br>
|
|
<b>Date Occurred:</b> 1/27/2015<br>
|
|
<b>Attack Method:</b> SQL Injection<br>
|
|
<b>Application Weakness:</b> Improper Input Handling<br>
|
|
<b>Outcome:</b> Leakage of Information<br>
|
|
<b>Attacked Entity Field:</b> Recruiting<br>
|
|
<b>Attacked Entity Geography:</b> <br>
|
|
<b>Incident Description:</b> Last week, we hacked the servers of Temporis, allegedly France?s largest network of franchised temp work agencies (www.temporis-franchise.fr).<br>
|
|
<b>Reference:</b> <a href="http://www.databreaches.net/rex-mundi-dumps-more-data-after-another-entity-doesnt-pay-extortion-demands/" target="_blank">http://www.databreaches.net/rex-mundi-dumps-more-data-after-another-entity-doesnt-pay-extortion-demands/</a>
|
|
</div></td> <td><div class="googft-card-view" style="font-family:sans-serif;width:450px;padding:4px;border:1px solid #ccc;overflow:hidden">
|
|
<b>Entry Title:</b> WHID 2015-063: Victor Valley College hit by computer security breach<br>
|
|
<b>WHID ID:</b> 2015-063<br>
|
|
<b>Date Occurred:</b> 1/31/2015<br>
|
|
<b>Attack Method:</b> SQL Injection<br>
|
|
<b>Application Weakness:</b> Improper Input Handling<br>
|
|
<b>Outcome:</b> Leakage of Information<br>
|
|
<b>Attacked Entity Field:</b> Education<br>
|
|
<b>Attacked Entity Geography:</b> <br>
|
|
<b>Incident Description:</b> The entire Victor Valley College Information Technology Department has been placed on paid administrative leave while campus police and an outside company investigate a breach in security protocol, President Roger Wagner said Thursday.<br>
|
|
<b>Reference:</b> <a href="http://www.databreaches.net/ca-victor-valley-college-hit-by-computer-security-breach-entire-it-dept-put-on-leave/" target="_blank">http://www.databreaches.net/ca-victor-valley-college-hit-by-computer-security-breach-entire-it-dept-put-on-leave/</a>
|
|
</div></td></tr> <tr><td><div class="googft-card-view" style="font-family:sans-serif;width:450px;padding:4px;border:1px solid #ccc;overflow:hidden">
|
|
<b>Entry Title:</b> WHID 2015-062: oklahomacounty.org hacked<br>
|
|
<b>WHID ID:</b> 2015-062<br>
|
|
<b>Date Occurred:</b> 1/25/2015<br>
|
|
<b>Attack Method:</b> SQL Injection<br>
|
|
<b>Application Weakness:</b> Improper Input Handling<br>
|
|
<b>Outcome:</b> Leakage of Information<br>
|
|
<b>Attacked Entity Field:</b> Government<br>
|
|
<b>Attacked Entity Geography:</b> <br>
|
|
<b>Incident Description:</b> DB Dump on PasteBin<br>
|
|
<b>Reference:</b> <a href="http://pastebin.com/0ekAGZWs" target="_blank">http://pastebin.com/0ekAGZWs</a>
|
|
</div></td> <td><div class="googft-card-view" style="font-family:sans-serif;width:450px;padding:4px;border:1px solid #ccc;overflow:hidden">
|
|
<b>Entry Title:</b> WHID 2015-061: Malaysia Airlines website hacked by 'Cyber Caliphate'<br>
|
|
<b>WHID ID:</b> 2015-061<br>
|
|
<b>Date Occurred:</b> 1/26/2015<br>
|
|
<b>Attack Method:</b> DNS Hijacking<br>
|
|
<b>Application Weakness:</b> Insufficient Process Validation<br>
|
|
<b>Outcome:</b> Defacement<br>
|
|
<b>Attacked Entity Field:</b> Transportation<br>
|
|
<b>Attacked Entity Geography:</b> <br>
|
|
<b>Incident Description:</b> In a post on its Facebook account, the airline denied its internal servers, which contain passenger information, had been compromised. It said its Domain Name System (DNS) had instead been hijacked, with users redirected to the hackers' website.<br>
|
|
<b>Reference:</b> <a href="http://www.cnn.com/2015/01/25/asia/malaysia-airlines-website-hacked/" target="_blank">http://www.cnn.com/2015/01/25/asia/malaysia-airlines-website-hacked/</a>
|
|
</div></td></tr> <tr><td><div class="googft-card-view" style="font-family:sans-serif;width:450px;padding:4px;border:1px solid #ccc;overflow:hidden">
|
|
<b>Entry Title:</b> WHID 2015-060: ValidDumps.RU Full User Database Dump<br>
|
|
<b>WHID ID:</b> 2015-060<br>
|
|
<b>Date Occurred:</b> 1/22/2015<br>
|
|
<b>Attack Method:</b> SQL Injection<br>
|
|
<b>Application Weakness:</b> Improper Input Handling<br>
|
|
<b>Outcome:</b> Leakage of Information<br>
|
|
<b>Attacked Entity Field:</b> Hacker Site<br>
|
|
<b>Attacked Entity Geography:</b> <br>
|
|
<b>Incident Description:</b> DB Dump<br>
|
|
<b>Reference:</b> <a href="http://siph0n.net/exploits.php?id=3668" target="_blank">http://siph0n.net/exploits.php?id=3668</a>
|
|
</div></td> <td><div class="googft-card-view" style="font-family:sans-serif;width:450px;padding:4px;border:1px solid #ccc;overflow:hidden">
|
|
<b>Entry Title:</b> WHID 2015-059: FreshFiction DB Dumped<br>
|
|
<b>WHID ID:</b> 2015-059<br>
|
|
<b>Date Occurred:</b> 1/24/2015<br>
|
|
<b>Attack Method:</b> SQL Injection<br>
|
|
<b>Application Weakness:</b> Improper Input Handling<br>
|
|
<b>Outcome:</b> Leakage of Information<br>
|
|
<b>Attacked Entity Field:</b> Media<br>
|
|
<b>Attacked Entity Geography:</b> <br>
|
|
<b>Incident Description:</b> DB Dump on PasteBin<br>
|
|
<b>Reference:</b> <a href="http://pastebin.com/ZGfRR7mL" target="_blank">http://pastebin.com/ZGfRR7mL</a>
|
|
</div></td></tr> <tr><td><div class="googft-card-view" style="font-family:sans-serif;width:450px;padding:4px;border:1px solid #ccc;overflow:hidden">
|
|
<b>Entry Title:</b> WHID 2015-058: Bitcoin news website Coinfire and its Twitter account hacked<br>
|
|
<b>WHID ID:</b> 2015-058<br>
|
|
<b>Date Occurred:</b> 1/26/2015<br>
|
|
<b>Attack Method:</b> DNS Hijacking<br>
|
|
<b>Application Weakness:</b> Insufficient Process Validation<br>
|
|
<b>Outcome:</b> Defacement<br>
|
|
<b>Attacked Entity Field:</b> Media<br>
|
|
<b>Attacked Entity Geography:</b> <br>
|
|
<b>Incident Description:</b> ?Well, looks like the XPY supporters got what they wanted. They logged in to our domain registrar account and had our domain taken away from us,? he added.<br>
|
|
<b>Reference:</b> <a href="http://www.hackread.com/bitcoin-news-website-coinfire-website-twitter-hacked/" target="_blank">http://www.hackread.com/bitcoin-news-website-coinfire-website-twitter-hacked/</a>
|
|
</div></td> <td><div class="googft-card-view" style="font-family:sans-serif;width:450px;padding:4px;border:1px solid #ccc;overflow:hidden">
|
|
<b>Entry Title:</b> WHID 2015-057: Government of Nepal /Nepal Department of Transportation Hacked<br>
|
|
<b>WHID ID:</b> 2015-057<br>
|
|
<b>Date Occurred:</b> 1/19/2015<br>
|
|
<b>Attack Method:</b> SQL Injection<br>
|
|
<b>Application Weakness:</b> Improper Input Handling<br>
|
|
<b>Outcome:</b> Leakage of Information<br>
|
|
<b>Attacked Entity Field:</b> Government<br>
|
|
<b>Attacked Entity Geography:</b> <br>
|
|
<b>Incident Description:</b> DB Dump<br>
|
|
<b>Reference:</b> <a href="http://siph0n.net/exploits.php?id=3665" target="_blank">http://siph0n.net/exploits.php?id=3665</a>
|
|
</div></td></tr> <tr><td><div class="googft-card-view" style="font-family:sans-serif;width:450px;padding:4px;border:1px solid #ccc;overflow:hidden">
|
|
<b>Entry Title:</b> WHID 2015-056: Nigeria: DHQ Blogsite Hacked<br>
|
|
<b>WHID ID:</b> 2015-056<br>
|
|
<b>Date Occurred:</b> 1/24/2015<br>
|
|
<b>Attack Method:</b> Unknown<br>
|
|
<b>Application Weakness:</b> Unknown<br>
|
|
<b>Outcome:</b> Defacement<br>
|
|
<b>Attacked Entity Field:</b> Government<br>
|
|
<b>Attacked Entity Geography:</b> <br>
|
|
<b>Incident Description:</b> The Defence Headquarters (DHQ)' information blog site, defenceinfo.mil.ng, that was hacked into in the early hours of Friday, 23 January, 2015 has been restored to full operation.<br>
|
|
<b>Reference:</b> <a href="http://allafrica.com/stories/201501250109.html" target="_blank">http://allafrica.com/stories/201501250109.html</a>
|
|
</div></td> <td><div class="googft-card-view" style="font-family:sans-serif;width:450px;padding:4px;border:1px solid #ccc;overflow:hidden">
|
|
<b>Entry Title:</b> WHID 2015-055: U. Chicago hacked<br>
|
|
<b>WHID ID:</b> 2015-055<br>
|
|
<b>Date Occurred:</b> 1/24/2015<br>
|
|
<b>Attack Method:</b> SQL Injection<br>
|
|
<b>Application Weakness:</b> Improper Input Handling<br>
|
|
<b>Outcome:</b> Leakage of Information<br>
|
|
<b>Attacked Entity Field:</b> Education<br>
|
|
<b>Attacked Entity Geography:</b> <br>
|
|
<b>Incident Description:</b> It appears we should add the University of Chicago to schools hacked by Carbonic. And yes, chalk it up to another SQLi vulnerability.<br>
|
|
<b>Reference:</b> <a href="http://www.databreaches.net/u-chicago-hacked-by-teamcarbonic-claim/" target="_blank">http://www.databreaches.net/u-chicago-hacked-by-teamcarbonic-claim/</a>
|
|
</div></td></tr> <tr><td><div class="googft-card-view" style="font-family:sans-serif;width:450px;padding:4px;border:1px solid #ccc;overflow:hidden">
|
|
<b>Entry Title:</b> WHID 2015-054: Ghana government websites targeted by hackers<br>
|
|
<b>WHID ID:</b> 2015-054<br>
|
|
<b>Date Occurred:</b> 1/21/2015<br>
|
|
<b>Attack Method:</b> Unknown<br>
|
|
<b>Application Weakness:</b> Unknown<br>
|
|
<b>Outcome:</b> Defacement<br>
|
|
<b>Attacked Entity Field:</b> Government<br>
|
|
<b>Attacked Entity Geography:</b> <br>
|
|
<b>Incident Description:</b> The majority of the Ghanaian government's websites, including its main site, have been hacked and are currently offline.<br>
|
|
<b>Reference:</b> <a href="http://www.bbc.com/news/world-africa-30914000" target="_blank">http://www.bbc.com/news/world-africa-30914000</a>
|
|
</div></td> <td><div class="googft-card-view" style="font-family:sans-serif;width:450px;padding:4px;border:1px solid #ccc;overflow:hidden">
|
|
<b>Entry Title:</b> WHID 2015-053: Le Monde hacked: 'Je ne suis pas Charlie' writes Syrian Electronic Army<br>
|
|
<b>WHID ID:</b> 2015-053<br>
|
|
<b>Date Occurred:</b> 1/21/2015<br>
|
|
<b>Attack Method:</b> Unknown<br>
|
|
<b>Application Weakness:</b> Unknown<br>
|
|
<b>Outcome:</b> Account Takeover<br>
|
|
<b>Attacked Entity Field:</b> Social<br>
|
|
<b>Attacked Entity Geography:</b> <br>
|
|
<b>Incident Description:</b> Hackers from the Syrian Electronic Army, which supports Syrian President Bashar al-Assad, broke into the Twitter account of Le Monde overnight, the newspaper confirmed on Wednesday.<br>
|
|
<b>Reference:</b> <a href="http://www.telegraph.co.uk/news/worldnews/europe/france/11359732/Le-Monde-hacked-Je-ne-suis-pas-Charlie-writes-Syrian-Electronic-Army.html" target="_blank">http://www.telegraph.co.uk/news/worldnews/europe/france/11359732/Le-Monde-hacked-Je-ne-suis-pas-Charlie-writes-Syrian-Electronic-Army.html</a>
|
|
</div></td></tr> <tr><td><div class="googft-card-view" style="font-family:sans-serif;width:450px;padding:4px;border:1px solid #ccc;overflow:hidden">
|
|
<b>Entry Title:</b> WHID 2015-052: Russian Dating Site Topface Hacked for 20 Million User Names<br>
|
|
<b>WHID ID:</b> 2015-052<br>
|
|
<b>Date Occurred:</b> 1/25/2015<br>
|
|
<b>Attack Method:</b> SQL Injection<br>
|
|
<b>Application Weakness:</b> Improper Input Handling<br>
|
|
<b>Outcome:</b> Leakage of Information<br>
|
|
<b>Attacked Entity Field:</b> Social<br>
|
|
<b>Attacked Entity Geography:</b> <br>
|
|
<b>Incident Description:</b> User names and e-mail addresses of 20 million visitors to a Russia-based online dating service have been hacked and offered for sale on a website, according to fraud-detection software-maker Easy Solutions Inc.<br>
|
|
<b>Reference:</b> <a href="http://www.bloomberg.com/news/articles/2015-01-25/hacker-steals-20-million-passwords-from-unidentified-dating-site" target="_blank">http://www.bloomberg.com/news/articles/2015-01-25/hacker-steals-20-million-passwords-from-unidentified-dating-site</a>
|
|
</div></td> <td><div class="googft-card-view" style="font-family:sans-serif;width:450px;padding:4px;border:1px solid #ccc;overflow:hidden">
|
|
<b>Entry Title:</b> WHID 2015-051: Alleged Islamic hackers target NZ websites<br>
|
|
<b>WHID ID:</b> 2015-051<br>
|
|
<b>Date Occurred:</b> 1/19/2015<br>
|
|
<b>Attack Method:</b> Unknown<br>
|
|
<b>Application Weakness:</b> Unknown<br>
|
|
<b>Outcome:</b> Defacement<br>
|
|
<b>Attacked Entity Field:</b> Non-Profit<br>
|
|
<b>Attacked Entity Geography:</b> <br>
|
|
<b>Incident Description:</b> At least two New Zealand websites have been hacked and defaced by a group calling themselves the 'Team Muslim Cyberforce'.<br>
|
|
<b>Reference:</b> <a href="http://www.stuff.co.nz/technology/digital-living/65198165/islamic-hackers-target-nz-websites" target="_blank">http://www.stuff.co.nz/technology/digital-living/65198165/islamic-hackers-target-nz-websites</a>
|
|
</div></td></tr> <tr><td><div class="googft-card-view" style="font-family:sans-serif;width:450px;padding:4px;border:1px solid #ccc;overflow:hidden">
|
|
<b>Entry Title:</b> WHID 2015-050: Aussie Travel Cover hack exposes details of 770,000 customers<br>
|
|
<b>WHID ID:</b> 2015-050<br>
|
|
<b>Date Occurred:</b> 1/20/2015<br>
|
|
<b>Attack Method:</b> SQL Injection<br>
|
|
<b>Application Weakness:</b> Improper Input Handling<br>
|
|
<b>Outcome:</b> Leakage of Information<br>
|
|
<b>Attacked Entity Field:</b> Travel<br>
|
|
<b>Attacked Entity Geography:</b> <br>
|
|
<b>Incident Description:</b> A major data breach has hit one of Australia's leading travel insurers, exposing details of three quarters of a million policy holders. But while the hack occurred last year, customers have remained in the dark.<br>
|
|
<b>Reference:</b> <a href="http://www.cnet.com/au/news/aussie-travel-cover-hack-exposes-customer-details/" target="_blank">http://www.cnet.com/au/news/aussie-travel-cover-hack-exposes-customer-details/</a>
|
|
</div></td> <td><div class="googft-card-view" style="font-family:sans-serif;width:450px;padding:4px;border:1px solid #ccc;overflow:hidden">
|
|
<b>Entry Title:</b> WHID 2015-049: philsacra.ust.edu.ph website hacked<br>
|
|
<b>WHID ID:</b> 2015-049<br>
|
|
<b>Date Occurred:</b> 1/17/2015<br>
|
|
<b>Attack Method:</b> SQL Injection<br>
|
|
<b>Application Weakness:</b> Improper Input Handling<br>
|
|
<b>Outcome:</b> Leakage of Information<br>
|
|
<b>Attacked Entity Field:</b> Education<br>
|
|
<b>Attacked Entity Geography:</b> <br>
|
|
<b>Incident Description:</b> DB dump<br>
|
|
<b>Reference:</b> <a href="http://siph0n.net/exploits.php?id=3654" target="_blank">http://siph0n.net/exploits.php?id=3654</a>
|
|
</div></td></tr> <tr><td><div class="googft-card-view" style="font-family:sans-serif;width:450px;padding:4px;border:1px solid #ccc;overflow:hidden">
|
|
<b>Entry Title:</b> WHID 2015-048: Govt sites hacked on eve of SC cybercrime hearing<br>
|
|
<b>WHID ID:</b> 2015-048<br>
|
|
<b>Date Occurred:</b> 1/14/2015<br>
|
|
<b>Attack Method:</b> Unknown<br>
|
|
<b>Application Weakness:</b> Unknown<br>
|
|
<b>Outcome:</b> Defacement<br>
|
|
<b>Attacked Entity Field:</b> Government<br>
|
|
<b>Attacked Entity Geography:</b> <br>
|
|
<b>Incident Description:</b> On the eve of the Supreme Court's hearing on the Anti-Cybercrime Act of 2012, hackers opposing the law defaced several government websites early Monday.<br>
|
|
<b>Reference:</b> <a href="http://www.gmanetwork.com/news/story/290139/scitech/technology/govt-sites-hacked-on-eve-of-sc-cybercrime-hearing" target="_blank">http://www.gmanetwork.com/news/story/290139/scitech/technology/govt-sites-hacked-on-eve-of-sc-cybercrime-hearing</a>
|
|
</div></td> <td><div class="googft-card-view" style="font-family:sans-serif;width:450px;padding:4px;border:1px solid #ccc;overflow:hidden">
|
|
<b>Entry Title:</b> WHID 2015-047: Road Transport Corporation website hacked<br>
|
|
<b>WHID ID:</b> 2015-047<br>
|
|
<b>Date Occurred:</b> 1/14/2015<br>
|
|
<b>Attack Method:</b> Unknown<br>
|
|
<b>Application Weakness:</b> Unknown<br>
|
|
<b>Outcome:</b> Defacement<br>
|
|
<b>Attacked Entity Field:</b> Government<br>
|
|
<b>Attacked Entity Geography:</b> <br>
|
|
<b>Incident Description:</b> The official website of the Andhra Pradesh State Road Transport Corporation (APSRTC) was defaced by suspected hackers from Bangladesh on Sunday<br>
|
|
<b>Reference:</b> <a href="http://timesofindia.indiatimes.com/city/hyderabad/Road-Transport-Corporation-website-hacked/articleshow/18012113.cms" target="_blank">http://timesofindia.indiatimes.com/city/hyderabad/Road-Transport-Corporation-website-hacked/articleshow/18012113.cms</a>
|
|
</div></td></tr> <tr><td><div class="googft-card-view" style="font-family:sans-serif;width:450px;padding:4px;border:1px solid #ccc;overflow:hidden">
|
|
<b>Entry Title:</b> WHID 2015-046: DDoS Attacks Slam Finnish Bank<br>
|
|
<b>WHID ID:</b> 2015-046<br>
|
|
<b>Date Occurred:</b> 1/7/2015<br>
|
|
<b>Attack Method:</b> Denial of Service<br>
|
|
<b>Application Weakness:</b> Insufficient Anti-Automation<br>
|
|
<b>Outcome:</b> Downtime<br>
|
|
<b>Attacked Entity Field:</b> Finance<br>
|
|
<b>Attacked Entity Geography:</b> <br>
|
|
<b>Incident Description:</b> Police in Finland are investigating a series of distributed denial-of-service attacks against the country's OP Pohjola financial services group that have intermittently shut down online banking and direct debit services<br>
|
|
<b>Reference:</b> <a href="http://www.bankinfosecurity.com/ddos-attacks-slam-finnish-bank-a-7761" target="_blank">http://www.bankinfosecurity.com/ddos-attacks-slam-finnish-bank-a-7761</a>
|
|
</div></td> <td><div class="googft-card-view" style="font-family:sans-serif;width:450px;padding:4px;border:1px solid #ccc;overflow:hidden">
|
|
<b>Entry Title:</b> WHID 2015-045: PowerPulse website hacked<br>
|
|
<b>WHID ID:</b> 2015-045<br>
|
|
<b>Date Occurred:</b> 1/16/2015<br>
|
|
<b>Attack Method:</b> SQL Injection<br>
|
|
<b>Application Weakness:</b> Improper Input Handling<br>
|
|
<b>Outcome:</b> Leakage of Information<br>
|
|
<b>Attacked Entity Field:</b> Media<br>
|
|
<b>Attacked Entity Geography:</b> <br>
|
|
<b>Incident Description:</b> DB dumped<br>
|
|
<b>Reference:</b> <a href="http://siph0n.net/exploits.php?id=3653" target="_blank">http://siph0n.net/exploits.php?id=3653</a>
|
|
</div></td></tr> <tr><td><div class="googft-card-view" style="font-family:sans-serif;width:450px;padding:4px;border:1px solid #ccc;overflow:hidden">
|
|
<b>Entry Title:</b> WHID 2015-044: Virginia county website defaced with Islamic State message<br>
|
|
<b>WHID ID:</b> 2015-044<br>
|
|
<b>Date Occurred:</b> 1/20/2015<br>
|
|
<b>Attack Method:</b> Unknown<br>
|
|
<b>Application Weakness:</b> Unknown<br>
|
|
<b>Outcome:</b> Defacement<br>
|
|
<b>Attacked Entity Field:</b> Government<br>
|
|
<b>Attacked Entity Geography:</b> <br>
|
|
<b>Incident Description:</b> A Virginia county was the victim of a cyber attack where a group posted messages and videos praising ISIS, the rebel Islamic group that has leveled threats against the United States. - See more at: http://statescoop.com/virginia-county-website-defaced-islamic-state-messages/#sthash.C2MeEh4O.dpuf<br>
|
|
<b>Reference:</b> <a href="http://statescoop.com/virginia-county-website-defaced-islamic-state-messages/" target="_blank">http://statescoop.com/virginia-county-website-defaced-islamic-state-messages/</a>
|
|
</div></td> <td><div class="googft-card-view" style="font-family:sans-serif;width:450px;padding:4px;border:1px solid #ccc;overflow:hidden">
|
|
<b>Entry Title:</b> WHID 2015-043: Grill parts website experiences system intrusion, payment card breach<br>
|
|
<b>WHID ID:</b> 2015-043<br>
|
|
<b>Date Occurred:</b> 1/23/2015<br>
|
|
<b>Attack Method:</b> SQL Injection<br>
|
|
<b>Application Weakness:</b> Improper Input Handling<br>
|
|
<b>Outcome:</b> Leakage of Information<br>
|
|
<b>Attacked Entity Field:</b> Retail<br>
|
|
<b>Attacked Entity Geography:</b> <br>
|
|
<b>Incident Description:</b> From January 2014 to October 2014, cardholder data was exposed on three separate occasions for various lengths of time due to a cyber attack against Barbecue Renew's web server.<br>
|
|
<b>Reference:</b> <a href="http://www.scmagazine.com/grill-parts-website-experiences-system-intrusion-payment-card-breach/article/394116/" target="_blank">http://www.scmagazine.com/grill-parts-website-experiences-system-intrusion-payment-card-breach/article/394116/</a>
|
|
</div></td></tr> <tr><td><div class="googft-card-view" style="font-family:sans-serif;width:450px;padding:4px;border:1px solid #ccc;overflow:hidden">
|
|
<b>Entry Title:</b> WHID 2015-042: New York Post Confirms Twitter Accounts Were Hacked<br>
|
|
<b>WHID ID:</b> 2015-042<br>
|
|
<b>Date Occurred:</b> 1/16/2015<br>
|
|
<b>Attack Method:</b> Unknown<br>
|
|
<b>Application Weakness:</b> Unknown<br>
|
|
<b>Outcome:</b> Account Takeover<br>
|
|
<b>Attacked Entity Field:</b> Social<br>
|
|
<b>Attacked Entity Geography:</b> <br>
|
|
<b>Incident Description:</b> The New York Post said its Twitter account was hacked after messages were posted citing bogus breaking news about U.S. interest-rate policy and China firing missiles on a U.S. Navy ship.<br>
|
|
<b>Reference:</b> <a href="http://www.bloomberg.com/news/articles/2015-01-16/new-york-post-says-twitter-feed-hacked-after-fake-china-tweets" target="_blank">http://www.bloomberg.com/news/articles/2015-01-16/new-york-post-says-twitter-feed-hacked-after-fake-china-tweets</a>
|
|
</div></td> <td><div class="googft-card-view" style="font-family:sans-serif;width:450px;padding:4px;border:1px solid #ccc;overflow:hidden">
|
|
<b>Entry Title:</b> WHID 2015-041: Lizard Lair Hacked<br>
|
|
<b>WHID ID:</b> 2015-041<br>
|
|
<b>Date Occurred:</b> 1/15/2015<br>
|
|
<b>Attack Method:</b> SQL Injection<br>
|
|
<b>Application Weakness:</b> Improper Input Handling<br>
|
|
<b>Outcome:</b> Leakage of Information<br>
|
|
<b>Attacked Entity Field:</b> Retail<br>
|
|
<b>Attacked Entity Geography:</b> <br>
|
|
<b>Incident Description:</b> Someone hacked LizardStresser[dot]su, the Web site the group uses to coordinate attacks and sell subscriptions to its attacks-for-hire service.<br>
|
|
<b>Reference:</b> <a href="https://krebsonsecurity.com/2015/01/another-lizard-arrested-lizard-lair-hacked/" target="_blank">https://krebsonsecurity.com/2015/01/another-lizard-arrested-lizard-lair-hacked/</a>
|
|
</div></td></tr> <tr><td><div class="googft-card-view" style="font-family:sans-serif;width:450px;padding:4px;border:1px solid #ccc;overflow:hidden">
|
|
<b>Entry Title:</b> WHID 2015-040: Hacker breached Metropolitan State University database with personal info<br>
|
|
<b>WHID ID:</b> 2015-040<br>
|
|
<b>Date Occurred:</b> 1/16/2015<br>
|
|
<b>Attack Method:</b> SQL Injection<br>
|
|
<b>Application Weakness:</b> Improper Input Handling<br>
|
|
<b>Outcome:</b> Leakage of Information<br>
|
|
<b>Attacked Entity Field:</b> Education<br>
|
|
<b>Attacked Entity Geography:</b> <br>
|
|
<b>Incident Description:</b> In a campuswide e-mail Friday, interim president Devinder Malhotra wrote that a computer hacker apparently got ?unauthorized access? to the university database in mid-December, and that investigators are still trying to determine the scope of the data breach.<br>
|
|
<b>Reference:</b> <a href="http://www.databreaches.net/mn-hacker-breached-metropolitan-state-university-database-with-pe-rsonal-info/" target="_blank">http://www.databreaches.net/mn-hacker-breached-metropolitan-state-university-database-with-pe-rsonal-info/</a>
|
|
</div></td> <td><div class="googft-card-view" style="font-family:sans-serif;width:450px;padding:4px;border:1px solid #ccc;overflow:hidden">
|
|
<b>Entry Title:</b> WHID 2015-039: FREE SYRIAN HACKERS HACKS OHIO CITY?S WEBSITE<br>
|
|
<b>WHID ID:</b> 2015-039<br>
|
|
<b>Date Occurred:</b> 1/17/2015<br>
|
|
<b>Attack Method:</b> Unknown<br>
|
|
<b>Application Weakness:</b> Unknown<br>
|
|
<b>Outcome:</b> Defacement<br>
|
|
<b>Attacked Entity Field:</b> Government<br>
|
|
<b>Attacked Entity Geography:</b> <br>
|
|
<b>Incident Description:</b> Free Syrian Hacker Dr.SHA6H hacked and defaced the official Ohio City Website of Perrysburg. He left a message to the defaced page with a message bashing the governments of the world for not solving the Syrian Crisis.<br>
|
|
<b>Reference:</b> <a href="http://beforeitsnews.com/alternative/2015/01/free-syrian-hackers-hacks-ohio-citys-website-3094106.html" target="_blank">http://beforeitsnews.com/alternative/2015/01/free-syrian-hackers-hacks-ohio-citys-website-3094106.html</a>
|
|
</div></td></tr> <tr><td><div class="googft-card-view" style="font-family:sans-serif;width:450px;padding:4px;border:1px solid #ccc;overflow:hidden">
|
|
<b>Entry Title:</b> WHID 2015-038: 19,000 French websites hit by DDoS, defaced in wake of terror attack<br>
|
|
<b>WHID ID:</b> 2015-038<br>
|
|
<b>Date Occurred:</b> 1/16/2015<br>
|
|
<b>Attack Method:</b> Denial of Service<br>
|
|
<b>Application Weakness:</b> Insufficient Anti-Automation<br>
|
|
<b>Outcome:</b> Downtime<br>
|
|
<b>Attacked Entity Field:</b> Media<br>
|
|
<b>Attacked Entity Geography:</b> <br>
|
|
<b>Incident Description:</b> Since the three day terror attack that started in France on January 7 with the attack on satirical newspaper Charlie Hebdo, 19,000 websites of French-based companies have been targeted by cyber attackers, AP reports.<br>
|
|
<b>Reference:</b> <a href="http://www.net-security.org/secworld.php?id=17832" target="_blank">http://www.net-security.org/secworld.php?id=17832</a>
|
|
</div></td> <td><div class="googft-card-view" style="font-family:sans-serif;width:450px;padding:4px;border:1px solid #ccc;overflow:hidden">
|
|
<b>Entry Title:</b> WHID 2015-037: Aqua Marine Boat website hacked<br>
|
|
<b>WHID ID:</b> 2015-037<br>
|
|
<b>Date Occurred:</b> 1/13/2015<br>
|
|
<b>Attack Method:</b> SQL Injection<br>
|
|
<b>Application Weakness:</b> Improper Input Handling<br>
|
|
<b>Outcome:</b> Leakage of Information<br>
|
|
<b>Attacked Entity Field:</b> Retail<br>
|
|
<b>Attacked Entity Geography:</b> <br>
|
|
<b>Incident Description:</b> DB dumped on PasteBin<br>
|
|
<b>Reference:</b> <a href="http://pastebin.com/ApnT0YcX" target="_blank">http://pastebin.com/ApnT0YcX</a>
|
|
</div></td></tr> <tr><td><div class="googft-card-view" style="font-family:sans-serif;width:450px;padding:4px;border:1px solid #ccc;overflow:hidden">
|
|
<b>Entry Title:</b> WHID 2015-036: BigBlueInteractive Hacked<br>
|
|
<b>WHID ID:</b> 2015-036<br>
|
|
<b>Date Occurred:</b> 1/14/2015<br>
|
|
<b>Attack Method:</b> SQL Injection<br>
|
|
<b>Application Weakness:</b> Improper Input Handling<br>
|
|
<b>Outcome:</b> Leakage of Information<br>
|
|
<b>Attacked Entity Field:</b> Media<br>
|
|
<b>Attacked Entity Geography:</b> <br>
|
|
<b>Incident Description:</b> Zyklon dumpts DB<br>
|
|
<b>Reference:</b> <a href="http://www.databreaches.net/and-then-i-stumbled-across-these-hacks-by-zyklon/" target="_blank">http://www.databreaches.net/and-then-i-stumbled-across-these-hacks-by-zyklon/</a>
|
|
</div></td> <td><div class="googft-card-view" style="font-family:sans-serif;width:450px;padding:4px;border:1px solid #ccc;overflow:hidden">
|
|
<b>Entry Title:</b> WHID 2015-035: PasteBin DB Dump from lehlel.com<br>
|
|
<b>WHID ID:</b> 2015-035<br>
|
|
<b>Date Occurred:</b> 1/14/2015<br>
|
|
<b>Attack Method:</b> SQL Injection<br>
|
|
<b>Application Weakness:</b> Improper Input Handling<br>
|
|
<b>Outcome:</b> Leakage of Information<br>
|
|
<b>Attacked Entity Field:</b> Social<br>
|
|
<b>Attacked Entity Geography:</b> <br>
|
|
<b>Incident Description:</b> lehlel.com was hacked and DB dumped<br>
|
|
<b>Reference:</b> <a href="http://pastebin.ca/2906107" target="_blank">http://pastebin.ca/2906107</a>
|
|
</div></td></tr> <tr><td><div class="googft-card-view" style="font-family:sans-serif;width:450px;padding:4px;border:1px solid #ccc;overflow:hidden">
|
|
<b>Entry Title:</b> WHID 2015-034: Payment cards targeted in attack on pet supplies website<br>
|
|
<b>WHID ID:</b> 2015-034<br>
|
|
<b>Date Occurred:</b> 1/16/2015<br>
|
|
<b>Attack Method:</b> Unknown<br>
|
|
<b>Application Weakness:</b> Unknown<br>
|
|
<b>Outcome:</b> Leakage of Information<br>
|
|
<b>Attacked Entity Field:</b> Retail<br>
|
|
<b>Attacked Entity Geography:</b> <br>
|
|
<b>Incident Description:</b> Tennessee-based ValuePetSupplies.com is notifying several thousand customers that unauthorized persons accessed its servers and installed malicious files to capture personal information ? including payment card data ? entered into its website.<br>
|
|
<b>Reference:</b> <a href="http://www.scmagazine.com/payment-cards-targeted-in-attack-on-pet-supplies-website/article/392821/" target="_blank">http://www.scmagazine.com/payment-cards-targeted-in-attack-on-pet-supplies-website/article/392821/</a>
|
|
</div></td> <td><div class="googft-card-view" style="font-family:sans-serif;width:450px;padding:4px;border:1px solid #ccc;overflow:hidden">
|
|
<b>Entry Title:</b> WHID 2015-033: Boomerang Rentals Issues Statement Following Alleged Security Breach<br>
|
|
<b>WHID ID:</b> 2015-033<br>
|
|
<b>Date Occurred:</b> 1/12/2015<br>
|
|
<b>Attack Method:</b> SQL Injection<br>
|
|
<b>Application Weakness:</b> Improper Input Handling<br>
|
|
<b>Outcome:</b> Leakage of Information<br>
|
|
<b>Attacked Entity Field:</b> Gaming<br>
|
|
<b>Attacked Entity Geography:</b> <br>
|
|
<b>Incident Description:</b> UK-based Boomerang Rentals, a videogame rental service, issued a statement Monday, January 12th, following earlier allegations that customer information had been compromised.<br>
|
|
<b>Reference:</b> <a href="http://www.gamebrit.com/2015/01/12/boomerang-rentals-uk-issues-statement-following-alleged-hack-security-breach-game-rental/" target="_blank">http://www.gamebrit.com/2015/01/12/boomerang-rentals-uk-issues-statement-following-alleged-hack-security-breach-game-rental/</a>
|
|
</div></td></tr> <tr><td><div class="googft-card-view" style="font-family:sans-serif;width:450px;padding:4px;border:1px solid #ccc;overflow:hidden">
|
|
<b>Entry Title:</b> WHID 2015-032: Notepad++ Releases ?Je suis Charlie? Edition, Website Gets Defaced<br>
|
|
<b>WHID ID:</b> 2015-032<br>
|
|
<b>Date Occurred:</b> 1/14/2015<br>
|
|
<b>Attack Method:</b> Unknown<br>
|
|
<b>Application Weakness:</b> Unknown<br>
|
|
<b>Outcome:</b> Defacement<br>
|
|
<b>Attacked Entity Field:</b> Technology<br>
|
|
<b>Attacked Entity Geography:</b> <br>
|
|
<b>Incident Description:</b> The website of the open-source text editor Notepad++ has been defaced by an Islamist hacking group because the developer released a ?Je suis Charlie? edition of the software.<br>
|
|
<b>Reference:</b> <a href="http://news.softpedia.com/news/Notepad-plus-plus-Releases-Je-suis-Charlie-Edition-Website-Gets-Defaced-469956.shtml" target="_blank">http://news.softpedia.com/news/Notepad-plus-plus-Releases-Je-suis-Charlie-Edition-Website-Gets-Defaced-469956.shtml</a>
|
|
</div></td> <td><div class="googft-card-view" style="font-family:sans-serif;width:450px;padding:4px;border:1px solid #ccc;overflow:hidden">
|
|
<b>Entry Title:</b> WHID 2015-031: Crayola apologizes for Facebook page hack<br>
|
|
<b>WHID ID:</b> 2015-031<br>
|
|
<b>Date Occurred:</b> 1/12/2015<br>
|
|
<b>Attack Method:</b> Unknown<br>
|
|
<b>Application Weakness:</b> Unknown<br>
|
|
<b>Outcome:</b> Account Takeover<br>
|
|
<b>Attacked Entity Field:</b> Social<br>
|
|
<b>Attacked Entity Geography:</b> <br>
|
|
<b>Incident Description:</b> The Crayola Facebook page was posting things far more risqu? than crayons this past weekend. Unknown hackers took control of the Crayola social media webpage and posted dozens of links to R-rated sites and sexual jokes.<br>
|
|
<b>Reference:</b> <a href="http://www.usatoday.com/story/news/nation-now/2015/01/12/crayola-facebook-page-hack/21640887/" target="_blank">http://www.usatoday.com/story/news/nation-now/2015/01/12/crayola-facebook-page-hack/21640887/</a>
|
|
</div></td></tr> <tr><td><div class="googft-card-view" style="font-family:sans-serif;width:450px;padding:4px;border:1px solid #ccc;overflow:hidden">
|
|
<b>Entry Title:</b> WHID 2015-030: Thousands of American and United airlines accounts hacked, with thieves booking dozens of free trips<br>
|
|
<b>WHID ID:</b> 2015-030<br>
|
|
<b>Date Occurred:</b> 1/12/2015<br>
|
|
<b>Attack Method:</b> SQL Injection<br>
|
|
<b>Application Weakness:</b> Improper Input Handling<br>
|
|
<b>Outcome:</b> Leakage of Information<br>
|
|
<b>Attacked Entity Field:</b> Transportation<br>
|
|
<b>Attacked Entity Geography:</b> <br>
|
|
<b>Incident Description:</b> The hackers stole usernames and passwords from a third party source and logged into thousands of accounts. The source of the leak is being investigated as the airlines work to pay back the hacked customers.<br>
|
|
<b>Reference:</b> <a href="http://www.nydailynews.com/news/national/thousands-american-united-airlines-accounts-hacked-article-1.2075162" target="_blank">http://www.nydailynews.com/news/national/thousands-american-united-airlines-accounts-hacked-article-1.2075162</a>
|
|
</div></td> <td><div class="googft-card-view" style="font-family:sans-serif;width:450px;padding:4px;border:1px solid #ccc;overflow:hidden">
|
|
<b>Entry Title:</b> WHID 2015-029: CENTCOM Twitter account hacked, suspended<br>
|
|
<b>WHID ID:</b> 2015-029<br>
|
|
<b>Date Occurred:</b> 1/12/2015<br>
|
|
<b>Attack Method:</b> Brute Force<br>
|
|
<b>Application Weakness:</b> Insufficient Anti-Automation<br>
|
|
<b>Outcome:</b> Account Takeover<br>
|
|
<b>Attacked Entity Field:</b> Social<br>
|
|
<b>Attacked Entity Geography:</b> <br>
|
|
<b>Incident Description:</b> The Twitter account for U.S. Central Command was suspended Monday after it was hacked by ISIS sympathizers -- but no classified information was obtained and no military networks were compromised, defense officials said.<br>
|
|
<b>Reference:</b> <a href="http://www.cnn.com/2015/01/12/politics/centcom-twitter-hacked-suspended/" target="_blank">http://www.cnn.com/2015/01/12/politics/centcom-twitter-hacked-suspended/</a>
|
|
</div></td></tr> <tr><td><div class="googft-card-view" style="font-family:sans-serif;width:450px;padding:4px;border:1px solid #ccc;overflow:hidden">
|
|
<b>Entry Title:</b> WHID 2015-028: Bundaberg Library website used as hacker's billboard<br>
|
|
<b>WHID ID:</b> 2015-028<br>
|
|
<b>Date Occurred:</b> 1/13/2015<br>
|
|
<b>Attack Method:</b> Unknown<br>
|
|
<b>Application Weakness:</b> Unknown<br>
|
|
<b>Outcome:</b> Defacement<br>
|
|
<b>Attacked Entity Field:</b> Government<br>
|
|
<b>Attacked Entity Geography:</b> <br>
|
|
<b>Incident Description:</b> POLICE are investigating after the Bundaberg Regional Libraries website was hacked by a Syrian activist.<br>
|
|
<b>Reference:</b> <a href="http://www.news-mail.com.au/news/library-website-a-hackers-billboard/2508740/" target="_blank">http://www.news-mail.com.au/news/library-website-a-hackers-billboard/2508740/</a>
|
|
</div></td> <td><div class="googft-card-view" style="font-family:sans-serif;width:450px;padding:4px;border:1px solid #ccc;overflow:hidden">
|
|
<b>Entry Title:</b> WHID 2015-027: Anonymous claims first victim in 'Operation Charlie Hebdo'<br>
|
|
<b>WHID ID:</b> 2015-027<br>
|
|
<b>Date Occurred:</b> 1/10/2015<br>
|
|
<b>Attack Method:</b> Denial of Service<br>
|
|
<b>Application Weakness:</b> Insufficient Anti-Automation<br>
|
|
<b>Outcome:</b> Downtime<br>
|
|
<b>Attacked Entity Field:</b> Media<br>
|
|
<b>Attacked Entity Geography:</b> <br>
|
|
<b>Incident Description:</b> Hacking collective Anonymous declared war on Islamic extremists after Wednesday's deadly attack on Paris-based satirical newspaper Charlie Hebdo, and the group has now claimed its first victim.<br>
|
|
<b>Reference:</b> <a href="http://mashable.com/2015/01/10/anonymous-operation-charlie-hebdo/" target="_blank">http://mashable.com/2015/01/10/anonymous-operation-charlie-hebdo/</a>
|
|
</div></td></tr> <tr><td><div class="googft-card-view" style="font-family:sans-serif;width:450px;padding:4px;border:1px solid #ccc;overflow:hidden">
|
|
<b>Entry Title:</b> WHID 2015-026: North Korean official news agency site serves malware<br>
|
|
<b>WHID ID:</b> 2015-026<br>
|
|
<b>Date Occurred:</b> 1/13/2015<br>
|
|
<b>Attack Method:</b> Unknown<br>
|
|
<b>Application Weakness:</b> Unknown<br>
|
|
<b>Outcome:</b> Planting of Malware<br>
|
|
<b>Attacked Entity Field:</b> Media<br>
|
|
<b>Attacked Entity Geography:</b> <br>
|
|
<b>Incident Description:</b> Users who visited the site of the state-run North Korean news agency, to see the country?s response to the Sony hacking accusations or for other reasons, might want to scan their computers for malware.<br>
|
|
<b>Reference:</b> <a href="http://www.pcworld.com/article/2868436/north-korean-official-news-agency-site-serves-malware.html" target="_blank">http://www.pcworld.com/article/2868436/north-korean-official-news-agency-site-serves-malware.html</a>
|
|
</div></td> <td><div class="googft-card-view" style="font-family:sans-serif;width:450px;padding:4px;border:1px solid #ccc;overflow:hidden">
|
|
<b>Entry Title:</b> WHID 2015-025: Extratorrent Down After Huge DDoS Attack<br>
|
|
<b>WHID ID:</b> 2015-025<br>
|
|
<b>Date Occurred:</b> 1/12/2015<br>
|
|
<b>Attack Method:</b> Denial of Service<br>
|
|
<b>Application Weakness:</b> Insufficient Anti-Automation<br>
|
|
<b>Outcome:</b> Downtime<br>
|
|
<b>Attacked Entity Field:</b> Data Sharing<br>
|
|
<b>Attacked Entity Geography:</b> <br>
|
|
<b>Incident Description:</b> xtraTorrent, one of the largest torrent sites on the Internet, remains down following a huge DDoS attack. The site's operators are working hard to mitigate the assault and hope to have the site back online soon.<br>
|
|
<b>Reference:</b> <a href="https://torrentfreak.com/extratorrent-down-after-huge-ddos-attack-150112/" target="_blank">https://torrentfreak.com/extratorrent-down-after-huge-ddos-attack-150112/</a>
|
|
</div></td></tr> <tr><td><div class="googft-card-view" style="font-family:sans-serif;width:450px;padding:4px;border:1px solid #ccc;overflow:hidden">
|
|
<b>Entry Title:</b> WHID 2015-024: Did you visit HuffPo last week? You might have a virus<br>
|
|
<b>WHID ID:</b> 2015-024<br>
|
|
<b>Date Occurred:</b> 1/8/2015<br>
|
|
<b>Attack Method:</b> Unknown<br>
|
|
<b>Application Weakness:</b> Unknown<br>
|
|
<b>Outcome:</b> Planting of Malware<br>
|
|
<b>Attacked Entity Field:</b> Media<br>
|
|
<b>Attacked Entity Geography:</b> <br>
|
|
<b>Incident Description:</b> This past week, The Huffington Post and several major websites displayed malware-laced advertisements that infected computers and locked them down.<br>
|
|
<b>Reference:</b> <a href="http://money.cnn.com/2015/01/08/technology/security/malvertising-huffington-post/" target="_blank">http://money.cnn.com/2015/01/08/technology/security/malvertising-huffington-post/</a>
|
|
</div></td> <td><div class="googft-card-view" style="font-family:sans-serif;width:450px;padding:4px;border:1px solid #ccc;overflow:hidden">
|
|
<b>Entry Title:</b> WHID 2015-023: 8chan, related sites go down in Lizard Squad-powered DDoS<br>
|
|
<b>WHID ID:</b> 2015-023<br>
|
|
<b>Date Occurred:</b> 1/8/2015<br>
|
|
<b>Attack Method:</b> Denial of Service<br>
|
|
<b>Application Weakness:</b> Insufficient Anti-Automation<br>
|
|
<b>Outcome:</b> Downtime<br>
|
|
<b>Attacked Entity Field:</b> Social<br>
|
|
<b>Attacked Entity Geography:</b> <br>
|
|
<b>Incident Description:</b> On Thursday, the recent Lizard Squad tour of Internet infamy continued as the hacking group took credit for a distributed denial of service (DDoS) attack against the imageboard site 8chan.<br>
|
|
<b>Reference:</b> <a href="http://arstechnica.com/security/2015/01/8chan-related-sites-go-down-in-lizard-squad-powered-ddos/" target="_blank">http://arstechnica.com/security/2015/01/8chan-related-sites-go-down-in-lizard-squad-powered-ddos/</a>
|
|
</div></td></tr> <tr><td><div class="googft-card-view" style="font-family:sans-serif;width:450px;padding:4px;border:1px solid #ccc;overflow:hidden">
|
|
<b>Entry Title:</b> WHID 2015-022: U. of Hawaii and Cornell University hacked<br>
|
|
<b>WHID ID:</b> 2015-022<br>
|
|
<b>Date Occurred:</b> 1/7/2015<br>
|
|
<b>Attack Method:</b> SQL Injection<br>
|
|
<b>Application Weakness:</b> Improper Input Handling<br>
|
|
<b>Outcome:</b> Leakage of Information<br>
|
|
<b>Attacked Entity Field:</b> Education<br>
|
|
<b>Attacked Entity Geography:</b> <br>
|
|
<b>Incident Description:</b> The U. of Hawaii data dump, which DataBreaches.net is not linking to, does not contain student or employee personal information, but in addition to acquiring the root username/password, ?Attorney? also got the mac addresses, service tags, usernames and more of each and every computer/smart board in their University. The dump only contained approximately 2,000 of the 65,000 lines of data he acquired, he tells this site<br>
|
|
<b>Reference:</b> <a href="http://www.databreaches.net/u-of-hawaii-and-cornell-university-hacked-by-marxistattorney/" target="_blank">http://www.databreaches.net/u-of-hawaii-and-cornell-university-hacked-by-marxistattorney/</a>
|
|
</div></td> <td><div class="googft-card-view" style="font-family:sans-serif;width:450px;padding:4px;border:1px solid #ccc;overflow:hidden">
|
|
<b>Entry Title:</b> WHID 2015-021: CyberBerkut committed DDoS attack on the parliament website<br>
|
|
<b>WHID ID:</b> 2015-021<br>
|
|
<b>Date Occurred:</b> 1/7/2015<br>
|
|
<b>Attack Method:</b> Denial of Service<br>
|
|
<b>Application Weakness:</b> Insufficient Anti-Automation<br>
|
|
<b>Outcome:</b> Downtime<br>
|
|
<b>Attacked Entity Field:</b> Government<br>
|
|
<b>Attacked Entity Geography:</b> <br>
|
|
<b>Incident Description:</b> The Internet pages of German Chancellor Angela Merkel and the German Bundestag are obviously crippled by an attack from the Internet.<br>
|
|
<b>Reference:</b> <a href="http://www.zeit.de/digital/internet/2015-01/bundestag-bundeskanzlerin-cyberberkut-angriff-webseiten" target="_blank">http://www.zeit.de/digital/internet/2015-01/bundestag-bundeskanzlerin-cyberberkut-angriff-webseiten</a>
|
|
</div></td></tr> <tr><td><div class="googft-card-view" style="font-family:sans-serif;width:450px;padding:4px;border:1px solid #ccc;overflow:hidden">
|
|
<b>Entry Title:</b> WHID 2015-020: Banque Cantonale de Geneve (BCGE) hacked by Rex Mundi<br>
|
|
<b>WHID ID:</b> 2015-020<br>
|
|
<b>Date Occurred:</b> 1/9/2015<br>
|
|
<b>Attack Method:</b> SQL Injection<br>
|
|
<b>Application Weakness:</b> Improper Input Handling<br>
|
|
<b>Outcome:</b> Leakage of Information<br>
|
|
<b>Attacked Entity Field:</b> Finance<br>
|
|
<b>Attacked Entity Geography:</b> <br>
|
|
<b>Incident Description:</b> Hackers operating under the handle of Rex Mundi have claimed that they hacked into the systems of Banque Cantonale de Geneve (BCGE) and stolen the banks customer information including private emails. Now the hackers are demanding ?10,000 for not making the data public.<br>
|
|
<b>Reference:</b> <a href="http://www.techworm.net/2015/01/banque-cantonale-de-geneve-bcge-hacked-rex-mundi-demand-ransom.html" target="_blank">http://www.techworm.net/2015/01/banque-cantonale-de-geneve-bcge-hacked-rex-mundi-demand-ransom.html</a>
|
|
</div></td> <td><div class="googft-card-view" style="font-family:sans-serif;width:450px;padding:4px;border:1px solid #ccc;overflow:hidden">
|
|
<b>Entry Title:</b> WHID 2015-019: Islamic extremists hack websites of primary school and church in Yorkshire<br>
|
|
<b>WHID ID:</b> 2015-019<br>
|
|
<b>Date Occurred:</b> 1/6/2015<br>
|
|
<b>Attack Method:</b> Unknown<br>
|
|
<b>Application Weakness:</b> Unknown<br>
|
|
<b>Outcome:</b> Defacement<br>
|
|
<b>Attacked Entity Field:</b> Education<br>
|
|
<b>Attacked Entity Geography:</b> <br>
|
|
<b>Incident Description:</b> Islamic extremists have hacked the websites of a primary school and a church and replaced their homepages with a hate message against the US and Israel.<br>
|
|
<b>Reference:</b> <a href="http://www.dailymail.co.uk/news/article-2898635/Islamic-extremists-hack-websites-primary-school-church-Yorkshire-replace-homepages-hate-message-against-U-S-Israel.html" target="_blank">http://www.dailymail.co.uk/news/article-2898635/Islamic-extremists-hack-websites-primary-school-church-Yorkshire-replace-homepages-hate-message-against-U-S-Israel.html</a>
|
|
</div></td></tr> <tr><td><div class="googft-card-view" style="font-family:sans-serif;width:450px;padding:4px;border:1px solid #ccc;overflow:hidden">
|
|
<b>Entry Title:</b> WHID 2015-018: More EC-Council Sub-Domains Defaced<br>
|
|
<b>WHID ID:</b> 2015-018<br>
|
|
<b>Date Occurred:</b> 1/6/2015<br>
|
|
<b>Attack Method:</b> Unknown<br>
|
|
<b>Application Weakness:</b> Unknown<br>
|
|
<b>Outcome:</b> Defacement<br>
|
|
<b>Attacked Entity Field:</b> Government<br>
|
|
<b>Attacked Entity Geography:</b> <br>
|
|
<b>Incident Description:</b> Two more EC-Council sub-domains have been defaced by the hacking group known as Indonesian Gantengers Crew.<br>
|
|
<b>Reference:</b> <a href="http://www.batblue.com/more-ec-council-sub-domains-defaced/" target="_blank">http://www.batblue.com/more-ec-council-sub-domains-defaced/</a>
|
|
</div></td> <td><div class="googft-card-view" style="font-family:sans-serif;width:450px;padding:4px;border:1px solid #ccc;overflow:hidden">
|
|
<b>Entry Title:</b> WHID 2015-017: News websites, Twitter feeds hacked with pro-ISIS message<br>
|
|
<b>WHID ID:</b> 2015-017<br>
|
|
<b>Date Occurred:</b> 1/6/2015<br>
|
|
<b>Attack Method:</b> Brute Force<br>
|
|
<b>Application Weakness:</b> Insufficient Anti-Automation<br>
|
|
<b>Outcome:</b> Account Takeover<br>
|
|
<b>Attacked Entity Field:</b> Social<br>
|
|
<b>Attacked Entity Geography:</b> <br>
|
|
<b>Incident Description:</b> A group calling itself the "CyberCaliphate" took over the Twitter feeds of two American news outlets Tuesday, in addition to the website of a Maryland-based TV news station.<br>
|
|
<b>Reference:</b> <a href="http://www.cbsnews.com/news/albuquerque-journal-wboc-websites-twitter-feeds-hacked-with-pro-isis-message/" target="_blank">http://www.cbsnews.com/news/albuquerque-journal-wboc-websites-twitter-feeds-hacked-with-pro-isis-message/</a>
|
|
</div></td></tr> <tr><td><div class="googft-card-view" style="font-family:sans-serif;width:450px;padding:4px;border:1px solid #ccc;overflow:hidden">
|
|
<b>Entry Title:</b> WHID: 2015-016: 10 million customer data stolen from Orange Spain<br>
|
|
<b>WHID ID:</b> 2015-016<br>
|
|
<b>Date Occurred:</b> 1/5/2015<br>
|
|
<b>Attack Method:</b> SQL Injection<br>
|
|
<b>Application Weakness:</b> Improper Input Handling<br>
|
|
<b>Outcome:</b> Leakage of Information<br>
|
|
<b>Attacked Entity Field:</b> Retail<br>
|
|
<b>Attacked Entity Geography:</b> <br>
|
|
<b>Incident Description:</b> To achieve this flight, hackers exploited a flaw, a SQL injection via two different reticular fallible addresses [ as in the case of TF1 / Viapresse, NDR ]. Remember, OWASP , an independent organization dedicated to IT security, classified in its top 10 SQL injections as the first plague web applications.<br>
|
|
<b>Reference:</b> <a href="http://www.zataz.com/10-millions-de-donnees-volees-a-orange-espagne/#axzz3Nr3klnlH" target="_blank">http://www.zataz.com/10-millions-de-donnees-volees-a-orange-espagne/#axzz3Nr3klnlH</a>
|
|
</div></td> <td><div class="googft-card-view" style="font-family:sans-serif;width:450px;padding:4px;border:1px solid #ccc;overflow:hidden">
|
|
<b>Entry Title:</b> WHID 2015-015: Universities hacked, data dumped<br>
|
|
<b>WHID ID:</b> 2015-015<br>
|
|
<b>Date Occurred:</b> 1/4/2015<br>
|
|
<b>Attack Method:</b> SQL Injection<br>
|
|
<b>Application Weakness:</b> Improper Input Handling<br>
|
|
<b>Outcome:</b> Leakage of Information<br>
|
|
<b>Attacked Entity Field:</b> Education<br>
|
|
<b>Attacked Entity Geography:</b> <br>
|
|
<b>Incident Description:</b> In a post on Pastebin yesterday, @MarxistAttorney (web site) claimed a number of hacks, including California State University, University of Kentucky, University of Connecticut, University of Maryland, Coastal Carolina University, and Abertay University.<br>
|
|
<b>Reference:</b> <a href="http://www.databreaches.net/universities-hacked-data-dumped-by-marxistattorney/" target="_blank">http://www.databreaches.net/universities-hacked-data-dumped-by-marxistattorney/</a>
|
|
</div></td></tr> <tr><td><div class="googft-card-view" style="font-family:sans-serif;width:450px;padding:4px;border:1px solid #ccc;overflow:hidden">
|
|
<b>Entry Title:</b> WHID 2015-014: TAN TOCK SENG: EDZ ELLO?S FACEBOOK ACCOUNT WAS HACKED WHEN HE MADE INSULTING COMMENTS<br>
|
|
<b>WHID ID:</b> 2015-014<br>
|
|
<b>Date Occurred:</b> 1/4/2015<br>
|
|
<b>Attack Method:</b> Brute Force<br>
|
|
<b>Application Weakness:</b> Insufficient Anti-Automation<br>
|
|
<b>Outcome:</b> Account Takeover<br>
|
|
<b>Attacked Entity Field:</b> Social<br>
|
|
<b>Attacked Entity Geography:</b> <br>
|
|
<b>Incident Description:</b> Tan Tock Seng Hospital has explained that the insulting, anti-Singaporean comments made by one of their staff, Edz Ello, were posted while his facebook account was hacked.<br>
|
|
<b>Reference:</b> <a href="http://therealsingapore.com/content/tan-tock-seng-edz-ello%E2%80%99s-facebook-account-was-hacked-when-he-made-insulting-comments" target="_blank">http://therealsingapore.com/content/tan-tock-seng-edz-ello%E2%80%99s-facebook-account-was-hacked-when-he-made-insulting-comments</a>
|
|
</div></td> <td><div class="googft-card-view" style="font-family:sans-serif;width:450px;padding:4px;border:1px solid #ccc;overflow:hidden">
|
|
<b>Entry Title:</b> WHID 2015-013: United Nation Pakistan Website Hacked By Free Syrian Hacker<br>
|
|
<b>WHID ID:</b> 2015-013<br>
|
|
<b>Date Occurred:</b> 1/6/2015<br>
|
|
<b>Attack Method:</b> Unknown<br>
|
|
<b>Application Weakness:</b> Unknown<br>
|
|
<b>Outcome:</b> Defacement<br>
|
|
<b>Attacked Entity Field:</b> Government<br>
|
|
<b>Attacked Entity Geography:</b> <br>
|
|
<b>Incident Description:</b> The famous anti-Bashar Al Assad hacker Dr.SHA6H from Free Syrian Hacker group has hacked and defaced the official website of UNDP ? United Nations Development Programme, Pakistan against the ongoing Syrian conflict.<br>
|
|
<b>Reference:</b> <a href="https://www.facebook.com/hackrons/posts/1023633604318713" target="_blank">https://www.facebook.com/hackrons/posts/1023633604318713</a>
|
|
</div></td></tr> <tr><td><div class="googft-card-view" style="font-family:sans-serif;width:450px;padding:4px;border:1px solid #ccc;overflow:hidden">
|
|
<b>Entry Title:</b> WHID 2015-012: United Nations Hacked by ulzr1z #REPOST<br>
|
|
<b>WHID ID:</b> 2015-012<br>
|
|
<b>Date Occurred:</b> 1/11/2015<br>
|
|
<b>Attack Method:</b> SQL Injection<br>
|
|
<b>Application Weakness:</b> Improper Input Handling<br>
|
|
<b>Outcome:</b> Leakage of Information<br>
|
|
<b>Attacked Entity Field:</b> Government<br>
|
|
<b>Attacked Entity Geography:</b> <br>
|
|
<b>Incident Description:</b> United Nations Sub-domain Hacked by UlzR1z<br>
|
|
<b>Reference:</b> <a href="http://pastebin.com/GTmHYUyY" target="_blank">http://pastebin.com/GTmHYUyY</a>
|
|
</div></td> <td><div class="googft-card-view" style="font-family:sans-serif;width:450px;padding:4px;border:1px solid #ccc;overflow:hidden">
|
|
<b>Entry Title:</b> WHID 2015-011: MIT sites defaced in lead-up to anniversary of Aaron Swartz's death<br>
|
|
<b>WHID ID:</b> 2015-011<br>
|
|
<b>Date Occurred:</b> 1/6/2015<br>
|
|
<b>Attack Method:</b> Unknown<br>
|
|
<b>Application Weakness:</b> Unknown<br>
|
|
<b>Outcome:</b> Defacement<br>
|
|
<b>Attacked Entity Field:</b> Education<br>
|
|
<b>Attacked Entity Geography:</b> <br>
|
|
<b>Incident Description:</b> Attackers going under the name of "Ulzr1z" defaced websites for courses at the Massachusetts Institute of Technology (MIT).<br>
|
|
<b>Reference:</b> <a href="https://nakedsecurity.sophos.com/2015/01/06/mit-sites-defaced-in-lead-up-to-anniversary-of-aaron-swartzs-death/" target="_blank">https://nakedsecurity.sophos.com/2015/01/06/mit-sites-defaced-in-lead-up-to-anniversary-of-aaron-swartzs-death/</a>
|
|
</div></td></tr> <tr><td><div class="googft-card-view" style="font-family:sans-serif;width:450px;padding:4px;border:1px solid #ccc;overflow:hidden">
|
|
<b>Entry Title:</b> WHID 2015-010: 1.9m shoppers' data is hacked<br>
|
|
<b>WHID ID:</b> 2015-010<br>
|
|
<b>Date Occurred:</b> 1/4/2015<br>
|
|
<b>Attack Method:</b> SQL Injection<br>
|
|
<b>Application Weakness:</b> Improper Input Handling<br>
|
|
<b>Outcome:</b> Leakage of Information<br>
|
|
<b>Attacked Entity Field:</b> Retail<br>
|
|
<b>Attacked Entity Geography:</b> <br>
|
|
<b>Incident Description:</b> HACKERS have stolen confidential data relating to almost two million online shoppers in France who made purchases via the French TV station website TF1.fr - See more at: http://www.connexionfrance.com/shoppers-data-hacked-tf1-magazine-subscription-website-16506-view-article.html#sthash.7vOravLn.dpuf<br>
|
|
<b>Reference:</b> <a href="http://www.connexionfrance.com/shoppers-data-hacked-tf1-magazine-subscription-website-16506-view-article.html" target="_blank">http://www.connexionfrance.com/shoppers-data-hacked-tf1-magazine-subscription-website-16506-view-article.html</a>
|
|
</div></td> <td><div class="googft-card-view" style="font-family:sans-serif;width:450px;padding:4px;border:1px solid #ccc;overflow:hidden">
|
|
<b>Entry Title:</b> WHID 2015-009: ?Snooki?s? Instagram Account hacked by Arabic Speaking Hackers<br>
|
|
<b>WHID ID:</b> 2015-009<br>
|
|
<b>Date Occurred:</b> 1/1/2015<br>
|
|
<b>Attack Method:</b> Brute Force<br>
|
|
<b>Application Weakness:</b> Insufficient Anti-Automation<br>
|
|
<b>Outcome:</b> Account Takeover<br>
|
|
<b>Attacked Entity Field:</b> Social<br>
|
|
<b>Attacked Entity Geography:</b> <br>
|
|
<b>Incident Description:</b> Nicole ?Snooki? Polizzi got a shock on the New Year eve, when she found out that her Instagram account had been taken over by unknown Arabic speaking hackers on Tuesday.<br>
|
|
<b>Reference:</b> <a href="http://www.techworm.net/2015/01/snookis-instagram-account-hacked-by-arabic-speaking-hackers.html" target="_blank">http://www.techworm.net/2015/01/snookis-instagram-account-hacked-by-arabic-speaking-hackers.html</a>
|
|
</div></td></tr> <tr><td><div class="googft-card-view" style="font-family:sans-serif;width:450px;padding:4px;border:1px solid #ccc;overflow:hidden">
|
|
<b>Entry Title:</b> WHID 2015-008: differencegames.com Database Dump<br>
|
|
<b>WHID ID:</b> 2015-008<br>
|
|
<b>Date Occurred:</b> 1/1/2015<br>
|
|
<b>Attack Method:</b> SQL Injection<br>
|
|
<b>Application Weakness:</b> Improper Input Handling<br>
|
|
<b>Outcome:</b> Leakage of Information<br>
|
|
<b>Attacked Entity Field:</b> Retail<br>
|
|
<b>Attacked Entity Geography:</b> <br>
|
|
<b>Incident Description:</b> PasteBin DB Dump of data from differencegames.com<br>
|
|
<b>Reference:</b> <a href="http://pastebin.com/SJc2xDr8" target="_blank">http://pastebin.com/SJc2xDr8</a>
|
|
</div></td> <td><div class="googft-card-view" style="font-family:sans-serif;width:450px;padding:4px;border:1px solid #ccc;overflow:hidden">
|
|
<b>Entry Title:</b> WHID 2015-007: en.asiadcp.com Buyer Info Dump<br>
|
|
<b>WHID ID:</b> 2015-007<br>
|
|
<b>Date Occurred:</b> 1/1/2015<br>
|
|
<b>Attack Method:</b> SQL Injection<br>
|
|
<b>Application Weakness:</b> Improper Input Handling<br>
|
|
<b>Outcome:</b> Leakage of Information<br>
|
|
<b>Attacked Entity Field:</b> Retail<br>
|
|
<b>Attacked Entity Geography:</b> <br>
|
|
<b>Incident Description:</b> PasteBin DB Dump of data from http://en.asiadcp.com<br>
|
|
<b>Reference:</b> <a href="http://pastebin.com/Wp8xCir3" target="_blank">http://pastebin.com/Wp8xCir3</a>
|
|
</div></td></tr> <tr><td><div class="googft-card-view" style="font-family:sans-serif;width:450px;padding:4px;border:1px solid #ccc;overflow:hidden">
|
|
<b>Entry Title:</b> WHID 2015-006: Saudi Arabia hires 'ethical hackers' to silence smut slingers<br>
|
|
<b>WHID ID:</b> 2015-006<br>
|
|
<b>Date Occurred:</b> 1/5/2015<br>
|
|
<b>Attack Method:</b> Unknown<br>
|
|
<b>Application Weakness:</b> Unknown<br>
|
|
<b>Outcome:</b> Account Takeover<br>
|
|
<b>Attacked Entity Field:</b> Social<br>
|
|
<b>Attacked Entity Geography:</b> <br>
|
|
<b>Incident Description:</b> "The Commission members have succeeded in hacking Twitter pornography accounts, shutting them and arresting some of their owners over the past period," an unnamed spokesman told the publication. The agency did not say how it compromised the users, either through the use of malware or by softer methods such as open source intelligence gathering.<br>
|
|
<b>Reference:</b> <a href="http://www.theregister.co.uk/2015/01/05/saudi_arabia_hires_ethical_hackers_to_silence_smut_slingers/" target="_blank">http://www.theregister.co.uk/2015/01/05/saudi_arabia_hires_ethical_hackers_to_silence_smut_slingers/</a>
|
|
</div></td> <td><div class="googft-card-view" style="font-family:sans-serif;width:450px;padding:4px;border:1px solid #ccc;overflow:hidden">
|
|
<b>Entry Title:</b> WHID 2015-005: Origin Accounts Hacked<br>
|
|
<b>WHID ID:</b> 2015-005<br>
|
|
<b>Date Occurred:</b> 1/3/2015<br>
|
|
<b>Attack Method:</b> Unknown<br>
|
|
<b>Application Weakness:</b> Unknown<br>
|
|
<b>Outcome:</b> Account Takeover<br>
|
|
<b>Attacked Entity Field:</b> Gaming<br>
|
|
<b>Attacked Entity Geography:</b> <br>
|
|
<b>Incident Description:</b> According to Reddit and EA forum postings Origin users are having their accounts hacked and fraudulent purchases are being made.<br>
|
|
<b>Reference:</b> <a href="http://www.hardcoregamer.com/2015/01/03/origin-accounts-hacked/127212/" target="_blank">http://www.hardcoregamer.com/2015/01/03/origin-accounts-hacked/127212/</a>
|
|
</div></td></tr> <tr><td><div class="googft-card-view" style="font-family:sans-serif;width:450px;padding:4px;border:1px solid #ccc;overflow:hidden">
|
|
<b>Entry Title:</b> WHID 2015-004: Battle.net Experiencing Unusual Major Disruptions, DDoS Speculated<br>
|
|
<b>WHID ID:</b> 2015-004<br>
|
|
<b>Date Occurred:</b> 1/2/2015<br>
|
|
<b>Attack Method:</b> Denial of Service<br>
|
|
<b>Application Weakness:</b> Insufficient Anti-Automation<br>
|
|
<b>Outcome:</b> Downtime<br>
|
|
<b>Attacked Entity Field:</b> Gaming<br>
|
|
<b>Attacked Entity Geography:</b> <br>
|
|
<b>Incident Description:</b> Blizzard?s Battle.net service is having authentication issues today as hundred of angry gamers are clambering over each other wondering what?s going on.<br>
|
|
<b>Reference:</b> <a href="http://www.gamerheadlines.com/2015/01/battle-net-experiencing-unusual-major-disruptions-ddos-speculated/" target="_blank">http://www.gamerheadlines.com/2015/01/battle-net-experiencing-unusual-major-disruptions-ddos-speculated/</a>
|
|
</div></td> <td><div class="googft-card-view" style="font-family:sans-serif;width:450px;padding:4px;border:1px solid #ccc;overflow:hidden">
|
|
<b>Entry Title:</b> WHID 2015-003: Nordea: Online banking hit by hackers<br>
|
|
<b>WHID ID:</b> 2015-003<br>
|
|
<b>Date Occurred:</b> 1/2/2015<br>
|
|
<b>Attack Method:</b> Denial of Service<br>
|
|
<b>Application Weakness:</b> Insufficient Anti-Automation<br>
|
|
<b>Outcome:</b> Downtime<br>
|
|
<b>Attacked Entity Field:</b> Finance<br>
|
|
<b>Attacked Entity Geography:</b> <br>
|
|
<b>Incident Description:</b> On the heels of Wednesday's attack on the OP-Pohjola Group's online banking services, Nordea announced on Friday afternoon that its online banking services had also been the target of a denial of services attack<br>
|
|
<b>Reference:</b> <a href="http://yle.fi/uutiset/nordea_online_banking_hit_by_hackers/7718241" target="_blank">http://yle.fi/uutiset/nordea_online_banking_hit_by_hackers/7718241</a>
|
|
</div></td></tr> <tr><td><div class="googft-card-view" style="font-family:sans-serif;width:450px;padding:4px;border:1px solid #ccc;overflow:hidden">
|
|
<b>Entry Title:</b> WHID 2015-002: Islamic script kiddies aim killer blow - at Bristol bus timetable website<br>
|
|
<b>WHID ID:</b> 2015-002<br>
|
|
<b>Date Occurred:</b> 1/2/2015<br>
|
|
<b>Attack Method:</b> Unknown<br>
|
|
<b>Application Weakness:</b> Unknown<br>
|
|
<b>Outcome:</b> Defacement<br>
|
|
<b>Attacked Entity Field:</b> Transportation<br>
|
|
<b>Attacked Entity Geography:</b> <br>
|
|
<b>Incident Description:</b> Bristol residents looking for bus and train timetables were confronted by a message from Islamic militants following a defacement of the TravelWest website.<br>
|
|
<b>Reference:</b> <a href="http://www.theregister.co.uk/2015/01/02/bristol_bus_timetable_website_defaced_militants/" target="_blank">http://www.theregister.co.uk/2015/01/02/bristol_bus_timetable_website_defaced_militants/</a>
|
|
</div></td> <td><div class="googft-card-view" style="font-family:sans-serif;width:450px;padding:4px;border:1px solid #ccc;overflow:hidden">
|
|
<b>Entry Title:</b> WHID 2015-001: iCloud accounts at risk of brute force attack as hacker exploits 'painfully obvious' password flaw<br>
|
|
<b>WHID ID:</b> 2015-001<br>
|
|
<b>Date Occurred:</b> 1/2/2015<br>
|
|
<b>Attack Method:</b> Brute Force<br>
|
|
<b>Application Weakness:</b> Insufficient Anti-Automation<br>
|
|
<b>Outcome:</b> Account Takeover<br>
|
|
<b>Attacked Entity Field:</b> Technology<br>
|
|
<b>Attacked Entity Geography:</b> <br>
|
|
<b>Incident Description:</b> A developer claims to have discovered a flaw in Apple's iCloud security where an automated piece of software can be used to repeatedly guess a target's password.<br>
|
|
<b>Reference:</b> <a href="http://www.ibtimes.co.uk/icloud-accounts-risk-brute-force-attack-hacker-exploits-painfully-obvious-password-flaw-1481623" target="_blank">http://www.ibtimes.co.uk/icloud-accounts-risk-brute-force-attack-hacker-exploits-painfully-obvious-password-flaw-1481623</a>
|
|
</div></td></tr> <tr><td><div class="googft-card-view" style="font-family:sans-serif;width:450px;padding:4px;border:1px solid #ccc;overflow:hidden">
|
|
<b>Entry Title:</b> WHID 2014-151: ctf365.com defaced and account information taken<br>
|
|
<b>WHID ID:</b> 2014-151<br>
|
|
<b>Date Occurred:</b> 11/24/2014<br>
|
|
<b>Attack Method:</b> Unknown<br>
|
|
<b>Application Weakness:</b> Unknown<br>
|
|
<b>Outcome:</b> Defacement<br>
|
|
<b>Attacked Entity Field:</b> Technology<br>
|
|
<b>Attacked Entity Geography:</b> <br>
|
|
<b>Incident Description:</b> Hacking group defaced ctf365.com and obtained the username and password list.<br>
|
|
<b>Reference:</b> <a href="http://www.reddit.com/r/hacking/comments/2nbsou/ctf365_hacked/" target="_blank">http://www.reddit.com/r/hacking/comments/2nbsou/ctf365_hacked/</a>
|
|
</div></td> <td><div class="googft-card-view" style="font-family:sans-serif;width:450px;padding:4px;border:1px solid #ccc;overflow:hidden">
|
|
<b>Entry Title:</b> WHID 2014-150: DerpTrolling leaks PSN, 2K, Windows Live customer logins<br>
|
|
<b>WHID ID:</b> 2014-150<br>
|
|
<b>Date Occurred:</b> 11/20/2014<br>
|
|
<b>Attack Method:</b> Unknown<br>
|
|
<b>Application Weakness:</b> Unknown<br>
|
|
<b>Outcome:</b> Leakage of Information<br>
|
|
<b>Attacked Entity Field:</b> Gaming<br>
|
|
<b>Attacked Entity Geography:</b> <br>
|
|
<b>Incident Description:</b> Hacker group DerpTrolling has released a "very small portion" of usernames and logins for three gaming networks in its possession as a "warning to companies".<br>
|
|
<b>Reference:</b> <a href="http://www.cnet.com/news/derptrolling-leaks-psn-2k-windows-live-customer-logins/" target="_blank">http://www.cnet.com/news/derptrolling-leaks-psn-2k-windows-live-customer-logins/</a>
|
|
</div></td></tr> <tr><td><div class="googft-card-view" style="font-family:sans-serif;width:450px;padding:4px;border:1px solid #ccc;overflow:hidden">
|
|
<b>Entry Title:</b> WHID 2014-149: The Largest Cyber Attack In History Has Been Hitting Hong Kong Sites<br>
|
|
<b>WHID ID:</b> 2014-149<br>
|
|
<b>Date Occurred:</b> 11/21/2014<br>
|
|
<b>Attack Method:</b> Denial of Service<br>
|
|
<b>Application Weakness:</b> Insufficient Anti-Automation<br>
|
|
<b>Outcome:</b> Downtime<br>
|
|
<b>Attacked Entity Field:</b> Politics<br>
|
|
<b>Attacked Entity Geography:</b> <br>
|
|
<b>Incident Description:</b> The distributed denial of service (DDoS) attacks have been carried out against independent news site Apple Daily and PopVote, which organised mock chief executive elections for Hong Kong.<br>
|
|
<b>Reference:</b> <a href="http://www.forbes.com/sites/parmyolson/2014/11/20/the-largest-cyber-attack-in-history-has-been-hitting-hong-kong-sites/?ss=cio-network/" target="_blank">http://www.forbes.com/sites/parmyolson/2014/11/20/the-largest-cyber-attack-in-history-has-been-hitting-hong-kong-sites/?ss=cio-network/</a>
|
|
</div></td> <td><div class="googft-card-view" style="font-family:sans-serif;width:450px;padding:4px;border:1px solid #ccc;overflow:hidden">
|
|
<b>Entry Title:</b> WHID 2014-148: Chinese hackers breach U.S. federal weather network, may have accessed classified data<br>
|
|
<b>WHID ID:</b> 2014-148<br>
|
|
<b>Date Occurred:</b> 11/12/2014<br>
|
|
<b>Attack Method:</b> Unknown<br>
|
|
<b>Application Weakness:</b> Unknown<br>
|
|
<b>Outcome:</b> Downtime<br>
|
|
<b>Attacked Entity Field:</b> Government<br>
|
|
<b>Attacked Entity Geography:</b> <br>
|
|
<b>Incident Description:</b> Hackers from China breached the federal weather network recently, forcing cybersecurity teams to seal off data vital to disaster planning, aviation, shipping and scores of other crucial uses, officials said.<br>
|
|
<b>Reference:</b> <a href="http://news.nationalpost.com/2014/11/12/chinese-hackers-breach-u-s-federal-weather-network-may-have-accessed-classified-data/" target="_blank">http://news.nationalpost.com/2014/11/12/chinese-hackers-breach-u-s-federal-weather-network-may-have-accessed-classified-data/</a>
|
|
</div></td></tr> <tr><td><div class="googft-card-view" style="font-family:sans-serif;width:450px;padding:4px;border:1px solid #ccc;overflow:hidden">
|
|
<b>Entry Title:</b> WHID 2014-147: BrowserStack Hacked via Shellshock<br>
|
|
<b>WHID ID:</b> 2014-147<br>
|
|
<b>Date Occurred:</b> 11/9/2014<br>
|
|
<b>Attack Method:</b> OS Commanding<br>
|
|
<b>Application Weakness:</b> Improper Input Handling<br>
|
|
<b>Outcome:</b> Leakage of Information<br>
|
|
<b>Attacked Entity Field:</b> Technology<br>
|
|
<b>Attacked Entity Geography:</b> <br>
|
|
<b>Incident Description:</b> The cross-browser testing service BrowserStack was recently breached by an attacker who leveraged his access to send an email to users claiming that the service was shutting down.<br>
|
|
<b>Reference:</b> <a href="http://www.esecurityplanet.com/network-security/browserstack-hacked-via-shellshock.html" target="_blank">http://www.esecurityplanet.com/network-security/browserstack-hacked-via-shellshock.html</a>
|
|
</div></td> <td><div class="googft-card-view" style="font-family:sans-serif;width:450px;padding:4px;border:1px solid #ccc;overflow:hidden">
|
|
<b>Entry Title:</b> WHID 2014-146: Blizzard confirms World of Warcraft target of DDoS attack<br>
|
|
<b>WHID ID:</b> 2014-146<br>
|
|
<b>Date Occurred:</b> 11/13/2014<br>
|
|
<b>Attack Method:</b> Denial of Service<br>
|
|
<b>Application Weakness:</b> Insufficient Anti-Automation<br>
|
|
<b>Outcome:</b> Downtime<br>
|
|
<b>Attacked Entity Field:</b> Gaming<br>
|
|
<b>Attacked Entity Geography:</b> <br>
|
|
<b>Incident Description:</b> WoW Insider received reports earlier today that Blizzard may be the target of a significant DDoS effort -- and community manager Bashiok has confirmed it on the World of Warcraft forums.<br>
|
|
<b>Reference:</b> <a href="http://wow.joystiq.com/2014/11/13/blizzard-confirms-world-of-warcraft-target-of-ddos-attack/" target="_blank">http://wow.joystiq.com/2014/11/13/blizzard-confirms-world-of-warcraft-target-of-ddos-attack/</a>
|
|
</div></td></tr> <tr><td><div class="googft-card-view" style="font-family:sans-serif;width:450px;padding:4px;border:1px solid #ccc;overflow:hidden">
|
|
<b>Entry Title:</b> WHID 2014-145: Hackers bypass online security at 34 banks<br>
|
|
<b>WHID ID:</b> 2014-145<br>
|
|
<b>Date Occurred:</b> 7/24/2014<br>
|
|
<b>Attack Method:</b> Banking Trojan<br>
|
|
<b>Application Weakness:</b> Insufficient Process Validation<br>
|
|
<b>Outcome:</b> Monetary Loss<br>
|
|
<b>Attacked Entity Field:</b> Finance<br>
|
|
<b>Attacked Entity Geography:</b> <br>
|
|
<b>Incident Description:</b> Cybercriminals are sneaking past security protections to access online accounts across 34 banks in Switzerland, Sweden, Austria and Japan. And in doing so, experts say, the hackers are defeating what?s often touted as one of the more effective online security protocols.<br>
|
|
<b>Reference:</b> <a href="http://www.marketwatch.com/story/hackers-bypass-online-security-at-34-banks-2014-07-22?siteid=bigcharts&dist=bigcharts" target="_blank">http://www.marketwatch.com/story/hackers-bypass-online-security-at-34-banks-2014-07-22?siteid=bigcharts&dist=bigcharts</a>
|
|
</div></td> <td><div class="googft-card-view" style="font-family:sans-serif;width:450px;padding:4px;border:1px solid #ccc;overflow:hidden">
|
|
<b>Entry Title:</b> WHID 2014-144: AskMen website hacked twice in the past month, sending malicious code<br>
|
|
<b>WHID ID:</b> 2014-144<br>
|
|
<b>Date Occurred:</b> 7/22/2014<br>
|
|
<b>Attack Method:</b> Unknown<br>
|
|
<b>Application Weakness:</b> Unknown<br>
|
|
<b>Outcome:</b> Planting of Malware<br>
|
|
<b>Attacked Entity Field:</b> Media<br>
|
|
<b>Attacked Entity Geography:</b> <br>
|
|
<b>Incident Description:</b> For the second time in the past month, AskMen.com was compromised, with malicious code injected on the company's server sending out attacks. AskMen is reportedly looking into the security issue after being contacted by security software company Malwarebytes.<br>
|
|
<b>Reference:</b> <a href="http://www.tweaktown.com/news/39211/askmen-website-hacked-twice-in-the-past-month-sending-malicious-code/index.html" target="_blank">http://www.tweaktown.com/news/39211/askmen-website-hacked-twice-in-the-past-month-sending-malicious-code/index.html</a>
|
|
</div></td></tr> <tr><td><div class="googft-card-view" style="font-family:sans-serif;width:450px;padding:4px;border:1px solid #ccc;overflow:hidden">
|
|
<b>Entry Title:</b> WHID 2014-143: WSJ website hacked, data offered for sale for 1 bitcoin<br>
|
|
<b>WHID ID:</b> 2014-143<br>
|
|
<b>Date Occurred:</b> 7/23/2014<br>
|
|
<b>Attack Method:</b> SQL Injection<br>
|
|
<b>Application Weakness:</b> Improper Input Handling<br>
|
|
<b>Outcome:</b> Leakage of Information<br>
|
|
<b>Attacked Entity Field:</b> Media<br>
|
|
<b>Attacked Entity Geography:</b> <br>
|
|
<b>Incident Description:</b> However, Komarov, whose firm discovered the posting offering the vulnerabilities, said that IntelCrawl had confirmed that a SQL injection vulnerability in the wsj.com site made it possible ?to get access to any database on the wsj.com server.?<br>
|
|
<b>Reference:</b> <a href="http://arstechnica.com/security/2014/07/wsj-website-hacked-data-offered-for-sale-for-1-bitcoin/?utm_source=feedburner&utm_medium=feed&utm_campaign=Feed%3A+arstechnica%2Findex+(Ars+Technica+-+All+content)" target="_blank">http://arstechnica.com/security/2014/07/wsj-website-hacked-data-offered-for-sale-for-1-bitcoin/?utm_source=feedburner&utm_medium=feed&utm_campaign=Feed%3A+arstechnica%2Findex+(Ars+Technica+-+All+content)</a>
|
|
</div></td> <td><div class="googft-card-view" style="font-family:sans-serif;width:450px;padding:4px;border:1px solid #ccc;overflow:hidden">
|
|
<b>Entry Title:</b> WHID 2014-142: WORDPRESS SITES SEEING INCREASED MALWARE, BRUTE FORCE ATTACKS THIS WEEK<br>
|
|
<b>WHID ID:</b> 2014-142<br>
|
|
<b>Date Occurred:</b> 7/23/2014<br>
|
|
<b>Attack Method:</b> Brute Force<br>
|
|
<b>Application Weakness:</b> Insufficient Anti-Automation<br>
|
|
<b>Outcome:</b> Account Takeover<br>
|
|
<b>Attacked Entity Field:</b> Blogs<br>
|
|
<b>Attacked Entity Geography:</b> <br>
|
|
<b>Incident Description:</b> A glut of WordPress sites have fallen victim to both malware infections and a series of brute force attacks that have been making the rounds over the past several days, researchers claim.<br>
|
|
<b>Reference:</b> <a href="http://threatpost.com/wordpress-sites-seeing-increased-malware-brute-force-attacks-this-week" target="_blank">http://threatpost.com/wordpress-sites-seeing-increased-malware-brute-force-attacks-this-week</a>
|
|
</div></td></tr> <tr><td><div class="googft-card-view" style="font-family:sans-serif;width:450px;padding:4px;border:1px solid #ccc;overflow:hidden">
|
|
<b>Entry Title:</b> WHID 2014-141: Hackers steal user data from the European Central Bank website, ask for money<br>
|
|
<b>WHID ID:</b> 2014-141<br>
|
|
<b>Date Occurred:</b> 7/24/2014<br>
|
|
<b>Attack Method:</b> SQL Injection<br>
|
|
<b>Application Weakness:</b> Improper Input Handling<br>
|
|
<b>Outcome:</b> Leakage of Information<br>
|
|
<b>Attacked Entity Field:</b> Finance<br>
|
|
<b>Attacked Entity Geography:</b> <br>
|
|
<b>Incident Description:</b> The attackers exploited a vulnerability to access a database serving the ECB?s public website, the institution announced Thursday on its website. No internal systems or market sensitive data were affected, the ECB said.<br>
|
|
<b>Reference:</b> <a href="http://www.pcworld.com/article/2457960/hackers-steal-user-data-from-the-european-central-bank-website-ask-for-money.html" target="_blank">http://www.pcworld.com/article/2457960/hackers-steal-user-data-from-the-european-central-bank-website-ask-for-money.html</a>
|
|
</div></td> <td><div class="googft-card-view" style="font-family:sans-serif;width:450px;padding:4px;border:1px solid #ccc;overflow:hidden">
|
|
<b>Entry Title:</b> WHID 2014-140: Shelby County Schools' direct deposit data hacked<br>
|
|
<b>WHID ID:</b> 2014-140<br>
|
|
<b>Date Occurred:</b> 7/18/2014<br>
|
|
<b>Attack Method:</b> Unknown<br>
|
|
<b>Application Weakness:</b> Unknown<br>
|
|
<b>Outcome:</b> Monetary Loss<br>
|
|
<b>Attacked Entity Field:</b> Education<br>
|
|
<b>Attacked Entity Geography:</b> <br>
|
|
<b>Incident Description:</b> Shelby County Schools is limiting access to the direct deposit portion of its employee portal after bank routing and account numbers for at least 10 employees were changed and routed instead to prepaid cards.<br>
|
|
<b>Reference:</b> <a href="http://www.commercialappeal.com/news/local-news/schools/shelby-county-schools-direct-deposit-data-hacked_31644341" target="_blank">http://www.commercialappeal.com/news/local-news/schools/shelby-county-schools-direct-deposit-data-hacked_31644341</a>
|
|
</div></td></tr> <tr><td><div class="googft-card-view" style="font-family:sans-serif;width:450px;padding:4px;border:1px solid #ccc;overflow:hidden">
|
|
<b>Entry Title:</b> WHID 2014-139: Hacker Goes On Spree Against Musicians' Websites<br>
|
|
<b>WHID ID:</b> 2014-139<br>
|
|
<b>Date Occurred:</b> 7/18/2014<br>
|
|
<b>Attack Method:</b> Unknown<br>
|
|
<b>Application Weakness:</b> Unknown<br>
|
|
<b>Outcome:</b> Defacement<br>
|
|
<b>Attacked Entity Field:</b> Entertainment<br>
|
|
<b>Attacked Entity Geography:</b> <br>
|
|
<b>Incident Description:</b> An online activist known only as Ethical Dragon has been reportedly hacking the websites of musicians and celebrities he feels have been ignoring his efforts to communicate with him (or her).<br>
|
|
<b>Reference:</b> <a href="http://themusic.com.au/news/all/2014/07/19/hacker-goes-on-spree-against-musicians-websites/" target="_blank">http://themusic.com.au/news/all/2014/07/19/hacker-goes-on-spree-against-musicians-websites/</a>
|
|
</div></td> <td><div class="googft-card-view" style="font-family:sans-serif;width:450px;padding:4px;border:1px solid #ccc;overflow:hidden">
|
|
<b>Entry Title:</b> WHID 2014-138: #OpSaveGaza: Anonymous Takes Down 1,000 Israeli Government and Business Websites<br>
|
|
<b>WHID ID:</b> 2014-138<br>
|
|
<b>Date Occurred:</b> 7/19/2014<br>
|
|
<b>Attack Method:</b> Denial of Service<br>
|
|
<b>Application Weakness:</b> Insufficient Anti-Automation<br>
|
|
<b>Outcome:</b> Downtiime<br>
|
|
<b>Attacked Entity Field:</b> Government<br>
|
|
<b>Attacked Entity Geography:</b> <br>
|
|
<b>Incident Description:</b> Hacker collective Anonymous has announced that it has taken down over a thousand of crucial Israeli websites in a huge new coordinated cyber-attack called #OpSaveGaza on 11 July and 17 July, in support of the people of Palestine.<br>
|
|
<b>Reference:</b> <a href="http://www.ibtimes.co.uk/opsavegaza-anonymous-takes-down-1000-israeli-government-business-websites-1457269" target="_blank">http://www.ibtimes.co.uk/opsavegaza-anonymous-takes-down-1000-israeli-government-business-websites-1457269</a>
|
|
</div></td></tr> <tr><td><div class="googft-card-view" style="font-family:sans-serif;width:450px;padding:4px;border:1px solid #ccc;overflow:hidden">
|
|
<b>Entry Title:</b> WHID 2014-137: Anonymous hacks Israeli websites in new pro-Palestine campaign<br>
|
|
<b>WHID ID:</b> 2014-137<br>
|
|
<b>Date Occurred:</b> 4/7/2014<br>
|
|
<b>Attack Method:</b> Denial of Service<br>
|
|
<b>Application Weakness:</b> Insufficient Anti-Automation<br>
|
|
<b>Outcome:</b> Downtime<br>
|
|
<b>Attacked Entity Field:</b> Government<br>
|
|
<b>Attacked Entity Geography:</b> <br>
|
|
<b>Incident Description:</b> Anonymous has laid claim to the downing of 500 Israeli web pages as part of a cyber attack by the group in support of the people of Palestine.<br>
|
|
<b>Reference:</b> <a href="http://www.itproportal.com/2014/04/07/anonymous-hacks-israeli-websites-in-new-pro-palestine-campaign/" target="_blank">http://www.itproportal.com/2014/04/07/anonymous-hacks-israeli-websites-in-new-pro-palestine-campaign/</a>
|
|
</div></td> <td><div class="googft-card-view" style="font-family:sans-serif;width:450px;padding:4px;border:1px solid #ccc;overflow:hidden">
|
|
<b>Entry Title:</b> WHID 2014-136: Bank account of Saudi hacked<br>
|
|
<b>WHID ID:</b> 2014-136<br>
|
|
<b>Date Occurred:</b> 7/18/2014<br>
|
|
<b>Attack Method:</b> Unknown<br>
|
|
<b>Application Weakness:</b> Unknown<br>
|
|
<b>Outcome:</b> Monetary Loss<br>
|
|
<b>Attacked Entity Field:</b> Finance<br>
|
|
<b>Attacked Entity Geography:</b> <br>
|
|
<b>Incident Description:</b> A Saudi man in Bashair has filed a complaint saying that an anonymous individual had hacked into his bank account and transferred SR18,430 to another account through local transfer, adding that he is worried that the money would land in the wrong hands.<br>
|
|
<b>Reference:</b> <a href="http://www.arabnews.com/news/603681" target="_blank">http://www.arabnews.com/news/603681</a>
|
|
</div></td></tr> <tr><td><div class="googft-card-view" style="font-family:sans-serif;width:450px;padding:4px;border:1px solid #ccc;overflow:hidden">
|
|
<b>Entry Title:</b> WHID 2014-135: B.C. PharmaNet hit by hacker, 1,600 accounts breached<br>
|
|
<b>WHID ID:</b> 2014-135<br>
|
|
<b>Date Occurred:</b> 7/11/2014<br>
|
|
<b>Attack Method:</b> Stolen Credentials<br>
|
|
<b>Application Weakness:</b> Insufficient Authentication<br>
|
|
<b>Outcome:</b> Leakage of Information<br>
|
|
<b>Attacked Entity Field:</b> Healthcare<br>
|
|
<b>Attacked Entity Geography:</b> <br>
|
|
<b>Incident Description:</b> About 1,600 patients had their private data in the provincial PharmaNet ?prescription system accessed by an unknown hacker, a Health Ministry investigation has revealed.<br>
|
|
<b>Reference:</b> <a href="http://www.cbc.ca/news/canada/british-columbia/b-c-pharmanet-hit-by-hacker-1-600-accounts-breached-1.2704446" target="_blank">http://www.cbc.ca/news/canada/british-columbia/b-c-pharmanet-hit-by-hacker-1-600-accounts-breached-1.2704446</a>
|
|
</div></td> <td><div class="googft-card-view" style="font-family:sans-serif;width:450px;padding:4px;border:1px solid #ccc;overflow:hidden">
|
|
<b>Entry Title:</b> WHID 2014-134: CNET Confirms Russian Hack<br>
|
|
<b>WHID ID:</b> 2014-134<br>
|
|
<b>Date Occurred:</b> 7/15/2014<br>
|
|
<b>Attack Method:</b> Code Injection<br>
|
|
<b>Application Weakness:</b> Improper Input Handling<br>
|
|
<b>Outcome:</b> Leakage of Information<br>
|
|
<b>Attacked Entity Field:</b> Media<br>
|
|
<b>Attacked Entity Geography:</b> <br>
|
|
<b>Incident Description:</b> W0rm, which uses the Twitter handle @rev_priv8, tweeted a screenshot purportedly showing the contents of the CNET database. He or she said that a security hole in CNET.com's implementation of the Symfony PHP framework was the attack vector.<br>
|
|
<b>Reference:</b> <a href="http://www.infosecurity-magazine.com/view/39323/cnet-confirms-russian-hack" target="_blank">http://www.infosecurity-magazine.com/view/39323/cnet-confirms-russian-hack</a>
|
|
</div></td></tr> <tr><td><div class="googft-card-view" style="font-family:sans-serif;width:450px;padding:4px;border:1px solid #ccc;overflow:hidden">
|
|
<b>Entry Title:</b> WHID 2014-133: Town website hacked<br>
|
|
<b>WHID ID:</b> 2014-133<br>
|
|
<b>Date Occurred:</b> 7/15/2014<br>
|
|
<b>Attack Method:</b> Unknown<br>
|
|
<b>Application Weakness:</b> Unknown<br>
|
|
<b>Outcome:</b> SPAM Links<br>
|
|
<b>Attacked Entity Field:</b> Government<br>
|
|
<b>Attacked Entity Geography:</b> <br>
|
|
<b>Incident Description:</b> Visitors accessing the Town of Grand Falls-Windsor?s official website late last week or over the weekend may have gotten a shock.<br>
|
|
<b>Reference:</b> <a href="http://www.gfwadvertiser.ca/News/Local/2014-07-15/article-3801475/Town-website-hacked/1" target="_blank">http://www.gfwadvertiser.ca/News/Local/2014-07-15/article-3801475/Town-website-hacked/1</a>
|
|
</div></td> <td><div class="googft-card-view" style="font-family:sans-serif;width:450px;padding:4px;border:1px solid #ccc;overflow:hidden">
|
|
<b>Entry Title:</b> WHID 2014-132: Astros Respond After Hackers Breach Internal Database<br>
|
|
<b>WHID ID:</b> 2014-132<br>
|
|
<b>Date Occurred:</b> 6/30/2014<br>
|
|
<b>Attack Method:</b> Unknown<br>
|
|
<b>Application Weakness:</b> Unknown<br>
|
|
<b>Outcome:</b> Leakage of Information<br>
|
|
<b>Attacked Entity Field:</b> Sports<br>
|
|
<b>Attacked Entity Geography:</b> <br>
|
|
<b>Incident Description:</b> The Houston Astros say they have been the victims of hackers who accessed their servers and published months of internal trade talks on the Internet.<br>
|
|
<b>Reference:</b> <a href="http://www.kwtx.com/sports/headlines/Astros-Respond-To-Security-Breach-265301541.html?ref=541" target="_blank">http://www.kwtx.com/sports/headlines/Astros-Respond-To-Security-Breach-265301541.html?ref=541</a>
|
|
</div></td></tr> <tr><td><div class="googft-card-view" style="font-family:sans-serif;width:450px;padding:4px;border:1px solid #ccc;overflow:hidden">
|
|
<b>Entry Title:</b> WHID 2014-131: Operation SnowMan: DeputyDog Actor Compromises US Veterans of Foreign Wars Website<br>
|
|
<b>WHID ID:</b> 2014-131<br>
|
|
<b>Date Occurred:</b> 2/13/2014<br>
|
|
<b>Attack Method:</b> Unknown<br>
|
|
<b>Application Weakness:</b> Unknown<br>
|
|
<b>Outcome:</b> Planting of Malware<br>
|
|
<b>Attacked Entity Field:</b> Government<br>
|
|
<b>Attacked Entity Geography:</b> <br>
|
|
<b>Incident Description:</b> After compromising the VFW website, the attackers added an iframe into the beginning of the website?s HTML code that loads the attacker?s page in the background. The attacker?s HTML/JavaScript page runs a Flash object, which orchestrates the remainder of the exploit.<br>
|
|
<b>Reference:</b> <a href="http://www.fireeye.com/blog/uncategorized/2014/02/operation-snowman-deputydog-actor-compromises-us-veterans-of-foreign-wars-website.html" target="_blank">http://www.fireeye.com/blog/uncategorized/2014/02/operation-snowman-deputydog-actor-compromises-us-veterans-of-foreign-wars-website.html</a>
|
|
</div></td> <td><div class="googft-card-view" style="font-family:sans-serif;width:450px;padding:4px;border:1px solid #ccc;overflow:hidden">
|
|
<b>Entry Title:</b> WHID 2014-130: European Cyber Army Hacker Targets Syria<br>
|
|
<b>WHID ID:</b> 2014-130<br>
|
|
<b>Date Occurred:</b> 4/9/2014<br>
|
|
<b>Attack Method:</b> SQL Injection<br>
|
|
<b>Application Weakness:</b> Improper Input Handling<br>
|
|
<b>Outcome:</b> Leakage of Information<br>
|
|
<b>Attacked Entity Field:</b> Advertising<br>
|
|
<b>Attacked Entity Geography:</b> <br>
|
|
<b>Incident Description:</b> Over 60,000 full names, user names, phone numbers and home addresses were leaked, along with several encrypted passwords and several in clear text.<br>
|
|
<b>Reference:</b> <a href="http://www.esecurityplanet.com/hackers/european-cyber-army-hacker-targets-syria.html" target="_blank">http://www.esecurityplanet.com/hackers/european-cyber-army-hacker-targets-syria.html</a>
|
|
</div></td></tr> <tr><td><div class="googft-card-view" style="font-family:sans-serif;width:450px;padding:4px;border:1px solid #ccc;overflow:hidden">
|
|
<b>Entry Title:</b> WHID 2014-129: Anti-media cybercrime spree continues: Al Arabiya hacked by NullCrew<br>
|
|
<b>WHID ID:</b> 2014-129<br>
|
|
<b>Date Occurred:</b> 4/3/2014<br>
|
|
<b>Attack Method:</b> Local File Inclusion (LFI)<br>
|
|
<b>Application Weakness:</b> Improper Input Handling<br>
|
|
<b>Outcome:</b> Leakage of Information<br>
|
|
<b>Attacked Entity Field:</b> Media<br>
|
|
<b>Attacked Entity Geography:</b> <br>
|
|
<b>Incident Description:</b> After hacking and humiliating Comcast in February, NullCrew is back with HorsemenLulz in a successful hack on the mail servers of the second biggest media company in the Arab world, Al Arabiya.<br>
|
|
<b>Reference:</b> <a href="http://www.zdnet.com/anti-media-cybercrime-spree-continues-al-arabiya-hacked-by-nullcrew-7000028004/" target="_blank">http://www.zdnet.com/anti-media-cybercrime-spree-continues-al-arabiya-hacked-by-nullcrew-7000028004/</a>
|
|
</div></td> <td><div class="googft-card-view" style="font-family:sans-serif;width:450px;padding:4px;border:1px solid #ccc;overflow:hidden">
|
|
<b>Entry Title:</b> WHID 2014-128: SQL Injection Leads To BigMoneyJobs.com Leak<br>
|
|
<b>WHID ID:</b> 2014-128<br>
|
|
<b>Date Occurred:</b> 4/2/2014<br>
|
|
<b>Attack Method:</b> SQL Injection<br>
|
|
<b>Application Weakness:</b> Improper Input Handling<br>
|
|
<b>Outcome:</b> Leakage of Information<br>
|
|
<b>Attacked Entity Field:</b> Advertising<br>
|
|
<b>Attacked Entity Geography:</b> <br>
|
|
<b>Incident Description:</b> Earlier today, a hacker identified as ProbablyOnion (who recently breached Boxee.tv) has posted data from a large job seeker website resulting in over 36,000 accounts being published online.<br>
|
|
<b>Reference:</b> <a href="https://www.riskbasedsecurity.com/2014/04/sql-injection-leads-to-bigmoneyjobs-com-leak/" target="_blank">https://www.riskbasedsecurity.com/2014/04/sql-injection-leads-to-bigmoneyjobs-com-leak/</a>
|
|
</div></td></tr> <tr><td><div class="googft-card-view" style="font-family:sans-serif;width:450px;padding:4px;border:1px solid #ccc;overflow:hidden">
|
|
<b>Entry Title:</b> WHID 2014-127: Email Marketing Service Mad Mimi Hit by DDOS Attacks, Blackmailed<br>
|
|
<b>WHID ID:</b> 2014-127<br>
|
|
<b>Date Occurred:</b> 4/1/2014<br>
|
|
<b>Attack Method:</b> Denial of Service<br>
|
|
<b>Application Weakness:</b> Insufficient Anti-Automation<br>
|
|
<b>Outcome:</b> Downtime<br>
|
|
<b>Attacked Entity Field:</b> Advertising<br>
|
|
<b>Attacked Entity Geography:</b> <br>
|
|
<b>Incident Description:</b> On Sunday, March 30, email marketing service Mad Mimi was hit by a distributed denial-of-service (DDOS) attack. Shortly after, they received an email from someone who asked for 1.8 Bitcoins to stop launching attacks.<br>
|
|
<b>Reference:</b> <a href="http://news.softpedia.com/news/Email-Marketing-Service-Mad-Mimi-Hit-by-DDOS-Attacks-Blackmailed-435152.shtml" target="_blank">http://news.softpedia.com/news/Email-Marketing-Service-Mad-Mimi-Hit-by-DDOS-Attacks-Blackmailed-435152.shtml</a>
|
|
</div></td> <td><div class="googft-card-view" style="font-family:sans-serif;width:450px;padding:4px;border:1px solid #ccc;overflow:hidden">
|
|
<b>Entry Title:</b> WHID 2014-126: Gov't contractor Klas Telecom responds to getting hacked by NullCrew<br>
|
|
<b>WHID ID:</b> 2014-126<br>
|
|
<b>Date Occurred:</b> 4/6/2014<br>
|
|
<b>Attack Method:</b> SQL Injection<br>
|
|
<b>Application Weakness:</b> Improper Input Handling<br>
|
|
<b>Outcome:</b> Leakage of Information<br>
|
|
<b>Attacked Entity Field:</b> Technology<br>
|
|
<b>Attacked Entity Geography:</b> <br>
|
|
<b>Incident Description:</b> A skirmish erupted last week when hacking group NullCrew successfully broke into tactical communications company Klas Telecom. The global government contractor had an interesting response to its attackers.<br>
|
|
<b>Reference:</b> <a href="http://www.zdnet.com/govt-contractor-klas-telecom-responds-to-getting-hacked-by-nullcrew-7000028102/" target="_blank">http://www.zdnet.com/govt-contractor-klas-telecom-responds-to-getting-hacked-by-nullcrew-7000028102/</a>
|
|
</div></td></tr> <tr><td><div class="googft-card-view" style="font-family:sans-serif;width:450px;padding:4px;border:1px solid #ccc;overflow:hidden">
|
|
<b>Entry Title:</b> WHID 2014-125: Hack of Boxee.tv exposes password data, messages for 158,000 users<br>
|
|
<b>WHID ID:</b> 2014-125<br>
|
|
<b>Date Occurred:</b> 4/1/2014<br>
|
|
<b>Attack Method:</b> Unknown<br>
|
|
<b>Application Weakness:</b> Unknown<br>
|
|
<b>Outcome:</b> Leakage of Information<br>
|
|
<b>Attacked Entity Field:</b> Technology<br>
|
|
<b>Attacked Entity Geography:</b> <br>
|
|
<b>Incident Description:</b> Hackers posted names, e-mail addresses, message histories, and partially protected login credentials for more than 158,000 forum users of Boxee.tv, the Web-based television service that was acquired by Samsung last year, researchers said.<br>
|
|
<b>Reference:</b> <a href="http://arstechnica.com/security/2014/04/hack-of-boxee-tv-exposes-password-data-messages-for-158000-users/" target="_blank">http://arstechnica.com/security/2014/04/hack-of-boxee-tv-exposes-password-data-messages-for-158000-users/</a>
|
|
</div></td> <td><div class="googft-card-view" style="font-family:sans-serif;width:450px;padding:4px;border:1px solid #ccc;overflow:hidden">
|
|
<b>Entry Title:</b> WHID 2014-124: Foreign Minister Julie Bishop confirms her Twitter account was hacked<br>
|
|
<b>WHID ID:</b> 2014-124<br>
|
|
<b>Date Occurred:</b> 3/17/2014<br>
|
|
<b>Attack Method:</b> Unknown<br>
|
|
<b>Application Weakness:</b> Insufficient Authentication<br>
|
|
<b>Outcome:</b> SPAM Links<br>
|
|
<b>Attacked Entity Field:</b> Social<br>
|
|
<b>Attacked Entity Geography:</b> <br>
|
|
<b>Incident Description:</b> On Monday morning, Ms Bishop's spokeswoman said: "In weightier issues today, the Australian Foreign Minister?s Twitter account was accessed by spambots alerting her more than 50,000 followers to the latest innovations in weight loss, instead of her usual diplomatic endeavours. Twitter was quickly on the case and the situation swiftly handled.?<br>
|
|
<b>Reference:</b> <a href="http://www.smh.com.au/federal-politics/political-news/foreign-minister-julie-bishop-confirms-her-twitter-account-was-hacked-20140317-34wc8.html" target="_blank">http://www.smh.com.au/federal-politics/political-news/foreign-minister-julie-bishop-confirms-her-twitter-account-was-hacked-20140317-34wc8.html</a>
|
|
</div></td></tr> <tr><td><div class="googft-card-view" style="font-family:sans-serif;width:450px;padding:4px;border:1px solid #ccc;overflow:hidden">
|
|
<b>Entry Title:</b> WHID 2014-123: Guatemala Sites of Renault, Toyota and Chevrolet Hacked and Defaced<br>
|
|
<b>WHID ID:</b> 2014-123<br>
|
|
<b>Date Occurred:</b> 3/18/2014<br>
|
|
<b>Attack Method:</b> Unknown<br>
|
|
<b>Application Weakness:</b> Unknown<br>
|
|
<b>Outcome:</b> Defacement<br>
|
|
<b>Attacked Entity Field:</b> Automotive<br>
|
|
<b>Attacked Entity Geography:</b> <br>
|
|
<b>Incident Description:</b> The Guatemala websites of Renault, Toyota and Chevrolet have been hacked and defaced by a member of a Pakistani group called Team Cyber Criminals.<br>
|
|
<b>Reference:</b> <a href="http://news.softpedia.com/news/Guatemala-Sites-of-Renault-Toyota-and-Chevrolet-Hacked-and-Defaced-432682.shtml" target="_blank">http://news.softpedia.com/news/Guatemala-Sites-of-Renault-Toyota-and-Chevrolet-Hacked-and-Defaced-432682.shtml</a>
|
|
</div></td> <td><div class="googft-card-view" style="font-family:sans-serif;width:450px;padding:4px;border:1px solid #ccc;overflow:hidden">
|
|
<b>Entry Title:</b> WHID 2014-122: Over 500,000 PCs attacked every day after 25,000 UNIX servers hijacked by Operation Windigo<br>
|
|
<b>WHID ID:</b> 2014-122<br>
|
|
<b>Date Occurred:</b> 3/18/2014<br>
|
|
<b>Attack Method:</b> Stolen Credentials<br>
|
|
<b>Application Weakness:</b> Insufficient Authentication<br>
|
|
<b>Outcome:</b> SPAM Links<br>
|
|
<b>Attacked Entity Field:</b> Technology<br>
|
|
<b>Attacked Entity Geography:</b> <br>
|
|
<b>Incident Description:</b> The attack, which has been given the name ?Windigo? after a mythical creature from Algonquian Native American folklore, has resulted in over 25,000 Unix servers being hacked, resulting in 35 million spam messages being sent each day from compromised machines.<br>
|
|
<b>Reference:</b> <a href="http://www.welivesecurity.com/2014/03/18/attack-unix-operation-windigo/" target="_blank">http://www.welivesecurity.com/2014/03/18/attack-unix-operation-windigo/</a>
|
|
</div></td></tr> <tr><td><div class="googft-card-view" style="font-family:sans-serif;width:450px;padding:4px;border:1px solid #ccc;overflow:hidden">
|
|
<b>Entry Title:</b> WHID 2014-121: Citroen becomes the latest victim of Adobe ColdFusion hackers<br>
|
|
<b>WHID ID:</b> 2014-121<br>
|
|
<b>Date Occurred:</b> 3/17/2014<br>
|
|
<b>Attack Method:</b> Local File Inclusion (LFI)<br>
|
|
<b>Application Weakness:</b> Improper Input Handling<br>
|
|
<b>Outcome:</b> Leakage of Information<br>
|
|
<b>Attacked Entity Field:</b> Retail<br>
|
|
<b>Attacked Entity Geography:</b> <br>
|
|
<b>Incident Description:</b> One of the carmaker?s German websites hacked to include a backdoor last year, following similar cases elsewhere<br>
|
|
<b>Reference:</b> <a href="http://www.theguardian.com/technology/2014/mar/17/citroen-adobe-coldfusion-hacked-backdoor" target="_blank">http://www.theguardian.com/technology/2014/mar/17/citroen-adobe-coldfusion-hacked-backdoor</a>
|
|
</div></td> <td><div class="googft-card-view" style="font-family:sans-serif;width:450px;padding:4px;border:1px solid #ccc;overflow:hidden">
|
|
<b>Entry Title:</b> WHID 2014-120: Hacker breaches Hopkins server<br>
|
|
<b>WHID ID:</b> 2014-120<br>
|
|
<b>Date Occurred:</b> 3/7/2014<br>
|
|
<b>Attack Method:</b> Unknown<br>
|
|
<b>Application Weakness:</b> Unknown<br>
|
|
<b>Outcome:</b> Leakage of Information<br>
|
|
<b>Attacked Entity Field:</b> Education<br>
|
|
<b>Attacked Entity Geography:</b> <br>
|
|
<b>Incident Description:</b> Names, email addresses and phone numbers from about 850 current and former Johns Hopkins University biomedical engineering students were posted online Thursday, stolen by someone claiming to be part of the hacker group known as Anonymous.<br>
|
|
<b>Reference:</b> <a href="http://articles.baltimoresun.com/2014-03-07/news/bs-md-hopkins-servers-hacked-20140306_1_engineering-students-identity-theft-server" target="_blank">http://articles.baltimoresun.com/2014-03-07/news/bs-md-hopkins-servers-hacked-20140306_1_engineering-students-identity-theft-server</a>
|
|
</div></td></tr> <tr><td><div class="googft-card-view" style="font-family:sans-serif;width:450px;padding:4px;border:1px solid #ccc;overflow:hidden">
|
|
<b>Entry Title:</b> WHID 2014-119: COMIXOLOGY URGES USERS TO CHANGE PASSWORDS IN WAKE OF SERVER HACK<br>
|
|
<b>WHID ID:</b> 2014-119<br>
|
|
<b>Date Occurred:</b> 3/6/2014<br>
|
|
<b>Attack Method:</b> Unknown<br>
|
|
<b>Application Weakness:</b> Unknown<br>
|
|
<b>Outcome:</b> Leakage of Information<br>
|
|
<b>Attacked Entity Field:</b> Entertainment<br>
|
|
<b>Attacked Entity Geography:</b> <br>
|
|
<b>Incident Description:</b> Earlier this morning, digital comics publisher comiXology sent out an email notifying subscribers that it had discovered its database had recently been compromised. While comiXology states that credit card information should be safe -- it does not store card numbers on its servers -- it is suggested users of the digital platform immediately change their password immediately.<br>
|
|
<b>Reference:</b> <a href="http://www.comicbookresources.com/?page=article&id=51291" target="_blank">http://www.comicbookresources.com/?page=article&id=51291</a>
|
|
</div></td> <td><div class="googft-card-view" style="font-family:sans-serif;width:450px;padding:4px;border:1px solid #ccc;overflow:hidden">
|
|
<b>Entry Title:</b> WHID 2014-118: Statistics Company Statista Hacked, Email Addresses and Passwords Possibly Stolen<br>
|
|
<b>WHID ID:</b> 2014-118<br>
|
|
<b>Date Occurred:</b> 3/8/2014<br>
|
|
<b>Attack Method:</b> Unknown<br>
|
|
<b>Application Weakness:</b> Unknown<br>
|
|
<b>Outcome:</b> Leakage of Information<br>
|
|
<b>Attacked Entity Field:</b> Technology<br>
|
|
<b>Attacked Entity Geography:</b> <br>
|
|
<b>Incident Description:</b> Statista, the company that provides statistics and studies from over 18,000 sources, has been hacked. The company believes the hackers could have accessed its user database.<br>
|
|
<b>Reference:</b> <a href="http://news.softpedia.com/news/Statistics-Company-Statista-Hacked-Email-Addresses-and-Passwords-Possibly-Stolen-431173.shtml" target="_blank">http://news.softpedia.com/news/Statistics-Company-Statista-Hacked-Email-Addresses-and-Passwords-Possibly-Stolen-431173.shtml</a>
|
|
</div></td></tr> <tr><td><div class="googft-card-view" style="font-family:sans-serif;width:450px;padding:4px;border:1px solid #ccc;overflow:hidden">
|
|
<b>Entry Title:</b> WHID 2014-117: Sally Beauty Confirms Card Data Breach<br>
|
|
<b>WHID ID:</b> 2014-117<br>
|
|
<b>Date Occurred:</b> 3/14/2014<br>
|
|
<b>Attack Method:</b> Unknown<br>
|
|
<b>Application Weakness:</b> Unknown<br>
|
|
<b>Outcome:</b> Leakage of Information<br>
|
|
<b>Attacked Entity Field:</b> Retail<br>
|
|
<b>Attacked Entity Geography:</b> <br>
|
|
<b>Incident Description:</b> Nationwide cosmetics and beauty retailer Sally Beauty today confirmed that hackers had broken into its networks and stolen credit card data from stores.<br>
|
|
<b>Reference:</b> <a href="http://krebsonsecurity.com/2014/03/sally-beauty-confirms-card-data-breach/" target="_blank">http://krebsonsecurity.com/2014/03/sally-beauty-confirms-card-data-breach/</a>
|
|
</div></td> <td><div class="googft-card-view" style="font-family:sans-serif;width:450px;padding:4px;border:1px solid #ccc;overflow:hidden">
|
|
<b>Entry Title:</b> WHID 2014-116: North Dakota university system says server hacked<br>
|
|
<b>WHID ID:</b> 2014-116<br>
|
|
<b>Date Occurred:</b> 3/5/2014<br>
|
|
<b>Attack Method:</b> Unknown<br>
|
|
<b>Application Weakness:</b> Unknown<br>
|
|
<b>Outcome:</b> Leakage of Information<br>
|
|
<b>Attacked Entity Field:</b> Education<br>
|
|
<b>Attacked Entity Geography:</b> <br>
|
|
<b>Incident Description:</b> A North Dakota University System computer server that stores personal data of nearly 300,000 past and present students was hacked, university system officials announced Wednesday.<br>
|
|
<b>Reference:</b> <a href="http://bismarcktribune.com/news/state-and-regional/north-dakota-university-system-says-server-hacked/article_2c11572a-a4ad-11e3-ac1d-001a4bcf887a.html" target="_blank">http://bismarcktribune.com/news/state-and-regional/north-dakota-university-system-says-server-hacked/article_2c11572a-a4ad-11e3-ac1d-001a4bcf887a.html</a>
|
|
</div></td></tr> <tr><td><div class="googft-card-view" style="font-family:sans-serif;width:450px;padding:4px;border:1px solid #ccc;overflow:hidden">
|
|
<b>Entry Title:</b> WHID 2014-115: Website of International Video News Agency Ruptly Hit With DDOS Attack<br>
|
|
<b>WHID ID:</b> 2014-115<br>
|
|
<b>Date Occurred:</b> 3/4/2014<br>
|
|
<b>Attack Method:</b> Denial of Service<br>
|
|
<b>Application Weakness:</b> Insufficient Anti-Automation<br>
|
|
<b>Outcome:</b> Downtime<br>
|
|
<b>Attacked Entity Field:</b> Media<br>
|
|
<b>Attacked Entity Geography:</b> <br>
|
|
<b>Incident Description:</b> Moments ago, the Ruptly international video news agency, which is part of the RT (Russia Today) global news network, announced that its website is under a distributed denial-of-service (DDOS) attack.<br>
|
|
<b>Reference:</b> <a href="http://news.softpedia.com/news/Website-of-International-Video-News-Agency-Ruptly-Hit-With-DDOS-Attack-430390.shtml" target="_blank">http://news.softpedia.com/news/Website-of-International-Video-News-Agency-Ruptly-Hit-With-DDOS-Attack-430390.shtml</a>
|
|
</div></td> <td><div class="googft-card-view" style="font-family:sans-serif;width:450px;padding:4px;border:1px solid #ccc;overflow:hidden">
|
|
<b>Entry Title:</b> WHID 2014-114: High-Profile Domains from Congo Defaced via Hack Attack on NIC<br>
|
|
<b>WHID ID:</b> 2014-114<br>
|
|
<b>Date Occurred:</b> 3/3/2014<br>
|
|
<b>Attack Method:</b> DNS Hijacking<br>
|
|
<b>Application Weakness:</b> Insufficient Process Validation<br>
|
|
<b>Outcome:</b> Defacement<br>
|
|
<b>Attacked Entity Field:</b> Service Provider<br>
|
|
<b>Attacked Entity Geography:</b> <br>
|
|
<b>Incident Description:</b> The Congo domains (.cd) for Amazon, Audi, AVG, BBC, BMW, Canon, DHL, eBay, Fujitsu, GoDaddy, Hitachi, Honda, IBM, Panasonic, Toshiba, Mercedes, Rolex, Samsung, T-Mobile, Volkswagen and many others have been defaced by hackers of TeaM MaDLeeTs.<br>
|
|
<b>Reference:</b> <a href="http://news.softpedia.com/news/High-Profile-Domains-from-Congo-Defaced-via-Hack-Attack-on-NIC-430140.shtml" target="_blank">http://news.softpedia.com/news/High-Profile-Domains-from-Congo-Defaced-via-Hack-Attack-on-NIC-430140.shtml</a>
|
|
</div></td></tr> <tr><td><div class="googft-card-view" style="font-family:sans-serif;width:450px;padding:4px;border:1px solid #ccc;overflow:hidden">
|
|
<b>Entry Title:</b> WHID 2014-113: Denial-Of-Service Attack Snags Meetup.com For Days<br>
|
|
<b>WHID ID:</b> 2014-113<br>
|
|
<b>Date Occurred:</b> 3/4/2014<br>
|
|
<b>Attack Method:</b> Denial of Service<br>
|
|
<b>Application Weakness:</b> Insufficient Anti-Automation<br>
|
|
<b>Outcome:</b> Downtime<br>
|
|
<b>Attacked Entity Field:</b> Social<br>
|
|
<b>Attacked Entity Geography:</b> <br>
|
|
<b>Incident Description:</b> Meetup.com was back online Monday, after a series of massive denial-of-service attacks that lasted off and on for four days.<br>
|
|
<b>Reference:</b> <a href="http://newyork.cbslocal.com/2014/03/03/denial-of-service-attack-snags-meetup-com-for-days/" target="_blank">http://newyork.cbslocal.com/2014/03/03/denial-of-service-attack-snags-meetup-com-for-days/</a>
|
|
</div></td> <td><div class="googft-card-view" style="font-family:sans-serif;width:450px;padding:4px;border:1px solid #ccc;overflow:hidden">
|
|
<b>Entry Title:</b> WHID 2014-112: Thieves Jam Up Smucker?s, Card Processor<br>
|
|
<b>WHID ID:</b> 2014-112<br>
|
|
<b>Date Occurred:</b> 3/14/2014<br>
|
|
<b>Attack Method:</b> Local File Inclusion (LFI)<br>
|
|
<b>Application Weakness:</b> Improper Input Handling<br>
|
|
<b>Outcome:</b> Leakage of Information<br>
|
|
<b>Attacked Entity Field:</b> Retail<br>
|
|
<b>Attacked Entity Geography:</b> <br>
|
|
<b>Incident Description:</b> Not all of the above-mentioned victims involved the exploitation of ColdFusion vulnerabilities, but Smucker?s was included in a list of compromised online stores that I regrettably lost track of toward the end of 2013, amid a series of investigations involving breaches at much bigger victims.<br>
|
|
<b>Reference:</b> <a href="http://krebsonsecurity.com/2014/03/thieves-jam-up-smuckers-card-processor/" target="_blank">http://krebsonsecurity.com/2014/03/thieves-jam-up-smuckers-card-processor/</a>
|
|
</div></td></tr> <tr><td><div class="googft-card-view" style="font-family:sans-serif;width:450px;padding:4px;border:1px solid #ccc;overflow:hidden">
|
|
<b>Entry Title:</b> WHID 2014-111: W3C website fell victim to an SQL injection<br>
|
|
<b>WHID ID:</b> 2014-111<br>
|
|
<b>Date Occurred:</b> 3/1/2014<br>
|
|
<b>Attack Method:</b> SQL Injection<br>
|
|
<b>Application Weakness:</b> Improper Input Handling<br>
|
|
<b>Outcome:</b> Leakage of Information<br>
|
|
<b>Attacked Entity Field:</b> Technology<br>
|
|
<b>Attacked Entity Geography:</b> <br>
|
|
<b>Incident Description:</b> It has come to to light today that the website of W3C (World Wide Web Consortium) has fallen victim to an SQL injection from an unknown party.<br>
|
|
<b>Reference:</b> <a href="http://www.hackingdaily.com/2014/03/w3c-hacked-by-sql.html" target="_blank">http://www.hackingdaily.com/2014/03/w3c-hacked-by-sql.html</a>
|
|
</div></td> <td><div class="googft-card-view" style="font-family:sans-serif;width:450px;padding:4px;border:1px solid #ccc;overflow:hidden">
|
|
<b>Entry Title:</b> WHID 2014-110: EA Games website hacked to steal Apple IDs<br>
|
|
<b>WHID ID:</b> 2014-110<br>
|
|
<b>Date Occurred:</b> 3/19/2014<br>
|
|
<b>Attack Method:</b> OS Commanding<br>
|
|
<b>Application Weakness:</b> Improper Input Handling<br>
|
|
<b>Outcome:</b> Phishing<br>
|
|
<b>Attacked Entity Field:</b> Gaming<br>
|
|
<b>Attacked Entity Geography:</b> <br>
|
|
<b>Incident Description:</b> An EA Games server has been compromised by hackers and is now hosting a phishing site which targets Apple ID account holders.<br>
|
|
<b>Reference:</b> <a href="http://news.netcraft.com/archives/2014/03/19/ea-games-website-hacked-to-steal-apple-ids.html" target="_blank">http://news.netcraft.com/archives/2014/03/19/ea-games-website-hacked-to-steal-apple-ids.html</a>
|
|
</div></td></tr> <tr><td><div class="googft-card-view" style="font-family:sans-serif;width:450px;padding:4px;border:1px solid #ccc;overflow:hidden">
|
|
<b>Entry Title:</b> WHID 2014-109: SurveyGizmo Recovers from DDoS Attack Despite ?Communication Issues? with Hosting Provider ViaWest<br>
|
|
<b>WHID ID:</b> 2014-109<br>
|
|
<b>Date Occurred:</b> 3/28/2014<br>
|
|
<b>Attack Method:</b> Denial of Service<br>
|
|
<b>Application Weakness:</b> Insufficient Anti-Automation<br>
|
|
<b>Outcome:</b> Downtime<br>
|
|
<b>Attacked Entity Field:</b> Technology<br>
|
|
<b>Attacked Entity Geography:</b> <br>
|
|
<b>Incident Description:</b> After almost two days of disrupted service, SurveyGizmo has completely recovered from a DDoS attack. According to Jason Carolan, CTO of SurveyGizmo?s web host ViaWest, the attack was persistent and estimated at between 20 and 40 Gbps.<br>
|
|
<b>Reference:</b> <a href="http://www.thewhir.com/web-hosting-news/surveygizmo-recovers-ddos-attack-despite-communication-issues-hosting-provider-viawest" target="_blank">http://www.thewhir.com/web-hosting-news/surveygizmo-recovers-ddos-attack-despite-communication-issues-hosting-provider-viawest</a>
|
|
</div></td> <td><div class="googft-card-view" style="font-family:sans-serif;width:450px;padding:4px;border:1px solid #ccc;overflow:hidden">
|
|
<b>Entry Title:</b> WHID 2014-108: World Of Warcraft, Hearthstone Hit By DDoS Attacks And ISP Issues<br>
|
|
<b>WHID ID:</b> 2014-108<br>
|
|
<b>Date Occurred:</b> 3/31/2014<br>
|
|
<b>Attack Method:</b> Denial of Service<br>
|
|
<b>Application Weakness:</b> Insufficient Anti-Automation<br>
|
|
<b>Outcome:</b> Downtime<br>
|
|
<b>Attacked Entity Field:</b> Gaming<br>
|
|
<b>Attacked Entity Geography:</b> <br>
|
|
<b>Incident Description:</b> In Europe, hackers are causing problems with distributed denial-of-service (DDoS) attacks. The result is that every online game by the company has been disrupted.<br>
|
|
<b>Reference:</b> <a href="http://www.cinemablend.com/games/World-Warcraft-Hearthstone-Hit-By-DDoS-Attacks-ISP-Issues-63106.html" target="_blank">http://www.cinemablend.com/games/World-Warcraft-Hearthstone-Hit-By-DDoS-Attacks-ISP-Issues-63106.html</a>
|
|
</div></td></tr> <tr><td><div class="googft-card-view" style="font-family:sans-serif;width:450px;padding:4px;border:1px solid #ccc;overflow:hidden">
|
|
<b>Entry Title:</b> WHID 2014-107: Elance and oDesk hit by major DDoS attacks, downing services for many freelancers<br>
|
|
<b>WHID ID:</b> 2014-107<br>
|
|
<b>Date Occurred:</b> 3/18/2014<br>
|
|
<b>Attack Method:</b> Denial of Service<br>
|
|
<b>Application Weakness:</b> Insufficient Anti-Automation<br>
|
|
<b>Outcome:</b> Downtime<br>
|
|
<b>Attacked Entity Field:</b> Technology<br>
|
|
<b>Attacked Entity Geography:</b> <br>
|
|
<b>Incident Description:</b> The Elance denial-of-service attack has been going on for over a day now, though it is now only sporadic. Elance says it has bought in new defences to try cope. Meanwhile oDesk says it got hit by a briefer, separate attack.<br>
|
|
<b>Reference:</b> <a href="http://gigaom.com/2014/03/18/elance-hit-by-major-ddos-attack-downing-service-for-many-freelancers/" target="_blank">http://gigaom.com/2014/03/18/elance-hit-by-major-ddos-attack-downing-service-for-many-freelancers/</a>
|
|
</div></td> <td><div class="googft-card-view" style="font-family:sans-serif;width:450px;padding:4px;border:1px solid #ccc;overflow:hidden">
|
|
<b>Entry Title:</b> WHID 2014-106: HootSuite Bounces Back After DDoS Attack<br>
|
|
<b>WHID ID:</b> 2014-106<br>
|
|
<b>Date Occurred:</b> 3/21/2014<br>
|
|
<b>Attack Method:</b> Denial of Service<br>
|
|
<b>Application Weakness:</b> Insufficient Anti-Automation<br>
|
|
<b>Outcome:</b> Downtime<br>
|
|
<b>Attacked Entity Field:</b> Social<br>
|
|
<b>Attacked Entity Geography:</b> <br>
|
|
<b>Incident Description:</b> HootSuite has bounced back from a denial of service (DoS) attack on Thursday morning that prevented users from accessing the social media platform.<br>
|
|
<b>Reference:</b> <a href="http://mashable.com/2014/03/21/hootsuite-bounce-back-after-ddos-attack/" target="_blank">http://mashable.com/2014/03/21/hootsuite-bounce-back-after-ddos-attack/</a>
|
|
</div></td></tr> <tr><td><div class="googft-card-view" style="font-family:sans-serif;width:450px;padding:4px;border:1px solid #ccc;overflow:hidden">
|
|
<b>Entry Title:</b> WHID 2014-105: DDoS attack takes out NATO websites, Ukraine connection claimed<br>
|
|
<b>WHID ID:</b> 2014-105<br>
|
|
<b>Date Occurred:</b> 3/17/2014<br>
|
|
<b>Attack Method:</b> Denial of Service<br>
|
|
<b>Application Weakness:</b> Insufficient Anti-Automation<br>
|
|
<b>Outcome:</b> Downtime<br>
|
|
<b>Attacked Entity Field:</b> Government<br>
|
|
<b>Attacked Entity Geography:</b> <br>
|
|
<b>Incident Description:</b> A series of DDoS attacks launched over the weekend disrupted access to several websites operated by NATO<br>
|
|
<b>Reference:</b> <a href="http://nakedsecurity.sophos.com/2014/03/17/ddos-attack-takes-out-nato-websites-ukraine-connection-claimed/" target="_blank">http://nakedsecurity.sophos.com/2014/03/17/ddos-attack-takes-out-nato-websites-ukraine-connection-claimed/</a>
|
|
</div></td> <td><div class="googft-card-view" style="font-family:sans-serif;width:450px;padding:4px;border:1px solid #ccc;overflow:hidden">
|
|
<b>Entry Title:</b> WHID 2014-104: Russian media websites hit by ?massive? DDoS attack ?linked to Ukraine?<br>
|
|
<b>WHID ID:</b> 2014-104<br>
|
|
<b>Date Occurred:</b> 3/14/2014<br>
|
|
<b>Attack Method:</b> Denial of Service<br>
|
|
<b>Application Weakness:</b> Insufficient Anti-Automation<br>
|
|
<b>Outcome:</b> Downtime<br>
|
|
<b>Attacked Entity Field:</b> Media<br>
|
|
<b>Attacked Entity Geography:</b> <br>
|
|
<b>Incident Description:</b> Websites of several Russian state TV channels have been hit by a large cyberattack suspected to partly come from Kiev. Anonymous Caucasus claimed it was responsible for hacking Channel One TV?s site, saying it had ?nothing? to do with Ukraine.<br>
|
|
<b>Reference:</b> <a href="http://rt.com/news/russian-media-ddos-ukraine-614/" target="_blank">http://rt.com/news/russian-media-ddos-ukraine-614/</a>
|
|
</div></td></tr> <tr><td><div class="googft-card-view" style="font-family:sans-serif;width:450px;padding:4px;border:1px solid #ccc;overflow:hidden">
|
|
<b>Entry Title:</b> WHID 2014-103: Basecamp Becomes Latest Victim Of DDoS Attackers Attempting To Extort Money From Tech Companies<br>
|
|
<b>WHID ID:</b> 2014-103<br>
|
|
<b>Date Occurred:</b> 3/24/2014<br>
|
|
<b>Attack Method:</b> Denial of Service<br>
|
|
<b>Application Weakness:</b> Insufficient Anti-Automation<br>
|
|
<b>Outcome:</b> Downtime<br>
|
|
<b>Attacked Entity Field:</b> Technology<br>
|
|
<b>Attacked Entity Geography:</b> <br>
|
|
<b>Incident Description:</b> Basecamp, makers of the popular online project management software of the same name (which as of this February became the company?s main focus) was hit with a distributed denial-of-service attack (DDoS) this morning, rendering its services temporarily unavailable. The company disclosed this news in a blog post, explaining that the ?criminals? behind the DDoS had also tried to extort money in return for stopping the attack ? a request that Basecamp smartly refused.<br>
|
|
<b>Reference:</b> <a href="http://techcrunch.com/2014/03/24/basecamp-becomes-latest-victim-of-ddos-attackers-attempting-to-extort-money-from-tech-companies/" target="_blank">http://techcrunch.com/2014/03/24/basecamp-becomes-latest-victim-of-ddos-attackers-attempting-to-extort-money-from-tech-companies/</a>
|
|
</div></td> <td><div class="googft-card-view" style="font-family:sans-serif;width:450px;padding:4px;border:1px solid #ccc;overflow:hidden">
|
|
<b>Entry Title:</b> WHID 2014-102: More Than 162,000 WordPress Sites Used for Distributed Denial of Service Attack<br>
|
|
<b>WHID ID:</b> 2014-102<br>
|
|
<b>Date Occurred:</b> 3/10/2014<br>
|
|
<b>Attack Method:</b> Denial of Service<br>
|
|
<b>Application Weakness:</b> Insufficient Process Validation<br>
|
|
<b>Outcome:</b> Downtime<br>
|
|
<b>Attacked Entity Field:</b> Blogs<br>
|
|
<b>Attacked Entity Geography:</b> <br>
|
|
<b>Incident Description:</b> Distributed Denial of Service (DDOS) attacks are becoming a common trend on our blog lately, and that?s OK because it?s a very serious issue for every website owner. Today I want to talk about a large DDOS attack that leveraged thousands of unsuspecting WordPress websites as indirect source amplification vectors<br>
|
|
<b>Reference:</b> <a href="http://blog.sucuri.net/2014/03/more-than-162000-wordpress-sites-used-for-distributed-denial-of-service-attack.html" target="_blank">http://blog.sucuri.net/2014/03/more-than-162000-wordpress-sites-used-for-distributed-denial-of-service-attack.html</a>
|
|
</div></td></tr> <tr><td><div class="googft-card-view" style="font-family:sans-serif;width:450px;padding:4px;border:1px solid #ccc;overflow:hidden">
|
|
<b>Entry Title:</b> WHID 2014-101: Denial of Service Attacks on GitHub<br>
|
|
<b>WHID ID:</b> 2014-101<br>
|
|
<b>Date Occurred:</b> 3/14/2014<br>
|
|
<b>Attack Method:</b> Denial of Service<br>
|
|
<b>Application Weakness:</b> Insufficient Anti-Automation<br>
|
|
<b>Outcome:</b> Downtime<br>
|
|
<b>Attacked Entity Field:</b> Technology<br>
|
|
<b>Attacked Entity Geography:</b> <br>
|
|
<b>Incident Description:</b> On Tuesday, March 11th, GitHub was largely unreachable for roughly 2 hours as the result of an evolving distributed denial of service (DDoS) attack. I know that you rely on GitHub to be available all the time, and I'm sorry we let you down. I'd like to explain what happened, how we responded to it, and what we're doing to reduce the impact of future attacks like this.<br>
|
|
<b>Reference:</b> <a href="https://github.com/blog/1796-denial-of-service-attacks" target="_blank">https://github.com/blog/1796-denial-of-service-attacks</a>
|
|
</div></td> <td><div class="googft-card-view" style="font-family:sans-serif;width:450px;padding:4px;border:1px solid #ccc;overflow:hidden">
|
|
<b>Entry Title:</b> WHID 2014-100: Ellie Mae hit by DDoS attack<br>
|
|
<b>WHID ID:</b> 2014-100<br>
|
|
<b>Date Occurred:</b> 4/4/2014<br>
|
|
<b>Attack Method:</b> Denial of Service<br>
|
|
<b>Application Weakness:</b> Insufficient Anti-Automation<br>
|
|
<b>Outcome:</b> Downtime<br>
|
|
<b>Attacked Entity Field:</b> Government<br>
|
|
<b>Attacked Entity Geography:</b> <br>
|
|
<b>Incident Description:</b> Mortgage origination software provider Ellie Mae says that a distributed denial of service (DDoS) attack is to blame for its systems falling over earlier this week.<br>
|
|
<b>Reference:</b> <a href="http://www.finextra.com/news/fullstory.aspx?newsitemid=25930&topic=security" target="_blank">http://www.finextra.com/news/fullstory.aspx?newsitemid=25930&topic=security</a>
|
|
</div></td></tr> <tr><td><div class="googft-card-view" style="font-family:sans-serif;width:450px;padding:4px;border:1px solid #ccc;overflow:hidden">
|
|
<b>Entry Title:</b> WHID 2014-099: XSS flaw in popular video-sharing site allowed DDoS attack through browsers<br>
|
|
<b>WHID ID:</b> 2014-099<br>
|
|
<b>Date Occurred:</b> 4/4/2014<br>
|
|
<b>Attack Method:</b> Cross-site Scripting (XSS)<br>
|
|
<b>Application Weakness:</b> Improper Output Handling<br>
|
|
<b>Outcome:</b> DDoS Attacks<br>
|
|
<b>Attacked Entity Field:</b> Social<br>
|
|
<b>Attacked Entity Geography:</b> <br>
|
|
<b>Incident Description:</b> Attackers exploited a vulnerability in a popular video-sharing site to hijack users' browsers for use in a large-scale distributed denial-of-service attack, according to researchers from Web security firm Incapsula.<br>
|
|
<b>Reference:</b> <a href="http://www.computerworld.com/s/article/9247450/XSS_flaw_in_popular_video_sharing_site_allowed_DDoS_attack_through_browsers" target="_blank">http://www.computerworld.com/s/article/9247450/XSS_flaw_in_popular_video_sharing_site_allowed_DDoS_attack_through_browsers</a>
|
|
</div></td> <td><div class="googft-card-view" style="font-family:sans-serif;width:450px;padding:4px;border:1px solid #ccc;overflow:hidden">
|
|
<b>Entry Title:</b> WHID 2014-098: Revealed: key UK websites vulnerable to hackers<br>
|
|
<b>WHID ID:</b> 2014-098<br>
|
|
<b>Date Occurred:</b> 3/4/2014<br>
|
|
<b>Attack Method:</b> Cross-site Scripting (XSS)<br>
|
|
<b>Application Weakness:</b> Improper Output Handling<br>
|
|
<b>Outcome:</b> Disinformation<br>
|
|
<b>Attacked Entity Field:</b> Government<br>
|
|
<b>Attacked Entity Geography:</b> <br>
|
|
<b>Incident Description:</b> The official website of the UK Parliament contained basic flaws that left it vulnerable to hacking, a programmer has discovered.<br>
|
|
<b>Reference:</b> <a href="http://www.telegraph.co.uk/technology/internet-security/10673520/Revealed-key-UK-websites-vulnerable-to-hackers.html" target="_blank">http://www.telegraph.co.uk/technology/internet-security/10673520/Revealed-key-UK-websites-vulnerable-to-hackers.html</a>
|
|
</div></td></tr> <tr><td><div class="googft-card-view" style="font-family:sans-serif;width:450px;padding:4px;border:1px solid #ccc;overflow:hidden">
|
|
<b>Entry Title:</b> WHID 2014-097: Three Alleged Hackers Arrested in Korea for Stealing Information from Hundreds of Sites<br>
|
|
<b>WHID ID:</b> 2014-097<br>
|
|
<b>Date Occurred:</b> 2/27/2014<br>
|
|
<b>Attack Method:</b> Cross-site Request Forgery (CSRF)<br>
|
|
<b>Application Weakness:</b> Insufficient Process Validation<br>
|
|
<b>Outcome:</b> Leakage of Information<br>
|
|
<b>Attacked Entity Field:</b> Retail<br>
|
|
<b>Attacked Entity Geography:</b> <br>
|
|
<b>Incident Description:</b> In some cases, the attackers posted maliciously crafted code on online forums. When administrators clicked on the links, they unknowingly gave the hackers access to their systems.<br>
|
|
<b>Reference:</b> <a href="http://news.softpedia.com/news/Three-Alleged-Hackers-Arrested-in-Korea-for-Stealing-Information-from-Hundreds-of-Sites-429630.shtml" target="_blank">http://news.softpedia.com/news/Three-Alleged-Hackers-Arrested-in-Korea-for-Stealing-Information-from-Hundreds-of-Sites-429630.shtml</a>
|
|
</div></td> <td><div class="googft-card-view" style="font-family:sans-serif;width:450px;padding:4px;border:1px solid #ccc;overflow:hidden">
|
|
<b>Entry Title:</b> WHID 2014-096: Social site Meetup hit by DDoS attack<br>
|
|
<b>WHID ID:</b> 2014-096<br>
|
|
<b>Date Occurred:</b> 2/28/2014<br>
|
|
<b>Attack Method:</b> Denial of Service<br>
|
|
<b>Application Weakness:</b> Insufficient Anti-Automation<br>
|
|
<b>Outcome:</b> Downtime<br>
|
|
<b>Attacked Entity Field:</b> Social<br>
|
|
<b>Attacked Entity Geography:</b> <br>
|
|
<b>Incident Description:</b> Social site Meetup was hit by a DDoS attack today, according to a notice on its website.<br>
|
|
<b>Reference:</b> <a href="http://business-technology.co.uk/2014/02/social-site-meetup-under-ddos-attack/" target="_blank">http://business-technology.co.uk/2014/02/social-site-meetup-under-ddos-attack/</a>
|
|
</div></td></tr> <tr><td><div class="googft-card-view" style="font-family:sans-serif;width:450px;padding:4px;border:1px solid #ccc;overflow:hidden">
|
|
<b>Entry Title:</b> WHID 2014-095: Hackers target Carson City market, credit card info stolen<br>
|
|
<b>WHID ID:</b> 2014-095<br>
|
|
<b>Date Occurred:</b> 2/24/2014<br>
|
|
<b>Attack Method:</b> Unknown<br>
|
|
<b>Application Weakness:</b> Unknown<br>
|
|
<b>Outcome:</b> Leakage of Information<br>
|
|
<b>Attacked Entity Field:</b> Retail<br>
|
|
<b>Attacked Entity Geography:</b> <br>
|
|
<b>Incident Description:</b> Store officials at the Carson VIllage Market confirm their local server was compromised but say proper security measures have been put in place and customers are no longer at risk<br>
|
|
<b>Reference:</b> <a href="http://www.wzzm13.com/story/news/crime/2014/02/24/hackers-target-carson-city-market/5796113/" target="_blank">http://www.wzzm13.com/story/news/crime/2014/02/24/hackers-target-carson-city-market/5796113/</a>
|
|
</div></td> <td><div class="googft-card-view" style="font-family:sans-serif;width:450px;padding:4px;border:1px solid #ccc;overflow:hidden">
|
|
<b>Entry Title:</b> WHID 2014-094: Hacker defaces website of IT security certification body EC-Council<br>
|
|
<b>WHID ID:</b> 2014-094<br>
|
|
<b>Date Occurred:</b> 2/24/2014<br>
|
|
<b>Attack Method:</b> DNS Hijacking<br>
|
|
<b>Application Weakness:</b> Insufficient Process Validation<br>
|
|
<b>Outcome:</b> Defacement<br>
|
|
<b>Attacked Entity Field:</b> Government<br>
|
|
<b>Attacked Entity Geography:</b> <br>
|
|
<b>Incident Description:</b> It appears the attack was the result of DNS hijacking with the domain name pointed to an Internet Protocol (IP) address under the attacker?s control. This also seems to have affected EC-Council?s email infrastructure, as attempts to contact the organization at two of its publicly listed email addresses failed with a DNS error.<br>
|
|
<b>Reference:</b> <a href="http://www.pcworld.com/article/2100880/hacker-defaces-website-of-it-security-certification-body-eccouncil.html" target="_blank">http://www.pcworld.com/article/2100880/hacker-defaces-website-of-it-security-certification-body-eccouncil.html</a>
|
|
</div></td></tr> <tr><td><div class="googft-card-view" style="font-family:sans-serif;width:450px;padding:4px;border:1px solid #ccc;overflow:hidden">
|
|
<b>Entry Title:</b> WHID 2014-093: Systems of Austrian Energy Provider Energie Steiermark Hacked<br>
|
|
<b>WHID ID:</b> 2014-093<br>
|
|
<b>Date Occurred:</b> 2/20/2014<br>
|
|
<b>Attack Method:</b> Unknown<br>
|
|
<b>Application Weakness:</b> Unknown<br>
|
|
<b>Outcome:</b> Leakage of Information<br>
|
|
<b>Attacked Entity Field:</b> Energy<br>
|
|
<b>Attacked Entity Geography:</b> <br>
|
|
<b>Incident Description:</b> Energie Steiermark, an energy company in Austria?s Styria province, says that its systems have been hacked.<br>
|
|
<b>Reference:</b> <a href="http://news.softpedia.com/news/Systems-of-Austrian-Energy-Provider-Energie-Steiermark-Hacked-428187.shtml" target="_blank">http://news.softpedia.com/news/Systems-of-Austrian-Energy-Provider-Energie-Steiermark-Hacked-428187.shtml</a>
|
|
</div></td> <td><div class="googft-card-view" style="font-family:sans-serif;width:450px;padding:4px;border:1px solid #ccc;overflow:hidden">
|
|
<b>Entry Title:</b> WHID 2014-092: Massive hacking spree in Singapore, possibly over 180 websites defaced<br>
|
|
<b>WHID ID:</b> 2014-092<br>
|
|
<b>Date Occurred:</b> 2/20/2014<br>
|
|
<b>Attack Method:</b> Unknown<br>
|
|
<b>Application Weakness:</b> Unknown<br>
|
|
<b>Outcome:</b> Defacement<br>
|
|
<b>Attacked Entity Field:</b> Hosting Providers<br>
|
|
<b>Attacked Entity Geography:</b> <br>
|
|
<b>Incident Description:</b> Dozens of Singapore websites, possibly more than 180, have been defaced by hackers in two separate occasions this week.<br>
|
|
<b>Reference:</b> <a href="http://www.techinasia.com/massive-website-defacing-spree-singapore-possibly-180-sites-affected/" target="_blank">http://www.techinasia.com/massive-website-defacing-spree-singapore-possibly-180-sites-affected/</a>
|
|
</div></td></tr> <tr><td><div class="googft-card-view" style="font-family:sans-serif;width:450px;padding:4px;border:1px solid #ccc;overflow:hidden">
|
|
<b>Entry Title:</b> WHID 2014-091: Namecheap fends off DDoS attack that knocked 300 websites offline<br>
|
|
<b>WHID ID:</b> 2014-091<br>
|
|
<b>Date Occurred:</b> 2/21/2014<br>
|
|
<b>Attack Method:</b> Denial of Service<br>
|
|
<b>Application Weakness:</b> Insufficient Anti-Automation<br>
|
|
<b>Outcome:</b> Downtime<br>
|
|
<b>Attacked Entity Field:</b> Service Provider<br>
|
|
<b>Attacked Entity Geography:</b> <br>
|
|
<b>Incident Description:</b> Namecheap said Thursday it struggled to recover from a new type of distributed denial-of-service attack (DDoS) against its DNS (domain name system) servers that knocked 300 websites offline.<br>
|
|
<b>Reference:</b> <a href="http://www.pcworld.com/article/2100040/namecheap-fends-off-ddos-attack-restores-services.html" target="_blank">http://www.pcworld.com/article/2100040/namecheap-fends-off-ddos-attack-restores-services.html</a>
|
|
</div></td> <td><div class="googft-card-view" style="font-family:sans-serif;width:450px;padding:4px;border:1px solid #ccc;overflow:hidden">
|
|
<b>Entry Title:</b> WHID 2014-090: Hackers breach Texas college server, thousands compromised<br>
|
|
<b>WHID ID:</b> 2014-090<br>
|
|
<b>Date Occurred:</b> 2/19/2014<br>
|
|
<b>Attack Method:</b> Unknown<br>
|
|
<b>Application Weakness:</b> Unknown<br>
|
|
<b>Outcome:</b> Leakage of Information<br>
|
|
<b>Attacked Entity Field:</b> Education<br>
|
|
<b>Attacked Entity Geography:</b> <br>
|
|
<b>Incident Description:</b> Texas State Technical College (TSTC) Waco is notifying almost 3,000 former students and fewer than 2,000 employees that personal information may have been compromised after an unauthorized party remotely gained access to a server that contained the data.<br>
|
|
<b>Reference:</b> <a href="http://www.scmagazine.com/hackers-breach-texas-college-server-thousands-compromised/article/334663/" target="_blank">http://www.scmagazine.com/hackers-breach-texas-college-server-thousands-compromised/article/334663/</a>
|
|
</div></td></tr> <tr><td><div class="googft-card-view" style="font-family:sans-serif;width:450px;padding:4px;border:1px solid #ccc;overflow:hidden">
|
|
<b>Entry Title:</b> WHID 2014-089: University of Maryland hacked; 309,000 Social Security numbers stolen<br>
|
|
<b>WHID ID:</b> 2014-089<br>
|
|
<b>Date Occurred:</b> 2/19/2014<br>
|
|
<b>Attack Method:</b> Unknown<br>
|
|
<b>Application Weakness:</b> Unknown<br>
|
|
<b>Outcome:</b> Leakage of Information<br>
|
|
<b>Attacked Entity Field:</b> Education<br>
|
|
<b>Attacked Entity Geography:</b> <br>
|
|
<b>Incident Description:</b> The names and Social Security numbers of more than 309,000 students and staff from the University of Maryland, dating back to 1998, were stolen in a "sophisticated" security attack that penetrated recently bolstered defenses, the school?s president announced late Wednesday.<br>
|
|
<b>Reference:</b> <a href="http://www.latimes.com/nation/nationnow/la-na-nn-university-of-maryland-hacked-309000-records-compromised-20140219-story.html#ixzz2trcqXKuo" target="_blank">http://www.latimes.com/nation/nationnow/la-na-nn-university-of-maryland-hacked-309000-records-compromised-20140219-story.html#ixzz2trcqXKuo</a>
|
|
</div></td> <td><div class="googft-card-view" style="font-family:sans-serif;width:450px;padding:4px;border:1px solid #ccc;overflow:hidden">
|
|
<b>Entry Title:</b> WHID 2014-088: Forbes website hacked by notorious Syrian Electronic Army<br>
|
|
<b>WHID ID:</b> 2014-088<br>
|
|
<b>Date Occurred:</b> 2/16/2014<br>
|
|
<b>Attack Method:</b> Phishing<br>
|
|
<b>Application Weakness:</b> Insufficient Authentication<br>
|
|
<b>Outcome:</b> Disinformation<br>
|
|
<b>Attacked Entity Field:</b> Media<br>
|
|
<b>Attacked Entity Geography:</b> <br>
|
|
<b>Incident Description:</b> The notorious pro-Assad hacker group known as the Syrian Electronic Army has reportedly published a database that it says contains login credentials for 1 million users of business publication Forbes.com.<br>
|
|
<b>Reference:</b> <a href="http://www.business-standard.com/article/news-ani/forbes-website-hacked-by-notorious-syrian-electronic-army-114021600119_1.html" target="_blank">http://www.business-standard.com/article/news-ani/forbes-website-hacked-by-notorious-syrian-electronic-army-114021600119_1.html</a>
|
|
</div></td></tr> <tr><td><div class="googft-card-view" style="font-family:sans-serif;width:450px;padding:4px;border:1px solid #ccc;overflow:hidden">
|
|
<b>Entry Title:</b> WHID 2014-087: Kickstarter hacked, user names and encrypted passwords accessed<br>
|
|
<b>WHID ID:</b> 2014-087<br>
|
|
<b>Date Occurred:</b> 2/15/2014<br>
|
|
<b>Attack Method:</b> Unknown<br>
|
|
<b>Application Weakness:</b> Unknown<br>
|
|
<b>Outcome:</b> Leakage of Information<br>
|
|
<b>Attacked Entity Field:</b> Social<br>
|
|
<b>Attacked Entity Geography:</b> <br>
|
|
<b>Incident Description:</b> The crowdfunding website Kickstarter said Saturday it had been hacked and that user names, encrypted passwords and other data had been accessed.<br>
|
|
<b>Reference:</b> <a href="http://www.computerworld.com/s/article/9246388/Kickstarter_hacked_user_names_and_encrypted_passwords_accessed" target="_blank">http://www.computerworld.com/s/article/9246388/Kickstarter_hacked_user_names_and_encrypted_passwords_accessed</a>
|
|
</div></td> <td><div class="googft-card-view" style="font-family:sans-serif;width:450px;padding:4px;border:1px solid #ccc;overflow:hidden">
|
|
<b>Entry Title:</b> WHID 2014-086: Hackers hit Tesco as over 2,200 accounts compromised<br>
|
|
<b>WHID ID:</b> 2014-086<br>
|
|
<b>Date Occurred:</b> 2/14/2014<br>
|
|
<b>Attack Method:</b> Brute Force<br>
|
|
<b>Application Weakness:</b> Insufficient Authentication<br>
|
|
<b>Outcome:</b> Account Takeover<br>
|
|
<b>Attacked Entity Field:</b> Retail<br>
|
|
<b>Attacked Entity Geography:</b> <br>
|
|
<b>Incident Description:</b> The international supermarket chain deactivated its online customer accounts as hackers posted account and personal details online.<br>
|
|
<b>Reference:</b> <a href="http://www.cnet.com/news/hackers-hit-tesco-as-over-2200-accounts-compromised/" target="_blank">http://www.cnet.com/news/hackers-hit-tesco-as-over-2200-accounts-compromised/</a>
|
|
</div></td></tr> <tr><td><div class="googft-card-view" style="font-family:sans-serif;width:450px;padding:4px;border:1px solid #ccc;overflow:hidden">
|
|
<b>Entry Title:</b> WHID 2014-085: Briefly Hacked, Quickly Eradicated<br>
|
|
<b>WHID ID:</b> 2014-085<br>
|
|
<b>Date Occurred:</b> 2/14/2014<br>
|
|
<b>Attack Method:</b> Unknown<br>
|
|
<b>Application Weakness:</b> Unknown<br>
|
|
<b>Outcome:</b> Planting of Malware<br>
|
|
<b>Attacked Entity Field:</b> Media<br>
|
|
<b>Attacked Entity Geography:</b> <br>
|
|
<b>Incident Description:</b> At the start of this work week Blue MauMau was briefly hacked by a spambot lodged in third-party service software. It tried to use our server to inject spam out to the world. That sparked Google to mark our site for a few hours on Monday with the message, "The website ahead contains malware!"<br>
|
|
<b>Reference:</b> <a href="http://www.bluemaumau.org/briefly_hacked_quickly_eradicated" target="_blank">http://www.bluemaumau.org/briefly_hacked_quickly_eradicated</a>
|
|
</div></td> <td><div class="googft-card-view" style="font-family:sans-serif;width:450px;padding:4px;border:1px solid #ccc;overflow:hidden">
|
|
<b>Entry Title:</b> WHID 2014-084: GCHQ website falls after threats from Anonymous<br>
|
|
<b>WHID ID:</b> 2014-084<br>
|
|
<b>Date Occurred:</b> 2/12/2014<br>
|
|
<b>Attack Method:</b> Denial of Service<br>
|
|
<b>Application Weakness:</b> Insufficient Anti-Automation<br>
|
|
<b>Outcome:</b> Downtime<br>
|
|
<b>Attacked Entity Field:</b> Government<br>
|
|
<b>Attacked Entity Geography:</b> <br>
|
|
<b>Incident Description:</b> GCHQ's website at www.gchq.gov.uk is exhibiting some noticeable performance issues today, suggesting that it could be suffering from a denial of service attack.<br>
|
|
<b>Reference:</b> <a href="http://news.netcraft.com/archives/2014/02/12/gchq-website-falls-after-threats-from-anonymous.html" target="_blank">http://news.netcraft.com/archives/2014/02/12/gchq-website-falls-after-threats-from-anonymous.html</a>
|
|
</div></td></tr> <tr><td><div class="googft-card-view" style="font-family:sans-serif;width:450px;padding:4px;border:1px solid #ccc;overflow:hidden">
|
|
<b>Entry Title:</b> WHID 2014-083: Ministry website forced offline<br>
|
|
<b>WHID ID:</b> 2014-083<br>
|
|
<b>Date Occurred:</b> 2/12/2014<br>
|
|
<b>Attack Method:</b> Denial of Service<br>
|
|
<b>Application Weakness:</b> Insufficient Anti-Automation<br>
|
|
<b>Outcome:</b> Downtime<br>
|
|
<b>Attacked Entity Field:</b> Government<br>
|
|
<b>Attacked Entity Geography:</b> <br>
|
|
<b>Incident Description:</b> A Government department's website was taken offline by a cyber attack which bombarded it with access requests.<br>
|
|
<b>Reference:</b> <a href="http://www.belfasttelegraph.co.uk/news/local-national/uk/ministry-website-forced-offline-30003368.html" target="_blank">http://www.belfasttelegraph.co.uk/news/local-national/uk/ministry-website-forced-offline-30003368.html</a>
|
|
</div></td> <td><div class="googft-card-view" style="font-family:sans-serif;width:450px;padding:4px;border:1px solid #ccc;overflow:hidden">
|
|
<b>Entry Title:</b> WHID 2014-082: Hackers breach websites of Venetian, Palazzo and other casinos in Las Vegas<br>
|
|
<b>WHID ID:</b> 2014-082<br>
|
|
<b>Date Occurred:</b> 2/12/2014<br>
|
|
<b>Attack Method:</b> Unknown<br>
|
|
<b>Application Weakness:</b> Unknown<br>
|
|
<b>Outcome:</b> Defacement<br>
|
|
<b>Attacked Entity Field:</b> Gaming<br>
|
|
<b>Attacked Entity Geography:</b> <br>
|
|
<b>Incident Description:</b> Hackers breached the websites of all Las Vegas Sands Corp. casinos on Tuesday morning, and the home pages of some of the world's largest casinos remained down through the day.<br>
|
|
<b>Reference:</b> <a href="http://gadgets.ndtv.com/internet/news/hackers-breach-websites-of-venetian-palazzo-and-other-casinos-in-las-vegas-482455" target="_blank">http://gadgets.ndtv.com/internet/news/hackers-breach-websites-of-venetian-palazzo-and-other-casinos-in-las-vegas-482455</a>
|
|
</div></td></tr> <tr><td><div class="googft-card-view" style="font-family:sans-serif;width:450px;padding:4px;border:1px solid #ccc;overflow:hidden">
|
|
<b>Entry Title:</b> WHID 2014-081: Feds' Climate Change Website Hacked By Online Drug Seller<br>
|
|
<b>WHID ID:</b> 2014-081<br>
|
|
<b>Date Occurred:</b> 2/12/2014<br>
|
|
<b>Attack Method:</b> Unknown<br>
|
|
<b>Application Weakness:</b> Unknown<br>
|
|
<b>Outcome:</b> SPAM Links<br>
|
|
<b>Attacked Entity Field:</b> Government<br>
|
|
<b>Attacked Entity Geography:</b> <br>
|
|
<b>Incident Description:</b> The website of the U.S. Global Change Research Program (USGCRP) was repeatedly hacked on Monday and Tuesday this week by an online drug retailer. A Tuesday Google search of the site, www.globalchange.gov, revealed dozens of pages hawking everything from Xanax to Levitra to Ambien.<br>
|
|
<b>Reference:</b> <a href="http://www.weeklystandard.com/blogs/feds-climate-change-website-hacked-online-drug-seller_781491.html" target="_blank">http://www.weeklystandard.com/blogs/feds-climate-change-website-hacked-online-drug-seller_781491.html</a>
|
|
</div></td> <td><div class="googft-card-view" style="font-family:sans-serif;width:450px;padding:4px;border:1px solid #ccc;overflow:hidden">
|
|
<b>Entry Title:</b> WHID 2014-080: NullCrew FTS hacks Comcast servers, post exploit and passwords<br>
|
|
<b>WHID ID:</b> 2014-080<br>
|
|
<b>Date Occurred:</b> 2/5/2014<br>
|
|
<b>Attack Method:</b> Local File Inclusion (LFI)<br>
|
|
<b>Application Weakness:</b> Improper Input Handling<br>
|
|
<b>Outcome:</b> Leakage of Information<br>
|
|
<b>Attacked Entity Field:</b> Service Provider<br>
|
|
<b>Attacked Entity Geography:</b> <br>
|
|
<b>Incident Description:</b> Hacking group "NullCrew FTS" announced on Twitter today that they had successfully hacked Comcast and provided unredacted proof on Pastebin.<br>
|
|
<b>Reference:</b> <a href="http://www.zdnet.com/nullcrew-fts-hacks-comcast-servers-post-exploit-and-passwords-7000026020/" target="_blank">http://www.zdnet.com/nullcrew-fts-hacks-comcast-servers-post-exploit-and-passwords-7000026020/</a>
|
|
</div></td></tr> <tr><td><div class="googft-card-view" style="font-family:sans-serif;width:450px;padding:4px;border:1px solid #ccc;overflow:hidden">
|
|
<b>Entry Title:</b> WHID 2014-079: Bitly hit by DDoS attack<br>
|
|
<b>WHID ID:</b> 2014-079<br>
|
|
<b>Date Occurred:</b> 2/5/2014<br>
|
|
<b>Attack Method:</b> Denial of Service<br>
|
|
<b>Application Weakness:</b> Insufficient Anti-Automation<br>
|
|
<b>Outcome:</b> Downtime<br>
|
|
<b>Attacked Entity Field:</b> Technology<br>
|
|
<b>Attacked Entity Geography:</b> <br>
|
|
<b>Incident Description:</b> The website of URL shortening service Bitly was down on Wednesday morning.The company has blamed a DDoS attack.<br>
|
|
<b>Reference:</b> <a href="http://www.scmagazineuk.com/exclusive-bitly-hit-by-ddos-attack/article/332738/" target="_blank">http://www.scmagazineuk.com/exclusive-bitly-hit-by-ddos-attack/article/332738/</a>
|
|
</div></td> <td><div class="googft-card-view" style="font-family:sans-serif;width:450px;padding:4px;border:1px solid #ccc;overflow:hidden">
|
|
<b>Entry Title:</b> WHID 2014-078: Banks face ?significant? DDoS threat as cyber criminals target share prices<br>
|
|
<b>WHID ID:</b> 2014-078<br>
|
|
<b>Date Occurred:</b> 2/5/2014<br>
|
|
<b>Attack Method:</b> Denial of Service<br>
|
|
<b>Application Weakness:</b> Insufficient Anti-Automation<br>
|
|
<b>Outcome:</b> Monetary Loss<br>
|
|
<b>Attacked Entity Field:</b> Finance<br>
|
|
<b>Attacked Entity Geography:</b> <br>
|
|
<b>Incident Description:</b> Financial institutions face a ?significant? and growing cyber threat, as hacktivists and criminals attempt to manipulate markets with distributed denial of service attacks, according to a report.<br>
|
|
<b>Reference:</b> <a href="http://www.computerworlduk.com/news/security/3500580/banks-face-significant-ddos-threat-as-cyber-criminals-target-share-prices/" target="_blank">http://www.computerworlduk.com/news/security/3500580/banks-face-significant-ddos-threat-as-cyber-criminals-target-share-prices/</a>
|
|
</div></td></tr> <tr><td><div class="googft-card-view" style="font-family:sans-serif;width:450px;padding:4px;border:1px solid #ccc;overflow:hidden">
|
|
<b>Entry Title:</b> WHID 2014-077: Bell Canada Hacked by NullCrew<br>
|
|
<b>WHID ID:</b> 2014-077<br>
|
|
<b>Date Occurred:</b> 2/4/2014<br>
|
|
<b>Attack Method:</b> SQL Injection<br>
|
|
<b>Application Weakness:</b> Improper Input Handling<br>
|
|
<b>Outcome:</b> Leakage of Information<br>
|
|
<b>Attacked Entity Field:</b> Technology<br>
|
|
<b>Attacked Entity Geography:</b> <br>
|
|
<b>Incident Description:</b> The hackers, however, told DataBreaches.net that they had leveraged a SQL injection vulnerability on Bell's own Web site, not at a third-party supplier, to access the information.<br>
|
|
<b>Reference:</b> <a href="http://www.esecurityplanet.com/hackers/bell-canada-hacked-by-nullcrew.html" target="_blank">http://www.esecurityplanet.com/hackers/bell-canada-hacked-by-nullcrew.html</a>
|
|
</div></td> <td><div class="googft-card-view" style="font-family:sans-serif;width:450px;padding:4px;border:1px solid #ccc;overflow:hidden">
|
|
<b>Entry Title:</b> WHID 2014-076: Insecure healthcare.gov allowed hacker to access 70,000 records in 4 minutes<br>
|
|
<b>WHID ID:</b> 2014-076<br>
|
|
<b>Date Occurred:</b> 1/20/2014<br>
|
|
<b>Attack Method:</b> SQL Injection<br>
|
|
<b>Application Weakness:</b> Improper Input Handling<br>
|
|
<b>Outcome:</b> Leakage of Information<br>
|
|
<b>Attacked Entity Field:</b> Government<br>
|
|
<b>Attacked Entity Geography:</b> <br>
|
|
<b>Incident Description:</b> Then yesterday, after explaining ?passive reconnaissance, which allows us to query and look at how the website operates and performs,? Kennedy said he was able to access 70,000 records within four minutes!<br>
|
|
<b>Reference:</b> <a href="http://blogs.computerworld.com/cybercrime-and-hacking/23412/insecure-healthcaregov-allowed-hacker-access-70000-records-4-minutes" target="_blank">http://blogs.computerworld.com/cybercrime-and-hacking/23412/insecure-healthcaregov-allowed-hacker-access-70000-records-4-minutes</a>
|
|
</div></td></tr> <tr><td><div class="googft-card-view" style="font-family:sans-serif;width:450px;padding:4px;border:1px solid #ccc;overflow:hidden">
|
|
<b>Entry Title:</b> WHID 2014-075: EE BrightBox routers can be hacked 'by simple copy/paste operation'<br>
|
|
<b>WHID ID:</b> 2014-075<br>
|
|
<b>Date Occurred:</b> 1/20/2014<br>
|
|
<b>Attack Method:</b> Predictable Resource Location<br>
|
|
<b>Application Weakness:</b> Insufficient Authentication<br>
|
|
<b>Outcome:</b> Leakage of Information<br>
|
|
<b>Attacked Entity Field:</b> Technology<br>
|
|
<b>Attacked Entity Geography:</b> <br>
|
|
<b>Incident Description:</b> A cache of sensitive traffic including ISP user credentials, WiFi SSIDs and WPA2 keys is kept in a file called cgi_status.js that can be accessed without logging into the device.<br>
|
|
<b>Reference:</b> <a href="http://www.theregister.co.uk/2014/01/20/brightbox_routers_vuln/" target="_blank">http://www.theregister.co.uk/2014/01/20/brightbox_routers_vuln/</a>
|
|
</div></td> <td><div class="googft-card-view" style="font-family:sans-serif;width:450px;padding:4px;border:1px solid #ccc;overflow:hidden">
|
|
<b>Entry Title:</b> WHID 2014-074: AVG Confirms One of Its Webservers Was Hacked and Defaced<br>
|
|
<b>WHID ID:</b> 2014-074<br>
|
|
<b>Date Occurred:</b> 1/16/2014<br>
|
|
<b>Attack Method:</b> Unknown<br>
|
|
<b>Application Weakness:</b> Unknown<br>
|
|
<b>Outcome:</b> Defacement<br>
|
|
<b>Attacked Entity Field:</b> Technology<br>
|
|
<b>Attacked Entity Geography:</b> <br>
|
|
<b>Incident Description:</b> AVG has confirmed that one of its webservers was recently breached by hackers. The IT security company is investigating the incident.<br>
|
|
<b>Reference:</b> <a href="http://news.softpedia.com/news/AVG-Confirms-One-of-Its-Webservers-Was-Hacked-and-Defaced-417781.shtml" target="_blank">http://news.softpedia.com/news/AVG-Confirms-One-of-Its-Webservers-Was-Hacked-and-Defaced-417781.shtml</a>
|
|
</div></td></tr> <tr><td><div class="googft-card-view" style="font-family:sans-serif;width:450px;padding:4px;border:1px solid #ccc;overflow:hidden">
|
|
<b>Entry Title:</b> WHID 2014-073: Saudi Arabian Government?s Informatics Magazine Hacked by Syrian Hacktivist<br>
|
|
<b>WHID ID:</b> 2014-073<br>
|
|
<b>Date Occurred:</b> 1/16/2014<br>
|
|
<b>Attack Method:</b> Unknown<br>
|
|
<b>Application Weakness:</b> Unknown<br>
|
|
<b>Outcome:</b> Defacement<br>
|
|
<b>Attacked Entity Field:</b> Government<br>
|
|
<b>Attacked Entity Geography:</b> <br>
|
|
<b>Incident Description:</b> A Syrian hacktivist who uses the online moniker Dr.Sha6h has breached and defaced the website of Saudi Arabia?s Informatics Magazine (informatics.gov.sa).<br>
|
|
<b>Reference:</b> <a href="http://news.softpedia.com/news/Saudi-Arabian-Government-s-Informatics-Magazine-Hacked-by-Syrian-Hacktivist-417491.shtml" target="_blank">http://news.softpedia.com/news/Saudi-Arabian-Government-s-Informatics-Magazine-Hacked-by-Syrian-Hacktivist-417491.shtml</a>
|
|
</div></td> <td><div class="googft-card-view" style="font-family:sans-serif;width:450px;padding:4px;border:1px solid #ccc;overflow:hidden">
|
|
<b>Entry Title:</b> WHID 2014-072: Hackers Used Amazon's Cloud To Scrape LinkedIn User Data<br>
|
|
<b>WHID ID:</b> 2014-072<br>
|
|
<b>Date Occurred:</b> 1/16/2014<br>
|
|
<b>Attack Method:</b> Scraping<br>
|
|
<b>Application Weakness:</b> Insufficient Anti-Automation<br>
|
|
<b>Outcome:</b> Disinformation<br>
|
|
<b>Attacked Entity Field:</b> Social<br>
|
|
<b>Attacked Entity Geography:</b> <br>
|
|
<b>Incident Description:</b> Hackers have been using Amazon?s powerful data center computers to scrape data from thousands of LinkedIn accounts in order to create fake profiles on the site, according to a new complaint the company has filed in the U.S. district court of Northern California.<br>
|
|
<b>Reference:</b> <a href="http://www.businessinsider.com.au/linkedin-suing-to-get-hacker-identities-2014-1" target="_blank">http://www.businessinsider.com.au/linkedin-suing-to-get-hacker-identities-2014-1</a>
|
|
</div></td></tr> <tr><td><div class="googft-card-view" style="font-family:sans-serif;width:450px;padding:4px;border:1px solid #ccc;overflow:hidden">
|
|
<b>Entry Title:</b> WHID 2014-071: Anonymous Hackers Target Website of the Archbishop of Granada<br>
|
|
<b>WHID ID:</b> 2014-071<br>
|
|
<b>Date Occurred:</b> 1/14/2014<br>
|
|
<b>Attack Method:</b> Unknown<br>
|
|
<b>Application Weakness:</b> Unknown<br>
|
|
<b>Outcome:</b> Defacement<br>
|
|
<b>Attacked Entity Field:</b> Religious<br>
|
|
<b>Attacked Entity Geography:</b> <br>
|
|
<b>Incident Description:</b> The official website of the Archbishop of Granada, Spain, has been breached by hackers of Anonymous. Satirical messages and even adult images have been posted in various sections of the site.<br>
|
|
<b>Reference:</b> <a href="http://news.softpedia.com/news/Anonymous-Hackers-Target-Website-of-the-Archbishop-of-Granada-416622.shtml" target="_blank">http://news.softpedia.com/news/Anonymous-Hackers-Target-Website-of-the-Archbishop-of-Granada-416622.shtml</a>
|
|
</div></td> <td><div class="googft-card-view" style="font-family:sans-serif;width:450px;padding:4px;border:1px solid #ccc;overflow:hidden">
|
|
<b>Entry Title:</b> WHID 2014-070: Microsoft's official blog hacked by Syrian Electronic Army<br>
|
|
<b>WHID ID:</b> 2014-070<br>
|
|
<b>Date Occurred:</b> 1/12/2014<br>
|
|
<b>Attack Method:</b> Unknown<br>
|
|
<b>Application Weakness:</b> Unknown<br>
|
|
<b>Outcome:</b> Disinformation<br>
|
|
<b>Attacked Entity Field:</b> Technology<br>
|
|
<b>Attacked Entity Geography:</b> <br>
|
|
<b>Incident Description:</b> Microsoft's official blog, along with email and social network handles, have been hacked by the Syrian Electronic Army (SEA), with the group warning that they will publish "the documents of monitoring email accounts by Microsoft".<br>
|
|
<b>Reference:</b> <a href="http://www.techradar.com/news/world-of-tech/microsoft-s-official-blog-hacked-by-syrian-electronic-army-1214677" target="_blank">http://www.techradar.com/news/world-of-tech/microsoft-s-official-blog-hacked-by-syrian-electronic-army-1214677</a>
|
|
</div></td></tr> <tr><td><div class="googft-card-view" style="font-family:sans-serif;width:450px;padding:4px;border:1px solid #ccc;overflow:hidden">
|
|
<b>Entry Title:</b> WHID 2014-069: City of Sheboygan website hacked<br>
|
|
<b>WHID ID:</b> 2014-069<br>
|
|
<b>Date Occurred:</b> 1/12/2014<br>
|
|
<b>Attack Method:</b> Unknown<br>
|
|
<b>Application Weakness:</b> Improper Output Handling<br>
|
|
<b>Outcome:</b> SPAM Links<br>
|
|
<b>Attacked Entity Field:</b> Government<br>
|
|
<b>Attacked Entity Geography:</b> <br>
|
|
<b>Incident Description:</b> SheboyganDaily.com accessed several pages on the city?s website at www.ci.sheboygan.wi.us Sunday afternoon and discovered links, forms and applications are redirecting to drug websites.<br>
|
|
<b>Reference:</b> <a href="http://www.sheboygandaily.com/2014/01/12/city-of-sheboygan-website-hacked/" target="_blank">http://www.sheboygandaily.com/2014/01/12/city-of-sheboygan-website-hacked/</a>
|
|
</div></td> <td><div class="googft-card-view" style="font-family:sans-serif;width:450px;padding:4px;border:1px solid #ccc;overflow:hidden">
|
|
<b>Entry Title:</b> WHID 2014-068: Microsoft's Twitter account Hacked<br>
|
|
<b>WHID ID:</b> 2014-068<br>
|
|
<b>Date Occurred:</b> 1/11/2014<br>
|
|
<b>Attack Method:</b> Unknown<br>
|
|
<b>Application Weakness:</b> Unknown<br>
|
|
<b>Outcome:</b> Account Takeover<br>
|
|
<b>Attacked Entity Field:</b> Social<br>
|
|
<b>Attacked Entity Geography:</b> <br>
|
|
<b>Incident Description:</b> In an apparent hacking of the Microsoft News Twitter account, a tweet emerges saying the company sells customer data to the government. The Syrian Electronic Army claims responsibility.<br>
|
|
<b>Reference:</b> <a href="http://www.cnet.com/news/microsofts-twitter-account-dont-use-our-e-mail/" target="_blank">http://www.cnet.com/news/microsofts-twitter-account-dont-use-our-e-mail/</a>
|
|
</div></td></tr> <tr><td><div class="googft-card-view" style="font-family:sans-serif;width:450px;padding:4px;border:1px solid #ccc;overflow:hidden">
|
|
<b>Entry Title:</b> WHID 2014-067: Dropbox hits by DDoS, but user data safe; The 1775 Sec claims responsibility<br>
|
|
<b>WHID ID:</b> 2014-067<br>
|
|
<b>Date Occurred:</b> 1/11/2014<br>
|
|
<b>Attack Method:</b> Denial of Service<br>
|
|
<b>Application Weakness:</b> Insufficient Anti-Automation<br>
|
|
<b>Outcome:</b> Downtime<br>
|
|
<b>Attacked Entity Field:</b> Technology<br>
|
|
<b>Attacked Entity Geography:</b> <br>
|
|
<b>Incident Description:</b> Dropbox website went offline last night with a hacking collecting calling itself The 1775 Sec claiming responsibility of the attack on the cloud storage company?s website.<br>
|
|
<b>Reference:</b> <a href="http://www.techienews.co.uk/974664/dropbox-hits-ddos-user-data-safe-1775-sec-claims-responsibility/" target="_blank">http://www.techienews.co.uk/974664/dropbox-hits-ddos-user-data-safe-1775-sec-claims-responsibility/</a>
|
|
</div></td> <td><div class="googft-card-view" style="font-family:sans-serif;width:450px;padding:4px;border:1px solid #ccc;overflow:hidden">
|
|
<b>Entry Title:</b> WHID 2014-066: MIT website hacked by Anonymous on anniversary of Aaron Swartz suicide<br>
|
|
<b>WHID ID:</b> 2014-066<br>
|
|
<b>Date Occurred:</b> 1/10/2014<br>
|
|
<b>Attack Method:</b> Unknown<br>
|
|
<b>Application Weakness:</b> Unknown<br>
|
|
<b>Outcome:</b> Defacement<br>
|
|
<b>Attacked Entity Field:</b> Education<br>
|
|
<b>Attacked Entity Geography:</b> <br>
|
|
<b>Incident Description:</b> Late on January 10, the hacktivism entity Anonymous hacked and defaced MIT letting the institution know Anonymous will not forget the tragic suicide of hacker Aaron Swartz.<br>
|
|
<b>Reference:</b> <a href="http://www.zdnet.com/mit-website-hacked-by-anonymous-on-anniversary-of-aaron-swartz-suicide-7000025041/" target="_blank">http://www.zdnet.com/mit-website-hacked-by-anonymous-on-anniversary-of-aaron-swartz-suicide-7000025041/</a>
|
|
</div></td></tr> <tr><td><div class="googft-card-view" style="font-family:sans-serif;width:450px;padding:4px;border:1px solid #ccc;overflow:hidden">
|
|
<b>Entry Title:</b> WHID 2014-065: Md. man admits taking over YouTube channels for ad money, hacking into AOL CEO?s e-mail<br>
|
|
<b>WHID ID:</b> 2014-065<br>
|
|
<b>Date Occurred:</b> 1/9/2014<br>
|
|
<b>Attack Method:</b> Brute Force<br>
|
|
<b>Application Weakness:</b> Insufficient Anti-Automation<br>
|
|
<b>Outcome:</b> Account Takeover<br>
|
|
<b>Attacked Entity Field:</b> Service Provider<br>
|
|
<b>Attacked Entity Geography:</b> <br>
|
|
<b>Incident Description:</b> According to his plea, he and another man ? who court records show is scheduled to plead in the case next week ? exploited Google?s password-reset process to get into unwitting users? accounts, which they then used to take over those users? YouTube channels.<br>
|
|
<b>Reference:</b> <a href="http://www.washingtonpost.com/local/crime/md-man-admits-taking-over-youtube-channels-for-ad-money-hacking-into-aol-ceos-e-mail/2014/01/09/f352ac3e-7970-11e3-b1c5-739e63e9c9a7_story.html" target="_blank">http://www.washingtonpost.com/local/crime/md-man-admits-taking-over-youtube-channels-for-ad-money-hacking-into-aol-ceos-e-mail/2014/01/09/f352ac3e-7970-11e3-b1c5-739e63e9c9a7_story.html</a>
|
|
</div></td> <td><div class="googft-card-view" style="font-family:sans-serif;width:450px;padding:4px;border:1px solid #ccc;overflow:hidden">
|
|
<b>Entry Title:</b> WHID 2014-064: Australian Police Investigating Teen Who Found Database Flaw<br>
|
|
<b>WHID ID:</b> 2014-064<br>
|
|
<b>Date Occurred:</b> 1/10/2014<br>
|
|
<b>Attack Method:</b> SQL Injection<br>
|
|
<b>Application Weakness:</b> Improper Input Handling<br>
|
|
<b>Outcome:</b> Leakage of Information<br>
|
|
<b>Attacked Entity Field:</b> Government<br>
|
|
<b>Attacked Entity Geography:</b> <br>
|
|
<b>Incident Description:</b> Joshua Rogers, 16, of Melbourne, found a SQL injection flaw in a database owned by Public Transport Victoria (PTV), which runs the state's transport system.<br>
|
|
<b>Reference:</b> <a href="http://www.cio.com/article/2379712/data-protection/australian-police-investigating-teen-who-found-database-flaw.html" target="_blank">http://www.cio.com/article/2379712/data-protection/australian-police-investigating-teen-who-found-database-flaw.html</a>
|
|
</div></td></tr> <tr><td><div class="googft-card-view" style="font-family:sans-serif;width:450px;padding:4px;border:1px solid #ccc;overflow:hidden">
|
|
<b>Entry Title:</b> WHID 2014-063: Russian Foreign Ministry website suffers new hacker attack<br>
|
|
<b>WHID ID:</b> 2014-063<br>
|
|
<b>Date Occurred:</b> 3/24/2014<br>
|
|
<b>Attack Method:</b> Denial of Service<br>
|
|
<b>Application Weakness:</b> Insufficient Anti-Automation<br>
|
|
<b>Outcome:</b> Downtime<br>
|
|
<b>Attacked Entity Field:</b> Government<br>
|
|
<b>Attacked Entity Geography:</b> <br>
|
|
<b>Incident Description:</b> The Russian Foreign Ministry's website suffered yet another hacker attack on Saturday. By now, access to the website has been restored and steps are being taken to modernize its security.<br>
|
|
<b>Reference:</b> <a href="http://voiceofrussia.com/news/2014_03_23/Russian-Foreign-Ministry-website-suffers-new-hacker-attack-source-9194/" target="_blank">http://voiceofrussia.com/news/2014_03_23/Russian-Foreign-Ministry-website-suffers-new-hacker-attack-source-9194/</a>
|
|
</div></td> <td><div class="googft-card-view" style="font-family:sans-serif;width:450px;padding:4px;border:1px solid #ccc;overflow:hidden">
|
|
<b>Entry Title:</b> WHID 2014-062: Basecamp Held Hostage by Hackers<br>
|
|
<b>WHID ID:</b> 2014-062<br>
|
|
<b>Date Occurred:</b> 3/24/2014<br>
|
|
<b>Attack Method:</b> Denial of Service<br>
|
|
<b>Application Weakness:</b> Insufficient Anti-Automation<br>
|
|
<b>Outcome:</b> Downtime<br>
|
|
<b>Attacked Entity Field:</b> Technology<br>
|
|
<b>Attacked Entity Geography:</b> <br>
|
|
<b>Incident Description:</b> It looks like hackers have hit Basecamp with a distributed denial-of-service (DDoS) attack and are demanding that the company pay a ransom.<br>
|
|
<b>Reference:</b> <a href="http://www.nbcnews.com/tech/security/basecamp-held-hostage-hackers-n60621" target="_blank">http://www.nbcnews.com/tech/security/basecamp-held-hostage-hackers-n60621</a>
|
|
</div></td></tr> <tr><td><div class="googft-card-view" style="font-family:sans-serif;width:450px;padding:4px;border:1px solid #ccc;overflow:hidden">
|
|
<b>Entry Title:</b> WHID 2014-061: Credit Card Breach at California DMV<br>
|
|
<b>WHID ID:</b> 2014-061<br>
|
|
<b>Date Occurred:</b> 3/14/2014<br>
|
|
<b>Attack Method:</b> Unknown<br>
|
|
<b>Application Weakness:</b> Unknown<br>
|
|
<b>Outcome:</b> Leakage of Information<br>
|
|
<b>Attacked Entity Field:</b> Government<br>
|
|
<b>Attacked Entity Geography:</b> <br>
|
|
<b>Incident Description:</b> The California Department of Motor Vehicles appears to have suffered a wide-ranging credit card data breach involving online payments for DMV-related services, according to banks in California and elsewhere that received alerts this week about compromised cards that all had been previously used online at the California DMV.<br>
|
|
<b>Reference:</b> <a href="http://krebsonsecurity.com/2014/03/sources-credit-card-breach-at-california-dmv/" target="_blank">http://krebsonsecurity.com/2014/03/sources-credit-card-breach-at-california-dmv/</a>
|
|
</div></td> <td><div class="googft-card-view" style="font-family:sans-serif;width:450px;padding:4px;border:1px solid #ccc;overflow:hidden">
|
|
<b>Entry Title:</b> WHID 2014-060: HootSuite Back Online After Denial of Service Attacks<br>
|
|
<b>WHID ID:</b> 2014-060<br>
|
|
<b>Date Occurred:</b> 3/24/2014<br>
|
|
<b>Attack Method:</b> Denial of Service<br>
|
|
<b>Application Weakness:</b> Insufficient Anti-Automation<br>
|
|
<b>Outcome:</b> Downtime<br>
|
|
<b>Attacked Entity Field:</b> Social<br>
|
|
<b>Attacked Entity Geography:</b> <br>
|
|
<b>Incident Description:</b> Social media management system Hootsuite recovered rapidly from a denial of service (DoS) attack late last week, bouncing back after being offline for a few hours Thursday morning.<br>
|
|
<b>Reference:</b> <a href="https://threatpost.com/hootsuite-back-online-following-denial-of-service-attack/104975" target="_blank">https://threatpost.com/hootsuite-back-online-following-denial-of-service-attack/104975</a>
|
|
</div></td></tr> <tr><td><div class="googft-card-view" style="font-family:sans-serif;width:450px;padding:4px;border:1px solid #ccc;overflow:hidden">
|
|
<b>Entry Title:</b> WHID 2014-059: Researchers Uncover Interesting Browser-Based Botnet<br>
|
|
<b>WHID ID:</b> 2014-059<br>
|
|
<b>Date Occurred:</b> 4/4/2014<br>
|
|
<b>Attack Method:</b> Cross-site Scripting (XSS)<br>
|
|
<b>Application Weakness:</b> Improper Output Handling<br>
|
|
<b>Outcome:</b> Planting of Malware<br>
|
|
<b>Attacked Entity Field:</b> Media<br>
|
|
<b>Attacked Entity Geography:</b> <br>
|
|
<b>Incident Description:</b> Security researchers discovered an odd DDoS attack against several sites recently that relied on a persistent cross-site scripting vulnerability in a major video Web site and hijacked users? browsers in order to flood the site with traffic.<br>
|
|
<b>Reference:</b> <a href="http://threatpost.com/researchers-uncover-interesting-browser-based-botnet/105250" target="_blank">http://threatpost.com/researchers-uncover-interesting-browser-based-botnet/105250</a>
|
|
</div></td> <td><div class="googft-card-view" style="font-family:sans-serif;width:450px;padding:4px;border:1px solid #ccc;overflow:hidden">
|
|
<b>Entry Title:</b> WHID 2014-058: University of Wisconsin Hacked<br>
|
|
<b>WHID ID:</b> 2014-058<br>
|
|
<b>Date Occurred:</b> 3/28/2014<br>
|
|
<b>Attack Method:</b> Unknown<br>
|
|
<b>Application Weakness:</b> Unknown<br>
|
|
<b>Outcome:</b> Leakage of Information<br>
|
|
<b>Attacked Entity Field:</b> Education<br>
|
|
<b>Attacked Entity Geography:</b> <br>
|
|
<b>Incident Description:</b> The University of Wisconsin-Parkside recently began notifying approximately 15,000 students that their personal information may have been exposed after hackers installed malware on a university server<br>
|
|
<b>Reference:</b> <a href="http://www.esecurityplanet.com/print/hackers/university-of-wisconsin-hacked.html" target="_blank">http://www.esecurityplanet.com/print/hackers/university-of-wisconsin-hacked.html</a>
|
|
</div></td></tr> <tr><td><div class="googft-card-view" style="font-family:sans-serif;width:450px;padding:4px;border:1px solid #ccc;overflow:hidden">
|
|
<b>Entry Title:</b> WHID 2014-057: DDOS Attacks Buckle Blizzard Servers for Diablo III, Hearthstone & More<br>
|
|
<b>WHID ID:</b> 2014-057<br>
|
|
<b>Date Occurred:</b> 4/1/2014<br>
|
|
<b>Attack Method:</b> Denial of Service<br>
|
|
<b>Application Weakness:</b> Insufficient Anti-Automation<br>
|
|
<b>Outcome:</b> Downtime<br>
|
|
<b>Attacked Entity Field:</b> Entertainment<br>
|
|
<b>Attacked Entity Geography:</b> <br>
|
|
<b>Incident Description:</b> Blizzard has announced that EU servers for World of Warcraft, StarCraft II, Hearthstone and Diablo III might be impacted by high latency and disconnections due to DDoS attacks.<br>
|
|
<b>Reference:</b> <a href="http://www.escapistmagazine.com/news/view/133402-DDOS-Attacks-Buckle-Blizzard-Servers-for-Diablo-III-Hearthstone-More" target="_blank">http://www.escapistmagazine.com/news/view/133402-DDOS-Attacks-Buckle-Blizzard-Servers-for-Diablo-III-Hearthstone-More</a>
|
|
</div></td> <td><div class="googft-card-view" style="font-family:sans-serif;width:450px;padding:4px;border:1px solid #ccc;overflow:hidden">
|
|
<b>Entry Title:</b> WHID 2014-056: Attacker Holds Email Service Mad Mimi for Bitcoin Ransom<br>
|
|
<b>WHID ID:</b> 2014-056<br>
|
|
<b>Date Occurred:</b> 4/1/2014<br>
|
|
<b>Attack Method:</b> Denial of Service<br>
|
|
<b>Application Weakness:</b> Insufficient Anti-Automation<br>
|
|
<b>Outcome:</b> Downtime<br>
|
|
<b>Attacked Entity Field:</b> Service Provider<br>
|
|
<b>Attacked Entity Geography:</b> <br>
|
|
<b>Incident Description:</b> Email marketing service Mad Mimi was hit with a denial of service attack this past weekend. Soon after the attack, the email provider received an email from someone asking or rather holding Mad Mimi ransom for 1.8 bitcoins in order to stop launching attacks on them.<br>
|
|
<b>Reference:</b> <a href="https://coinreport.net/mad-mimi-bitcoin-ransom/" target="_blank">https://coinreport.net/mad-mimi-bitcoin-ransom/</a>
|
|
</div></td></tr> <tr><td><div class="googft-card-view" style="font-family:sans-serif;width:450px;padding:4px;border:1px solid #ccc;overflow:hidden">
|
|
<b>Entry Title:</b> WHID 2014-055: Anonymous DDoS attack dismantles Albuquerque Police website<br>
|
|
<b>WHID ID:</b> 2014-055<br>
|
|
<b>Date Occurred:</b> 4/1/2014<br>
|
|
<b>Attack Method:</b> Denial of Service<br>
|
|
<b>Application Weakness:</b> Insufficient Anti-Automation<br>
|
|
<b>Outcome:</b> Downtime<br>
|
|
<b>Attacked Entity Field:</b> Law Enforcement<br>
|
|
<b>Attacked Entity Geography:</b> <br>
|
|
<b>Incident Description:</b> The hacktivist collective Anonymous organized a distributed denial-of-service (DDoS) attack this weekend that made good on the group's promise to shut down the Albuquerque Police Department's website.<br>
|
|
<b>Reference:</b> <a href="http://www.scmagazine.com/anonymous-ddos-attack-dismantles-albuquerque-police-website/article/340805/" target="_blank">http://www.scmagazine.com/anonymous-ddos-attack-dismantles-albuquerque-police-website/article/340805/</a>
|
|
</div></td> <td><div class="googft-card-view" style="font-family:sans-serif;width:450px;padding:4px;border:1px solid #ccc;overflow:hidden">
|
|
<b>Entry Title:</b> WHID 2014-054: Sudan Tribune Website Hacked<br>
|
|
<b>WHID ID:</b> 2014-054<br>
|
|
<b>Date Occurred:</b> 2/4/2014<br>
|
|
<b>Attack Method:</b> Unknown<br>
|
|
<b>Application Weakness:</b> Unknown<br>
|
|
<b>Outcome:</b> Disinformation<br>
|
|
<b>Attacked Entity Field:</b> Media<br>
|
|
<b>Attacked Entity Geography:</b> <br>
|
|
<b>Incident Description:</b> Sudan Tribune would like to clarify that a fake report published on Tuesday stating that former South Sudan vice-president and leader of the SPLM in Opposition Riek Machar was assassinated was a result to the site being hacked apparently in an April Fool's Day prank done in an extremely poor taste<br>
|
|
<b>Reference:</b> <a href="http://allafrica.com/stories/201404020362.html" target="_blank">http://allafrica.com/stories/201404020362.html</a>
|
|
</div></td></tr> <tr><td><div class="googft-card-view" style="font-family:sans-serif;width:450px;padding:4px;border:1px solid #ccc;overflow:hidden">
|
|
<b>Entry Title:</b> WHID 2014-053: Man charged with using SQL injection to access Federal Reserve data<br>
|
|
<b>WHID ID:</b> 2014-053<br>
|
|
<b>Date Occurred:</b> 2/28/2014<br>
|
|
<b>Attack Method:</b> SQL Injection<br>
|
|
<b>Application Weakness:</b> Improper Input Handling<br>
|
|
<b>Outcome:</b> Leakage of Information<br>
|
|
<b>Attacked Entity Field:</b> Government<br>
|
|
<b>Attacked Entity Geography:</b> <br>
|
|
<b>Incident Description:</b> According to the indictment, Love used SQL injection to take advantage of a vulnerability in software used by certain servers belonging to the Federal Reserve, which allowed him to gain unauthorized access.<br>
|
|
<b>Reference:</b> <a href="http://www.scmagazine.com/man-charged-with-using-sql-injection-to-access-federal-reserve-data/article/336228/" target="_blank">http://www.scmagazine.com/man-charged-with-using-sql-injection-to-access-federal-reserve-data/article/336228/</a>
|
|
</div></td> <td><div class="googft-card-view" style="font-family:sans-serif;width:450px;padding:4px;border:1px solid #ccc;overflow:hidden">
|
|
<b>Entry Title:</b> WHID 2014-052: Attack campaign compromises 300,000 home routers, alters DNS settings<br>
|
|
<b>WHID ID:</b> 2014-052<br>
|
|
<b>Date Occurred:</b> 3/4/2014<br>
|
|
<b>Attack Method:</b> Cross-site Request Forgery (CSRF)<br>
|
|
<b>Application Weakness:</b> Insufficient Process Validation<br>
|
|
<b>Outcome:</b> DNS Hijacking<br>
|
|
<b>Attacked Entity Field:</b> Technology<br>
|
|
<b>Attacked Entity Geography:</b> <br>
|
|
<b>Incident Description:</b> A group of attackers managed to compromise 300,000 home and small-office wireless routers, altering their settings to use rogue DNS servers, according to Internet security research organization Team Cymru.<br>
|
|
<b>Reference:</b> <a href="http://www.pcworld.com/article/2104380/attack-campaign-compromises-300000-home-routers-alters-dns-settings.html" target="_blank">http://www.pcworld.com/article/2104380/attack-campaign-compromises-300000-home-routers-alters-dns-settings.html</a>
|
|
</div></td></tr> <tr><td><div class="googft-card-view" style="font-family:sans-serif;width:450px;padding:4px;border:1px solid #ccc;overflow:hidden">
|
|
<b>Entry Title:</b> WHID 2014-051: Meetup.com DDoSed by extortionist, refuses to pay ransom<br>
|
|
<b>WHID ID:</b> 2014-051<br>
|
|
<b>Date Occurred:</b> 3/5/2014<br>
|
|
<b>Attack Method:</b> Denial of Service<br>
|
|
<b>Application Weakness:</b> Insufficient Anti-Automation<br>
|
|
<b>Outcome:</b> Downtime<br>
|
|
<b>Attacked Entity Field:</b> Technology<br>
|
|
<b>Attacked Entity Geography:</b> <br>
|
|
<b>Incident Description:</b> But a DDoS is exactly what's been plaguing the site, Scott Heiferman, Meetup.com co-founder and CEO, wrote on the company's blog.<br>
|
|
<b>Reference:</b> <a href="http://nakedsecurity.sophos.com/2014/03/05/meetup-com-ddosed-by-extortionist-refuse-to-pay-ransom/" target="_blank">http://nakedsecurity.sophos.com/2014/03/05/meetup-com-ddosed-by-extortionist-refuse-to-pay-ransom/</a>
|
|
</div></td> <td><div class="googft-card-view" style="font-family:sans-serif;width:450px;padding:4px;border:1px solid #ccc;overflow:hidden">
|
|
<b>Entry Title:</b> WHID 2014-050: Kenya: Ministry of Transport Website Hacked<br>
|
|
<b>WHID ID:</b> 2014-050<br>
|
|
<b>Date Occurred:</b> 3/5/2014<br>
|
|
<b>Attack Method:</b> Unknown<br>
|
|
<b>Application Weakness:</b> Unknown<br>
|
|
<b>Outcome:</b> Defacement<br>
|
|
<b>Attacked Entity Field:</b> Government<br>
|
|
<b>Attacked Entity Geography:</b> <br>
|
|
<b>Incident Description:</b> Kenya's ministry of transport website has been hacked by a Turkish Muslim group calling itself Ayyildiz Tim which accuses the government of not respecting Islam.<br>
|
|
<b>Reference:</b> <a href="http://allafrica.com/stories/201403051048.html" target="_blank">http://allafrica.com/stories/201403051048.html</a>
|
|
</div></td></tr> <tr><td><div class="googft-card-view" style="font-family:sans-serif;width:450px;padding:4px;border:1px solid #ccc;overflow:hidden">
|
|
<b>Entry Title:</b> WHID 2014-049: Russian Central Bank Says Website Hacked Ahead of Rate Decision<br>
|
|
<b>WHID ID:</b> 2014-049<br>
|
|
<b>Date Occurred:</b> 3/14/2014<br>
|
|
<b>Attack Method:</b> Denial of Service<br>
|
|
<b>Application Weakness:</b> Insufficient Anti-Automation<br>
|
|
<b>Outcome:</b> Downtime<br>
|
|
<b>Attacked Entity Field:</b> Finance<br>
|
|
<b>Attacked Entity Geography:</b> <br>
|
|
<b>Incident Description:</b> "Currently the bank of Russia website is having troubles due to a hacker attack. The bank of Russia is taking measures to rebuff it and to restore [the website's] normal operation," the press office said in a text message.<br>
|
|
<b>Reference:</b> <a href="http://online.wsj.com/article/BT-CO-20140314-701521.html" target="_blank">http://online.wsj.com/article/BT-CO-20140314-701521.html</a>
|
|
</div></td> <td><div class="googft-card-view" style="font-family:sans-serif;width:450px;padding:4px;border:1px solid #ccc;overflow:hidden">
|
|
<b>Entry Title:</b> WHID 2014-048: Maryland Hacked Again: 2nd Data Breach in 4 Weeks<br>
|
|
<b>WHID ID:</b> 2014-048<br>
|
|
<b>Date Occurred:</b> 3/15/2014<br>
|
|
<b>Attack Method:</b> Unknown<br>
|
|
<b>Application Weakness:</b> Unknown<br>
|
|
<b>Outcome:</b> Leakage of Information<br>
|
|
<b>Attacked Entity Field:</b> Education<br>
|
|
<b>Attacked Entity Geography:</b> <br>
|
|
<b>Incident Description:</b> The University of Maryland says someone hacked into its computer network and obtained personal information for the second time in four weeks.<br>
|
|
<b>Reference:</b> <a href="http://washington.cbslocal.com/2014/03/20/maryland-hacked-again-2nd-data-breach-in-4-weeks/" target="_blank">http://washington.cbslocal.com/2014/03/20/maryland-hacked-again-2nd-data-breach-in-4-weeks/</a>
|
|
</div></td></tr> <tr><td><div class="googft-card-view" style="font-family:sans-serif;width:450px;padding:4px;border:1px solid #ccc;overflow:hidden">
|
|
<b>Entry Title:</b> WHID 2014-047: Kremlin website hit by 'powerful' cyber attack<br>
|
|
<b>WHID ID:</b> 2014-047<br>
|
|
<b>Date Occurred:</b> 3/17/2014<br>
|
|
<b>Attack Method:</b> Denial of Service<br>
|
|
<b>Application Weakness:</b> Insufficient Anti-Automation<br>
|
|
<b>Outcome:</b> Downtime<br>
|
|
<b>Attacked Entity Field:</b> Government<br>
|
|
<b>Attacked Entity Geography:</b> <br>
|
|
<b>Incident Description:</b> Victories are hard to come by for Vladimir Putin's opponents, activists are jailed, protests draw dwindling crowds, but on Friday they celebrated a minor triumph by briefly knocking out the Kremlin website.<br>
|
|
<b>Reference:</b> <a href="http://www.smh.com.au/it-pro/security-it/kremlin-website-hit-by-powerful-cyber-attack-20140317-hvjme.html" target="_blank">http://www.smh.com.au/it-pro/security-it/kremlin-website-hit-by-powerful-cyber-attack-20140317-hvjme.html</a>
|
|
</div></td> <td><div class="googft-card-view" style="font-family:sans-serif;width:450px;padding:4px;border:1px solid #ccc;overflow:hidden">
|
|
<b>Entry Title:</b> WHID 2014-046: Pro-Russian Ukrainians launch DDoS strike against NATO<br>
|
|
<b>WHID ID:</b> 2014-046<br>
|
|
<b>Date Occurred:</b> 3/17/2014<br>
|
|
<b>Attack Method:</b> Denial of Service<br>
|
|
<b>Application Weakness:</b> Insufficient Anti-Automation<br>
|
|
<b>Outcome:</b> Downtime<br>
|
|
<b>Attacked Entity Field:</b> Politics<br>
|
|
<b>Attacked Entity Geography:</b> <br>
|
|
<b>Incident Description:</b> A group of pro-Russian Ukrainians hit NATO with a DDoS attack over the weekend, protesting the organization's stance on Crimea's split from the Ukraine. - See more at: http://blogs.csoonline.com/network-security/3075/pro-russian-ukrainians-launch-ddos-strike-against-nato#sthash.wjqevPXH.dpuf<br>
|
|
<b>Reference:</b> <a href="http://blogs.csoonline.com/network-security/3075/pro-russian-ukrainians-launch-ddos-strike-against-nato" target="_blank">http://blogs.csoonline.com/network-security/3075/pro-russian-ukrainians-launch-ddos-strike-against-nato</a>
|
|
</div></td></tr> <tr><td><div class="googft-card-view" style="font-family:sans-serif;width:450px;padding:4px;border:1px solid #ccc;overflow:hidden">
|
|
<b>Entry Title:</b> WHID 2014-045: Hackers hit Unix servers to send 35 million spam messages a day<br>
|
|
<b>WHID ID:</b> 2014-045<br>
|
|
<b>Date Occurred:</b> 3/19/2014<br>
|
|
<b>Attack Method:</b> Unknown<br>
|
|
<b>Application Weakness:</b> Unknown<br>
|
|
<b>Outcome:</b> Planting of Malware<br>
|
|
<b>Attacked Entity Field:</b> Technology<br>
|
|
<b>Attacked Entity Geography:</b> <br>
|
|
<b>Incident Description:</b> A criminal group has seized control of 25,000 Unix servers since 2011, forcing them to send out more than 35 million malware-laden spam messages per day, according to security researchers at ESET.<br>
|
|
<b>Reference:</b> <a href="http://www.v3.co.uk/v3-uk/news/2334789/hackers-hit-unix-servers-to-send-35-million-spam-messages-a-day" target="_blank">http://www.v3.co.uk/v3-uk/news/2334789/hackers-hit-unix-servers-to-send-35-million-spam-messages-a-day</a>
|
|
</div></td> <td><div class="googft-card-view" style="font-family:sans-serif;width:450px;padding:4px;border:1px solid #ccc;overflow:hidden">
|
|
<b>Entry Title:</b> WHID 2014-044: Citroen becomes the latest victim of Adobe ColdFusion hackers<br>
|
|
<b>WHID ID:</b> 2014-044<br>
|
|
<b>Date Occurred:</b> 3/17/2014<br>
|
|
<b>Attack Method:</b> Directory Traversal<br>
|
|
<b>Application Weakness:</b> Improper Input Handling<br>
|
|
<b>Outcome:</b> Planting of Malware<br>
|
|
<b>Attacked Entity Field:</b> Automotive<br>
|
|
<b>Attacked Entity Geography:</b> <br>
|
|
<b>Incident Description:</b> A prolific hacker gang that has breached numerous companies by exploiting Adobe software has claimed another major hit in the form of car manufacturer Citro?n, the Guardian has learned.<br>
|
|
<b>Reference:</b> <a href="http://www.theguardian.com/technology/2014/mar/17/citroen-adobe-coldfusion-hacked-backdoor" target="_blank">http://www.theguardian.com/technology/2014/mar/17/citroen-adobe-coldfusion-hacked-backdoor</a>
|
|
</div></td></tr> <tr><td><div class="googft-card-view" style="font-family:sans-serif;width:450px;padding:4px;border:1px solid #ccc;overflow:hidden">
|
|
<b>Entry Title:</b> WHID 2014-043: Criminal Malware Used In Attacks On Ukraine Government<br>
|
|
<b>WHID ID:</b> 2014-043<br>
|
|
<b>Date Occurred:</b> 3/19/2014<br>
|
|
<b>Attack Method:</b> Denial of Service<br>
|
|
<b>Application Weakness:</b> Insufficient Anti-Automation<br>
|
|
<b>Outcome:</b> Downtime<br>
|
|
<b>Attacked Entity Field:</b> Government<br>
|
|
<b>Attacked Entity Geography:</b> <br>
|
|
<b>Incident Description:</b> The DirtJumper malware, a tool used by digital criminals during attacks on banks, has started targeting Ukranian government websites, amid growing tensions with neighbouring Russia.<br>
|
|
<b>Reference:</b> <a href="http://www.techweekeurope.co.uk/news/dirtjumper-malware-ukraine-russia-141954" target="_blank">http://www.techweekeurope.co.uk/news/dirtjumper-malware-ukraine-russia-141954</a>
|
|
</div></td> <td><div class="googft-card-view" style="font-family:sans-serif;width:450px;padding:4px;border:1px solid #ccc;overflow:hidden">
|
|
<b>Entry Title:</b> WHID 2014:042: Estonian Foreign Ministry?s website comes under cyber attack<br>
|
|
<b>WHID ID:</b> 2014-042<br>
|
|
<b>Date Occurred:</b> 3/20/2014<br>
|
|
<b>Attack Method:</b> Denial of Service<br>
|
|
<b>Application Weakness:</b> Insufficient Anti-Automation<br>
|
|
<b>Outcome:</b> Downtime<br>
|
|
<b>Attacked Entity Field:</b> Government<br>
|
|
<b>Attacked Entity Geography:</b> <br>
|
|
<b>Incident Description:</b> The website of the Estonian Ministry of Foreign Affairs came under cyber attack yesterday afternoon, reported ERR.<br>
|
|
<b>Reference:</b> <a href="http://balticbusinessnews.com/article/2014/3/20/estonian-foreign-ministry-s-website-comes-under-cyber-attack" target="_blank">http://balticbusinessnews.com/article/2014/3/20/estonian-foreign-ministry-s-website-comes-under-cyber-attack</a>
|
|
</div></td></tr> <tr><td><div class="googft-card-view" style="font-family:sans-serif;width:450px;padding:4px;border:1px solid #ccc;overflow:hidden">
|
|
<b>Entry Title:</b> WHID 2014-041: EA Games website hacked to steal Apple IDs<br>
|
|
<b>WHID ID:</b> 2014-041<br>
|
|
<b>Date Occurred:</b> 3/19/2014<br>
|
|
<b>Attack Method:</b> Unknown<br>
|
|
<b>Application Weakness:</b> Unknown<br>
|
|
<b>Outcome:</b> Phishing<br>
|
|
<b>Attacked Entity Field:</b> Gaming<br>
|
|
<b>Attacked Entity Geography:</b> <br>
|
|
<b>Incident Description:</b> An EA Games server has been compromised by hackers and is now hosting a phishing site which targets Apple ID account holders.<br>
|
|
<b>Reference:</b> <a href="http://news.netcraft.com/archives/2014/03/19/ea-games-website-hacked-to-steal-apple-ids.html" target="_blank">http://news.netcraft.com/archives/2014/03/19/ea-games-website-hacked-to-steal-apple-ids.html</a>
|
|
</div></td> <td><div class="googft-card-view" style="font-family:sans-serif;width:450px;padding:4px;border:1px solid #ccc;overflow:hidden">
|
|
<b>Entry Title:</b> WHID 2014-040: Hackers steal data for 12 million customers at South Korean phone giant<br>
|
|
<b>WHID ID:</b> 2014-040<br>
|
|
<b>Date Occurred:</b> 3/6/2014<br>
|
|
<b>Attack Method:</b> Unknown<br>
|
|
<b>Application Weakness:</b> Unknown<br>
|
|
<b>Outcome:</b> Leakage of Information<br>
|
|
<b>Attacked Entity Field:</b> Technology<br>
|
|
<b>Attacked Entity Geography:</b> <br>
|
|
<b>Incident Description:</b> Police have arrested two people in connection with a cyber-attack that yielded personal details for 12 million customers of one of South Korea's biggest phone companies.<br>
|
|
<b>Reference:</b> <a href="http://edition.cnn.com/2014/03/06/business/south-korea-telecoms-hackers/" target="_blank">http://edition.cnn.com/2014/03/06/business/south-korea-telecoms-hackers/</a>
|
|
</div></td></tr> <tr><td><div class="googft-card-view" style="font-family:sans-serif;width:450px;padding:4px;border:1px solid #ccc;overflow:hidden">
|
|
<b>Entry Title:</b> WHID 2014-039: ComiXology Hacked! Change Your Password Now<br>
|
|
<b>WHID ID:</b> 2014-039<br>
|
|
<b>Date Occurred:</b> 3/6/2014<br>
|
|
<b>Attack Method:</b> SQL Injection<br>
|
|
<b>Application Weakness:</b> Improper Input Handling<br>
|
|
<b>Outcome:</b> Leakage of Information<br>
|
|
<b>Attacked Entity Field:</b> Media<br>
|
|
<b>Attacked Entity Geography:</b> <br>
|
|
<b>Incident Description:</b> Digital comic book seller ComiXology has suffered a security breach, and is now requiring all users reset their passwords.<br>
|
|
<b>Reference:</b> <a href="http://www.pcmag.com/article2/0,2817,2454664,00.asp" target="_blank">http://www.pcmag.com/article2/0,2817,2454664,00.asp</a>
|
|
</div></td> <td><div class="googft-card-view" style="font-family:sans-serif;width:450px;padding:4px;border:1px solid #ccc;overflow:hidden">
|
|
<b>Entry Title:</b> WHID 2014-038: Navy Hacking Blamed on Iran Tied to H-P Contract<br>
|
|
<b>WHID ID:</b> 2014-038<br>
|
|
<b>Date Occurred:</b> 3/6/2014<br>
|
|
<b>Attack Method:</b> SQL Injection<br>
|
|
<b>Application Weakness:</b> Improper Input Handling<br>
|
|
<b>Outcome:</b> Leakage of Information<br>
|
|
<b>Attacked Entity Field:</b> Government<br>
|
|
<b>Attacked Entity Geography:</b> <br>
|
|
<b>Incident Description:</b> The infiltration was launched with a common hacking technique known as an SQL injection. It used a Navy website available to the public and then found its way to the unprotected databases, said people familiar with the matter. The lack of security meant once the hackers were inside, they could easily move into other parts of the network, these people said.<br>
|
|
<b>Reference:</b> <a href="http://online.wsj.com/news/articles/SB10001424052702304732804579423611224344876" target="_blank">http://online.wsj.com/news/articles/SB10001424052702304732804579423611224344876</a>
|
|
</div></td></tr> <tr><td><div class="googft-card-view" style="font-family:sans-serif;width:450px;padding:4px;border:1px solid #ccc;overflow:hidden">
|
|
<b>Entry Title:</b> WHID 2014-037: Archdiocese of Seattle hacked, warns 90,000<br>
|
|
<b>WHID ID:</b> 2014-037<br>
|
|
<b>Date Occurred:</b> 3/11/2014<br>
|
|
<b>Attack Method:</b> SQL Injection<br>
|
|
<b>Application Weakness:</b> Improper Input Handling<br>
|
|
<b>Outcome:</b> Leakage of Information<br>
|
|
<b>Attacked Entity Field:</b> Religious<br>
|
|
<b>Attacked Entity Geography:</b> <br>
|
|
<b>Incident Description:</b> That information is stored in several databases, and the Archdiocese believes one of those databases was hacked. "The bad guys have figured out how to breach it," Magnoni said, "and so it's unsettling."<br>
|
|
<b>Reference:</b> <a href="http://www.kirotv.com/news/news/archdiocese-seattle-hacked-warns-90000-employees-a/nd9Xs/" target="_blank">http://www.kirotv.com/news/news/archdiocese-seattle-hacked-warns-90000-employees-a/nd9Xs/</a>
|
|
</div></td> <td><div class="googft-card-view" style="font-family:sans-serif;width:450px;padding:4px;border:1px solid #ccc;overflow:hidden">
|
|
<b>Entry Title:</b> WHID 2014-036: Russian hacker family allegedly steals $58,000 from US bank<br>
|
|
<b>WHID ID:</b> 2014-036<br>
|
|
<b>Date Occurred:</b> 3/12/2014<br>
|
|
<b>Attack Method:</b> Banking Trojan<br>
|
|
<b>Application Weakness:</b> Insufficient Process Validation<br>
|
|
<b>Outcome:</b> Monetary Loss<br>
|
|
<b>Attacked Entity Field:</b> Finance<br>
|
|
<b>Attacked Entity Geography:</b> <br>
|
|
<b>Incident Description:</b> MOSCOW, March 12 (RAPSI) ? The police detained suspected hackers in Russia who are believed to have stolen about $58,000 from client accounts of a US bank, the Russian Interior Ministry said in a statement Wednesday.<br>
|
|
<b>Reference:</b> <a href="http://rapsinews.com/news/20140312/270911000.html" target="_blank">http://rapsinews.com/news/20140312/270911000.html</a>
|
|
</div></td></tr> <tr><td><div class="googft-card-view" style="font-family:sans-serif;width:450px;padding:4px;border:1px solid #ccc;overflow:hidden">
|
|
<b>Entry Title:</b> WHID 2014-035: Bitcoin Exchange Mt. Gox Hit by 150,000 DDoS Attacks Per Second Before Collapse<br>
|
|
<b>WHID ID:</b> 2014-035<br>
|
|
<b>Date Occurred:</b> 3/10/2014<br>
|
|
<b>Attack Method:</b> Denial of Service<br>
|
|
<b>Application Weakness:</b> Insufficient Anti-Automation<br>
|
|
<b>Outcome:</b> Downtime<br>
|
|
<b>Attacked Entity Field:</b> Finance<br>
|
|
<b>Attacked Entity Geography:</b> <br>
|
|
<b>Incident Description:</b> Bitcoin exchange Mt. Gox suffered about 150,000 hacking attacks per second for several days before its collapse last month, according to a report.<br>
|
|
<b>Reference:</b> <a href="http://www.ibtimes.co.uk/bitcoin-exchange-mt-gox-hit-by-150000-ddos-attacks-per-second-before-collapse-1439568" target="_blank">http://www.ibtimes.co.uk/bitcoin-exchange-mt-gox-hit-by-150000-ddos-attacks-per-second-before-collapse-1439568</a>
|
|
</div></td> <td><div class="googft-card-view" style="font-family:sans-serif;width:450px;padding:4px;border:1px solid #ccc;overflow:hidden">
|
|
<b>Entry Title:</b> WHID 2014-034: Hacker attempts to hold Johns Hopkins hostage using student data<br>
|
|
<b>WHID ID:</b> 2014-034<br>
|
|
<b>Date Occurred:</b> 3/12/2014<br>
|
|
<b>Attack Method:</b> SQL Injection<br>
|
|
<b>Application Weakness:</b> Improper Input Handling<br>
|
|
<b>Outcome:</b> Leakage of Information<br>
|
|
<b>Attacked Entity Field:</b> Education<br>
|
|
<b>Attacked Entity Geography:</b> <br>
|
|
<b>Incident Description:</b> In an attack on the Johns Hopkins University servers, a hacker was able to obtain the names, emails and phone numbers of some 850 current and past biomedical engineering students.<br>
|
|
<b>Reference:</b> <a href="http://www.cr80news.com/2014/03/12/hacker-attempts-to-hold-johns-hopkins-hostage-using-student-data" target="_blank">http://www.cr80news.com/2014/03/12/hacker-attempts-to-hold-johns-hopkins-hostage-using-student-data</a>
|
|
</div></td></tr> <tr><td><div class="googft-card-view" style="font-family:sans-serif;width:450px;padding:4px;border:1px solid #ccc;overflow:hidden">
|
|
<b>Entry Title:</b> WHID 2014-033: 162,000 WORDPRESS SITES USED IN DDOS ATTACK<br>
|
|
<b>WHID ID:</b> 2014-033<br>
|
|
<b>Date Occurred:</b> 3/12/2014<br>
|
|
<b>Attack Method:</b> Denial of Service<br>
|
|
<b>Application Weakness:</b> Insufficient Process Validation<br>
|
|
<b>Outcome:</b> Downtime<br>
|
|
<b>Attacked Entity Field:</b> Blog<br>
|
|
<b>Attacked Entity Geography:</b> <br>
|
|
<b>Incident Description:</b> More than 162,000 ?popular and clean? WordPress sites were recently used in a large-scale distributed denial of service attack (DDoS) that exploited the content management system?s pingback feature.<br>
|
|
<b>Reference:</b> <a href="http://threatpost.com/162000-wordpress-sites-used-in-ddos-attack/104745" target="_blank">http://threatpost.com/162000-wordpress-sites-used-in-ddos-attack/104745</a>
|
|
</div></td> <td><div class="googft-card-view" style="font-family:sans-serif;width:450px;padding:4px;border:1px solid #ccc;overflow:hidden">
|
|
<b>Entry Title:</b> WHID 2014-032: EC-Council Acknowledges, Details February Hacker Attack<br>
|
|
<b>WHID ID:</b> 2014-032<br>
|
|
<b>Date Occurred:</b> 3/13/2014<br>
|
|
<b>Attack Method:</b> DNS Hijacking<br>
|
|
<b>Application Weakness:</b> Insufficient Process Validation<br>
|
|
<b>Outcome:</b> Defacement<br>
|
|
<b>Attacked Entity Field:</b> Technology<br>
|
|
<b>Attacked Entity Geography:</b> <br>
|
|
<b>Incident Description:</b> The defacement, EC-Council explained, resulted from a DNS poisoning attack. After gaining control of the domain, the hacker issued a password reset request to EC-Council's e-mail service provider, which allowed the hacker to compromise some e-mail accounts before EC-Council responded.<br>
|
|
<b>Reference:</b> <a href="http://www.esecurityplanet.com/hackers/ec-council-acknowledges-details-february-hacker-attack.html" target="_blank">http://www.esecurityplanet.com/hackers/ec-council-acknowledges-details-february-hacker-attack.html</a>
|
|
</div></td></tr> <tr><td><div class="googft-card-view" style="font-family:sans-serif;width:450px;padding:4px;border:1px solid #ccc;overflow:hidden">
|
|
<b>Entry Title:</b> WHID 2014-031: Hackers down Russian presidential site in ?powerful cyber-attack?<br>
|
|
<b>WHID ID:</b> 2014-031<br>
|
|
<b>Date Occurred:</b> 3/14/2014<br>
|
|
<b>Attack Method:</b> Denial of Service<br>
|
|
<b>Application Weakness:</b> Insufficient Anti-Automation<br>
|
|
<b>Outcome:</b> Downtime<br>
|
|
<b>Attacked Entity Field:</b> Government<br>
|
|
<b>Attacked Entity Geography:</b> <br>
|
|
<b>Incident Description:</b> Unidentified hackers brought down the Russian presidency?s site and the Central Bank?s web page in a wave of online attacks. The website is now operational for most users.<br>
|
|
<b>Reference:</b> <a href="http://rt.com/news/kremlin-site-attack-hackers-790/" target="_blank">http://rt.com/news/kremlin-site-attack-hackers-790/</a>
|
|
</div></td> <td><div class="googft-card-view" style="font-family:sans-serif;width:450px;padding:4px;border:1px solid #ccc;overflow:hidden">
|
|
<b>Entry Title:</b> WHID 2014-030: Russian media websites hit by ?massive? DDoS attack ?linked to Ukraine?<br>
|
|
<b>WHID ID:</b> 2014-030<br>
|
|
<b>Date Occurred:</b> 3/14/2014<br>
|
|
<b>Attack Method:</b> Denial of Service<br>
|
|
<b>Application Weakness:</b> Insufficient Anti-Automation<br>
|
|
<b>Outcome:</b> Downtime<br>
|
|
<b>Attacked Entity Field:</b> Media<br>
|
|
<b>Attacked Entity Geography:</b> <br>
|
|
<b>Incident Description:</b> Websites of several Russian state TV channels have been hit by a large cyberattack suspected to partly come from Kiev. Anonymous Caucasus claimed it was responsible for hacking Channel One TV?s site, saying it had ?nothing? to do with Ukraine.<br>
|
|
<b>Reference:</b> <a href="http://rt.com/news/russian-media-ddos-ukraine-614/" target="_blank">http://rt.com/news/russian-media-ddos-ukraine-614/</a>
|
|
</div></td></tr> <tr><td><div class="googft-card-view" style="font-family:sans-serif;width:450px;padding:4px;border:1px solid #ccc;overflow:hidden">
|
|
<b>Entry Title:</b> WHID 2014-029: Hackers hijack 300,000-plus wireless routers, make malicious changes<br>
|
|
<b>WHID ID:</b> 2014-029<br>
|
|
<b>Date Occurred:</b> 3/3/2014<br>
|
|
<b>Attack Method:</b> Cross-site Request Forgery (CSRF)<br>
|
|
<b>Application Weakness:</b> Insufficient Process Validation<br>
|
|
<b>Outcome:</b> DNS Hijacking<br>
|
|
<b>Attacked Entity Field:</b> Technology<br>
|
|
<b>Attacked Entity Geography:</b> <br>
|
|
<b>Incident Description:</b> The hackers appear to be using a variety of techniques to commandeer the devices and make changes to the domain name system (DNS) servers used to translate human-friendly domain names into the IP addresses computers use to locate their Web servers, according to a report published Monday by researchers from security firm Team Cymru. Likely hacks include a recently disclosed cross-site request forgery (CSRF) that allows attackers to inject a blank password into the Web interface of TP-Link routers.<br>
|
|
<b>Reference:</b> <a href="http://arstechnica.com/security/2014/03/hackers-hijack-300000-plus-wireless-routers-make-malicious-changes/" target="_blank">http://arstechnica.com/security/2014/03/hackers-hijack-300000-plus-wireless-routers-make-malicious-changes/</a>
|
|
</div></td> <td><div class="googft-card-view" style="font-family:sans-serif;width:450px;padding:4px;border:1px solid #ccc;overflow:hidden">
|
|
<b>Entry Title:</b> WHID 2014-028: U-Md. computer security attack exposes 300,000 records<br>
|
|
<b>WHID ID:</b> 2014-028<br>
|
|
<b>Date Occurred:</b> 2/18/2014<br>
|
|
<b>Attack Method:</b> Stolen Credentials<br>
|
|
<b>Application Weakness:</b> Insufficient Authentication<br>
|
|
<b>Outcome:</b> Leakage of Information<br>
|
|
<b>Attacked Entity Field:</b> Education<br>
|
|
<b>Attacked Entity Geography:</b> <br>
|
|
<b>Incident Description:</b> More than 300,000 personal records for faculty, staff and students who have received identification cards at the University of Maryland were compromised in a computer security breach this week, school officials said.<br>
|
|
<b>Reference:</b> <a href="http://www.washingtonpost.com/local/college-park-shady-grove-campuses-affected-by-university-of-maryland-security-breach/2014/02/19/ce438108-99bd-11e3-80ac-63a8ba7f7942_story.html" target="_blank">http://www.washingtonpost.com/local/college-park-shady-grove-campuses-affected-by-university-of-maryland-security-breach/2014/02/19/ce438108-99bd-11e3-80ac-63a8ba7f7942_story.html</a>
|
|
</div></td></tr> <tr><td><div class="googft-card-view" style="font-family:sans-serif;width:450px;padding:4px;border:1px solid #ccc;overflow:hidden">
|
|
<b>Entry Title:</b> WHID 2014-027: Spotlight On Sochi: Distributed Denial Of Sochi<br>
|
|
<b>WHID ID:</b> 2014-027<br>
|
|
<b>Date Occurred:</b> 2/7/2014<br>
|
|
<b>Attack Method:</b> Denial of Service<br>
|
|
<b>Application Weakness:</b> Insufficient Anti-Automation<br>
|
|
<b>Outcome:</b> Downtime<br>
|
|
<b>Attacked Entity Field:</b> Government<br>
|
|
<b>Attacked Entity Geography:</b> <br>
|
|
<b>Incident Description:</b> Beginning February 4, hacktivists began leveling distributed denial-of-service attacks (DDoS) against at least 1,700 Russian Websites connected to the winter games. The attacks targeted official Websites of the games as well as those owned by hotels and financial institutions connected with the event. As is the case with DDoS attacks, each of the Websites was rendered temporarily unavailable.<br>
|
|
<b>Reference:</b> <a href="http://www.hstoday.us/industry-news/general/single-article/spotlight-on-sochi-distributed-denial-of-sochi-feb-7/e605d5e1db57c00e9c432ca83449b4e1.html" target="_blank">http://www.hstoday.us/industry-news/general/single-article/spotlight-on-sochi-distributed-denial-of-sochi-feb-7/e605d5e1db57c00e9c432ca83449b4e1.html</a>
|
|
</div></td> <td><div class="googft-card-view" style="font-family:sans-serif;width:450px;padding:4px;border:1px solid #ccc;overflow:hidden">
|
|
<b>Entry Title:</b> WHID 2014-026: churchofcyprus.org.cy Hacked<br>
|
|
<b>WHID ID:</b> 2014-026<br>
|
|
<b>Date Occurred:</b> 2/19/2014<br>
|
|
<b>Attack Method:</b> Unknown<br>
|
|
<b>Application Weakness:</b> Unknown<br>
|
|
<b>Outcome:</b> Leakage of Information<br>
|
|
<b>Attacked Entity Field:</b> Religious<br>
|
|
<b>Attacked Entity Geography:</b> <br>
|
|
<b>Incident Description:</b> Email and data exposed in PasteBin Dump<br>
|
|
<b>Reference:</b> <a href="http://pastebin.com/9TyDsSR3" target="_blank">http://pastebin.com/9TyDsSR3</a>
|
|
</div></td></tr> <tr><td><div class="googft-card-view" style="font-family:sans-serif;width:450px;padding:4px;border:1px solid #ccc;overflow:hidden">
|
|
<b>Entry Title:</b> WHID 2014-025: Stack Overflow goes down for an hour on Sunday due to DDoS attack<br>
|
|
<b>WHID ID:</b> 2014-025<br>
|
|
<b>Date Occurred:</b> 2/16/2014<br>
|
|
<b>Attack Method:</b> Denial of Service<br>
|
|
<b>Application Weakness:</b> Insufficient Anti-Automation<br>
|
|
<b>Outcome:</b> Downtime<br>
|
|
<b>Attacked Entity Field:</b> Blog<br>
|
|
<b>Attacked Entity Geography:</b> <br>
|
|
<b>Incident Description:</b> Stack Overflow went out for about an hour on Sunday morning due to a DDoS attack, TechCrunch reported. Stack Overflow is a question and answer website focused on coding that programmers, both professional and amateur, rely on.<br>
|
|
<b>Reference:</b> <a href="http://www.vcpost.com/articles/21665/20140216/stack-overflow-goes-down-for-an-hour-sunday-due-to-ddos-attack.htm" target="_blank">http://www.vcpost.com/articles/21665/20140216/stack-overflow-goes-down-for-an-hour-sunday-due-to-ddos-attack.htm</a>
|
|
</div></td> <td><div class="googft-card-view" style="font-family:sans-serif;width:450px;padding:4px;border:1px solid #ccc;overflow:hidden">
|
|
<b>Entry Title:</b> WHID 2014-024: Barcelona Twitter Accounts Hacked by Syrian Electronic Army<br>
|
|
<b>WHID ID:</b> 2014-024<br>
|
|
<b>Date Occurred:</b> 2/19/2014<br>
|
|
<b>Attack Method:</b> Unknown<br>
|
|
<b>Application Weakness:</b> Unknown<br>
|
|
<b>Outcome:</b> Account Takeover<br>
|
|
<b>Attacked Entity Field:</b> Social<br>
|
|
<b>Attacked Entity Geography:</b> <br>
|
|
<b>Incident Description:</b> The Syrian Electronic Army, the cyber-wing of Syrian president Bashar al-Assad's regime, has targeted Barcelona football club because of its ties to Qatari money which is "full of blood and kill."<br>
|
|
<b>Reference:</b> <a href="http://www.ibtimes.co.uk/barcelona-twitter-accounts-hacked-by-syrian-electronic-army-over-links-qatar-1437064" target="_blank">http://www.ibtimes.co.uk/barcelona-twitter-accounts-hacked-by-syrian-electronic-army-over-links-qatar-1437064</a>
|
|
</div></td></tr> <tr><td><div class="googft-card-view" style="font-family:sans-serif;width:450px;padding:4px;border:1px solid #ccc;overflow:hidden">
|
|
<b>Entry Title:</b> WHID 2014-023: Kickstarter Hacked, Credit Card Data Safe<br>
|
|
<b>WHID ID:</b> 2014-023<br>
|
|
<b>Date Occurred:</b> 2/16/2014<br>
|
|
<b>Attack Method:</b> Unknown<br>
|
|
<b>Application Weakness:</b> Unknown<br>
|
|
<b>Outcome:</b> Leakage of Information<br>
|
|
<b>Attacked Entity Field:</b> Retail<br>
|
|
<b>Attacked Entity Geography:</b> <br>
|
|
<b>Incident Description:</b> The group funding site Kickstarter was recently the target of a hack by an unknown individual or group of individuals. Yes, some of the data that the service stores about you ??? if you're a user ??? was tapped into. However, there's a bit of a silver lining: Credit card data and passwords appear relatively safe, with a caveat.<br>
|
|
<b>Reference:</b> <a href="http://www.pcmag.com/article2/0,2817,2453510,00.asp" target="_blank">http://www.pcmag.com/article2/0,2817,2453510,00.asp</a>
|
|
</div></td> <td><div class="googft-card-view" style="font-family:sans-serif;width:450px;padding:4px;border:1px solid #ccc;overflow:hidden">
|
|
<b>Entry Title:</b> WHID 2014-022: Massive hacking affected Venezuela???s government servers<br>
|
|
<b>WHID ID:</b> 2014-022<br>
|
|
<b>Date Occurred:</b> 2/17/2014<br>
|
|
<b>Attack Method:</b> Unknown<br>
|
|
<b>Application Weakness:</b> Unknown<br>
|
|
<b>Outcome:</b> Defacement<br>
|
|
<b>Attacked Entity Field:</b> Government<br>
|
|
<b>Attacked Entity Geography:</b> <br>
|
|
<b>Incident Description:</b> Hackers around the world are setting their sights on Venezuela???s government web properties following violent repression against anti-government protesters and instances of internet censorship.<br>
|
|
<b>Reference:</b> <a href="http://voxxi.com/2014/02/18/anonymous-hackers-venezuela-servers/" target="_blank">http://voxxi.com/2014/02/18/anonymous-hackers-venezuela-servers/</a>
|
|
</div></td></tr> <tr><td><div class="googft-card-view" style="font-family:sans-serif;width:450px;padding:4px;border:1px solid #ccc;overflow:hidden">
|
|
<b>Entry Title:</b> WHID 2014-021: Hackers Attack University of Costa Rica Publication<br>
|
|
<b>WHID ID:</b> 2014-021<br>
|
|
<b>Date Occurred:</b> 1/27/2014<br>
|
|
<b>Attack Method:</b> Denial of Service<br>
|
|
<b>Application Weakness:</b> Insufficient Anti-Automation<br>
|
|
<b>Outcome:</b> Downtiime<br>
|
|
<b>Attacked Entity Field:</b> Media<br>
|
|
<b>Attacked Entity Geography:</b> <br>
|
|
<b>Incident Description:</b> Semanario Universidad, the weekly news publication produced by the University of Costa Rica, saw its website brought down by distributed denial of service (DDOS) attacks in late January.<br>
|
|
<b>Reference:</b> <a href="http://news.co.cr/hackers-attack-university-of-costa-rica-publication/33056/" target="_blank">http://news.co.cr/hackers-attack-university-of-costa-rica-publication/33056/</a>
|
|
</div></td> <td><div class="googft-card-view" style="font-family:sans-serif;width:450px;padding:4px;border:1px solid #ccc;overflow:hidden">
|
|
<b>Entry Title:</b> WHID 2014-020: UK MoJ Falls Victim To DDoS Attack<br>
|
|
<b>WHID ID:</b> 2014-020<br>
|
|
<b>Date Occurred:</b> 2/17/2014<br>
|
|
<b>Attack Method:</b> Denial of Service<br>
|
|
<b>Application Weakness:</b> Insufficient Anti-Automation<br>
|
|
<b>Outcome:</b> Downtiime<br>
|
|
<b>Attacked Entity Field:</b> Government<br>
|
|
<b>Attacked Entity Geography:</b> <br>
|
|
<b>Incident Description:</b> Another incident last week highlighted the growing cyber threat posed by Distributed Denial of Service (DDoS) attacks on government organisations. On Wednesday one such attack took down the website of the UK Ministry of Justice (MoJ), rendering it inaccessible for about three hours, V3 reported.<br>
|
|
<b>Reference:</b> <a href="http://www.misco.co.uk/blog/news/01707/uk-moj-falls-victim-to-ddos-attack" target="_blank">http://www.misco.co.uk/blog/news/01707/uk-moj-falls-victim-to-ddos-attack</a>
|
|
</div></td></tr> <tr><td><div class="googft-card-view" style="font-family:sans-serif;width:450px;padding:4px;border:1px solid #ccc;overflow:hidden">
|
|
<b>Entry Title:</b> WHID 2014-019: Royaldutchshellplc.com website under Denial of Service Attack<br>
|
|
<b>WHID ID:</b> 2014-019<br>
|
|
<b>Date Occurred:</b> 2/17/2014<br>
|
|
<b>Attack Method:</b> Denial of Service<br>
|
|
<b>Application Weakness:</b> Insufficient Anti-Automation<br>
|
|
<b>Outcome:</b> Downtime<br>
|
|
<b>Attacked Entity Field:</b> Utilities<br>
|
|
<b>Attacked Entity Geography:</b> <br>
|
|
<b>Incident Description:</b> Today the site is being bombarded with Shell Blog comments, made in multiple languages via multiple isp addresses. It appears to be yet another concerted denial of service attack by an unknown party.<br>
|
|
<b>Reference:</b> <a href="http://royaldutchshellplc.com/2014/02/17/royaldutchshellplc-com-website-under-denial-of-service-attack/" target="_blank">http://royaldutchshellplc.com/2014/02/17/royaldutchshellplc-com-website-under-denial-of-service-attack/</a>
|
|
</div></td> <td><div class="googft-card-view" style="font-family:sans-serif;width:450px;padding:4px;border:1px solid #ccc;overflow:hidden">
|
|
<b>Entry Title:</b> WHID 2014-018: Syrian Electronic Army hacks into Forbes.com<br>
|
|
<b>WHID ID:</b> 2014-018<br>
|
|
<b>Date Occurred:</b> 2/16/2014<br>
|
|
<b>Attack Method:</b> Cross-site Request Forgery (CSRF)<br>
|
|
<b>Application Weakness:</b> Unknown<br>
|
|
<b>Outcome:</b> Disinformation<br>
|
|
<b>Attacked Entity Field:</b> Blog<br>
|
|
<b>Attacked Entity Geography:</b> <br>
|
|
<b>Incident Description:</b> The Syrian Electronic Army, the cyber wing of Bashar al-Assad's army, said it hacked Forbes.com website Friday, claiming it compromised user data, defaced webpages and posted a fake story to the site.<br>
|
|
<b>Reference:</b> <a href="http://www.forbes.com/sites/andygreenberg/2014/02/20/how-the-syrian-electronic-army-hacked-us-a-detailed-timeline/" target="_blank">http://www.forbes.com/sites/andygreenberg/2014/02/20/how-the-syrian-electronic-army-hacked-us-a-detailed-timeline/</a>
|
|
</div></td></tr> <tr><td><div class="googft-card-view" style="font-family:sans-serif;width:450px;padding:4px;border:1px solid #ccc;overflow:hidden">
|
|
<b>Entry Title:</b> WHID 2014-017: School District Still Using Default Login For Admin Account Surprised To Learn Its Site Has Been Hacked<br>
|
|
<b>WHID ID:</b> 2014-017<br>
|
|
<b>Date Occurred:</b> 1/8/2014<br>
|
|
<b>Attack Method:</b> Brute Force<br>
|
|
<b>Application Weakness:</b> Insufficient Authentication<br>
|
|
<b>Outcome:</b> Defacement<br>
|
|
<b>Attacked Entity Field:</b> Education<br>
|
|
<b>Attacked Entity Geography:</b> <br>
|
|
<b>Incident Description:</b> A Texas school district is learning the hard way about website security basics. If you'd like to keep your site from being compromised, the very least you can do is reset the default login. According to a post at Hackforums, the Round Rock Independent School District of Austin, TX was using the following name and password for its admin account.<br>
|
|
<b>Reference:</b> <a href="http://www.techdirt.com/articles/20131223/18274325679/school-district-still-using-default-login-admin-account-surprised-to-learn-its-site-has-been-hacked.shtml" target="_blank">http://www.techdirt.com/articles/20131223/18274325679/school-district-still-using-default-login-admin-account-surprised-to-learn-its-site-has-been-hacked.shtml</a>
|
|
</div></td> <td><div class="googft-card-view" style="font-family:sans-serif;width:450px;padding:4px;border:1px solid #ccc;overflow:hidden">
|
|
<b>Entry Title:</b> WHID 2014-016: 24 Mexican Government Websites Hacked by Anonymous<br>
|
|
<b>WHID ID:</b> 2014-016<br>
|
|
<b>Date Occurred:</b> 1/6/2014<br>
|
|
<b>Attack Method:</b> Unknown<br>
|
|
<b>Application Weakness:</b> Unknown<br>
|
|
<b>Outcome:</b> Defacement<br>
|
|
<b>Attacked Entity Field:</b> Government<br>
|
|
<b>Attacked Entity Geography:</b> <br>
|
|
<b>Incident Description:</b> Anonymous hackers have breached and defaced around a couple of dozen websites hosted on Mexican government domains.<br>
|
|
<b>Reference:</b> <a href="http://news.softpedia.com/news/24-Mexican-Government-Websites-Hacked-by-Anonymous-413789.shtml" target="_blank">http://news.softpedia.com/news/24-Mexican-Government-Websites-Hacked-by-Anonymous-413789.shtml</a>
|
|
</div></td></tr> <tr><td><div class="googft-card-view" style="font-family:sans-serif;width:450px;padding:4px;border:1px solid #ccc;overflow:hidden">
|
|
<b>Entry Title:</b> WHID 2014-015: Massive E-toll website security flaw<br>
|
|
<b>WHID ID:</b> 2014-015<br>
|
|
<b>Date Occurred:</b> 1/7/2014<br>
|
|
<b>Attack Method:</b> Predictable Resource Location<br>
|
|
<b>Application Weakness:</b> Insufficient Process Validation<br>
|
|
<b>Outcome:</b> Leakage of Information<br>
|
|
<b>Attacked Entity Field:</b> eCommerce<br>
|
|
<b>Attacked Entity Geography:</b> <br>
|
|
<b>Incident Description:</b> An unofficial security advisory issued by a hacker identifying themselves as ???Moe1??? has warned E-toll users that the PINs used to log into their E-toll website accounts can be easily obtained if their username is known.<br>
|
|
<b>Reference:</b> <a href="http://mybroadband.co.za/news/security/94446-massive-e-toll-website-security-flaw.html" target="_blank">http://mybroadband.co.za/news/security/94446-massive-e-toll-website-security-flaw.html</a>
|
|
</div></td> <td><div class="googft-card-view" style="font-family:sans-serif;width:450px;padding:4px;border:1px solid #ccc;overflow:hidden">
|
|
<b>Entry Title:</b> WHID 2014-014: Hacker Targets Directors Guild of Canada Website<br>
|
|
<b>WHID ID:</b> 2014-014<br>
|
|
<b>Date Occurred:</b> 1/6/2014<br>
|
|
<b>Attack Method:</b> Unknown<br>
|
|
<b>Application Weakness:</b> Unknown<br>
|
|
<b>Outcome:</b> Leakage of Information<br>
|
|
<b>Attacked Entity Field:</b> Entertainment<br>
|
|
<b>Attacked Entity Geography:</b> <br>
|
|
<b>Incident Description:</b> A hacker site called ObeySec took over a computer server at the Directors Guild of Canada on the weekend. OUR EDITOR RECOMMENDS Directors Guild of Canada Has New Topper Angelina Jolie Might Testify in News Corp's Phone Hacking Lawsuit The external hacker used the handle legionnaire on Sunday to commandeer the DGC site and obtain the personal data of over 2,000 members, including Canada's top film and TV directors.<br>
|
|
<b>Reference:</b> <a href="http://www.hollywoodreporter.com/news/hacker-targets-directors-guild-canada-668584" target="_blank">http://www.hollywoodreporter.com/news/hacker-targets-directors-guild-canada-668584</a>
|
|
</div></td></tr> <tr><td><div class="googft-card-view" style="font-family:sans-serif;width:450px;padding:4px;border:1px solid #ccc;overflow:hidden">
|
|
<b>Entry Title:</b> WHID 2014-013: Thousands of visitors to yahoo.com hit with malware attack<br>
|
|
<b>WHID ID:</b> 2014-013<br>
|
|
<b>Date Occurred:</b> 1/4/2014<br>
|
|
<b>Attack Method:</b> Malvertising<br>
|
|
<b>Application Weakness:</b> Insufficient Output Handling<br>
|
|
<b>Outcome:</b> Planting of Malware<br>
|
|
<b>Attacked Entity Field:</b> Search Engine<br>
|
|
<b>Attacked Entity Geography:</b> <br>
|
|
<b>Incident Description:</b> Two Internet security firms have reported that Yahoo's advertising servers have been distributing malware to hundreds of thousands of users over the last few days. The attack appears to be the work of malicious parties who have hijacked Yahoo's advertising network for their own ends.<br>
|
|
<b>Reference:</b> <a href="http://www.washingtonpost.com/blogs/the-switch/wp/2014/01/04/thousands-of-visitors-to-yahoo-com-hit-with-malware-attack-researchers-say//?print=1" target="_blank">http://www.washingtonpost.com/blogs/the-switch/wp/2014/01/04/thousands-of-visitors-to-yahoo-com-hit-with-malware-attack-researchers-say//?print=1</a>
|
|
</div></td> <td><div class="googft-card-view" style="font-family:sans-serif;width:450px;padding:4px;border:1px solid #ccc;overflow:hidden">
|
|
<b>Entry Title:</b> WHID 2014-012: Hacker Group DERP Attacking Xbox Live Now With DDoS, Sign-In Issue Reported<br>
|
|
<b>WHID ID:</b> 2014-012<br>
|
|
<b>Date Occurred:</b> 1/4/2014<br>
|
|
<b>Attack Method:</b> Denial of Service<br>
|
|
<b>Application Weakness:</b> Insufficient Anti-Automation<br>
|
|
<b>Outcome:</b> Downtime<br>
|
|
<b>Attacked Entity Field:</b> Gaming<br>
|
|
<b>Attacked Entity Geography:</b> <br>
|
|
<b>Incident Description:</b> Infamous hacker group DERP has now become a pain in the A#$ for gaming community, after targeting EA's Origin and some video game servers with DDoS attack the group has now started attacking Xbox Live.<br>
|
|
<b>Reference:</b> <a href="http://www.gamepur.com/news/13200-hacker-group-derp-attacking-xbox-live-now-ddos-sign-issue-reported.html" target="_blank">http://www.gamepur.com/news/13200-hacker-group-derp-attacking-xbox-live-now-ddos-sign-issue-reported.html</a>
|
|
</div></td></tr> <tr><td><div class="googft-card-view" style="font-family:sans-serif;width:450px;padding:4px;border:1px solid #ccc;overflow:hidden">
|
|
<b>Entry Title:</b> WHID 2014-011: Sunanda Pushkar claims her Twitter account hacked<br>
|
|
<b>WHID ID:</b> 2014-011<br>
|
|
<b>Date Occurred:</b> 1/4/2014<br>
|
|
<b>Attack Method:</b> Brute Force<br>
|
|
<b>Application Weakness:</b> Insufficient Authentication<br>
|
|
<b>Outcome:</b> Account Takeover<br>
|
|
<b>Attacked Entity Field:</b> Social<br>
|
|
<b>Attacked Entity Geography:</b> <br>
|
|
<b>Incident Description:</b> Sunanda Pushkar, the wife of Union minister of state for HRD Shashi Tharoor, has claimed that "her Twitter account has been hacked" and the message that came criticizing BJP leader Subramaniam Swamy on her account was not hers.<br>
|
|
<b>Reference:</b> <a href="http://articles.timesofindia.indiatimes.com/2014-01-04/india/45859292_1_twitter-account-sunanda-pushkar-tweet" target="_blank">http://articles.timesofindia.indiatimes.com/2014-01-04/india/45859292_1_twitter-account-sunanda-pushkar-tweet</a>
|
|
</div></td> <td><div class="googft-card-view" style="font-family:sans-serif;width:450px;padding:4px;border:1px solid #ccc;overflow:hidden">
|
|
<b>Entry Title:</b> WHID 2014-010: World of Warcraft users hit by account-hijacking malware attack<br>
|
|
<b>WHID ID:</b> 2014-010<br>
|
|
<b>Date Occurred:</b> 1/6/2014<br>
|
|
<b>Attack Method:</b> Malware<br>
|
|
<b>Application Weakness:</b> Insufficient Authentication<br>
|
|
<b>Outcome:</b> Account Takeover<br>
|
|
<b>Attacked Entity Field:</b> Gaming<br>
|
|
<b>Attacked Entity Geography:</b> <br>
|
|
<b>Incident Description:</b> World of Warcraft players have been hit with a malicious trojan that hijacks accounts even when they're protected by two-factor authentication, officials have warned.<br>
|
|
<b>Reference:</b> <a href="http://arstechnica.com/security/2014/01/world-of-warcraft-users-hit-by-account-hijacking-malware-attack/" target="_blank">http://arstechnica.com/security/2014/01/world-of-warcraft-users-hit-by-account-hijacking-malware-attack/</a>
|
|
</div></td></tr> <tr><td><div class="googft-card-view" style="font-family:sans-serif;width:450px;padding:4px;border:1px solid #ccc;overflow:hidden">
|
|
<b>Entry Title:</b> WHID 2014-009: Greyhats expose 4.5 million Snapchat phone numbers using ???theoretical??? hack (updated)<br>
|
|
<b>WHID ID:</b> 2014-009<br>
|
|
<b>Date Occurred:</b> 1/2/2014<br>
|
|
<b>Attack Method:</b> Predictable Resource Location<br>
|
|
<b>Application Weakness:</b> Insufficient Anti-Automation<br>
|
|
<b>Outcome:</b> Leakage of Information<br>
|
|
<b>Attacked Entity Field:</b> Social<br>
|
|
<b>Attacked Entity Geography:</b> <br>
|
|
<b>Incident Description:</b> Greyhat hackers have published the partial phone numbers belonging to more than 4.5 million Snapchat users after exploiting a recently disclosed security weakness that officials of the service had described as theoretical.<br>
|
|
<b>Reference:</b> <a href="http://arstechnica.com/security/2014/01/greyhats-expose-4-5-million-snapchat-phone-numbers-using-theoretical-hack/" target="_blank">http://arstechnica.com/security/2014/01/greyhats-expose-4-5-million-snapchat-phone-numbers-using-theoretical-hack/</a>
|
|
</div></td> <td><div class="googft-card-view" style="font-family:sans-serif;width:450px;padding:4px;border:1px solid #ccc;overflow:hidden">
|
|
<b>Entry Title:</b> WHID 2014-008: World Poker Tour Amateur Poker League Website Hacked<br>
|
|
<b>WHID ID:</b> 2014-008<br>
|
|
<b>Date Occurred:</b> 1/4/2014<br>
|
|
<b>Attack Method:</b> Unknown<br>
|
|
<b>Application Weakness:</b> Unknown<br>
|
|
<b>Outcome:</b> Leakage of Information<br>
|
|
<b>Attacked Entity Field:</b> Gaming<br>
|
|
<b>Attacked Entity Geography:</b> <br>
|
|
<b>Incident Description:</b> The league website for free live poker nights across North America and the UK has been compromised and login details exposed.<br>
|
|
<b>Reference:</b> <a href="http://pokerfuse.com/news/live-and-online/world-poker-tour-amateur-poker-league-website-hacked-04-01/" target="_blank">http://pokerfuse.com/news/live-and-online/world-poker-tour-amateur-poker-league-website-hacked-04-01/</a>
|
|
</div></td></tr> <tr><td><div class="googft-card-view" style="font-family:sans-serif;width:450px;padding:4px;border:1px solid #ccc;overflow:hidden">
|
|
<b>Entry Title:</b> WHID 2014-007: Highland website hacked<br>
|
|
<b>WHID ID:</b> 2014-007<br>
|
|
<b>Date Occurred:</b> 1/3/2014<br>
|
|
<b>Attack Method:</b> Unknown<br>
|
|
<b>Application Weakness:</b> Unknown<br>
|
|
<b>Outcome:</b> Defacement<br>
|
|
<b>Attacked Entity Field:</b> Education<br>
|
|
<b>Attacked Entity Geography:</b> <br>
|
|
<b>Incident Description:</b> Computer hackers broke into the website for the Highland Middle School last month, but school officials said that only the home page was changed.<br>
|
|
<b>Reference:</b> <a href="http://www.heraldbulletin.com/education/x12770567/Highland-website-hacked" target="_blank">http://www.heraldbulletin.com/education/x12770567/Highland-website-hacked</a>
|
|
</div></td> <td><div class="googft-card-view" style="font-family:sans-serif;width:450px;padding:4px;border:1px solid #ccc;overflow:hidden">
|
|
<b>Entry Title:</b> WHID 2014-006: Hacker Group DERP Takes Down Origin, Battlelog and More With DDoS Attack<br>
|
|
<b>WHID ID:</b> 2014-006<br>
|
|
<b>Date Occurred:</b> 1/3/2014<br>
|
|
<b>Attack Method:</b> Denial of Service<br>
|
|
<b>Application Weakness:</b> Insufficient Anti-Automation<br>
|
|
<b>Outcome:</b> Downtime<br>
|
|
<b>Attacked Entity Field:</b> Gaming<br>
|
|
<b>Attacked Entity Geography:</b> <br>
|
|
<b>Incident Description:</b> A hacker group known as DERP is currently taking down all of EA's gaming servers. Battlelog, a web based social networking service for the Battlefield and Medal of Honor series, is also down.<br>
|
|
<b>Reference:</b> <a href="http://www.ibtimes.co.uk/hacker-group-derp-takes-down-origin-battlelog-more-ddos-attack-1430857" target="_blank">http://www.ibtimes.co.uk/hacker-group-derp-takes-down-origin-battlelog-more-ddos-attack-1430857</a>
|
|
</div></td></tr> <tr><td><div class="googft-card-view" style="font-family:sans-serif;width:450px;padding:4px;border:1px solid #ccc;overflow:hidden">
|
|
<b>Entry Title:</b> WHID 2014-005: Battle.net and League of Legend hit with denial of service attacks<br>
|
|
<b>WHID ID:</b> 2014-005<br>
|
|
<b>Date Occurred:</b> 1/3/2014<br>
|
|
<b>Attack Method:</b> Denial of Service<br>
|
|
<b>Application Weakness:</b> Insufficient Anti-Automation<br>
|
|
<b>Outcome:</b> Downtime<br>
|
|
<b>Attacked Entity Field:</b> Gaming<br>
|
|
<b>Attacked Entity Geography:</b> <br>
|
|
<b>Incident Description:</b> Blizzard's Battle.net service has been the target of a denial-of-service attack resulting in intermittent downtime for its game platform as well as server instability on World of Warcraft.<br>
|
|
<b>Reference:</b> <a href="http://www.computerandvideogames.com/443794/battlenet-and-league-of-legend-hit-with-denial-of-service-attacks/" target="_blank">http://www.computerandvideogames.com/443794/battlenet-and-league-of-legend-hit-with-denial-of-service-attacks/</a>
|
|
</div></td> <td><div class="googft-card-view" style="font-family:sans-serif;width:450px;padding:4px;border:1px solid #ccc;overflow:hidden">
|
|
<b>Entry Title:</b> WHID 2014-004: Steam Hit By DDoS Attacks, Hackers Claim Responsibility<br>
|
|
<b>WHID ID:</b> 2014-004<br>
|
|
<b>Date Occurred:</b> 1/3/2014<br>
|
|
<b>Attack Method:</b> Denial of Service<br>
|
|
<b>Application Weakness:</b> Insufficient Anti-Automation<br>
|
|
<b>Outcome:</b> Downtime<br>
|
|
<b>Attacked Entity Field:</b> Gaming<br>
|
|
<b>Attacked Entity Geography:</b> <br>
|
|
<b>Incident Description:</b> We had heard how Snapchat got hacked, and how Microsoft???s Skype social media accounts had been hacked, and now according to the latest reports, we are hearing word that Valve???s Steam platform has been attacked by hackers as well who have launched a series of DDoS attacks against the company???s servers, causing outages and rendering gamers unable to play their online games or connecting to the service entirely.<br>
|
|
<b>Reference:</b> <a href="http://www.ubergizmo.com/2014/01/steam-hit-by-ddos-attacks-hackers-claim-responsibility/" target="_blank">http://www.ubergizmo.com/2014/01/steam-hit-by-ddos-attacks-hackers-claim-responsibility/</a>
|
|
</div></td></tr> <tr><td><div class="googft-card-view" style="font-family:sans-serif;width:450px;padding:4px;border:1px solid #ccc;overflow:hidden">
|
|
<b>Entry Title:</b> WHID 2014-003: Pakistani Hackers Leak Data from Financial Services Online Australia<br>
|
|
<b>WHID ID:</b> 2014-003<br>
|
|
<b>Date Occurred:</b> 1/3/2014<br>
|
|
<b>Attack Method:</b> Unknown<br>
|
|
<b>Application Weakness:</b> Unknown<br>
|
|
<b>Outcome:</b> Leakage of Information<br>
|
|
<b>Attacked Entity Field:</b> Finance<br>
|
|
<b>Attacked Entity Geography:</b> <br>
|
|
<b>Incident Description:</b> A group of Pakistani hackers called Pakiz Cyber Squad has leaked user data apparently stolen from the systems of Financial Services Online (FSO), an Australian company that provides insurance, finance, superannuation and investment services.<br>
|
|
<b>Reference:</b> <a href="http://news.softpedia.com/news/Pakistani-Hackers-Leak-Data-from-Financial-Services-Online-Australia-413191.shtml" target="_blank">http://news.softpedia.com/news/Pakistani-Hackers-Leak-Data-from-Financial-Services-Online-Australia-413191.shtml</a>
|
|
</div></td> <td><div class="googft-card-view" style="font-family:sans-serif;width:450px;padding:4px;border:1px solid #ccc;overflow:hidden">
|
|
<b>Entry Title:</b> WHID 2014-002: Skypes Twitter, Facebook, and blog hacked by Syrian Electronic Army<br>
|
|
<b>WHID ID:</b> 2014-002<br>
|
|
<b>Date Occurred:</b> 1/1/2014<br>
|
|
<b>Attack Method:</b> Unknown<br>
|
|
<b>Application Weakness:</b> Unknown<br>
|
|
<b>Outcome:</b> Account Takeover<br>
|
|
<b>Attacked Entity Field:</b> Social<br>
|
|
<b>Attacked Entity Geography:</b> <br>
|
|
<b>Incident Description:</b> arlier today, a person (or a few people) breached Skype???s security and hacked its Twitter account, Facebook page, and blog. The group claiming responsibility is the Syrian Electronic Army (SEA). Its message: end spying on the public.<br>
|
|
<b>Reference:</b> <a href="http://thenextweb.com/microsoft/2014/01/01/skypes-twitter-account-blog-get-hacked-sea-demanding-end-spying/#!uFj39" target="_blank">http://thenextweb.com/microsoft/2014/01/01/skypes-twitter-account-blog-get-hacked-sea-demanding-end-spying/#!uFj39</a>
|
|
</div></td></tr> <tr><td><div class="googft-card-view" style="font-family:sans-serif;width:450px;padding:4px;border:1px solid #ccc;overflow:hidden">
|
|
<b>Entry Title:</b> WHID 2014-001: MOE website hacked few hours after New Year<br>
|
|
<b>WHID ID:</b> 2014-001<br>
|
|
<b>Date Occurred:</b> 1/1/2014<br>
|
|
<b>Attack Method:</b> Unknown<br>
|
|
<b>Application Weakness:</b> Unknown<br>
|
|
<b>Outcome:</b> Defacement<br>
|
|
<b>Attacked Entity Field:</b> Government<br>
|
|
<b>Attacked Entity Geography:</b> KUALA LUMPUR<br>
|
|
<b>Incident Description:</b> KUALA LUMPUR: The Ministry of Education (MOE) website was allegedly hacked by a group of hackers that called themselves EvilSha0w Team, just a few hours after the country celebrated the New Year, today.<br>
|
|
<b>Reference:</b> <a href="http://www.nst.com.my/latest/moe-website-hacked-few-hours-after-new-year-1.452286" target="_blank">http://www.nst.com.my/latest/moe-website-hacked-few-hours-after-new-year-1.452286</a>
|
|
</div></td> <td><div class="googft-card-view" style="font-family:sans-serif;width:450px;padding:4px;border:1px solid #ccc;overflow:hidden">
|
|
<b>Entry Title:</b> WHID 2013-022: Here?s How Hackers Stole Over $1 Million From 1,600 StubHub Users<br>
|
|
<b>WHID ID:</b> 2013-022<br>
|
|
<b>Date Occurred:</b> 3/1/2013<br>
|
|
<b>Attack Method:</b> Stolen Credentials<br>
|
|
<b>Application Weakness:</b> Insufficient Authentication<br>
|
|
<b>Outcome:</b> Monetary Loss<br>
|
|
<b>Attacked Entity Field:</b> Retail<br>
|
|
<b>Attacked Entity Geography:</b> <br>
|
|
<b>Incident Description:</b> The hackers obtained customers? logins through other sources, StubHub said, not by hacking StubHub?s systems.<br>
|
|
<b>Reference:</b> <a href="http://time.com/3024409/over-1000-stubhub-accounts-reportedly-hacked/" target="_blank">http://time.com/3024409/over-1000-stubhub-accounts-reportedly-hacked/</a>
|
|
</div></td></tr> <tr><td><div class="googft-card-view" style="font-family:sans-serif;width:450px;padding:4px;border:1px solid #ccc;overflow:hidden">
|
|
<b>Entry Title:</b> WHID 2013-021: Two more Cambodia govt sites hacked and defaced<br>
|
|
<b>WHID ID:</b> 2013-021<br>
|
|
<b>Date Occurred:</b> 1/10/2013<br>
|
|
<b>Attack Method:</b> Unknown<br>
|
|
<b>Application Weakness:</b> Unknown<br>
|
|
<b>Outcome:</b> Defacement<br>
|
|
<b>Attacked Entity Field:</b> Government<br>
|
|
<b>Attacked Entity Geography:</b> <br>
|
|
<b>Incident Description:</b> The Web sites of Cambodia's National Military Police and the Supreme Court had been breached by different hacker groups on Tuesday, and industry watchers note government sites in the country are vulnerable to hacks due to their poor security.<br>
|
|
<b>Reference:</b> <a href="http://www.zdnet.com/two-more-cambodia-govt-sites-hacked-and-defaced-7000009622/" target="_blank">http://www.zdnet.com/two-more-cambodia-govt-sites-hacked-and-defaced-7000009622/</a>
|
|
</div></td> <td><div class="googft-card-view" style="font-family:sans-serif;width:450px;padding:4px;border:1px solid #ccc;overflow:hidden">
|
|
<b>Entry Title:</b> WHID 2013-020: Drake International the latest victim of hacking, extortion scheme against companies<br>
|
|
<b>WHID ID:</b> 2013-020<br>
|
|
<b>Date Occurred:</b> 1/9/2013<br>
|
|
<b>Attack Method:</b> SQL Injection<br>
|
|
<b>Application Weakness:</b> Improper Input Handling<br>
|
|
<b>Outcome:</b> Leakage of Information<br>
|
|
<b>Attacked Entity Field:</b> Consulting<br>
|
|
<b>Attacked Entity Geography:</b> <br>
|
|
<b>Incident Description:</b> Drake International, the Canadian-based job placement firm, confirmed Wednesday that it has been the victim of a hacking scheme by a group seeking to extort payment in exchange for not releasing the personal information of people who have used Drake???s services.<br>
|
|
<b>Reference:</b> <a href="http://business.financialpost.com/2013/01/09/drake-international-confirms-database-with-user-information-hacked/?__lsa=bf4c-db1b" target="_blank">http://business.financialpost.com/2013/01/09/drake-international-confirms-database-with-user-information-hacked/?__lsa=bf4c-db1b</a>
|
|
</div></td></tr> <tr><td><div class="googft-card-view" style="font-family:sans-serif;width:450px;padding:4px;border:1px solid #ccc;overflow:hidden">
|
|
<b>Entry Title:</b> WHID 2013-019: DHS website falls victim to hacktivist intrusion<br>
|
|
<b>WHID ID:</b> 2013-019<br>
|
|
<b>Date Occurred:</b> 1/7/2013<br>
|
|
<b>Attack Method:</b> Forceful Browsing<br>
|
|
<b>Application Weakness:</b> Predictable Resource Location<br>
|
|
<b>Outcome:</b> Leakage of Information<br>
|
|
<b>Attacked Entity Field:</b> Government<br>
|
|
<b>Attacked Entity Geography:</b> <br>
|
|
<b>Incident Description:</b> Hacktivist group NullCrew recently announced a succesful intrusion (though intrusionette might be a better word) against a website in the DHS.GOV domain hierarchy.<br>
|
|
<b>Reference:</b> <a href="http://nakedsecurity.sophos.com/2013/01/07/dhs-website-falls-victim-to-hacktivist-intrusion/" target="_blank">http://nakedsecurity.sophos.com/2013/01/07/dhs-website-falls-victim-to-hacktivist-intrusion/</a>
|
|
</div></td> <td><div class="googft-card-view" style="font-family:sans-serif;width:450px;padding:4px;border:1px solid #ccc;overflow:hidden">
|
|
<b>Entry Title:</b> WHID 2013-018: Ubisoft probes sudden rash of hijack attacks on gamers' accounts<br>
|
|
<b>WHID ID:</b> 2013-018<br>
|
|
<b>Date Occurred:</b> 1/4/2013<br>
|
|
<b>Attack Method:</b> Unknown<br>
|
|
<b>Application Weakness:</b> Unknown<br>
|
|
<b>Outcome:</b> Account Hijacking<br>
|
|
<b>Attacked Entity Field:</b> Gaming<br>
|
|
<b>Attacked Entity Geography:</b> <br>
|
|
<b>Incident Description:</b> Ubisoft is investigating a recent spate of hijackings of gaming accounts belonging to users of its Uplay platform<br>
|
|
<b>Reference:</b> <a href="http://www.theregister.co.uk/2013/01/04/ubisoft_gaming_account_hijack_caper/" target="_blank">http://www.theregister.co.uk/2013/01/04/ubisoft_gaming_account_hijack_caper/</a>
|
|
</div></td></tr> <tr><td><div class="googft-card-view" style="font-family:sans-serif;width:450px;padding:4px;border:1px solid #ccc;overflow:hidden">
|
|
<b>Entry Title:</b> WHID 2013-017: Cyberattack hits Fifth Third for 2nd time in week<br>
|
|
<b>WHID ID:</b> 2013-017<br>
|
|
<b>Date Occurred:</b> 1/9/2013<br>
|
|
<b>Attack Method:</b> Denial of Service<br>
|
|
<b>Application Weakness:</b> Insufficient Anti-automation<br>
|
|
<b>Outcome:</b> Downtime<br>
|
|
<b>Attacked Entity Field:</b> Finance<br>
|
|
<b>Attacked Entity Geography:</b> <br>
|
|
<b>Incident Description:</b> Fifth Third Bank's website was hit with a cyberattack Tuesday causing its second shutdown in a span of five days, the Cincinnati Business Courier reports.<br>
|
|
<b>Reference:</b> <a href="http://www.bizjournals.com/columbus/morning_call/2013/01/cyber-attack-hits-fifth-third-for.html" target="_blank">http://www.bizjournals.com/columbus/morning_call/2013/01/cyber-attack-hits-fifth-third-for.html</a>
|
|
</div></td> <td><div class="googft-card-view" style="font-family:sans-serif;width:450px;padding:4px;border:1px solid #ccc;overflow:hidden">
|
|
<b>Entry Title:</b> WHID 2013-016: Law firm???s trust account hacked, ???large six figure??? taken<br>
|
|
<b>WHID ID:</b> 2013-016<br>
|
|
<b>Date Occurred:</b> 1/7/2013<br>
|
|
<b>Attack Method:</b> Banking Trojan<br>
|
|
<b>Application Weakness:</b> Insufficient Process Validation<br>
|
|
<b>Outcome:</b> Monetary Loss<br>
|
|
<b>Attacked Entity Field:</b> Finance<br>
|
|
<b>Attacked Entity Geography:</b> <br>
|
|
<b>Incident Description:</b> In a scam never seen before in Ontario, a Toronto-area law firm lost ???a large six figure??? over the holidays after a virus gave hackers backdoor access to its bookkeeper???s computer. The virus copied bank account passwords as she typed them.<br>
|
|
<b>Reference:</b> <a href="http://www.lawtimesnews.com/201301079535/Headline-News/Law-firms-trust-account-hacked-large-six-figure-taken" target="_blank">http://www.lawtimesnews.com/201301079535/Headline-News/Law-firms-trust-account-hacked-large-six-figure-taken</a>
|
|
</div></td></tr> <tr><td><div class="googft-card-view" style="font-family:sans-serif;width:450px;padding:4px;border:1px solid #ccc;overflow:hidden">
|
|
<b>Entry Title:</b> WHID 2013-015: Yahoo Mail users hit by widespread hacking, XSS exploit seemingly to blame<br>
|
|
<b>WHID ID:</b> 2013-015<br>
|
|
<b>Date Occurred:</b> 1/7/2013<br>
|
|
<b>Attack Method:</b> Cross-site Scripting (XSS)<br>
|
|
<b>Application Weakness:</b> Improper Output Handling<br>
|
|
<b>Outcome:</b> Account Hijacking<br>
|
|
<b>Attacked Entity Field:</b> Web-based Email<br>
|
|
<b>Attacked Entity Geography:</b> <br>
|
|
<b>Incident Description:</b> Late last night reports started coming in suggesting that Yahoo Mail users have had their accounts hacked. While ???hacked??? is a very broad term nowadays, it does appear that Yahoo email accounts are being compromised after users click on a malicious link they receive in their inboxes.<br>
|
|
<b>Reference:</b> <a href="http://thenextweb.com/insider/2013/01/07/yahoo-mail-users-hit-by-widespread-hacking-xss-exploit-seemingly-to-blame/" target="_blank">http://thenextweb.com/insider/2013/01/07/yahoo-mail-users-hit-by-widespread-hacking-xss-exploit-seemingly-to-blame/</a>
|
|
</div></td> <td><div class="googft-card-view" style="font-family:sans-serif;width:450px;padding:4px;border:1px solid #ccc;overflow:hidden">
|
|
<b>Entry Title:</b> WHID 2013-014: BB&T, PNC say they've been hit by cyber hackers<br>
|
|
<b>WHID ID:</b> 2013-014<br>
|
|
<b>Date Occurred:</b> 1/4/2013<br>
|
|
<b>Attack Method:</b> Denial of Service<br>
|
|
<b>Application Weakness:</b> Insufficient Anti-automation<br>
|
|
<b>Outcome:</b> Downtime<br>
|
|
<b>Attacked Entity Field:</b> Finance<br>
|
|
<b>Attacked Entity Geography:</b> <br>
|
|
<b>Incident Description:</b> BB&T Corp. and PNC Financial Services Corp. said Friday they have experienced this week another wave of website ???denial of service??? disruptions that could be coming from cyber hackers.<br>
|
|
<b>Reference:</b> <a href="http://www.journalnow.com/business/business_news/local/article_31f50e90-56dc-11e2-ada2-0019bb30f31a.html" target="_blank">http://www.journalnow.com/business/business_news/local/article_31f50e90-56dc-11e2-ada2-0019bb30f31a.html</a>
|
|
</div></td></tr> <tr><td><div class="googft-card-view" style="font-family:sans-serif;width:450px;padding:4px;border:1px solid #ccc;overflow:hidden">
|
|
<b>Entry Title:</b> WHID 2013-013: DDoS attacks on banks continue into the New Year<br>
|
|
<b>WHID ID:</b> 2013-013<br>
|
|
<b>Date Occurred:</b> 1/4/2013<br>
|
|
<b>Attack Method:</b> Denial of Service<br>
|
|
<b>Application Weakness:</b> Insufficient Anti-automation<br>
|
|
<b>Outcome:</b> Downtime<br>
|
|
<b>Attacked Entity Field:</b> Finance<br>
|
|
<b>Attacked Entity Geography:</b> <br>
|
|
<b>Incident Description:</b> A hacktivist group is claiming responsibility for outages affecting nine U.S. bank websites in recent weeks ??? part of a distributed denial-of-service (DDoS) operation that began last fall.<br>
|
|
<b>Reference:</b> <a href="http://www.scmagazine.com/ddos-attacks-on-banks-continue-into-the-new-year/article/274712/" target="_blank">http://www.scmagazine.com/ddos-attacks-on-banks-continue-into-the-new-year/article/274712/</a>
|
|
</div></td> <td><div class="googft-card-view" style="font-family:sans-serif;width:450px;padding:4px;border:1px solid #ccc;overflow:hidden">
|
|
<b>Entry Title:</b> WHID 2013-012: 22 SL Government sites hacked<br>
|
|
<b>WHID ID:</b> 2013-012<br>
|
|
<b>Date Occurred:</b> 1/3/2013<br>
|
|
<b>Attack Method:</b> Unknown<br>
|
|
<b>Application Weakness:</b> Unknown<br>
|
|
<b>Outcome:</b> Defacement<br>
|
|
<b>Attacked Entity Field:</b> Government<br>
|
|
<b>Attacked Entity Geography:</b> India<br>
|
|
<b>Incident Description:</b> A number of 22 subdomains of the North Central Provincial Council (nc.gov.lk) owned by the Sri Lanka government have been defaced by Bangladeshi Grey Hat Hackers (BGHH).<br>
|
|
<b>Reference:</b> <a href="http://www.dailymirror.lk/news/24732-22-sl-government-sites-hacked.html" target="_blank">http://www.dailymirror.lk/news/24732-22-sl-government-sites-hacked.html</a>
|
|
</div></td></tr> <tr><td><div class="googft-card-view" style="font-family:sans-serif;width:450px;padding:4px;border:1px solid #ccc;overflow:hidden">
|
|
<b>Entry Title:</b> WHID 2013-011: Foreign Policy Group Gets Hacker Happy New Yea<br>
|
|
<b>WHID ID:</b> 2013-011<br>
|
|
<b>Date Occurred:</b> 1/3/2013<br>
|
|
<b>Attack Method:</b> Unknown<br>
|
|
<b>Application Weakness:</b> Unknown<br>
|
|
<b>Outcome:</b> Planting of Malware<br>
|
|
<b>Attacked Entity Field:</b> Politics<br>
|
|
<b>Attacked Entity Geography:</b> <br>
|
|
<b>Incident Description:</b> The group's website was infected with malware that uses a "watering hole" attack -??? waiting for users to visit the site before downloading the malware to their machines.<br>
|
|
<b>Reference:</b> <a href="http://news.discovery.com/tech/council-on-foreign-relations-site-hit-with-malware-130103.htm" target="_blank">http://news.discovery.com/tech/council-on-foreign-relations-site-hit-with-malware-130103.htm</a>
|
|
</div></td> <td><div class="googft-card-view" style="font-family:sans-serif;width:450px;padding:4px;border:1px solid #ccc;overflow:hidden">
|
|
<b>Entry Title:</b> WHID 2013-010: Just in time: Facebook restores New Year???s messaging service after plugging privacy loophole<br>
|
|
<b>WHID ID:</b> 2013-010<br>
|
|
<b>Date Occurred:</b> 1/1/2013<br>
|
|
<b>Attack Method:</b> Forceful Browsing<br>
|
|
<b>Application Weakness:</b> Predictable Resource Location<br>
|
|
<b>Outcome:</b> Leakage of Information<br>
|
|
<b>Attacked Entity Field:</b> Social<br>
|
|
<b>Attacked Entity Geography:</b> <br>
|
|
<b>Incident Description:</b> Earlier today, social networking giant Facebook was caught with its pants down when blogger Jack Jenkins noticed a privacy flaw with its New Year ???Midnight Delivery??? messaging service.<br>
|
|
<b>Reference:</b> <a href="http://thenextweb.com/facebook/2012/12/31/just-in-time-facebook-restores-new-years-messaging-service-after-plugging-privacy-loophole/" target="_blank">http://thenextweb.com/facebook/2012/12/31/just-in-time-facebook-restores-new-years-messaging-service-after-plugging-privacy-loophole/</a>
|
|
</div></td></tr> <tr><td><div class="googft-card-view" style="font-family:sans-serif;width:450px;padding:4px;border:1px solid #ccc;overflow:hidden">
|
|
<b>Entry Title:</b> WHID 2013-009: Facebook fixes 'Peeping Tom' webcam bug - AFTER 5 MONTHS<br>
|
|
<b>WHID ID:</b> 2013-009<br>
|
|
<b>Date Occurred:</b> 1/2/2013<br>
|
|
<b>Attack Method:</b> Cross-site Request Forgery (CSRF)<br>
|
|
<b>Application Weakness:</b> Insufficient Process Validation<br>
|
|
<b>Outcome:</b> Leakage of Information<br>
|
|
<b>Attacked Entity Field:</b> Social<br>
|
|
<b>Attacked Entity Geography:</b> <br>
|
|
<b>Incident Description:</b> Facebook had a busy time over the holiday period fixing several security flaws, including a webcam-related vulnerability that allowed hackers to record video from a user's web camera and post it on their timeline.<br>
|
|
<b>Reference:</b> <a href="http://www.theregister.co.uk/2013/01/02/facebook_privacy_bug_fixes/" target="_blank">http://www.theregister.co.uk/2013/01/02/facebook_privacy_bug_fixes/</a>
|
|
</div></td> <td><div class="googft-card-view" style="font-family:sans-serif;width:450px;padding:4px;border:1px solid #ccc;overflow:hidden">
|
|
<b>Entry Title:</b> WHID 2013-008: ZOL website hacked<br>
|
|
<b>WHID ID:</b> 2013-008<br>
|
|
<b>Date Occurred:</b> 1/3/2013<br>
|
|
<b>Attack Method:</b> Unknown<br>
|
|
<b>Application Weakness:</b> Unknown<br>
|
|
<b>Outcome:</b> Defacement<br>
|
|
<b>Attacked Entity Field:</b> Hosting Providers<br>
|
|
<b>Attacked Entity Geography:</b> <br>
|
|
<b>Incident Description:</b> Today we woke up to the tip that the website of one of the largest internet service providers in the country, Zimbabwe Online (ZOL) had been hacked.<br>
|
|
<b>Reference:</b> <a href="http://www.techzim.co.zw/2013/01/zol-website-is-hacked/" target="_blank">http://www.techzim.co.zw/2013/01/zol-website-is-hacked/</a>
|
|
</div></td></tr> <tr><td><div class="googft-card-view" style="font-family:sans-serif;width:450px;padding:4px;border:1px solid #ccc;overflow:hidden">
|
|
<b>Entry Title:</b> WHID 2013-007: Hacker AnonAcid Publishes Data on 50,000 Ohio Residents<br>
|
|
<b>WHID ID:</b> 2013-007<br>
|
|
<b>Date Occurred:</b> 1/3/2013<br>
|
|
<b>Attack Method:</b> Unknown<br>
|
|
<b>Application Weakness:</b> Unknown<br>
|
|
<b>Outcome:</b> Leakage of Information<br>
|
|
<b>Attacked Entity Field:</b> Government<br>
|
|
<b>Attacked Entity Geography:</b> <br>
|
|
<b>Incident Description:</b> As part of OpRedRoll and Occupy Steubenville, Anonymous' response to the rape of a 15-year-old girl in Steubenville, Ohio last August, hacker AnonAcid recently published the names, birthdates, addresses and other personal data of residents of Steubenville and nearby towns in Ohio.<br>
|
|
<b>Reference:</b> <a href="http://www.esecurityplanet.com/hackers/hacker-anonacid-publishes-data-on-50000-ohio-residents.html" target="_blank">http://www.esecurityplanet.com/hackers/hacker-anonacid-publishes-data-on-50000-ohio-residents.html</a>
|
|
</div></td> <td><div class="googft-card-view" style="font-family:sans-serif;width:450px;padding:4px;border:1px solid #ccc;overflow:hidden">
|
|
<b>Entry Title:</b> WHID 2013-006: World Wildlife Foundation China Hacked, Details of 80,000 Users Leaked<br>
|
|
<b>WHID ID:</b> 2013-006<br>
|
|
<b>Date Occurred:</b> 1/3/2013<br>
|
|
<b>Attack Method:</b> SQL Injection<br>
|
|
<b>Application Weakness:</b> Improper Input Handling<br>
|
|
<b>Outcome:</b> Leakage of Information<br>
|
|
<b>Attacked Entity Field:</b> Non-Profit<br>
|
|
<b>Attacked Entity Geography:</b> <br>
|
|
<b>Incident Description:</b> A hacker collective called DarkWeb Goons, recently founded by a former member of the Grey Security group, has breached the official website of World Wildlife Foundation China (wwfchina.org).<br>
|
|
<b>Reference:</b> <a href="http://news.softpedia.com/news/World-Wildlife-Foundation-China-Hacked-Details-of-80-000-Users-Leaked-318117.shtml" target="_blank">http://news.softpedia.com/news/World-Wildlife-Foundation-China-Hacked-Details-of-80-000-Users-Leaked-318117.shtml</a>
|
|
</div></td></tr> <tr><td><div class="googft-card-view" style="font-family:sans-serif;width:450px;padding:4px;border:1px solid #ccc;overflow:hidden">
|
|
<b>Entry Title:</b> WHID 2013-005: Energy Manufacturer Also Victimized by IE Zero Day in Watering Hole Attack<br>
|
|
<b>WHID ID:</b> 2013-005<br>
|
|
<b>Date Occurred:</b> 1/2/2013<br>
|
|
<b>Attack Method:</b> Unknown<br>
|
|
<b>Application Weakness:</b> Unknown<br>
|
|
<b>Outcome:</b> Planting of Malware<br>
|
|
<b>Attacked Entity Field:</b> Energy<br>
|
|
<b>Attacked Entity Geography:</b> <br>
|
|
<b>Incident Description:</b> Researcher Eric Romang said that Capstone Turbine Corp., which builds power generation equipment for utilities, has been infected with malware exploiting CVE 2012-4969 for four months and the latest IE exploit since Dec. 18.<br>
|
|
<b>Reference:</b> <a href="http://threatpost.com/en_us/blogs/energy-manufacturer-also-victimized-ie-zero-day-watering-hole-attack-010213" target="_blank">http://threatpost.com/en_us/blogs/energy-manufacturer-also-victimized-ie-zero-day-watering-hole-attack-010213</a>
|
|
</div></td> <td><div class="googft-card-view" style="font-family:sans-serif;width:450px;padding:4px;border:1px solid #ccc;overflow:hidden">
|
|
<b>Entry Title:</b> WHID 2013-004: The hacker has breached a large number of websites over the past several days<br>
|
|
<b>WHID ID:</b> 2013-004<br>
|
|
<b>Date Occurred:</b> 1/1/2013<br>
|
|
<b>Attack Method:</b> SQL Injection<br>
|
|
<b>Application Weakness:</b> Improper Input Handling<br>
|
|
<b>Outcome:</b> Leakage of Information<br>
|
|
<b>Attacked Entity Field:</b> Government<br>
|
|
<b>Attacked Entity Geography:</b> <br>
|
|
<b>Incident Description:</b> The hacker has breached a large number of websites over the past several days, including the Jawaharlal Nehru Centre for Advanced Scientific Research (jncasr.ac.in)<br>
|
|
<b>Reference:</b> <a href="http://news.softpedia.com/news/Yemen-Customs-Authority-Hacked-User-Details-Leaked-318245.shtml" target="_blank">http://news.softpedia.com/news/Yemen-Customs-Authority-Hacked-User-Details-Leaked-318245.shtml</a>
|
|
</div></td></tr> <tr><td><div class="googft-card-view" style="font-family:sans-serif;width:450px;padding:4px;border:1px solid #ccc;overflow:hidden">
|
|
<b>Entry Title:</b> WHID 2013-003: Hacker has breached a large number of websites<br>
|
|
<b>WHID ID:</b> 2013-003<br>
|
|
<b>Date Occurred:</b> 1/1/2013<br>
|
|
<b>Attack Method:</b> SQL Injection<br>
|
|
<b>Application Weakness:</b> Improper Input Handling<br>
|
|
<b>Outcome:</b> Leakage of Information<br>
|
|
<b>Attacked Entity Field:</b> Government<br>
|
|
<b>Attacked Entity Geography:</b> <br>
|
|
<b>Incident Description:</b> hacker has breached a large number of websites over the past several days, including the Indian National Institute of Technology (nitdgp.ac.in)<br>
|
|
<b>Reference:</b> <a href="http://news.softpedia.com/news/Yemen-Customs-Authority-Hacked-User-Details-Leaked-318245.shtml" target="_blank">http://news.softpedia.com/news/Yemen-Customs-Authority-Hacked-User-Details-Leaked-318245.shtml</a>
|
|
</div></td> <td><div class="googft-card-view" style="font-family:sans-serif;width:450px;padding:4px;border:1px solid #ccc;overflow:hidden">
|
|
<b>Entry Title:</b> WHID 201-3-002: Yemen Customs Authority Hacked, User Details Leaked<br>
|
|
<b>WHID ID:</b> 2013-002<br>
|
|
<b>Date Occurred:</b> 1/1/2013<br>
|
|
<b>Attack Method:</b> SQL Injection<br>
|
|
<b>Application Weakness:</b> Improper Input Handling<br>
|
|
<b>Outcome:</b> Leakage of Information<br>
|
|
<b>Attacked Entity Field:</b> Government<br>
|
|
<b>Attacked Entity Geography:</b> <br>
|
|
<b>Incident Description:</b> The hacker known as JokerCracker has breached the official website of Yemen???s Customs Authority (customs.gov.ye), leaking the details of hundreds of users.<br>
|
|
<b>Reference:</b> <a href="http://news.softpedia.com/news/Yemen-Customs-Authority-Hacked-User-Details-Leaked-318245.shtml" target="_blank">http://news.softpedia.com/news/Yemen-Customs-Authority-Hacked-User-Details-Leaked-318245.shtml</a>
|
|
</div></td></tr> <tr><td><div class="googft-card-view" style="font-family:sans-serif;width:450px;padding:4px;border:1px solid #ccc;overflow:hidden">
|
|
<b>Entry Title:</b> WHID 2013-001: OpFuckMohammad - Happy New Year<br>
|
|
<b>WHID ID:</b> 2013-001<br>
|
|
<b>Date Occurred:</b> 1/1/2013<br>
|
|
<b>Attack Method:</b> SQL Injection<br>
|
|
<b>Application Weakness:</b> Improper Input Handling<br>
|
|
<b>Outcome:</b> Leakage of Information<br>
|
|
<b>Attacked Entity Field:</b> Media<br>
|
|
<b>Attacked Entity Geography:</b> <br>
|
|
<b>Incident Description:</b> PastBin DB Dump of data from attack on http://eldorar.com/<br>
|
|
<b>Reference:</b> <a href="http://pastebin.com/yDFK5XEC" target="_blank">http://pastebin.com/yDFK5XEC</a>
|
|
</div></td> <td><div class="googft-card-view" style="font-family:sans-serif;width:450px;padding:4px;border:1px solid #ccc;overflow:hidden">
|
|
<b>Entry Title:</b> WHID 2012-100: ICO fines travel firm ?150,000 after hacker steals card details from more than a million customers<br>
|
|
<b>WHID ID:</b> 2012-100<br>
|
|
<b>Date Occurred:</b> 12/21/2012<br>
|
|
<b>Attack Method:</b> SQL Injection<br>
|
|
<b>Application Weakness:</b> Improper Input Handling<br>
|
|
<b>Outcome:</b> Leakage of Information<br>
|
|
<b>Attacked Entity Field:</b> Travel<br>
|
|
<b>Attacked Entity Geography:</b> <br>
|
|
<b>Incident Description:</b> This happened on 21 December 2012, when the hacker uncovered a coding error in the website and used an SQL injection to log in to the administrators? interface, the report explained.<br>
|
|
<b>Reference:</b> <a href="http://www.v3.co.uk/v3-uk/news/2357033/ico-fines-travel-firm-gbp150-000-after-hacker-steals-over-a-million-card-details" target="_blank">http://www.v3.co.uk/v3-uk/news/2357033/ico-fines-travel-firm-gbp150-000-after-hacker-steals-over-a-million-card-details</a>
|
|
</div></td></tr> <tr><td><div class="googft-card-view" style="font-family:sans-serif;width:450px;padding:4px;border:1px solid #ccc;overflow:hidden">
|
|
<b>Entry Title:</b> WHID 2012-99: 'Anonymous' hackers attack Brazilian websites<br>
|
|
<b>WHID ID:</b> 2012-99<br>
|
|
<b>Date Occurred:</b> 1/21/2012<br>
|
|
<b>Attack Method:</b> Denial of Service<br>
|
|
<b>Application Weakness:</b> Insufficient Anti-automation<br>
|
|
<b>Outcome:</b> Downtime<br>
|
|
<b>Attacked Entity Field:</b> Government<br>
|
|
<b>Attacked Entity Geography:</b> RIO DE JANEIRO, Brazil<br>
|
|
<b>Incident Description:</b> The computer hacker group Anonymous attacked websites of Brazil's federal district Saturday as well as one belonging to a Brazilian singer to protest the forced closure of Megaupload.com.<br>
|
|
<b>Reference:</b> <a href="http://www.google.com/hostednews/afp/article/ALeqM5jGNOfn8Ij_BmP_UTSE83cFq_bMDA?docId=CNG.ed2a687c0642d8185d1e4e7ccab9f2c3.6e1" target="_blank">http://www.google.com/hostednews/afp/article/ALeqM5jGNOfn8Ij_BmP_UTSE83cFq_bMDA?docId=CNG.ed2a687c0642d8185d1e4e7ccab9f2c3.6e1</a>
|
|
</div></td> <td><div class="googft-card-view" style="font-family:sans-serif;width:450px;padding:4px;border:1px solid #ccc;overflow:hidden">
|
|
<b>Entry Title:</b> WHID 2012-98: Hackers tap Salem Co. account for $19,000<br>
|
|
<b>WHID ID:</b> 2012-98<br>
|
|
<b>Date Occurred:</b> 1/22/2012<br>
|
|
<b>Attack Method:</b> Banking Trojan<br>
|
|
<b>Application Weakness:</b> Insufficient Process Validation<br>
|
|
<b>Outcome:</b> Monetary Loss<br>
|
|
<b>Attacked Entity Field:</b> Finance<br>
|
|
<b>Attacked Entity Geography:</b> Salem, NJ<br>
|
|
<b>Incident Description:</b> Computer hackers have broken in and stolen approximately $19,000 by way of an illegal wire transfer from a Salem County bank account that held more than $13 million in funds.<br>
|
|
<b>Reference:</b> <a href="http://www.nj.com/salem/index.ssf/2012/01/hackers_tap_salem_co_account_f.html" target="_blank">http://www.nj.com/salem/index.ssf/2012/01/hackers_tap_salem_co_account_f.html</a>
|
|
</div></td></tr> <tr><td><div class="googft-card-view" style="font-family:sans-serif;width:450px;padding:4px;border:1px solid #ccc;overflow:hidden">
|
|
<b>Entry Title:</b> WHID 2012-97: Israeli hacker posts ???100,000??_ more stolen Facebook logins<br>
|
|
<b>WHID ID:</b> 2012-97<br>
|
|
<b>Date Occurred:</b> 1/21/2012<br>
|
|
<b>Attack Method:</b> Unknown<br>
|
|
<b>Application Weakness:</b> Unknown<br>
|
|
<b>Outcome:</b> Leakage of Information<br>
|
|
<b>Attacked Entity Field:</b> Social<br>
|
|
<b>Attacked Entity Geography:</b> San Francisco<br>
|
|
<b>Incident Description:</b> Israeli hacker Hannibal claims to have stolen another 100,000 Facebook logins from Arab users of the social network. A quick analysis shows that the number is actually closer to 20,000 accounts.<br>
|
|
<b>Reference:</b> <a href="https://www.zdnet.com/blog/facebook/israeli-hacker-posts-8216100000-8242-more-stolen-facebook-logins/7837" target="_blank">https://www.zdnet.com/blog/facebook/israeli-hacker-posts-8216100000-8242-more-stolen-facebook-logins/7837</a>
|
|
</div></td> <td><div class="googft-card-view" style="font-family:sans-serif;width:450px;padding:4px;border:1px solid #ccc;overflow:hidden">
|
|
<b>Entry Title:</b> WHID 2012-96: Israeli hacker steals 85,000 Facebook logins from Arabs<br>
|
|
<b>WHID ID:</b> 2012-96<br>
|
|
<b>Date Occurred:</b> 1/19/2012<br>
|
|
<b>Attack Method:</b> Unknown<br>
|
|
<b>Application Weakness:</b> Unknown<br>
|
|
<b>Outcome:</b> Leakage of Information<br>
|
|
<b>Attacked Entity Field:</b> Social<br>
|
|
<b>Attacked Entity Geography:</b> San Francisco, CA<br>
|
|
<b>Incident Description:</b> An Israeli hacker who goes by the name Hannibal this week stole ???85,000??_ Facebook logins from Arab users of the social network, as part of an online hacker war being fought in the Middle East.<br>
|
|
<b>Reference:</b> <a href="https://www.zdnet.com/blog/facebook/israeli-hacker-steals-85000-facebook-logins-from-arabs/7758" target="_blank">https://www.zdnet.com/blog/facebook/israeli-hacker-steals-85000-facebook-logins-from-arabs/7758</a>
|
|
</div></td></tr> <tr><td><div class="googft-card-view" style="font-family:sans-serif;width:450px;padding:4px;border:1px solid #ccc;overflow:hidden">
|
|
<b>Entry Title:</b> WHID 2012-95: T-Mobile reused staff passwords<br>
|
|
<b>WHID ID:</b> 2012-95<br>
|
|
<b>Date Occurred:</b> 1/19/2012<br>
|
|
<b>Attack Method:</b> SQL Injection<br>
|
|
<b>Application Weakness:</b> Improper Input Handling<br>
|
|
<b>Outcome:</b> Leakage of Information<br>
|
|
<b>Attacked Entity Field:</b> Technology<br>
|
|
<b>Attacked Entity Geography:</b> Bonn, DE<br>
|
|
<b>Incident Description:</b> A hacking group has dumped internal login-in details for T-Mobile staff revealing the US telco had reused passwords for multiple accounts.<br>
|
|
<b>Reference:</b> <a href="http://www.scmagazine.com.au/News/287402,t-mobile-reused-staff-passwords.aspx" target="_blank">http://www.scmagazine.com.au/News/287402,t-mobile-reused-staff-passwords.aspx</a>
|
|
</div></td> <td><div class="googft-card-view" style="font-family:sans-serif;width:450px;padding:4px;border:1px solid #ccc;overflow:hidden">
|
|
<b>Entry Title:</b> WHID 2012-94: VideoGamesPlus.ca hacked, 21,000 users' details stolen<br>
|
|
<b>WHID ID:</b> 2012-94<br>
|
|
<b>Date Occurred:</b> 1/18/2012<br>
|
|
<b>Attack Method:</b> Unknown<br>
|
|
<b>Application Weakness:</b> Unknown<br>
|
|
<b>Outcome:</b> Leakage of Information<br>
|
|
<b>Attacked Entity Field:</b> Entertainment<br>
|
|
<b>Attacked Entity Geography:</b> Ontario, Canada<br>
|
|
<b>Incident Description:</b> VGP admitted it was "currently investigating a security issue" in a generic email addressed to users, passed to Eurogamer this evening. The company recommends users change their passwords "as a safety precaution" and apologised "for any inconvenience caused".<br>
|
|
<b>Reference:</b> <a href="http://www.eurogamer.net/articles/2012-01-18-videogamesplus-ca-hacked-21-000-users-details-stolen" target="_blank">http://www.eurogamer.net/articles/2012-01-18-videogamesplus-ca-hacked-21-000-users-details-stolen</a>
|
|
</div></td></tr> <tr><td><div class="googft-card-view" style="font-family:sans-serif;width:450px;padding:4px;border:1px solid #ccc;overflow:hidden">
|
|
<b>Entry Title:</b> WHID 2012-93: Hackers steal $6.7M in cyber bank robbery<br>
|
|
<b>WHID ID:</b> 2012-93<br>
|
|
<b>Date Occurred:</b> 1/18/2012<br>
|
|
<b>Attack Method:</b> Banking Trojan<br>
|
|
<b>Application Weakness:</b> Insufficient Process Validation<br>
|
|
<b>Outcome:</b> Monetary Loss<br>
|
|
<b>Attacked Entity Field:</b> Finance<br>
|
|
<b>Attacked Entity Geography:</b> Johannesburg, South Africa<br>
|
|
<b>Incident Description:</b> Most of the hackers we talk about here are out to steal credit card numbers and harass. Some of the hacks result in illicit gains, but few that we have talked about have been able to pull the massive amount of funds that hackers who hit the South African Postbank have grabbed. These hackers were able to steal $6.7 million from the bank.<br>
|
|
<b>Reference:</b> <a href="http://www.slashgear.com/hackers-steal-6-7m-in-cyber-bank-robbery-18209697/" target="_blank">http://www.slashgear.com/hackers-steal-6-7m-in-cyber-bank-robbery-18209697/</a>
|
|
</div></td> <td><div class="googft-card-view" style="font-family:sans-serif;width:450px;padding:4px;border:1px solid #ccc;overflow:hidden">
|
|
<b>Entry Title:</b> WHID 2012-92: Ashton Kutcher's FourSquare, Twitter hacked<br>
|
|
<b>WHID ID:</b> 2012-92<br>
|
|
<b>Date Occurred:</b> 1/18/2012<br>
|
|
<b>Attack Method:</b> Unknown<br>
|
|
<b>Application Weakness:</b> Unknown<br>
|
|
<b>Outcome:</b> Account Takeover<br>
|
|
<b>Attacked Entity Field:</b> Social<br>
|
|
<b>Attacked Entity Geography:</b> San Francisco<br>
|
|
<b>Incident Description:</b> Hackers broke into the FourSquare and Twitter accounts of actor Ashton Kutcher, claiming to confirm he was in a romantic relationship with Lorene Scafaria.<br>
|
|
<b>Reference:</b> <a href="http://www.gmanetwork.com/news/story/244942/scitech/socialmedia/ashton-kutcher-s-foursquare-twitter-hacked" target="_blank">http://www.gmanetwork.com/news/story/244942/scitech/socialmedia/ashton-kutcher-s-foursquare-twitter-hacked</a>
|
|
</div></td></tr> <tr><td><div class="googft-card-view" style="font-family:sans-serif;width:450px;padding:4px;border:1px solid #ccc;overflow:hidden">
|
|
<b>Entry Title:</b> WHID 2012-91: Hackers spread malware via children's gaming websites<br>
|
|
<b>WHID ID:</b> 2012-91<br>
|
|
<b>Date Occurred:</b> 1/16/2012<br>
|
|
<b>Attack Method:</b> Unknown<br>
|
|
<b>Application Weakness:</b> Improper Output Handling<br>
|
|
<b>Outcome:</b> Planting of Malware<br>
|
|
<b>Attacked Entity Field:</b> Entertainment<br>
|
|
<b>Attacked Entity Geography:</b> Fortitude Valley, Australia<br>
|
|
<b>Incident Description:</b> Hackers are increasingly targeting child-focused gaming websites, according to a leading anti-virus firm.<br>
|
|
<b>Reference:</b> <a href="http://www.bbc.co.uk/news/technology-16576542" target="_blank">http://www.bbc.co.uk/news/technology-16576542</a>
|
|
</div></td> <td><div class="googft-card-view" style="font-family:sans-serif;width:450px;padding:4px;border:1px solid #ccc;overflow:hidden">
|
|
<b>Entry Title:</b> WHID 2012-90: Namesco customers affected by hackers<br>
|
|
<b>WHID ID:</b> 2012-90<br>
|
|
<b>Date Occurred:</b> 1/16/2012<br>
|
|
<b>Attack Method:</b> Unknown<br>
|
|
<b>Application Weakness:</b> Unknown<br>
|
|
<b>Outcome:</b> Leakage of Information<br>
|
|
<b>Attacked Entity Field:</b> Service Provider<br>
|
|
<b>Attacked Entity Geography:</b> UK<br>
|
|
<b>Incident Description:</b> UK ISP Namesco confirmed that a small number of its customers were affected by hackers who broke into the company system and stole some personal data, including credit card information, ISPreview reported.<br>
|
|
<b>Reference:</b> <a href="http://www.telecompaper.com/news/namesco-customers-affected-by-hackers" target="_blank">http://www.telecompaper.com/news/namesco-customers-affected-by-hackers</a>
|
|
</div></td></tr> <tr><td><div class="googft-card-view" style="font-family:sans-serif;width:450px;padding:4px;border:1px solid #ccc;overflow:hidden">
|
|
<b>Entry Title:</b> WHID 2012-9: GAME website 'hacked', passwords obtained - Report<br>
|
|
<b>WHID ID:</b> 2012-9<br>
|
|
<b>Date Occurred:</b> 1/16/2012<br>
|
|
<b>Attack Method:</b> Shell Injection<br>
|
|
<b>Application Weakness:</b> Improper Input Handling<br>
|
|
<b>Outcome:</b> Leakage of Information<br>
|
|
<b>Attacked Entity Field:</b> Entertainment<br>
|
|
<b>Attacked Entity Geography:</b> United Kingdom<br>
|
|
<b>Incident Description:</b> There are fears that the GAME website's user database has been hacked, with hackers getting hold of over 200 customers' email addresses and passwords in clear text.<br>
|
|
<b>Reference:</b> <a href="http://www.computerandvideogames.com/332334/game-website-hacked-passwords-obtained-report/" target="_blank">http://www.computerandvideogames.com/332334/game-website-hacked-passwords-obtained-report/</a>
|
|
</div></td> <td><div class="googft-card-view" style="font-family:sans-serif;width:450px;padding:4px;border:1px solid #ccc;overflow:hidden">
|
|
<b>Entry Title:</b> WHID 2012-89: Nigerian army website hacked by protesters<br>
|
|
<b>WHID ID:</b> 2012-89<br>
|
|
<b>Date Occurred:</b> 1/16/2012<br>
|
|
<b>Attack Method:</b> Unknown<br>
|
|
<b>Application Weakness:</b> Unknown<br>
|
|
<b>Outcome:</b> Defacement<br>
|
|
<b>Attacked Entity Field:</b> Government<br>
|
|
<b>Attacked Entity Geography:</b> Nigeria<br>
|
|
<b>Incident Description:</b> A Nigerian army website was hacked by cyber activists Monday as protests against a hike in fuel prices continue.<br>
|
|
<b>Reference:</b> <a href="http://observers.france24.com/content/20120116-nigerian-army-website-hacked-protesters-occupy-fuel-subisidy-goodluck-jonathan-lagos-soldiers-roadblocks-strike" target="_blank">http://observers.france24.com/content/20120116-nigerian-army-website-hacked-protesters-occupy-fuel-subisidy-goodluck-jonathan-lagos-soldiers-roadblocks-strike</a>
|
|
</div></td></tr> <tr><td><div class="googft-card-view" style="font-family:sans-serif;width:450px;padding:4px;border:1px solid #ccc;overflow:hidden">
|
|
<b>Entry Title:</b> WHID 2012-88: Anti-Israeli hackers hit ally Azerbaijan's websites<br>
|
|
<b>WHID ID:</b> 2012-88<br>
|
|
<b>Date Occurred:</b> 1/16/2012<br>
|
|
<b>Attack Method:</b> Unknown<br>
|
|
<b>Application Weakness:</b> Unknown<br>
|
|
<b>Outcome:</b> Defacement<br>
|
|
<b>Attacked Entity Field:</b> Government<br>
|
|
<b>Attacked Entity Geography:</b> Tel-Aviv, Israel<br>
|
|
<b>Incident Description:</b> Anti-Israeli hackers attacked official websites in the Jewish state's mainly Muslim ally Azerbaijan on Monday, the same day as several Israeli sites were also threatened. To read more: http://www.nowlebanon.com/NewsArchiveDetails.aspx?ID=353180#ixzz1rxH5n79K Only 25% of a given NOW Lebanon article can be republished. For information on republishing rights from NOW Lebanon: http://www.nowlebanon.com/Sub.aspx?ID=125478<br>
|
|
<b>Reference:</b> <a href="http://www.nowlebanon.com/NewsArchiveDetails.aspx?ID=353180" target="_blank">http://www.nowlebanon.com/NewsArchiveDetails.aspx?ID=353180</a>
|
|
</div></td> <td><div class="googft-card-view" style="font-family:sans-serif;width:450px;padding:4px;border:1px solid #ccc;overflow:hidden">
|
|
<b>Entry Title:</b> WHID 2012-87: Actress Madhu Shalini???s twitter account hacked<br>
|
|
<b>WHID ID:</b> 2012-87<br>
|
|
<b>Date Occurred:</b> 1/16/2012<br>
|
|
<b>Attack Method:</b> Unknown<br>
|
|
<b>Application Weakness:</b> Unknown<br>
|
|
<b>Outcome:</b> Disinformation<br>
|
|
<b>Attacked Entity Field:</b> Social<br>
|
|
<b>Attacked Entity Geography:</b> San Francisco, CA<br>
|
|
<b>Incident Description:</b> On realizing that her account was hacked, the actress was quick to retrieve it, giving the hacker little chance to misuse the account<br>
|
|
<b>Reference:</b> <a href="http://articles.timesofindia.indiatimes.com/2012-01-16/news-interviews/30631582_1_twitter-account-hacker-popular-micro-blogging-site" target="_blank">http://articles.timesofindia.indiatimes.com/2012-01-16/news-interviews/30631582_1_twitter-account-hacker-popular-micro-blogging-site</a>
|
|
</div></td></tr> <tr><td><div class="googft-card-view" style="font-family:sans-serif;width:450px;padding:4px;border:1px solid #ccc;overflow:hidden">
|
|
<b>Entry Title:</b> WHID 2012-86: HuffPo's Twitter account hacked<br>
|
|
<b>WHID ID:</b> 2012-86<br>
|
|
<b>Date Occurred:</b> 1/15/2012<br>
|
|
<b>Attack Method:</b> Unknown<br>
|
|
<b>Application Weakness:</b> Unknown<br>
|
|
<b>Outcome:</b> Disinformation<br>
|
|
<b>Attacked Entity Field:</b> Social<br>
|
|
<b>Attacked Entity Geography:</b> San Francisco, CA<br>
|
|
<b>Incident Description:</b> Usual tweets with links to stories about celebrities and cute animal photos are joined by racist and homophobic notes on The Huffington Post's Twitter account.<br>
|
|
<b>Reference:</b> <a href="http://news.cnet.com/8301-1023_3-57359471-93/huffpos-twitter-account-hacked/" target="_blank">http://news.cnet.com/8301-1023_3-57359471-93/huffpos-twitter-account-hacked/</a>
|
|
</div></td> <td><div class="googft-card-view" style="font-family:sans-serif;width:450px;padding:4px;border:1px solid #ccc;overflow:hidden">
|
|
<b>Entry Title:</b> WHID 2012-85: Websites of Israel bourse, airline brought down<br>
|
|
<b>WHID ID:</b> 2012-85<br>
|
|
<b>Date Occurred:</b> 1/16/2012<br>
|
|
<b>Attack Method:</b> Denial of Service<br>
|
|
<b>Application Weakness:</b> Insufficient Anti-automation<br>
|
|
<b>Outcome:</b> Downtime<br>
|
|
<b>Attacked Entity Field:</b> Finance<br>
|
|
<b>Attacked Entity Geography:</b> Tel-Aviv, Israel<br>
|
|
<b>Incident Description:</b> The websites of Israeli national carrier El Al and the Tel Aviv Stock Exchange were both offline on Monday morning hours after they were reportedly threatened by a hacker claiming to be Saudi.<br>
|
|
<b>Reference:</b> <a href="http://www.bangkokpost.com/tech/computer/275406/websites-of-israel-bourse-airline-brought-down" target="_blank">http://www.bangkokpost.com/tech/computer/275406/websites-of-israel-bourse-airline-brought-down</a>
|
|
</div></td></tr> <tr><td><div class="googft-card-view" style="font-family:sans-serif;width:450px;padding:4px;border:1px solid #ccc;overflow:hidden">
|
|
<b>Entry Title:</b> WHID 2012-84: Hackers deface city police website<br>
|
|
<b>WHID ID:</b> 2012-84<br>
|
|
<b>Date Occurred:</b> 1/15/2012<br>
|
|
<b>Attack Method:</b> Unknown<br>
|
|
<b>Application Weakness:</b> Unknown<br>
|
|
<b>Outcome:</b> Defacement<br>
|
|
<b>Attacked Entity Field:</b> Law Enforcement<br>
|
|
<b>Attacked Entity Geography:</b> Kochi City, India<br>
|
|
<b>Incident Description:</b> Brilliant hackers have defaced some links given on the crime prevention tips page of city police website, www.kochicitypolice.org, entering picture language icons.<br>
|
|
<b>Reference:</b> <a href="http://www.asianage.com/india/hackers-deface-city-police-website-670" target="_blank">http://www.asianage.com/india/hackers-deface-city-police-website-670</a>
|
|
</div></td> <td><div class="googft-card-view" style="font-family:sans-serif;width:450px;padding:4px;border:1px solid #ccc;overflow:hidden">
|
|
<b>Entry Title:</b> WHID 2012-83: Gaza hackers attack Israeli fire services website<br>
|
|
<b>WHID ID:</b> 2012-83<br>
|
|
<b>Date Occurred:</b> 1/13/2012<br>
|
|
<b>Attack Method:</b> Unknown<br>
|
|
<b>Application Weakness:</b> Unknown<br>
|
|
<b>Outcome:</b> Defacement<br>
|
|
<b>Attacked Entity Field:</b> Government<br>
|
|
<b>Attacked Entity Geography:</b> Tel-Aviv, Israel<br>
|
|
<b>Incident Description:</b> A group hackers succeeded on Thursday night in hacking into the Israeli Fire and Rescue Services' official website. The site's homepage was changed to black with a sneering message from the hackers to the Israeli government and other messages supporting armed resistance against Israel, Israeli media reported.<br>
|
|
<b>Reference:</b> <a href="http://www.allvoices.com/contributed-news/11288572-gaza-hackers-attack-israel-fire-services-website" target="_blank">http://www.allvoices.com/contributed-news/11288572-gaza-hackers-attack-israel-fire-services-website</a>
|
|
</div></td></tr> <tr><td><div class="googft-card-view" style="font-family:sans-serif;width:450px;padding:4px;border:1px solid #ccc;overflow:hidden">
|
|
<b>Entry Title:</b> WHID 2012-82: Xbox.com has been hacked claim users<br>
|
|
<b>WHID ID:</b> 2012-82<br>
|
|
<b>Date Occurred:</b> 1/13/2012<br>
|
|
<b>Attack Method:</b> Brute Force<br>
|
|
<b>Application Weakness:</b> Insufficient Anti-automation<br>
|
|
<b>Outcome:</b> Account Takeover<br>
|
|
<b>Attacked Entity Field:</b> Entertainment<br>
|
|
<b>Attacked Entity Geography:</b> Redmond, WA<br>
|
|
<b>Incident Description:</b> Possible evidence that Xbox.com has been hacked has emerged in the US, suggesting that the Microsoft Points scandal really does have more to it than just phishing scams. Read more: http://www.metro.co.uk/tech/games/887330-xbox-com-has-been-hacked-claim-users-update-microsoft-response#ixzz1rxAyOi00<br>
|
|
<b>Reference:</b> <a href="http://www.metro.co.uk/tech/games/887330-xbox-com-has-been-hacked-claim-users-update-microsoft-response" target="_blank">http://www.metro.co.uk/tech/games/887330-xbox-com-has-been-hacked-claim-users-update-microsoft-response</a>
|
|
</div></td> <td><div class="googft-card-view" style="font-family:sans-serif;width:450px;padding:4px;border:1px solid #ccc;overflow:hidden">
|
|
<b>Entry Title:</b> WHID 2012-81: RON PAUL SUPPORTERS HACK TWITTER ACCOUNTS OF RISE AGAINST AND NO DOUBT<br>
|
|
<b>WHID ID:</b> 2012-81<br>
|
|
<b>Date Occurred:</b> 1/13/2012<br>
|
|
<b>Attack Method:</b> Unknown<br>
|
|
<b>Application Weakness:</b> Unknown<br>
|
|
<b>Outcome:</b> Disinformation<br>
|
|
<b>Attacked Entity Field:</b> Social<br>
|
|
<b>Attacked Entity Geography:</b> San Francisco, CA<br>
|
|
<b>Incident Description:</b> Contrary to what you may have read, popular alternative bands No Doubt and Rise Against have not officially endorsed any presidential candidate. According to Billboard, early Wednesday morning (Jan. 11), both bands had their Twitter accounts hacked by overzealous supporters of Ron Paul.<br>
|
|
<b>Reference:</b> <a href="http://audioinkradio.com/2012/01/no-doubt-rise-against-twitter-hacked-ron-paul-backers" target="_blank">http://audioinkradio.com/2012/01/no-doubt-rise-against-twitter-hacked-ron-paul-backers</a>
|
|
</div></td></tr> <tr><td><div class="googft-card-view" style="font-family:sans-serif;width:450px;padding:4px;border:1px solid #ccc;overflow:hidden">
|
|
<b>Entry Title:</b> WHID 2012-80: Live Blog Platform CoverItLive Hacked<br>
|
|
<b>WHID ID:</b> 2012-80<br>
|
|
<b>Date Occurred:</b> 1/7/2012<br>
|
|
<b>Attack Method:</b> Unknown<br>
|
|
<b>Application Weakness:</b> Unknown<br>
|
|
<b>Outcome:</b> Leakage of Information<br>
|
|
<b>Attacked Entity Field:</b> Blogs<br>
|
|
<b>Attacked Entity Geography:</b> Austin, TX<br>
|
|
<b>Incident Description:</b> Live-blogging platform CoverItLive revealed Friday night that it will be implementing a required password reset after discovering a hack of its files.<br>
|
|
<b>Reference:</b> <a href="http://www.pcmag.com/article2/0,2817,2398924,00.asp" target="_blank">http://www.pcmag.com/article2/0,2817,2398924,00.asp</a>
|
|
</div></td> <td><div class="googft-card-view" style="font-family:sans-serif;width:450px;padding:4px;border:1px solid #ccc;overflow:hidden">
|
|
<b>Entry Title:</b> WHID 2012-8: Zappos website hacked; credit card database not affected, CEO says<br>
|
|
<b>WHID ID:</b> 2012-8<br>
|
|
<b>Date Occurred:</b> 1/15/2012<br>
|
|
<b>Attack Method:</b> Unknown<br>
|
|
<b>Application Weakness:</b> Unknown<br>
|
|
<b>Outcome:</b> Leakage of Information<br>
|
|
<b>Attacked Entity Field:</b> Retail<br>
|
|
<b>Attacked Entity Geography:</b> Henderson, NV<br>
|
|
<b>Incident Description:</b> Zappos.com, the popular online shoe site, was the victim of a cyber attack by a hacker who gained access to part of the company's internal network through one of its servers, Chief Executive Tony Hsieh said in an email to employees Sunday.<br>
|
|
<b>Reference:</b> <a href="http://latimesblogs.latimes.com/technology/2012/01/zappos-hacked.html" target="_blank">http://latimesblogs.latimes.com/technology/2012/01/zappos-hacked.html</a>
|
|
</div></td></tr> <tr><td><div class="googft-card-view" style="font-family:sans-serif;width:450px;padding:4px;border:1px solid #ccc;overflow:hidden">
|
|
<b>Entry Title:</b> WHID 2012-79: ???Operation Italy??? takes down government website<br>
|
|
<b>WHID ID:</b> 2012-79<br>
|
|
<b>Date Occurred:</b> 1/13/2012<br>
|
|
<b>Attack Method:</b> Denial of Service<br>
|
|
<b>Application Weakness:</b> Insufficient Anti-automation<br>
|
|
<b>Outcome:</b> Downtime<br>
|
|
<b>Attacked Entity Field:</b> Government<br>
|
|
<b>Attacked Entity Geography:</b> Italy<br>
|
|
<b>Incident Description:</b> Plans by Anonymous to launch a distributed denial of service attack against www.governo.it were changed half an hour before the attack was scheduled to commence.<br>
|
|
<b>Reference:</b> <a href="http://news.netcraft.com/archives/2012/01/13/operation-italy-takes-down-government-website.html" target="_blank">http://news.netcraft.com/archives/2012/01/13/operation-italy-takes-down-government-website.html</a>
|
|
</div></td> <td><div class="googft-card-view" style="font-family:sans-serif;width:450px;padding:4px;border:1px solid #ccc;overflow:hidden">
|
|
<b>Entry Title:</b> WHID 2012-78: American Express fixes critical security vulnerability<br>
|
|
<b>WHID ID:</b> 2012-78<br>
|
|
<b>Date Occurred:</b> 1/13/2012<br>
|
|
<b>Attack Method:</b> SQL Injection<br>
|
|
<b>Application Weakness:</b> Improper Input Handling<br>
|
|
<b>Outcome:</b> Leakage of Information<br>
|
|
<b>Attacked Entity Field:</b> Finance<br>
|
|
<b>Attacked Entity Geography:</b> El Paso, TX<br>
|
|
<b>Incident Description:</b> Charge card company American Express has fixed a security vulnerability on its web site that allowed SQL injection and, therefore, direct access to its server's database. The company acted after The H's associates at heise Security forwarded a tip-off from one of its readers.<br>
|
|
<b>Reference:</b> <a href="http://www.h-online.com/security/news/item/American-Express-fixes-critical-security-vulnerability-1410252.html" target="_blank">http://www.h-online.com/security/news/item/American-Express-fixes-critical-security-vulnerability-1410252.html</a>
|
|
</div></td></tr> <tr><td><div class="googft-card-view" style="font-family:sans-serif;width:450px;padding:4px;border:1px solid #ccc;overflow:hidden">
|
|
<b>Entry Title:</b> WHID 2012-77: FoundationSource.com fends off a web attack<br>
|
|
<b>WHID ID:</b> 2012-77<br>
|
|
<b>Date Occurred:</b> 1/12/2012<br>
|
|
<b>Attack Method:</b> Denial of Service<br>
|
|
<b>Application Weakness:</b> Insufficient Anti-automation<br>
|
|
<b>Outcome:</b> Downtime<br>
|
|
<b>Attacked Entity Field:</b> Politics<br>
|
|
<b>Attacked Entity Geography:</b> Fairfield, CT<br>
|
|
<b>Incident Description:</b> The management firm enlisted reinforcements to quell a denial of service attack.<br>
|
|
<b>Reference:</b> <a href="http://www.internetretailer.com/2012/01/12/foundationsourcecom-fends-web-attack" target="_blank">http://www.internetretailer.com/2012/01/12/foundationsourcecom-fends-web-attack</a>
|
|
</div></td> <td><div class="googft-card-view" style="font-family:sans-serif;width:450px;padding:4px;border:1px solid #ccc;overflow:hidden">
|
|
<b>Entry Title:</b> WHID 2012-76: Hackers retaliate as Dutch ISPs told to block Pirate Bay<br>
|
|
<b>WHID ID:</b> 2012-76<br>
|
|
<b>Date Occurred:</b> 1/12/2012<br>
|
|
<b>Attack Method:</b> Denial of Service<br>
|
|
<b>Application Weakness:</b> Insufficient Anti-automation<br>
|
|
<b>Outcome:</b> Downtime<br>
|
|
<b>Attacked Entity Field:</b> Government<br>
|
|
<b>Attacked Entity Geography:</b> Netherlands<br>
|
|
<b>Incident Description:</b> A Dutch court has ordered two ISPs in that country to block their customers' access to The Pirate Bay, a site often used for copyright-infringing activities. On Wednesday, the Hague district court told the ISPs Ziggo and XS4ALL that they have to block the site within 10 days or face a ???10,000 (??8,315) fine each day that access remains possible. The action against the ISPs was brought by Brein, the Netherlands' rights-holder group. Following the verdict, it appears that hackers claiming to be part of Anonymous have used a denial-of-service attack to make Brein's own site inaccessible.<br>
|
|
<b>Reference:</b> <a href="http://www.zdnet.co.uk/blogs/communication-breakdown-10000030/hackers-retaliate-as-dutch-isps-told-to-block-pirate-bay-10025189/" target="_blank">http://www.zdnet.co.uk/blogs/communication-breakdown-10000030/hackers-retaliate-as-dutch-isps-told-to-block-pirate-bay-10025189/</a>
|
|
</div></td></tr> <tr><td><div class="googft-card-view" style="font-family:sans-serif;width:450px;padding:4px;border:1px solid #ccc;overflow:hidden">
|
|
<b>Entry Title:</b> WHID 2012-75: Stratfor downed again after brief relaunch<br>
|
|
<b>WHID ID:</b> 2012-75<br>
|
|
<b>Date Occurred:</b> 1/12/2012<br>
|
|
<b>Attack Method:</b> Denial of Service<br>
|
|
<b>Application Weakness:</b> Insufficient Anti-automation<br>
|
|
<b>Outcome:</b> Downtime<br>
|
|
<b>Attacked Entity Field:</b> Technology<br>
|
|
<b>Attacked Entity Geography:</b> Austin, TX<br>
|
|
<b>Incident Description:</b> Stratfor relaunched its website overnight, which included a video from the company's CEO George Friedman thumbing his nose at Anonymous. This morning, the site has been pulled down again.<br>
|
|
<b>Reference:</b> <a href="http://www.zdnet.com.au/stratfor-downed-again-after-brief-relaunch-339329556.htm" target="_blank">http://www.zdnet.com.au/stratfor-downed-again-after-brief-relaunch-339329556.htm</a>
|
|
</div></td> <td><div class="googft-card-view" style="font-family:sans-serif;width:450px;padding:4px;border:1px solid #ccc;overflow:hidden">
|
|
<b>Entry Title:</b> WHID 2012-74: Indian hackers break into DGPR site<br>
|
|
<b>WHID ID:</b> 2012-74<br>
|
|
<b>Date Occurred:</b> 1/11/2012<br>
|
|
<b>Attack Method:</b> Unknown<br>
|
|
<b>Application Weakness:</b> Unknown<br>
|
|
<b>Outcome:</b> Defacement<br>
|
|
<b>Attacked Entity Field:</b> Government<br>
|
|
<b>Attacked Entity Geography:</b> Lahore, Pakistan<br>
|
|
<b>Incident Description:</b> A group of Indian hackers-India Cyber Army (ICA)-hacked the Punjab Directorate General of Public Relations (DGPR)???s official website (www.dgprpunjab.com) on Tuesday.<br>
|
|
<b>Reference:</b> <a href="http://www.pakistantoday.com.pk/2012/01/11/city/lahore/indian-hackers-break-into-dgpr-site/" target="_blank">http://www.pakistantoday.com.pk/2012/01/11/city/lahore/indian-hackers-break-into-dgpr-site/</a>
|
|
</div></td></tr> <tr><td><div class="googft-card-view" style="font-family:sans-serif;width:450px;padding:4px;border:1px solid #ccc;overflow:hidden">
|
|
<b>Entry Title:</b> WHID 2012-73: Russians in cyber attack on Manly business<br>
|
|
<b>WHID ID:</b> 2012-73<br>
|
|
<b>Date Occurred:</b> 1/10/2012<br>
|
|
<b>Attack Method:</b> Denial of Service<br>
|
|
<b>Application Weakness:</b> Insufficient Anti-automation<br>
|
|
<b>Outcome:</b> Downtime<br>
|
|
<b>Attacked Entity Field:</b> Finance<br>
|
|
<b>Attacked Entity Geography:</b> Manly, Australia<br>
|
|
<b>Incident Description:</b> CYBER criminals manipulating computer networks across the globe are targeting internet businesses and a Manly trader is warning locals to be wary after his website was temporarily crippled in a high-tech extortion attempt.<br>
|
|
<b>Reference:</b> <a href="http://manly-daily.whereilive.com.au/news/story/russians-in-cyber-attack/" target="_blank">http://manly-daily.whereilive.com.au/news/story/russians-in-cyber-attack/</a>
|
|
</div></td> <td><div class="googft-card-view" style="font-family:sans-serif;width:450px;padding:4px;border:1px solid #ccc;overflow:hidden">
|
|
<b>Entry Title:</b> WHID 2012-72: Pirate Bay block prompts Anonymous to launch DDOS<br>
|
|
<b>WHID ID:</b> 2012-72<br>
|
|
<b>Date Occurred:</b> 1/10/2012<br>
|
|
<b>Attack Method:</b> Denial of Service<br>
|
|
<b>Application Weakness:</b> Insufficient Anti-automation<br>
|
|
<b>Outcome:</b> Downtime<br>
|
|
<b>Attacked Entity Field:</b> Entertainment<br>
|
|
<b>Attacked Entity Geography:</b> Finland<br>
|
|
<b>Incident Description:</b> Anonymous has struck the websites of two anti-piracy organizations, a day after Finnish ISP Elisa blocked access to The Pirate Bay search engine in response to an injunction requested by one of the organizations.<br>
|
|
<b>Reference:</b> <a href="https://www.computerworld.com/s/article/9223304/Pirate_Bay_block_prompts_Anonymous_to_launch_DDOS" target="_blank">https://www.computerworld.com/s/article/9223304/Pirate_Bay_block_prompts_Anonymous_to_launch_DDOS</a>
|
|
</div></td></tr> <tr><td><div class="googft-card-view" style="font-family:sans-serif;width:450px;padding:4px;border:1px solid #ccc;overflow:hidden">
|
|
<b>Entry Title:</b> WHID 2012-71: Xbox Live a goldmine for hackers<br>
|
|
<b>WHID ID:</b> 2012-71<br>
|
|
<b>Date Occurred:</b> 1/9/2012<br>
|
|
<b>Attack Method:</b> Stolen Credentials<br>
|
|
<b>Application Weakness:</b> Insufficient Authentication<br>
|
|
<b>Outcome:</b> Monetary Loss<br>
|
|
<b>Attacked Entity Field:</b> Entertainment<br>
|
|
<b>Attacked Entity Geography:</b> Redmond, WA<br>
|
|
<b>Incident Description:</b> Fraudsters have etched out a goldmine grey market from Xbox Live by selling hacked gaming profiles loaded with Microsoft Points.<br>
|
|
<b>Reference:</b> <a href="http://www.scmagazine.com.au/News/286307,xbox-live-a-goldmine-for-hackers.aspx" target="_blank">http://www.scmagazine.com.au/News/286307,xbox-live-a-goldmine-for-hackers.aspx</a>
|
|
</div></td> <td><div class="googft-card-view" style="font-family:sans-serif;width:450px;padding:4px;border:1px solid #ccc;overflow:hidden">
|
|
<b>Entry Title:</b> WHID 2012-70: Israeli hackers hit Arab websites<br>
|
|
<b>WHID ID:</b> 2012-70<br>
|
|
<b>Date Occurred:</b> 1/9/2012<br>
|
|
<b>Attack Method:</b> Unknown<br>
|
|
<b>Application Weakness:</b> Unknown<br>
|
|
<b>Outcome:</b> Leakage of Information<br>
|
|
<b>Attacked Entity Field:</b> Finance<br>
|
|
<b>Attacked Entity Geography:</b> Saudi Arabia<br>
|
|
<b>Incident Description:</b> Israeli hackers decided this past weekend to retaliate in an unorganized fashion: On an Israeli hacking forum, personal details were revealed (including phone numbers) of users from an Arab website that was hacked by an Israeli.<br>
|
|
<b>Reference:</b> <a href="http://www.globes.co.il/serveen/globes/docview.asp?did=1000713894" target="_blank">http://www.globes.co.il/serveen/globes/docview.asp?did=1000713894</a>
|
|
</div></td></tr> <tr><td><div class="googft-card-view" style="font-family:sans-serif;width:450px;padding:4px;border:1px solid #ccc;overflow:hidden">
|
|
<b>Entry Title:</b> WHID 2012-7: Subsidy Protest: EFCC site hacked with False arrests of oil moguls<br>
|
|
<b>WHID ID:</b> 2012-7<br>
|
|
<b>Date Occurred:</b> 1/13/2012<br>
|
|
<b>Attack Method:</b> Unknown<br>
|
|
<b>Application Weakness:</b> Unknown<br>
|
|
<b>Outcome:</b> Defacement<br>
|
|
<b>Attacked Entity Field:</b> Government<br>
|
|
<b>Attacked Entity Geography:</b> Nigeria<br>
|
|
<b>Incident Description:</b> Nigerian hackers have tampered with the website of the Economic and Financial Crimes Commission, EFCC, www.efccnigeria.org, posting on the site the false ???arrests???of prominent Nigerian players in the oil sector.<br>
|
|
<b>Reference:</b> <a href="http://pmnewsnigeria.com/2012/01/13/subsidy-protest-efcc-site-hacked-with-false-arrests-oil-moguls/" target="_blank">http://pmnewsnigeria.com/2012/01/13/subsidy-protest-efcc-site-hacked-with-false-arrests-oil-moguls/</a>
|
|
</div></td> <td><div class="googft-card-view" style="font-family:sans-serif;width:450px;padding:4px;border:1px solid #ccc;overflow:hidden">
|
|
<b>Entry Title:</b> WHID 2012-69: Hackers hit ArcelorMittal's Belgian website<br>
|
|
<b>WHID ID:</b> 2012-69<br>
|
|
<b>Date Occurred:</b> 1/6/2012<br>
|
|
<b>Attack Method:</b> Unknown<br>
|
|
<b>Application Weakness:</b> Unknown<br>
|
|
<b>Outcome:</b> Defacement<br>
|
|
<b>Attacked Entity Field:</b> Government<br>
|
|
<b>Attacked Entity Geography:</b> Brussels, Belgium<br>
|
|
<b>Incident Description:</b> The online piracy group Anonymous hacked into the Belgian website of industrial giant ArcelorMittal on Friday, posting a video to protest the closure of two blast furnaces in Belgium.<br>
|
|
<b>Reference:</b> <a href="http://www.google.com/hostednews/afp/article/ALeqM5h96a9ZQ7H-z0m5mW1LP6anEUM0qQ?docId=CNG.7cda19e9b40775c4791cfe074e851e06.b1" target="_blank">http://www.google.com/hostednews/afp/article/ALeqM5h96a9ZQ7H-z0m5mW1LP6anEUM0qQ?docId=CNG.7cda19e9b40775c4791cfe074e851e06.b1</a>
|
|
</div></td></tr> <tr><td><div class="googft-card-view" style="font-family:sans-serif;width:450px;padding:4px;border:1px solid #ccc;overflow:hidden">
|
|
<b>Entry Title:</b> WHID 2012-68: Server hacked at OSU Medical Center<br>
|
|
<b>WHID ID:</b> 2012-68<br>
|
|
<b>Date Occurred:</b> 1/6/2012<br>
|
|
<b>Attack Method:</b> Unknown<br>
|
|
<b>Application Weakness:</b> Unknown<br>
|
|
<b>Outcome:</b> Leakage of Information<br>
|
|
<b>Attacked Entity Field:</b> Healthcare<br>
|
|
<b>Attacked Entity Geography:</b> Columbus, OH<br>
|
|
<b>Incident Description:</b> Ohio State University Medical Center has notified 30 patients and 150 students that a hacker might have accessed their names, medical information and/or Social Security numbers.<br>
|
|
<b>Reference:</b> <a href="http://www.dispatch.com/content/stories/local/2012/01/06/OSU-Medical-Center-server-hacked.html" target="_blank">http://www.dispatch.com/content/stories/local/2012/01/06/OSU-Medical-Center-server-hacked.html</a>
|
|
</div></td> <td><div class="googft-card-view" style="font-family:sans-serif;width:450px;padding:4px;border:1px solid #ccc;overflow:hidden">
|
|
<b>Entry Title:</b> WHID 2012-67: Turkish hackers break French MP???s website<br>
|
|
<b>WHID ID:</b> 2012-67<br>
|
|
<b>Date Occurred:</b> 1/5/2012<br>
|
|
<b>Attack Method:</b> Unknown<br>
|
|
<b>Application Weakness:</b> Unknown<br>
|
|
<b>Outcome:</b> Defacement<br>
|
|
<b>Attacked Entity Field:</b> Government<br>
|
|
<b>Attacked Entity Geography:</b> Paris, France<br>
|
|
<b>Incident Description:</b> A group of Turkish hackers Cyber-Warrior.org/AKINCILAR broke French MP of Armenian descent Patrick Devedjian???s website.<br>
|
|
<b>Reference:</b> <a href="http://news.am/eng/news/88198.html" target="_blank">http://news.am/eng/news/88198.html</a>
|
|
</div></td></tr> <tr><td><div class="googft-card-view" style="font-family:sans-serif;width:450px;padding:4px;border:1px solid #ccc;overflow:hidden">
|
|
<b>Entry Title:</b> WHID 2012-66: Sony Pictures hacked again by Anonymous<br>
|
|
<b>WHID ID:</b> 2012-66<br>
|
|
<b>Date Occurred:</b> 1/6/2012<br>
|
|
<b>Attack Method:</b> Unknown<br>
|
|
<b>Application Weakness:</b> Unknown<br>
|
|
<b>Outcome:</b> Defacement<br>
|
|
<b>Attacked Entity Field:</b> Entertainment<br>
|
|
<b>Attacked Entity Geography:</b> Culver City, CA<br>
|
|
<b>Incident Description:</b> The hacking group Anonymous has confirmed that they have once again hacked Sony Pictures, gaining access to their Facebook account and website.<br>
|
|
<b>Reference:</b> <a href="http://www.afterdawn.com/news/article.cfm/2012/01/06/sony_pictures_hacked_again_by_anonymous" target="_blank">http://www.afterdawn.com/news/article.cfm/2012/01/06/sony_pictures_hacked_again_by_anonymous</a>
|
|
</div></td> <td><div class="googft-card-view" style="font-family:sans-serif;width:450px;padding:4px;border:1px solid #ccc;overflow:hidden">
|
|
<b>Entry Title:</b> WHID 2012-65: Hackers steal 45,000 Facebook passwords<br>
|
|
<b>WHID ID:</b> 2012-65<br>
|
|
<b>Date Occurred:</b> 1/6/2012<br>
|
|
<b>Attack Method:</b> Stolen Credentials<br>
|
|
<b>Application Weakness:</b> Improper Output Handling<br>
|
|
<b>Outcome:</b> Planting of Malware<br>
|
|
<b>Attacked Entity Field:</b> Social<br>
|
|
<b>Attacked Entity Geography:</b> California<br>
|
|
<b>Incident Description:</b> THE SOCIAL NETWORK Facebook has been hit by a malware worm called Ramnit, which has gained access to the login details of more than 45,000 users. Source: The Inquirer (http://s.tt/157jZ)<br>
|
|
<b>Reference:</b> <a href="http://www.theinquirer.net/inquirer/news/2135748/hackers-steal-facebook-passwords" target="_blank">http://www.theinquirer.net/inquirer/news/2135748/hackers-steal-facebook-passwords</a>
|
|
</div></td></tr> <tr><td><div class="googft-card-view" style="font-family:sans-serif;width:450px;padding:4px;border:1px solid #ccc;overflow:hidden">
|
|
<b>Entry Title:</b> WHID 2012-64: Care2 political social network hacked<br>
|
|
<b>WHID ID:</b> 2012-64<br>
|
|
<b>Date Occurred:</b> 1/5/2012<br>
|
|
<b>Attack Method:</b> Unknown<br>
|
|
<b>Application Weakness:</b> Unknown<br>
|
|
<b>Outcome:</b> Leakage of Information<br>
|
|
<b>Attacked Entity Field:</b> Social<br>
|
|
<b>Attacked Entity Geography:</b> Redwood City, CA<br>
|
|
<b>Incident Description:</b> Care2.com, a social networking website for activists, has decided to reset the account passwords of almost 18 million registered members after hackers gained access to its servers.<br>
|
|
<b>Reference:</b> <a href="http://www.computerworlduk.com/news/security/3327948/care2-political-social-network-hacked/" target="_blank">http://www.computerworlduk.com/news/security/3327948/care2-political-social-network-hacked/</a>
|
|
</div></td> <td><div class="googft-card-view" style="font-family:sans-serif;width:450px;padding:4px;border:1px solid #ccc;overflow:hidden">
|
|
<b>Entry Title:</b> WHID 2012-63: Singapore University hacked<br>
|
|
<b>WHID ID:</b> 2012-63<br>
|
|
<b>Date Occurred:</b> 1/5/2012<br>
|
|
<b>Attack Method:</b> SQL Injection<br>
|
|
<b>Application Weakness:</b> Improper Input Handling<br>
|
|
<b>Outcome:</b> Leakage of Information<br>
|
|
<b>Attacked Entity Field:</b> Education<br>
|
|
<b>Attacked Entity Geography:</b> Singapore<br>
|
|
<b>Incident Description:</b> Update: Hackers have broken into the National University of Singapore and made staff usernames, domain information and hashed passwords public.<br>
|
|
<b>Reference:</b> <a href="http://www.scmagazine.com.au/News/285906,singapore-university-hacked.aspx" target="_blank">http://www.scmagazine.com.au/News/285906,singapore-university-hacked.aspx</a>
|
|
</div></td></tr> <tr><td><div class="googft-card-view" style="font-family:sans-serif;width:450px;padding:4px;border:1px solid #ccc;overflow:hidden">
|
|
<b>Entry Title:</b> WHID 2012-62: Double wham bam: AntiSec hacks, dumps CA & NY law enforcement emails<br>
|
|
<b>WHID ID:</b> 2012-62<br>
|
|
<b>Date Occurred:</b> 1/3/2012<br>
|
|
<b>Attack Method:</b> Unknown<br>
|
|
<b>Application Weakness:</b> Unknown<br>
|
|
<b>Outcome:</b> Leakage of Information<br>
|
|
<b>Attacked Entity Field:</b> Law Enforcement<br>
|
|
<b>Attacked Entity Geography:</b> New York<br>
|
|
<b>Incident Description:</b> Almost like an echo from retired hackers, those from the 90s who long ago faded into the ether, the motto for 2011 may have been along the lines of "hack the planet." Yet there are some who obviously learned nothing about the consequences of maintaining sloppy security in 2011. In the cyber world, 2012 was not greeted by the boom of fireworks but by a double wham bam to law enforcement in California and New York.<br>
|
|
<b>Reference:</b> <a href="http://blogs.computerworld.com/19507/double_wham_bam_antisec_hacks_dumps_ca_ny_law_enforcement_emails" target="_blank">http://blogs.computerworld.com/19507/double_wham_bam_antisec_hacks_dumps_ca_ny_law_enforcement_emails</a>
|
|
</div></td> <td><div class="googft-card-view" style="font-family:sans-serif;width:450px;padding:4px;border:1px solid #ccc;overflow:hidden">
|
|
<b>Entry Title:</b> WHID 2012-61: Saudi Hackers Post Israeli Credit Card Numbers Online<br>
|
|
<b>WHID ID:</b> 2012-61<br>
|
|
<b>Date Occurred:</b> 1/3/2012<br>
|
|
<b>Attack Method:</b> Unknown<br>
|
|
<b>Application Weakness:</b> Unknown<br>
|
|
<b>Outcome:</b> Leakage of Information<br>
|
|
<b>Attacked Entity Field:</b> Finance<br>
|
|
<b>Attacked Entity Geography:</b> Israel<br>
|
|
<b>Incident Description:</b> A group of Saudi hackers dubbed Group-XP claimed on Monday to have posted the personal information of nearly half a million Israelis online, though credit card companies said the number of compromised records is actually much lower.<br>
|
|
<b>Reference:</b> <a href="http://www.pcmag.com/article2/0,2817,2398297,00.asp" target="_blank">http://www.pcmag.com/article2/0,2817,2398297,00.asp</a>
|
|
</div></td></tr> <tr><td><div class="googft-card-view" style="font-family:sans-serif;width:450px;padding:4px;border:1px solid #ccc;overflow:hidden">
|
|
<b>Entry Title:</b> WHID 2012-60: Cyber attack strands ETrade customers<br>
|
|
<b>WHID ID:</b> 2012-60<br>
|
|
<b>Date Occurred:</b> 1/5/2012<br>
|
|
<b>Attack Method:</b> Denial of Service<br>
|
|
<b>Application Weakness:</b> Insufficient Anti-automation<br>
|
|
<b>Outcome:</b> Downtime<br>
|
|
<b>Attacked Entity Field:</b> Finance<br>
|
|
<b>Attacked Entity Geography:</b> Australia<br>
|
|
<b>Incident Description:</b> AUSTRALIA'S second-biggest online broking business, ANZ Bank's ETrade, was forced to shut down over the Christmas-New Year period by a ''malicious'' cyber attack offshore. Read more: http://www.smh.com.au/business/cyber-attack-strands-etrade-customers-20120104-1pl3x.html#ixzz1rvmJvu3b<br>
|
|
<b>Reference:</b> <a href="http://www.smh.com.au/business/cyber-attack-strands-etrade-customers-20120104-1pl3x.html" target="_blank">http://www.smh.com.au/business/cyber-attack-strands-etrade-customers-20120104-1pl3x.html</a>
|
|
</div></td> <td><div class="googft-card-view" style="font-family:sans-serif;width:450px;padding:4px;border:1px solid #ccc;overflow:hidden">
|
|
<b>Entry Title:</b> WHID 2012-6: Radical Islamic Web Site Attacked by Hackers<br>
|
|
<b>WHID ID:</b> 2012-6<br>
|
|
<b>Date Occurred:</b> 1/10/2012<br>
|
|
<b>Attack Method:</b> Denial of Service<br>
|
|
<b>Application Weakness:</b> Insufficient Anti-automation<br>
|
|
<b>Outcome:</b> Downtime<br>
|
|
<b>Attacked Entity Field:</b> Media<br>
|
|
<b>Attacked Entity Geography:</b> Australia<br>
|
|
<b>Incident Description:</b> Arrahmah.com, a Web site categorized by the National Anti-Terrorism Agency and Indonesia???s largest Islamic group as promoting radical jihad and terrorism, could not be accessed on Tuesday, its editor said on Wednesday.<br>
|
|
<b>Reference:</b> <a href="http://www.thejakartaglobe.com/media/radical-islamic-web-site-attacked-by-hackers/490668" target="_blank">http://www.thejakartaglobe.com/media/radical-islamic-web-site-attacked-by-hackers/490668</a>
|
|
</div></td></tr> <tr><td><div class="googft-card-view" style="font-family:sans-serif;width:450px;padding:4px;border:1px solid #ccc;overflow:hidden">
|
|
<b>Entry Title:</b> WHID 2012-58: 'Anonymous' declares 'Blitzkrieg' on neo-Nazis<br>
|
|
<b>WHID ID:</b> 2012-59<br>
|
|
<b>Date Occurred:</b> 1/2/2012<br>
|
|
<b>Attack Method:</b> Denial of Service<br>
|
|
<b>Application Weakness:</b> Insufficient Anti-automation<br>
|
|
<b>Outcome:</b> Downtime<br>
|
|
<b>Attacked Entity Field:</b> Politics<br>
|
|
<b>Attacked Entity Geography:</b> Frankfurt, Germany<br>
|
|
<b>Incident Description:</b> ???Anonymous??? hackers have declared ???Blitzkrieg??? on neo-Nazis for the New Year, disabling a number of their websites and publishing lists of extreme-right supporters.<br>
|
|
<b>Reference:</b> <a href="http://www.thelocal.de/society/20120102-39867.html" target="_blank">http://www.thelocal.de/society/20120102-39867.html</a>
|
|
</div></td> <td><div class="googft-card-view" style="font-family:sans-serif;width:450px;padding:4px;border:1px solid #ccc;overflow:hidden">
|
|
<b>Entry Title:</b> WHID 2012-58: City of Eau Claire???s website hacked Thursday night<br>
|
|
<b>WHID ID:</b> 2012-58<br>
|
|
<b>Date Occurred:</b> 4/5/2012<br>
|
|
<b>Attack Method:</b> Unknown<br>
|
|
<b>Application Weakness:</b> Unknown<br>
|
|
<b>Outcome:</b> Downtime<br>
|
|
<b>Attacked Entity Field:</b> Government<br>
|
|
<b>Attacked Entity Geography:</b> Wisconson<br>
|
|
<b>Incident Description:</b> The City of Eau Claire spent time restoring its website after it was hacked<br>
|
|
<b>Reference:</b> <a href="http://www.weau.com/home/headlines/City_of_Eau_Claires_website_hacked_Thursday_night_146380865.html?storySection=story" target="_blank">http://www.weau.com/home/headlines/City_of_Eau_Claires_website_hacked_Thursday_night_146380865.html?storySection=story</a>
|
|
</div></td></tr> <tr><td><div class="googft-card-view" style="font-family:sans-serif;width:450px;padding:4px;border:1px solid #ccc;overflow:hidden">
|
|
<b>Entry Title:</b> WHID 2012-57: Home Office Website 'Hacked By Anonymous' Over Email Snooping<br>
|
|
<b>WHID ID:</b> 2012-57<br>
|
|
<b>Date Occurred:</b> 4/7/2012<br>
|
|
<b>Attack Method:</b> Denial of Service<br>
|
|
<b>Application Weakness:</b> Insufficient Anti-automation<br>
|
|
<b>Outcome:</b> Downtime<br>
|
|
<b>Attacked Entity Field:</b> Government<br>
|
|
<b>Attacked Entity Geography:</b> United Kingdom<br>
|
|
<b>Incident Description:</b> The Home Office tonight acknowledged it had been the target of an online protest after its website was taken down in an apparent backlash against Government extradition and surveillance policies.<br>
|
|
<b>Reference:</b> <a href="http://www.huffingtonpost.co.uk/2012/04/07/home-office-website-hacked-anonymous-email-snooping_n_1410220.html?ref=uk" target="_blank">http://www.huffingtonpost.co.uk/2012/04/07/home-office-website-hacked-anonymous-email-snooping_n_1410220.html?ref=uk</a>
|
|
</div></td> <td><div class="googft-card-view" style="font-family:sans-serif;width:450px;padding:4px;border:1px solid #ccc;overflow:hidden">
|
|
<b>Entry Title:</b> WHID 2012-56: Anonymous hacks hundreds of Chinese government sites<br>
|
|
<b>WHID ID:</b> 2012-56<br>
|
|
<b>Date Occurred:</b> 3/30/2012<br>
|
|
<b>Attack Method:</b> Unknown<br>
|
|
<b>Application Weakness:</b> Unknown<br>
|
|
<b>Outcome:</b> Leakage of Information<br>
|
|
<b>Attacked Entity Field:</b> Government<br>
|
|
<b>Attacked Entity Geography:</b> China<br>
|
|
<b>Incident Description:</b> Anonymous has hacked hundreds of Chinese government websites. Some sites were just defaced, but others have had administrator accounts, phone numbers, and e-mail addresses leaked.<br>
|
|
<b>Reference:</b> <a href="http://www.zdnet.com/blog/security/anonymous-hacks-hundreds-of-chinese-government-sites/11303" target="_blank">http://www.zdnet.com/blog/security/anonymous-hacks-hundreds-of-chinese-government-sites/11303</a>
|
|
</div></td></tr> <tr><td><div class="googft-card-view" style="font-family:sans-serif;width:450px;padding:4px;border:1px solid #ccc;overflow:hidden">
|
|
<b>Entry Title:</b> WHID 2012-55: Denial of Service Attack Targets Epoch Times<br>
|
|
<b>WHID ID:</b> 2012-55<br>
|
|
<b>Date Occurred:</b> 4/1/2012<br>
|
|
<b>Attack Method:</b> Denial of Service<br>
|
|
<b>Application Weakness:</b> Insufficient Anti-automation<br>
|
|
<b>Outcome:</b> Downtime<br>
|
|
<b>Attacked Entity Field:</b> Media<br>
|
|
<b>Attacked Entity Geography:</b> China<br>
|
|
<b>Incident Description:</b> The Epoch Times was hit with a series of cyber attacks.<br>
|
|
<b>Reference:</b> <a href="http://www.theepochtimes.com/n2/technology/denial-of-service-attack-targets-epoch-times-213907.html" target="_blank">http://www.theepochtimes.com/n2/technology/denial-of-service-attack-targets-epoch-times-213907.html</a>
|
|
</div></td> <td><div class="googft-card-view" style="font-family:sans-serif;width:450px;padding:4px;border:1px solid #ccc;overflow:hidden">
|
|
<b>Entry Title:</b> WHID 2012-54: DDOS Attack<br>
|
|
<b>WHID ID:</b> 2012-54<br>
|
|
<b>Date Occurred:</b> 3/29/2012<br>
|
|
<b>Attack Method:</b> Denial of Service<br>
|
|
<b>Application Weakness:</b> Insufficient Anti-automation<br>
|
|
<b>Outcome:</b> Downtime<br>
|
|
<b>Attacked Entity Field:</b> Religious<br>
|
|
<b>Attacked Entity Geography:</b> Manassas, Virginia<br>
|
|
<b>Incident Description:</b> CatholicCulture.org was the victim of a distributed denial of service attack yesterday.<br>
|
|
<b>Reference:</b> <a href="http://www.catholicculture.org/commentary/the-city-gates.cfm?id=253" target="_blank">http://www.catholicculture.org/commentary/the-city-gates.cfm?id=253</a>
|
|
</div></td></tr> <tr><td><div class="googft-card-view" style="font-family:sans-serif;width:450px;padding:4px;border:1px solid #ccc;overflow:hidden">
|
|
<b>Entry Title:</b> WHID 2012-53: Westchester County's website hacked<br>
|
|
<b>WHID ID:</b> 2012-53<br>
|
|
<b>Date Occurred:</b> 3/30/2012<br>
|
|
<b>Attack Method:</b> Unknown<br>
|
|
<b>Application Weakness:</b> Unknown<br>
|
|
<b>Outcome:</b> Downtime<br>
|
|
<b>Attacked Entity Field:</b> Government<br>
|
|
<b>Attacked Entity Geography:</b> Westchester, New York<br>
|
|
<b>Incident Description:</b> A spokesman for County Executive Rob Astorino said Friday that Westchester County???s web site had been accessed and that the intruders had left a message declaring that they had hacked the site.<br>
|
|
<b>Reference:</b> <a href="http://www.lohud.com/article/20120330/NEWS02/120330015/Westchester-County-s-website-hacked" target="_blank">http://www.lohud.com/article/20120330/NEWS02/120330015/Westchester-County-s-website-hacked</a>
|
|
</div></td> <td><div class="googft-card-view" style="font-family:sans-serif;width:450px;padding:4px;border:1px solid #ccc;overflow:hidden">
|
|
<b>Entry Title:</b> WHID 2012-52: Anonymous Takes Down And Defaces Chinese Government Web Sites<br>
|
|
<b>WHID ID:</b> 2012-52<br>
|
|
<b>Date Occurred:</b> 3/30/2012<br>
|
|
<b>Attack Method:</b> Unknown<br>
|
|
<b>Application Weakness:</b> Unknown<br>
|
|
<b>Outcome:</b> Downtime<br>
|
|
<b>Attacked Entity Field:</b> Government<br>
|
|
<b>Attacked Entity Geography:</b> China<br>
|
|
<b>Incident Description:</b> All has been relatively quiet on the Anonymous front as far as defacing Web sites are concerned. That has changed today as Anonymous China has attacked and defaced a number of Chinese government Web sites to protest the country???s censorship of the Internet.<br>
|
|
<b>Reference:</b> <a href="http://www.webpronews.com/anonymous-takes-down-and-defaces-chines-government-web-sites-2012-03" target="_blank">http://www.webpronews.com/anonymous-takes-down-and-defaces-chines-government-web-sites-2012-03</a>
|
|
</div></td></tr> <tr><td><div class="googft-card-view" style="font-family:sans-serif;width:450px;padding:4px;border:1px solid #ccc;overflow:hidden">
|
|
<b>Entry Title:</b> WHID 2012-51: FAM Website Hacked<br>
|
|
<b>WHID ID:</b> 2012-51<br>
|
|
<b>Date Occurred:</b> 3/30/2012<br>
|
|
<b>Attack Method:</b> Unknown<br>
|
|
<b>Application Weakness:</b> Unknown<br>
|
|
<b>Outcome:</b> Defacement<br>
|
|
<b>Attacked Entity Field:</b> Sports<br>
|
|
<b>Attacked Entity Geography:</b> Malaysia<br>
|
|
<b>Incident Description:</b> The website of the Football Association of Malaysia (FAM) was hacked by irresponsible parties.<br>
|
|
<b>Reference:</b> <a href="http://www.bernama.com/bernama/v6/newssport.php?id=656042" target="_blank">http://www.bernama.com/bernama/v6/newssport.php?id=656042</a>
|
|
</div></td> <td><div class="googft-card-view" style="font-family:sans-serif;width:450px;padding:4px;border:1px solid #ccc;overflow:hidden">
|
|
<b>Entry Title:</b> WHID 2012-50: Pak government website hacked, 'Indians' blamed<br>
|
|
<b>WHID ID:</b> 2012-50<br>
|
|
<b>Date Occurred:</b> 3/30/2012<br>
|
|
<b>Attack Method:</b> Unknown<br>
|
|
<b>Application Weakness:</b> Unknown<br>
|
|
<b>Outcome:</b> Defacement<br>
|
|
<b>Attacked Entity Field:</b> Government<br>
|
|
<b>Attacked Entity Geography:</b> Pakistan<br>
|
|
<b>Incident Description:</b> A section of Pakistan's Federal Tax Ombudsman (FTO) website was hacked with a media report describing this as the handiwork of 'Indians???.<br>
|
|
<b>Reference:</b> <a href="http://zeenews.india.com/news/south-asia/pak-government-website-hacked-indians-blamed_767145.html" target="_blank">http://zeenews.india.com/news/south-asia/pak-government-website-hacked-indians-blamed_767145.html</a>
|
|
</div></td></tr> <tr><td><div class="googft-card-view" style="font-family:sans-serif;width:450px;padding:4px;border:1px solid #ccc;overflow:hidden">
|
|
<b>Entry Title:</b> WHID 2012-5: Mass SQL Injection Storm Uses Search Engines And Automation<br>
|
|
<b>WHID ID:</b> 2012-5<br>
|
|
<b>Date Occurred:</b> 1/11/2012<br>
|
|
<b>Attack Method:</b> SQL Injection<br>
|
|
<b>Application Weakness:</b> Improper Input Handling<br>
|
|
<b>Outcome:</b> Planting of Malware<br>
|
|
<b>Attacked Entity Field:</b> Multiple<br>
|
|
<b>Attacked Entity Geography:</b> Multiple locations<br>
|
|
<b>Incident Description:</b> Security researchers monitoring mass SQL injection attacks warned the latest one may be nearing a million infected pages using a combination of automated tools with reconnaissance information gathered from search engines. This follows similar storms last year.<br>
|
|
<b>Reference:</b> <a href="http://www.techweekeurope.co.uk/news/mass-sql-injection-storm-uses-search-engines-and-automation-to-infect-sites-53567" target="_blank">http://www.techweekeurope.co.uk/news/mass-sql-injection-storm-uses-search-engines-and-automation-to-infect-sites-53567</a>
|
|
</div></td> <td><div class="googft-card-view" style="font-family:sans-serif;width:450px;padding:4px;border:1px solid #ccc;overflow:hidden">
|
|
<b>Entry Title:</b> WHID 2012-49: Dating Website Dedicated To US Military Personnel Hacked By LulzSec<br>
|
|
<b>WHID ID:</b> 2012-49<br>
|
|
<b>Date Occurred:</b> 3/28/2012<br>
|
|
<b>Attack Method:</b> Unknown<br>
|
|
<b>Application Weakness:</b> Unknown<br>
|
|
<b>Outcome:</b> Leakage of Information<br>
|
|
<b>Attacked Entity Field:</b> Entertainment<br>
|
|
<b>Attacked Entity Geography:</b> Scottsdale, Arizona<br>
|
|
<b>Incident Description:</b> LulzSec, the hacking group responsible for breaching into a series of websites during spring of the year 2011, is back, according a rumor spread all over US.<br>
|
|
<b>Reference:</b> <a href="http://www.techgadgetsweb.com/8364/dating-website-dedicated-military-personnel-hacked-lulzsec" target="_blank">http://www.techgadgetsweb.com/8364/dating-website-dedicated-military-personnel-hacked-lulzsec</a>
|
|
</div></td></tr> <tr><td><div class="googft-card-view" style="font-family:sans-serif;width:450px;padding:4px;border:1px solid #ccc;overflow:hidden">
|
|
<b>Entry Title:</b> WHID 2012-48: Election poll shot down by DDoS-ers<br>
|
|
<b>WHID ID:</b> 2012-48<br>
|
|
<b>Date Occurred:</b> 3/23/2012<br>
|
|
<b>Attack Method:</b> Denial of Service<br>
|
|
<b>Application Weakness:</b> Insufficient Anti-automation<br>
|
|
<b>Outcome:</b> Downtime<br>
|
|
<b>Attacked Entity Field:</b> Government<br>
|
|
<b>Attacked Entity Geography:</b> China<br>
|
|
<b>Incident Description:</b> Two local men have been arrested after an online referendum organised by Hong Kong university to poll citizens on their choice of chief executive was disabled in an apparent denial of service attack.<br>
|
|
<b>Reference:</b> <a href="http://www.theregister.co.uk/2012/03/26/hong_kong_vote_hack/" target="_blank">http://www.theregister.co.uk/2012/03/26/hong_kong_vote_hack/</a>
|
|
</div></td> <td><div class="googft-card-view" style="font-family:sans-serif;width:450px;padding:4px;border:1px solid #ccc;overflow:hidden">
|
|
<b>Entry Title:</b> WHID 2012-47: Anonymous Hackers Target Pope in Mexico<br>
|
|
<b>WHID ID:</b> 2012-47<br>
|
|
<b>Date Occurred:</b> 3/22/2012<br>
|
|
<b>Attack Method:</b> Denial of Service<br>
|
|
<b>Application Weakness:</b> Insufficient Anti-automation<br>
|
|
<b>Outcome:</b> Downtime<br>
|
|
<b>Attacked Entity Field:</b> Government<br>
|
|
<b>Attacked Entity Geography:</b> Mexico<br>
|
|
<b>Incident Description:</b> The infamous Anonymous hacker group is not happy about Pope Benedict XVI's arrival in Mexico.<br>
|
|
<b>Reference:</b> <a href="http://latino.foxnews.com/latino/news/2012/03/23/anonymous-hackers-target-pope-in-mexico/?test=latestnews" target="_blank">http://latino.foxnews.com/latino/news/2012/03/23/anonymous-hackers-target-pope-in-mexico/?test=latestnews</a>
|
|
</div></td></tr> <tr><td><div class="googft-card-view" style="font-family:sans-serif;width:450px;padding:4px;border:1px solid #ccc;overflow:hidden">
|
|
<b>Entry Title:</b> WHID 2012-46: Orchard Central's website gets hacked<br>
|
|
<b>WHID ID:</b> 2012-46<br>
|
|
<b>Date Occurred:</b> 3/22/2012<br>
|
|
<b>Attack Method:</b> Unknown<br>
|
|
<b>Application Weakness:</b> Unknown<br>
|
|
<b>Outcome:</b> Defacement<br>
|
|
<b>Attacked Entity Field:</b> Retail<br>
|
|
<b>Attacked Entity Geography:</b> Singapore<br>
|
|
<b>Incident Description:</b> Orchard Central's website fell victim to hackers, who replaced a thumbnail photo on the page with that depicting a sexual act and put up racist content.<br>
|
|
<b>Reference:</b> <a href="http://www.digitalone.com.sg/news/article/18021" target="_blank">http://www.digitalone.com.sg/news/article/18021</a>
|
|
</div></td> <td><div class="googft-card-view" style="font-family:sans-serif;width:450px;padding:4px;border:1px solid #ccc;overflow:hidden">
|
|
<b>Entry Title:</b> WHID 2012-45: Hackers hit Australian police website, leak data<br>
|
|
<b>WHID ID:</b> 2012-45<br>
|
|
<b>Date Occurred:</b> 3/21/2012<br>
|
|
<b>Attack Method:</b> Unknown<br>
|
|
<b>Application Weakness:</b> Unknown<br>
|
|
<b>Outcome:</b> Defacement<br>
|
|
<b>Attacked Entity Field:</b> Law Enforcement<br>
|
|
<b>Attacked Entity Geography:</b> Australia<br>
|
|
<b>Incident Description:</b> Hackers breached an Australian police website this week, defacing the site and leaking the online data of its members.<br>
|
|
<b>Reference:</b> <a href="http://www.gmanetwork.com/news/story/252173/scitech/technology/hackers-hit-australian-police-website-leak-data" target="_blank">http://www.gmanetwork.com/news/story/252173/scitech/technology/hackers-hit-australian-police-website-leak-data</a>
|
|
</div></td></tr> <tr><td><div class="googft-card-view" style="font-family:sans-serif;width:450px;padding:4px;border:1px solid #ccc;overflow:hidden">
|
|
<b>Entry Title:</b> WHID 2012-44: Anonymous Hackers Take Down PandaLabs Website<br>
|
|
<b>WHID ID:</b> 2012-44<br>
|
|
<b>Date Occurred:</b> 3/7/2012<br>
|
|
<b>Attack Method:</b> Unknown<br>
|
|
<b>Application Weakness:</b> Unknown<br>
|
|
<b>Outcome:</b> Defacement<br>
|
|
<b>Attacked Entity Field:</b> Technology<br>
|
|
<b>Attacked Entity Geography:</b> USA<br>
|
|
<b>Incident Description:</b> Hackers with the collective Anonymous attack the home page of Panda Security's PandaLabs in apparent retaliation for the arrests of five LulzSec members.<br>
|
|
<b>Reference:</b> <a href="http://www.eweek.com/c/a/Security/Anonymous-Hackers-Take-Down-PandaLabs-Website-687825/" target="_blank">http://www.eweek.com/c/a/Security/Anonymous-Hackers-Take-Down-PandaLabs-Website-687825/</a>
|
|
</div></td> <td><div class="googft-card-view" style="font-family:sans-serif;width:450px;padding:4px;border:1px solid #ccc;overflow:hidden">
|
|
<b>Entry Title:</b> WHID 2012-43: Lebanon Labor Ministry website hacked<br>
|
|
<b>WHID ID:</b> 2012-43<br>
|
|
<b>Date Occurred:</b> 3/8/2012<br>
|
|
<b>Attack Method:</b> Unknown<br>
|
|
<b>Application Weakness:</b> Unknown<br>
|
|
<b>Outcome:</b> Defacement<br>
|
|
<b>Attacked Entity Field:</b> Government<br>
|
|
<b>Attacked Entity Geography:</b> Lebanon<br>
|
|
<b>Incident Description:</b> The website of the Labor Ministry was hacked Thursday by a group calling itself "Mad Hackerz Team.???<br>
|
|
<b>Reference:</b> <a href="http://www.dailystar.com.lb/News/Politics/2012/Mar-08/165981-labor-ministry-website-hacked.ashx#axzz1oah4DHvr" target="_blank">http://www.dailystar.com.lb/News/Politics/2012/Mar-08/165981-labor-ministry-website-hacked.ashx#axzz1oah4DHvr</a>
|
|
</div></td></tr> <tr><td><div class="googft-card-view" style="font-family:sans-serif;width:450px;padding:4px;border:1px solid #ccc;overflow:hidden">
|
|
<b>Entry Title:</b> WHID 2012-427: Iranians hacked Navy network for four months<br>
|
|
<b>WHID ID:</b> 2012-428<br>
|
|
<b>Date Occurred:</b> 8/19/2012<br>
|
|
<b>Attack Method:</b> Unknown<br>
|
|
<b>Application Weakness:</b> Unknown<br>
|
|
<b>Outcome:</b> Downtime<br>
|
|
<b>Attacked Entity Field:</b> Government<br>
|
|
<b>Attacked Entity Geography:</b> <br>
|
|
<b>Incident Description:</b> Iranian hackers attacked NMCI in August of 2012, using a vulnerability in a public-facing website to gain initial access to the network.<br>
|
|
<b>Reference:</b> <a href="http://arstechnica.com/information-technology/2014/02/iranians-hacked-navy-network-for-4-months-not-a-surprise/" target="_blank">http://arstechnica.com/information-technology/2014/02/iranians-hacked-navy-network-for-4-months-not-a-surprise/</a>
|
|
</div></td> <td><div class="googft-card-view" style="font-family:sans-serif;width:450px;padding:4px;border:1px solid #ccc;overflow:hidden">
|
|
<b>Entry Title:</b> WHID 2012-427: Who Hacked the Dalai Lama's Website?<br>
|
|
<b>WHID ID:</b> 2012-427<br>
|
|
<b>Date Occurred:</b> 12/3/2012<br>
|
|
<b>Attack Method:</b> Unknown<br>
|
|
<b>Application Weakness:</b> Unknown<br>
|
|
<b>Outcome:</b> Malware distribution<br>
|
|
<b>Attacked Entity Field:</b> Religion<br>
|
|
<b>Attacked Entity Geography:</b> India<br>
|
|
<b>Incident Description:</b> A website associated with the Dalai Lama's YouTube account has been hacked using malware.<br>
|
|
<b>Reference:</b> <a href="http://mashable.com/2012/12/06/dalai-lama-website-hacked/" target="_blank">http://mashable.com/2012/12/06/dalai-lama-website-hacked/</a>
|
|
</div></td></tr> <tr><td><div class="googft-card-view" style="font-family:sans-serif;width:450px;padding:4px;border:1px solid #ccc;overflow:hidden">
|
|
<b>Entry Title:</b> WHID 2012-426: ITU Website Hacked<br>
|
|
<b>WHID ID:</b> 2012-426<br>
|
|
<b>Date Occurred:</b> 12/5/2012<br>
|
|
<b>Attack Method:</b> Denial of Service<br>
|
|
<b>Application Weakness:</b> Unknown<br>
|
|
<b>Outcome:</b> Service disruption<br>
|
|
<b>Attacked Entity Field:</b> Information Technology<br>
|
|
<b>Attacked Entity Geography:</b> Geneva, Switzerland<br>
|
|
<b>Incident Description:</b> The websites of the ITU were hit by a denial of service attack.<br>
|
|
<b>Reference:</b> <a href="http://www.multichannel.com/technology/itu-website-hacked/140572" target="_blank">http://www.multichannel.com/technology/itu-website-hacked/140572</a>
|
|
</div></td> <td><div class="googft-card-view" style="font-family:sans-serif;width:450px;padding:4px;border:1px solid #ccc;overflow:hidden">
|
|
<b>Entry Title:</b> WHID 2012-425: Anonymous Hackers Target Australian Right-Wing Party<br>
|
|
<b>WHID ID:</b> 2012-425<br>
|
|
<b>Date Occurred:</b> 12/4/2012<br>
|
|
<b>Attack Method:</b> Unknown<br>
|
|
<b>Application Weakness:</b> Unknown<br>
|
|
<b>Outcome:</b> Defacement<br>
|
|
<b>Attacked Entity Field:</b> Politics<br>
|
|
<b>Attacked Entity Geography:</b> Australia<br>
|
|
<b>Incident Description:</b> Anonymous hackers recently defaced the South Australian Web site for Australia's far-right Family First Party.<br>
|
|
<b>Reference:</b> <a href="http://www.esecurityplanet.com/hackers/anonymous-hackers-target-australian-right-wing-party.html" target="_blank">http://www.esecurityplanet.com/hackers/anonymous-hackers-target-australian-right-wing-party.html</a>
|
|
</div></td></tr> <tr><td><div class="googft-card-view" style="font-family:sans-serif;width:450px;padding:4px;border:1px solid #ccc;overflow:hidden">
|
|
<b>Entry Title:</b> WHID 2012-424: How a computer worm slithered across a huge number of Tumblr accounts<br>
|
|
<b>WHID ID:</b> 2012-424<br>
|
|
<b>Date Occurred:</b> 12/3/2012<br>
|
|
<b>Attack Method:</b> Cross-site Request Forgery (CSRF)<br>
|
|
<b>Application Weakness:</b> Insufficient Process Validation<br>
|
|
<b>Outcome:</b> Worm<br>
|
|
<b>Attacked Entity Field:</b> Social<br>
|
|
<b>Attacked Entity Geography:</b> <br>
|
|
<b>Incident Description:</b> A quickly spreading worm on Tumblr has caused media companies The Verge, Reuters, and a large number of other account holders to publish a post laced with racist epithets and other offensive content.<br>
|
|
<b>Reference:</b> <a href="http://arstechnica.com/security/2012/12/how-a-computer-worm-slithered-across-a-huge-number-of-tumblr-accounts/" target="_blank">http://arstechnica.com/security/2012/12/how-a-computer-worm-slithered-across-a-huge-number-of-tumblr-accounts/</a>
|
|
</div></td> <td><div class="googft-card-view" style="font-family:sans-serif;width:450px;padding:4px;border:1px solid #ccc;overflow:hidden">
|
|
<b>Entry Title:</b> WHID 2012-423: Hackers planted backdoor in Piwik's web analytics update<br>
|
|
<b>WHID ID:</b> 2012-423<br>
|
|
<b>Date Occurred:</b> 11/28/2012<br>
|
|
<b>Attack Method:</b> Unknown<br>
|
|
<b>Application Weakness:</b> Unknown<br>
|
|
<b>Outcome:</b> Planting of Malware<br>
|
|
<b>Attacked Entity Field:</b> Technology<br>
|
|
<b>Attacked Entity Geography:</b> <br>
|
|
<b>Incident Description:</b> Widely-used open source web analytics platform Piwik has confirmed that hackers on Monday breached its piwik.org webserver and planted malicious code in the ZIP file containing its current software update.<br>
|
|
<b>Reference:</b> <a href="http://www.cso.com.au/article/443069/hackers_planted_backdoor_piwik_web_analytics_update/" target="_blank">http://www.cso.com.au/article/443069/hackers_planted_backdoor_piwik_web_analytics_update/</a>
|
|
</div></td></tr> <tr><td><div class="googft-card-view" style="font-family:sans-serif;width:450px;padding:4px;border:1px solid #ccc;overflow:hidden">
|
|
<b>Entry Title:</b> WHID 2012-422: Hackers steal $150K from Wis. school district<br>
|
|
<b>WHID ID:</b> 2012-422<br>
|
|
<b>Date Occurred:</b> 11/28/2012<br>
|
|
<b>Attack Method:</b> Stolen Credentials<br>
|
|
<b>Application Weakness:</b> Insufficient Authentication<br>
|
|
<b>Outcome:</b> Monetary Loss<br>
|
|
<b>Attacked Entity Field:</b> Finance<br>
|
|
<b>Attacked Entity Geography:</b> <br>
|
|
<b>Incident Description:</b> A school district in western Wisconsin says hackers have stolen nearly $150,000 after breaking into its payroll system.<br>
|
|
<b>Reference:</b> <a href="http://www.kare11.com/news/article/999866/396/Hackers-steal-150K-from-Wis-school-district" target="_blank">http://www.kare11.com/news/article/999866/396/Hackers-steal-150K-from-Wis-school-district</a>
|
|
</div></td> <td><div class="googft-card-view" style="font-family:sans-serif;width:450px;padding:4px;border:1px solid #ccc;overflow:hidden">
|
|
<b>Entry Title:</b> WHID 2012-421: Google And Apple Sites Downed In Massive Pakistani DNS Hack<br>
|
|
<b>WHID ID:</b> 2012-421<br>
|
|
<b>Date Occurred:</b> 11/26/2012<br>
|
|
<b>Attack Method:</b> DNS Hijacking<br>
|
|
<b>Application Weakness:</b> Insufficient Process Validation<br>
|
|
<b>Outcome:</b> Defacement<br>
|
|
<b>Attacked Entity Field:</b> Search Engine<br>
|
|
<b>Attacked Entity Geography:</b> <br>
|
|
<b>Incident Description:</b> Hackers in Pakistan have reportedly hacked the organisation managing domain name servers to redirect users to their own site, disrupting access to major services such as Gmail and eBay.<br>
|
|
<b>Reference:</b> <a href="http://www.techweekeurope.co.uk/news/google-apple-dns-hack-defacement-100248" target="_blank">http://www.techweekeurope.co.uk/news/google-apple-dns-hack-defacement-100248</a>
|
|
</div></td></tr> <tr><td><div class="googft-card-view" style="font-family:sans-serif;width:450px;padding:4px;border:1px solid #ccc;overflow:hidden">
|
|
<b>Entry Title:</b> WHID 2012-420: Bank told to pay 42 thousand to man whose account was hacked<br>
|
|
<b>WHID ID:</b> 2012-420<br>
|
|
<b>Date Occurred:</b> 11/25/2012<br>
|
|
<b>Attack Method:</b> Stolen Credentials<br>
|
|
<b>Application Weakness:</b> Insufficient Authentication<br>
|
|
<b>Outcome:</b> Monetary Loss<br>
|
|
<b>Attacked Entity Field:</b> Finance<br>
|
|
<b>Attacked Entity Geography:</b> <br>
|
|
<b>Incident Description:</b> Protecting the rights of those who use internet banking, a state commission upheld a district forum order and directed a bank to compensate a Navi Mumbai doctor Rs 42,000 after his account was hacked and the money withdrawn.<br>
|
|
<b>Reference:</b> <a href="http://articles.timesofindia.indiatimes.com/2012-11-25/mumbai/35347098_1_bank-account-holder-rbi-guidelines" target="_blank">http://articles.timesofindia.indiatimes.com/2012-11-25/mumbai/35347098_1_bank-account-holder-rbi-guidelines</a>
|
|
</div></td> <td><div class="googft-card-view" style="font-family:sans-serif;width:450px;padding:4px;border:1px solid #ccc;overflow:hidden">
|
|
<b>Entry Title:</b> WHID 2012-42: Vatican Website Hacked<br>
|
|
<b>WHID ID:</b> 2012-42<br>
|
|
<b>Date Occurred:</b> 3/7/2012<br>
|
|
<b>Attack Method:</b> Denial of Service<br>
|
|
<b>Application Weakness:</b> Insufficient Anti-automation<br>
|
|
<b>Outcome:</b> Downtime<br>
|
|
<b>Attacked Entity Field:</b> Religious<br>
|
|
<b>Attacked Entity Geography:</b> Vatican City, Italy<br>
|
|
<b>Incident Description:</b> Computers weren't working right at the Vatican on Wednesday. The loosely-affiliated international group of hackers known as Anonymous claimed it shut down the Catholic Church's official website, vatican.va.<br>
|
|
<b>Reference:</b> <a href="http://kdrv.com/news/local/240926" target="_blank">http://kdrv.com/news/local/240926</a>
|
|
</div></td></tr> <tr><td><div class="googft-card-view" style="font-family:sans-serif;width:450px;padding:4px;border:1px solid #ccc;overflow:hidden">
|
|
<b>Entry Title:</b> WHID 2012-419: Las Vegas Sun, sister websites recover from disruptive cyberattack<br>
|
|
<b>WHID ID:</b> 2012-419<br>
|
|
<b>Date Occurred:</b> 11/24/2012<br>
|
|
<b>Attack Method:</b> Denial of Service<br>
|
|
<b>Application Weakness:</b> Insufficient Anti-automation<br>
|
|
<b>Outcome:</b> Downtime<br>
|
|
<b>Attacked Entity Field:</b> Media<br>
|
|
<b>Attacked Entity Geography:</b> <br>
|
|
<b>Incident Description:</b> Four Greenspun Media Group websites -- lasvegassun.com, lasvegasweekly.com, vegasinc.com and vegasdeluxe.com -- were temporarily disabled or compromised for several hours Friday night into Saturday morning, the results of a cyberattack that effectively overwhelmed servers that maintain the online media sites.<br>
|
|
<b>Reference:</b> <a href="http://www.lasvegassun.com/news/2012/nov/24/attack-disrupts-las-vegas-sun-website-work-under-w/" target="_blank">http://www.lasvegassun.com/news/2012/nov/24/attack-disrupts-las-vegas-sun-website-work-under-w/</a>
|
|
</div></td> <td><div class="googft-card-view" style="font-family:sans-serif;width:450px;padding:4px;border:1px solid #ccc;overflow:hidden">
|
|
<b>Entry Title:</b> WHID 2012-418: Google Pakistan website hacked<br>
|
|
<b>WHID ID:</b> 2012-418<br>
|
|
<b>Date Occurred:</b> 11/24/2012<br>
|
|
<b>Attack Method:</b> Unknown<br>
|
|
<b>Application Weakness:</b> Unknown<br>
|
|
<b>Outcome:</b> Defacement<br>
|
|
<b>Attacked Entity Field:</b> Search Engine<br>
|
|
<b>Attacked Entity Geography:</b> <br>
|
|
<b>Incident Description:</b> The Google Pakistan homepage has been apparently hacked by Turkish hackers. If you go to google.com.pk, you will find a black page with something written in Turkish.<br>
|
|
<b>Reference:</b> <a href="http://ibnlive.in.com/news/google-pakistan-website-hacked/307189-11.html" target="_blank">http://ibnlive.in.com/news/google-pakistan-website-hacked/307189-11.html</a>
|
|
</div></td></tr> <tr><td><div class="googft-card-view" style="font-family:sans-serif;width:450px;padding:4px;border:1px solid #ccc;overflow:hidden">
|
|
<b>Entry Title:</b> WHID 2012-417: Yahoo Email-Stealing Exploit Fetches $700<br>
|
|
<b>WHID ID:</b> 2012-417<br>
|
|
<b>Date Occurred:</b> 11/23/2012<br>
|
|
<b>Attack Method:</b> Cross-site Scripting (XSS)<br>
|
|
<b>Application Weakness:</b> Improper Output Handling<br>
|
|
<b>Outcome:</b> Session Hijacking<br>
|
|
<b>Attacked Entity Field:</b> Hosting Providers<br>
|
|
<b>Attacked Entity Geography:</b> <br>
|
|
<b>Incident Description:</b> A zero-day vulnerability in yahoo.com that lets attackers hijack Yahoo! email accounts and redirect users to malicious Web sites offers a fascinating glimpse into the underground market for large-scale exploits. The exploit, being sold for $700 by an Egyptian hacker on an exclusive cybercrime forum, targets a ???cross-site scripting??? (XSS) weakness in yahoo.com that lets attackers steal cookies from Yahoo! Webmail users.<br>
|
|
<b>Reference:</b> <a href="http://krebsonsecurity.com/2012/11/yahoo-email-stealing-exploit-fetches-700/" target="_blank">http://krebsonsecurity.com/2012/11/yahoo-email-stealing-exploit-fetches-700/</a>
|
|
</div></td> <td><div class="googft-card-view" style="font-family:sans-serif;width:450px;padding:4px;border:1px solid #ccc;overflow:hidden">
|
|
<b>Entry Title:</b> WHID 2012-416: Hacked Go Daddy sites infecting users with ransomware<br>
|
|
<b>WHID ID:</b> 2012-416<br>
|
|
<b>Date Occurred:</b> 11/23/2012<br>
|
|
<b>Attack Method:</b> DNS Hijacking<br>
|
|
<b>Application Weakness:</b> Insufficient Process Validation<br>
|
|
<b>Outcome:</b> Planting of Malware<br>
|
|
<b>Attacked Entity Field:</b> Hosting Providers<br>
|
|
<b>Attacked Entity Geography:</b> <br>
|
|
<b>Incident Description:</b> Users are getting infected with ransomware thanks to criminals managing to hack the DNS records of Go Daddy hosted websites.<br>
|
|
<b>Reference:</b> <a href="http://nakedsecurity.sophos.com/2012/11/23/hacked-go-daddy-ransomware/" target="_blank">http://nakedsecurity.sophos.com/2012/11/23/hacked-go-daddy-ransomware/</a>
|
|
</div></td></tr> <tr><td><div class="googft-card-view" style="font-family:sans-serif;width:450px;padding:4px;border:1px solid #ccc;overflow:hidden">
|
|
<b>Entry Title:</b> WHID 2012-415: Top Israeli Official???s Facebook, Twitter Accounts Hacked<br>
|
|
<b>WHID ID:</b> 2012-415<br>
|
|
<b>Date Occurred:</b> 11/21/2012<br>
|
|
<b>Attack Method:</b> Unknown<br>
|
|
<b>Application Weakness:</b> Unknown<br>
|
|
<b>Outcome:</b> Disinformation<br>
|
|
<b>Attacked Entity Field:</b> Social<br>
|
|
<b>Attacked Entity Geography:</b> <br>
|
|
<b>Incident Description:</b> A group of pro-Palestinian hackers apparently managed to break into the social networking accounts of Israeli Deputy Prime Minister Silvan Shalom and has promised to release a drove of the top official???s private emails.<br>
|
|
<b>Reference:</b> <a href="http://abcnews.go.com/blogs/headlines/2012/11/top-israeli-officials-facebook-twitter-accounts-hacked/" target="_blank">http://abcnews.go.com/blogs/headlines/2012/11/top-israeli-officials-facebook-twitter-accounts-hacked/</a>
|
|
</div></td> <td><div class="googft-card-view" style="font-family:sans-serif;width:450px;padding:4px;border:1px solid #ccc;overflow:hidden">
|
|
<b>Entry Title:</b> WHID 2012-414: Website hacked changing online prices to 1p<br>
|
|
<b>WHID ID:</b> 2012-414<br>
|
|
<b>Date Occurred:</b> 11/21/2012<br>
|
|
<b>Attack Method:</b> Unknown<br>
|
|
<b>Application Weakness:</b> Unknown<br>
|
|
<b>Outcome:</b> Monetary Loss<br>
|
|
<b>Attacked Entity Field:</b> Retail<br>
|
|
<b>Attacked Entity Geography:</b> United Kingdom<br>
|
|
<b>Incident Description:</b> Hackers tried to steal thousands of pounds of goods from two Lancashire business. The two businesses discovered hackers had changed the online value of their goods to 1p before trying to buy the items ??? which included ??2000 of furniture - with a stolen credit card<br>
|
|
<b>Reference:</b> <a href="http://www.itv.com/news/granada/update/2012-11-21/website-hacked-changing-online-prices-to-1p/" target="_blank">http://www.itv.com/news/granada/update/2012-11-21/website-hacked-changing-online-prices-to-1p/</a>
|
|
</div></td></tr> <tr><td><div class="googft-card-view" style="font-family:sans-serif;width:450px;padding:4px;border:1px solid #ccc;overflow:hidden">
|
|
<b>Entry Title:</b> WHID 2012-413: Exploitable SQLi on Ebay.com<br>
|
|
<b>WHID ID:</b> 2012-413<br>
|
|
<b>Date Occurred:</b> 11/18/2012<br>
|
|
<b>Attack Method:</b> SQL Injection<br>
|
|
<b>Application Weakness:</b> Improper Input Handling<br>
|
|
<b>Outcome:</b> Leakage of Information<br>
|
|
<b>Attacked Entity Field:</b> Retail<br>
|
|
<b>Attacked Entity Geography:</b> <br>
|
|
<b>Incident Description:</b> During some hunting on Ebay???s subdomains I found an exploitable SQL injection which I reported to Ebay???s security team. It took 20 days until they finally fixed the exploitable SQL injection.<br>
|
|
<b>Reference:</b> <a href="http://blog.majorsecurity.net/2012/11/18/exploitable-sqli-on-ebay-dot-com-analysis/" target="_blank">http://blog.majorsecurity.net/2012/11/18/exploitable-sqli-on-ebay-dot-com-analysis/</a>
|
|
</div></td> <td><div class="googft-card-view" style="font-family:sans-serif;width:450px;padding:4px;border:1px solid #ccc;overflow:hidden">
|
|
<b>Entry Title:</b> WHID 2012-412: Almost 30,000 Georgia Nationwide Insurance Customers Hacked<br>
|
|
<b>WHID ID:</b> 2012-412<br>
|
|
<b>Date Occurred:</b> 11/20/2012<br>
|
|
<b>Attack Method:</b> Unknown<br>
|
|
<b>Application Weakness:</b> Unknown<br>
|
|
<b>Outcome:</b> Leakage of Information<br>
|
|
<b>Attacked Entity Field:</b> Government<br>
|
|
<b>Attacked Entity Geography:</b> <br>
|
|
<b>Incident Description:</b> Insurance Commissioner Ralph Hudgens issued the following statement today concerning the unauthorized access of Nationwide Insurance???s website<br>
|
|
<b>Reference:</b> <a href="http://www.wctv.tv/home/headlines/Almost-30000-Georgia-Nationwide-Insurance-Customers-Hacked-180076711.html" target="_blank">http://www.wctv.tv/home/headlines/Almost-30000-Georgia-Nationwide-Insurance-Customers-Hacked-180076711.html</a>
|
|
</div></td></tr> <tr><td><div class="googft-card-view" style="font-family:sans-serif;width:450px;padding:4px;border:1px solid #ccc;overflow:hidden">
|
|
<b>Entry Title:</b> WHID 2012-411: Active XSS flaw discovered on eBay<br>
|
|
<b>WHID ID:</b> 2012-411<br>
|
|
<b>Date Occurred:</b> 11/16/2012<br>
|
|
<b>Attack Method:</b> Cross-site Scripting (XSS)<br>
|
|
<b>Application Weakness:</b> Improper Output Handling<br>
|
|
<b>Outcome:</b> Session Hijacking<br>
|
|
<b>Attacked Entity Field:</b> Retail<br>
|
|
<b>Attacked Entity Geography:</b> <br>
|
|
<b>Incident Description:</b> According to XSSed, Shubham Upadhyay has discovered an active XSS flaw affecting Ebay.com.<br>
|
|
<b>Reference:</b> <a href="http://www.zdnet.com/active-xss-flaw-discovered-on-ebay-7000007539/" target="_blank">http://www.zdnet.com/active-xss-flaw-discovered-on-ebay-7000007539/</a>
|
|
</div></td> <td><div class="googft-card-view" style="font-family:sans-serif;width:450px;padding:4px;border:1px solid #ccc;overflow:hidden">
|
|
<b>Entry Title:</b> WHID 2012-410: Anonymous takes on Israeli websites, wipes Jerusalem bank<br>
|
|
<b>WHID ID:</b> 2012-410<br>
|
|
<b>Date Occurred:</b> 11/16/2012<br>
|
|
<b>Attack Method:</b> Unknown<br>
|
|
<b>Application Weakness:</b> Unknown<br>
|
|
<b>Outcome:</b> Defacement<br>
|
|
<b>Attacked Entity Field:</b> Finance<br>
|
|
<b>Attacked Entity Geography:</b> <br>
|
|
<b>Incident Description:</b> Hacking collective Anonymous has gone on a hacking spree in protest over attacks on Gaza.<br>
|
|
<b>Reference:</b> <a href="http://www.zdnet.com/anonymous-takes-on-israeli-websites-wipes-jerusalem-bank-7000007537/" target="_blank">http://www.zdnet.com/anonymous-takes-on-israeli-websites-wipes-jerusalem-bank-7000007537/</a>
|
|
</div></td></tr> <tr><td><div class="googft-card-view" style="font-family:sans-serif;width:450px;padding:4px;border:1px solid #ccc;overflow:hidden">
|
|
<b>Entry Title:</b> WHID 2012-41: Anonymous Hackers Attack Christian Websites, Declare 'Religion Sucks LOL'<br>
|
|
<b>WHID ID:</b> 2012-41<br>
|
|
<b>Date Occurred:</b> 3/2/2012<br>
|
|
<b>Attack Method:</b> Unknown<br>
|
|
<b>Application Weakness:</b> Unknown<br>
|
|
<b>Outcome:</b> Downtime<br>
|
|
<b>Attacked Entity Field:</b> Religious<br>
|
|
<b>Attacked Entity Geography:</b> Charlotte, North Carolina<br>
|
|
<b>Incident Description:</b> Calling it a "sickness to this world," members of the formless 'hacktivist' group of computer programmers known as Anonymous declared war on religion on Friday, March 2, hacking the websites of three Christian organizations all based in and around Charlotte, North Carolina.<br>
|
|
<b>Reference:</b> <a href="http://www.ibtimes.com/articles/308264/20120302/anonymous-hackers-religion-website-proxy-twitter.htm" target="_blank">http://www.ibtimes.com/articles/308264/20120302/anonymous-hackers-religion-website-proxy-twitter.htm</a>
|
|
</div></td> <td><div class="googft-card-view" style="font-family:sans-serif;width:450px;padding:4px;border:1px solid #ccc;overflow:hidden">
|
|
<b>Entry Title:</b> WHID 2012-409: New Zealand Herald falls victim to XSS prank<br>
|
|
<b>WHID ID:</b> 2012-409<br>
|
|
<b>Date Occurred:</b> 11/15/2012<br>
|
|
<b>Attack Method:</b> Cross-site Scripting (XSS)<br>
|
|
<b>Application Weakness:</b> Improper Output Handling<br>
|
|
<b>Outcome:</b> Defacement<br>
|
|
<b>Attacked Entity Field:</b> Media<br>
|
|
<b>Attacked Entity Geography:</b> <br>
|
|
<b>Incident Description:</b> The hack caused the site's text to be reversed and photos and graphics to rotate clockwise<br>
|
|
<b>Reference:</b> <a href="http://www.csoonline.com/article/721785/new-zealand-herald-falls-victim-to-xss-prank" target="_blank">http://www.csoonline.com/article/721785/new-zealand-herald-falls-victim-to-xss-prank</a>
|
|
</div></td></tr> <tr><td><div class="googft-card-view" style="font-family:sans-serif;width:450px;padding:4px;border:1px solid #ccc;overflow:hidden">
|
|
<b>Entry Title:</b> WHID 2012-408: Adobe Servers Compromised, 150,000 Records Leaked<br>
|
|
<b>WHID ID:</b> 2012-408<br>
|
|
<b>Date Occurred:</b> 11/15/2012<br>
|
|
<b>Attack Method:</b> SQL Injection<br>
|
|
<b>Application Weakness:</b> Improper Input Handling<br>
|
|
<b>Outcome:</b> Leakage of Information<br>
|
|
<b>Attacked Entity Field:</b> Technology<br>
|
|
<b>Attacked Entity Geography:</b> <br>
|
|
<b>Incident Description:</b> Adobe is the latest to have their databases compromised as an Egyptian hacker has posted links to records of employees from Adobe as well as NASA and the US Military. The hacker, who goes by the name ???Hima,??? said he had hacked into Adobe???s server to gather these records before posting them on Pastebin. All told, Hima claims to have obtained the records for 150,000 Adobe clients and employees redOrbit (http://s.tt/1tAg4)<br>
|
|
<b>Reference:</b> <a href="http://www.redorbit.com/news/technology/1112732564/adobe-user-records-hacked-hima-111512/" target="_blank">http://www.redorbit.com/news/technology/1112732564/adobe-user-records-hacked-hima-111512/</a>
|
|
</div></td> <td><div class="googft-card-view" style="font-family:sans-serif;width:450px;padding:4px;border:1px solid #ccc;overflow:hidden">
|
|
<b>Entry Title:</b> WHID 2012-407: DDoS Takes Down The Pirate Bay, isoHunt and Others<br>
|
|
<b>WHID ID:</b> 2012-407<br>
|
|
<b>Date Occurred:</b> 11/13/2012<br>
|
|
<b>Attack Method:</b> Denial of Service<br>
|
|
<b>Application Weakness:</b> Insufficient Anti-automation<br>
|
|
<b>Outcome:</b> Downtime<br>
|
|
<b>Attacked Entity Field:</b> Torrent Site<br>
|
|
<b>Attacked Entity Geography:</b> <br>
|
|
<b>Incident Description:</b> The Pirate Bay is suffering some downtime this morning due to a DDoS attack that appears to originate from a Twitter user who goes by the handle Zeiko Anonymous. The connection flood targeted at the site originates from a small botnet and isn???t worrying The Pirate Bay team too much. Instead, the BitTorrent site is taking this opportunity to do some database maintenance.<br>
|
|
<b>Reference:</b> <a href="http://torrentfreak.com/ddos-takes-down-the-pirate-bay-121113/" target="_blank">http://torrentfreak.com/ddos-takes-down-the-pirate-bay-121113/</a>
|
|
</div></td></tr> <tr><td><div class="googft-card-view" style="font-family:sans-serif;width:450px;padding:4px;border:1px solid #ccc;overflow:hidden">
|
|
<b>Entry Title:</b> WHID 2012-406: Hacker Darwinare Claims Breach of Amazon UK<br>
|
|
<b>WHID ID:</b> 2012-406<br>
|
|
<b>Date Occurred:</b> 11/12/2012<br>
|
|
<b>Attack Method:</b> SQL Injection<br>
|
|
<b>Application Weakness:</b> Improper Input Handling<br>
|
|
<b>Outcome:</b> Leakage of Information<br>
|
|
<b>Attacked Entity Field:</b> Retail<br>
|
|
<b>Attacked Entity Geography:</b> <br>
|
|
<b>Incident Description:</b> The hacker published more than 600 users' details online, including some passwords in clear text.<br>
|
|
<b>Reference:</b> <a href="http://www.esecurityplanet.com/hackers/hacker-darwinare-claims-breach-of-amazon-uk.html" target="_blank">http://www.esecurityplanet.com/hackers/hacker-darwinare-claims-breach-of-amazon-uk.html</a>
|
|
</div></td> <td><div class="googft-card-view" style="font-family:sans-serif;width:450px;padding:4px;border:1px solid #ccc;overflow:hidden">
|
|
<b>Entry Title:</b> WHID 2012-405: Hackers add hidden pages to government sites<br>
|
|
<b>WHID ID:</b> 2012-405<br>
|
|
<b>Date Occurred:</b> 11/13/2012<br>
|
|
<b>Attack Method:</b> Unknown<br>
|
|
<b>Application Weakness:</b> Unknown<br>
|
|
<b>Outcome:</b> Defacement<br>
|
|
<b>Attacked Entity Field:</b> Government<br>
|
|
<b>Attacked Entity Geography:</b> <br>
|
|
<b>Incident Description:</b> Hackers gained access to several government websites Tuesday, November 13, but not in any way average users would notice.<br>
|
|
<b>Reference:</b> <a href="http://www.rappler.com/life-and-style/technology/16053-hackers-add-hidden-pages-to-government-sites" target="_blank">http://www.rappler.com/life-and-style/technology/16053-hackers-add-hidden-pages-to-government-sites</a>
|
|
</div></td></tr> <tr><td><div class="googft-card-view" style="font-family:sans-serif;width:450px;padding:4px;border:1px solid #ccc;overflow:hidden">
|
|
<b>Entry Title:</b> WHID 2012-404: NullCrew Hackers Hit UNESCO Web Site<br>
|
|
<b>WHID ID:</b> 2012-404<br>
|
|
<b>Date Occurred:</b> 11/8/2012<br>
|
|
<b>Attack Method:</b> Unknown<br>
|
|
<b>Application Weakness:</b> Unknown<br>
|
|
<b>Outcome:</b> Defacement<br>
|
|
<b>Attacked Entity Field:</b> Government<br>
|
|
<b>Attacked Entity Geography:</b> <br>
|
|
<b>Incident Description:</b> The hackers defaced the page with a statement calling the United Nations 'just a bunch of corrupt nations.'<br>
|
|
<b>Reference:</b> <a href="http://www.esecurityplanet.com/hackers/nullcrew-hackers-hit-unesco-web-site.html" target="_blank">http://www.esecurityplanet.com/hackers/nullcrew-hackers-hit-unesco-web-site.html</a>
|
|
</div></td> <td><div class="googft-card-view" style="font-family:sans-serif;width:450px;padding:4px;border:1px solid #ccc;overflow:hidden">
|
|
<b>Entry Title:</b> WHID 2012-403: Pizza Hut hacked, customer info lost, credit card details safe<br>
|
|
<b>WHID ID:</b> 2012-403<br>
|
|
<b>Date Occurred:</b> 11/7/2012<br>
|
|
<b>Attack Method:</b> SQL Injection<br>
|
|
<b>Application Weakness:</b> Improper Input Handling<br>
|
|
<b>Outcome:</b> Leakage of Information<br>
|
|
<b>Attacked Entity Field:</b> Retail<br>
|
|
<b>Attacked Entity Geography:</b> <br>
|
|
<b>Incident Description:</b> The company denies that 240,000 customer credit card details were stolen, but hackers did gain access to customer information.<br>
|
|
<b>Reference:</b> <a href="http://www.zdnet.com/au/pizza-hut-hacked-customer-info-lost-credit-card-details-safe-7000007016/" target="_blank">http://www.zdnet.com/au/pizza-hut-hacked-customer-info-lost-credit-card-details-safe-7000007016/</a>
|
|
</div></td></tr> <tr><td><div class="googft-card-view" style="font-family:sans-serif;width:450px;padding:4px;border:1px solid #ccc;overflow:hidden">
|
|
<b>Entry Title:</b> WHID 2012-402: NullCrew hacks MoD ??? leaks thousands of plaintext credentials<br>
|
|
<b>WHID ID:</b> 2012-402<br>
|
|
<b>Date Occurred:</b> 11/6/2012<br>
|
|
<b>Attack Method:</b> SQL Injection<br>
|
|
<b>Application Weakness:</b> Improper Input Handling<br>
|
|
<b>Outcome:</b> Leakage of Information<br>
|
|
<b>Attacked Entity Field:</b> Government<br>
|
|
<b>Attacked Entity Geography:</b> <br>
|
|
<b>Incident Description:</b> NullCrew remembered the 5th of November by breaking into mod.co.uk and stealing and dumping more than 3400 email addresses and passwords. While the date of the breach cannot be verified, it does look as if it happened on the Guy Fawkes anniversary<br>
|
|
<b>Reference:</b> <a href="http://www.infosecurity-magazine.com/view/29161/nullcrew-hacks-mod-leaks-thousands-of-plaintext-credentials/" target="_blank">http://www.infosecurity-magazine.com/view/29161/nullcrew-hacks-mod-leaks-thousands-of-plaintext-credentials/</a>
|
|
</div></td> <td><div class="googft-card-view" style="font-family:sans-serif;width:450px;padding:4px;border:1px solid #ccc;overflow:hidden">
|
|
<b>Entry Title:</b> WHID 2012-401: Hackers claim attacks against ImageShack, Symantec, PayPal, other websites<br>
|
|
<b>WHID ID:</b> 2012-401<br>
|
|
<b>Date Occurred:</b> 11/5/2012<br>
|
|
<b>Attack Method:</b> SQL Injection<br>
|
|
<b>Application Weakness:</b> Improper Input Handling<br>
|
|
<b>Outcome:</b> Leakage of Information<br>
|
|
<b>Attacked Entity Field:</b> Technology<br>
|
|
<b>Attacked Entity Geography:</b> <br>
|
|
<b>Incident Description:</b> Different hacker groups claim to have breached servers belonging to ImageShack, Symantec, PayPal and other organizations.<br>
|
|
<b>Reference:</b> <a href="http://www.computerworld.com/s/article/9233262/Hackers_claim_attacks_against_ImageShack_Symantec_PayPal_other_websites?taxonomyId=142" target="_blank">http://www.computerworld.com/s/article/9233262/Hackers_claim_attacks_against_ImageShack_Symantec_PayPal_other_websites?taxonomyId=142</a>
|
|
</div></td></tr> <tr><td><div class="googft-card-view" style="font-family:sans-serif;width:450px;padding:4px;border:1px solid #ccc;overflow:hidden">
|
|
<b>Entry Title:</b> WHID 2012-400: Hackers Replace NBC Sites With Sm??rg??sbord of Hacker Cliches<br>
|
|
<b>WHID ID:</b> 2012-400<br>
|
|
<b>Date Occurred:</b> 11/4/2012<br>
|
|
<b>Attack Method:</b> Unknown<br>
|
|
<b>Application Weakness:</b> Unknown<br>
|
|
<b>Outcome:</b> Defacement<br>
|
|
<b>Attacked Entity Field:</b> Media<br>
|
|
<b>Attacked Entity Geography:</b> <br>
|
|
<b>Incident Description:</b> hose in search of SNL and 30 Rock clips over at NBC???s videos page have been met with something quite different: a hacked page of weirdness with a surprisingly catchy soundtrack. It???s most prominent website hack we???ve seen in a while, and also one of the least coherent.<br>
|
|
<b>Reference:</b> <a href="http://www.gizmodo.co.uk/2012/11/hackers-replace-nbc-sites-with-smorgasbord-of-hacker-cliches/" target="_blank">http://www.gizmodo.co.uk/2012/11/hackers-replace-nbc-sites-with-smorgasbord-of-hacker-cliches/</a>
|
|
</div></td> <td><div class="googft-card-view" style="font-family:sans-serif;width:450px;padding:4px;border:1px solid #ccc;overflow:hidden">
|
|
<b>Entry Title:</b> WHID 2012-40: Interpol website hacked after arrest of 25 suspected Anonymous members<br>
|
|
<b>WHID ID:</b> 2012-40<br>
|
|
<b>Date Occurred:</b> 2/28/2012<br>
|
|
<b>Attack Method:</b> Denial of Service<br>
|
|
<b>Application Weakness:</b> Insufficient Anti-automation<br>
|
|
<b>Outcome:</b> Downtime<br>
|
|
<b>Attacked Entity Field:</b> Law Enforcement<br>
|
|
<b>Attacked Entity Geography:</b> Global<br>
|
|
<b>Incident Description:</b> Interpol's website appears to have been the target of a cyber attack following the arrests of 25 members of the hacking activist group Anonymous.<br>
|
|
<b>Reference:</b> <a href="http://www.thejournal.ie/interpol-website-hacked-after-arrest-of-25-suspected-anonymous-members-369043-Feb2012/" target="_blank">http://www.thejournal.ie/interpol-website-hacked-after-arrest-of-25-suspected-anonymous-members-369043-Feb2012/</a>
|
|
</div></td></tr> <tr><td><div class="googft-card-view" style="font-family:sans-serif;width:450px;padding:4px;border:1px solid #ccc;overflow:hidden">
|
|
<b>Entry Title:</b> WHID 2012-4: Hacker Group Anonymous Takes Down Over 40 Child Porn Sites<br>
|
|
<b>WHID ID:</b> 2012-4<br>
|
|
<b>Date Occurred:</b> 1/10/2012<br>
|
|
<b>Attack Method:</b> Unknown<br>
|
|
<b>Application Weakness:</b> Unknown<br>
|
|
<b>Outcome:</b> Downtime<br>
|
|
<b>Attacked Entity Field:</b> Hosting Provider<br>
|
|
<b>Attacked Entity Geography:</b> South Africa<br>
|
|
<b>Incident Description:</b> The group of computer hackers known as Anonymous has turned its attention from corporations long enough to attack and take down over 40 child porn websites run by pedophiles.<br>
|
|
<b>Reference:</b> <a href="http://www.skyvalleychronicle.com/BREAKING-NEWS/HACKER-GROUP-ANONYMOUS-TAKES-DOWN-OVER-40-CHILD-PORN-SITES-874450" target="_blank">http://www.skyvalleychronicle.com/BREAKING-NEWS/HACKER-GROUP-ANONYMOUS-TAKES-DOWN-OVER-40-CHILD-PORN-SITES-874450</a>
|
|
</div></td> <td><div class="googft-card-view" style="font-family:sans-serif;width:450px;padding:4px;border:1px solid #ccc;overflow:hidden">
|
|
<b>Entry Title:</b> WHID 2012-399: French Euromillions Lottery Website Hacked, Anti-Gambling Message Posted<br>
|
|
<b>WHID ID:</b> 2012-399<br>
|
|
<b>Date Occurred:</b> 10/29/2012<br>
|
|
<b>Attack Method:</b> Unknown<br>
|
|
<b>Application Weakness:</b> Unknown<br>
|
|
<b>Outcome:</b> Defacement<br>
|
|
<b>Attacked Entity Field:</b> Gaming<br>
|
|
<b>Attacked Entity Geography:</b> <br>
|
|
<b>Incident Description:</b> Hackers from the Moroccan Ghosts collective have breached and defaced the website of France???s renowned Euromillions lottery (euromillions.fr).<br>
|
|
<b>Reference:</b> <a href="http://news.softpedia.com/news/French-Euromillions-Lottery-Website-Hacked-Anti-Gambling-Message-Posted-302742.shtml" target="_blank">http://news.softpedia.com/news/French-Euromillions-Lottery-Website-Hacked-Anti-Gambling-Message-Posted-302742.shtml</a>
|
|
</div></td></tr> <tr><td><div class="googft-card-view" style="font-family:sans-serif;width:450px;padding:4px;border:1px solid #ccc;overflow:hidden">
|
|
<b>Entry Title:</b> WHID 2012-398: Ford Website Hacked by NullCrew, User Credentials Leaked Online<br>
|
|
<b>WHID ID:</b> 2012-398<br>
|
|
<b>Date Occurred:</b> 10/29/2012<br>
|
|
<b>Attack Method:</b> SQL Injection<br>
|
|
<b>Application Weakness:</b> Improper Input Handling<br>
|
|
<b>Outcome:</b> Leakage of Information<br>
|
|
<b>Attacked Entity Field:</b> Automotive<br>
|
|
<b>Attacked Entity Geography:</b> <br>
|
|
<b>Incident Description:</b> The hackers claim to have leveraged an SQL Injection vulnerability in order to gain access to the databases behind the social.ford.com subdomain. As a result of the breach, database and table names, customer usernames ??? represented by email addresses ??? and encrypted passwords have been leaked.<br>
|
|
<b>Reference:</b> <a href="http://news.softpedia.com/news/Ford-Website-Hacked-by-NullCrew-User-Credentials-Leaked-Online-302688.shtml" target="_blank">http://news.softpedia.com/news/Ford-Website-Hacked-by-NullCrew-User-Credentials-Leaked-Online-302688.shtml</a>
|
|
</div></td> <td><div class="googft-card-view" style="font-family:sans-serif;width:450px;padding:4px;border:1px solid #ccc;overflow:hidden">
|
|
<b>Entry Title:</b> WHID 2012-397: Hacker swipes 3.6M Social Security numbers, other data<br>
|
|
<b>WHID ID:</b> 2012-397<br>
|
|
<b>Date Occurred:</b> 10/26/2012<br>
|
|
<b>Attack Method:</b> Stolen Credentials<br>
|
|
<b>Application Weakness:</b> Insufficient Authentication<br>
|
|
<b>Outcome:</b> Leakage of Information<br>
|
|
<b>Attacked Entity Field:</b> Government<br>
|
|
<b>Attacked Entity Geography:</b> <br>
|
|
<b>Incident Description:</b> By the time the computer crimes office of the U.S. Secret Service discovered a problem Oct. 10, a foreign hacker had taken a database from the Department of Revenue's computers exposing 3.6 million Social Security numbers and 387,000 credit and debit card numbers, one of the largest computer breaches in the state or nation.<br>
|
|
<b>Reference:</b> <a href="http://www.usatoday.com/story/news/nation/2012/10/26/hacker-south-caroling-social-security-numbers/1660929/" target="_blank">http://www.usatoday.com/story/news/nation/2012/10/26/hacker-south-caroling-social-security-numbers/1660929/</a>
|
|
</div></td></tr> <tr><td><div class="googft-card-view" style="font-family:sans-serif;width:450px;padding:4px;border:1px solid #ccc;overflow:hidden">
|
|
<b>Entry Title:</b> WHID 2012-396: Ally Financial Latest U.S Bank to Face Cyber Attacks<br>
|
|
<b>WHID ID:</b> 2012-396<br>
|
|
<b>Date Occurred:</b> 10/18/2012<br>
|
|
<b>Attack Method:</b> Denial of Service<br>
|
|
<b>Application Weakness:</b> Insufficient Anti-automation<br>
|
|
<b>Outcome:</b> Downtime<br>
|
|
<b>Attacked Entity Field:</b> Finance<br>
|
|
<b>Attacked Entity Geography:</b> <br>
|
|
<b>Incident Description:</b> Ally Financial Inc on Thursday became the latest U.S. financial institution to face cyber attacks that may stem from hackers in Iran.<br>
|
|
<b>Reference:</b> <a href="http://www.banktech.com/risk-management/ally-financial-latest-us-bank-to-face-cy/240009394" target="_blank">http://www.banktech.com/risk-management/ally-financial-latest-us-bank-to-face-cy/240009394</a>
|
|
</div></td> <td><div class="googft-card-view" style="font-family:sans-serif;width:450px;padding:4px;border:1px solid #ccc;overflow:hidden">
|
|
<b>Entry Title:</b> WHID 2012-395: National Weather Service website hacked<br>
|
|
<b>WHID ID:</b> 2012-395<br>
|
|
<b>Date Occurred:</b> 10/19/2012<br>
|
|
<b>Attack Method:</b> Local File Inclusion (LFI)<br>
|
|
<b>Application Weakness:</b> Improper Input Handling<br>
|
|
<b>Outcome:</b> Leakage of Information<br>
|
|
<b>Attacked Entity Field:</b> Government<br>
|
|
<b>Attacked Entity Geography:</b> <br>
|
|
<b>Incident Description:</b> Hackers have breached servers belonging to the US National Weather Service by exploiting a vulnerability in the weather.gov website, releasing sensitive data from the government systems.<br>
|
|
<b>Reference:</b> <a href="http://nakedsecurity.sophos.com/2012/10/19/national-weather-service-website-hacked-by-kosovo-hackers-security/" target="_blank">http://nakedsecurity.sophos.com/2012/10/19/national-weather-service-website-hacked-by-kosovo-hackers-security/</a>
|
|
</div></td></tr> <tr><td><div class="googft-card-view" style="font-family:sans-serif;width:450px;padding:4px;border:1px solid #ccc;overflow:hidden">
|
|
<b>Entry Title:</b> WHID 2012-394: 'Major interruption' at GitHub as attackers launch DDoS<br>
|
|
<b>WHID ID:</b> 2012-394<br>
|
|
<b>Date Occurred:</b> 10/19/2012<br>
|
|
<b>Attack Method:</b> Denial of Service<br>
|
|
<b>Application Weakness:</b> Insufficient Anti-automation<br>
|
|
<b>Outcome:</b> Downtime<br>
|
|
<b>Attacked Entity Field:</b> Technology<br>
|
|
<b>Attacked Entity Geography:</b> <br>
|
|
<b>Incident Description:</b> GitHub has been targeted by another DDoS attack that has been successful in causing major disruptions for the code sharing site.<br>
|
|
<b>Reference:</b> <a href="http://www.zdnet.com/major-interruption-at-github-as-attackers-launch-ddos-7000006030/" target="_blank">http://www.zdnet.com/major-interruption-at-github-as-attackers-launch-ddos-7000006030/</a>
|
|
</div></td> <td><div class="googft-card-view" style="font-family:sans-serif;width:450px;padding:4px;border:1px solid #ccc;overflow:hidden">
|
|
<b>Entry Title:</b> WHID 2012-393: HSBC websites fell in DDoS attack last night, bank admits<br>
|
|
<b>WHID ID:</b> 2012-393<br>
|
|
<b>Date Occurred:</b> 10/19/2012<br>
|
|
<b>Attack Method:</b> Denial of Service<br>
|
|
<b>Application Weakness:</b> Insufficient Anti-automation<br>
|
|
<b>Outcome:</b> Downtime<br>
|
|
<b>Attacked Entity Field:</b> Finance<br>
|
|
<b>Attacked Entity Geography:</b> <br>
|
|
<b>Incident Description:</b> HSBC has blamed a denial of service attack for the downtime of many of its websites worldwide on Thursday night.<br>
|
|
<b>Reference:</b> <a href="http://www.theregister.co.uk/2012/10/19/hsbc_ddos/" target="_blank">http://www.theregister.co.uk/2012/10/19/hsbc_ddos/</a>
|
|
</div></td></tr> <tr><td><div class="googft-card-view" style="font-family:sans-serif;width:450px;padding:4px;border:1px solid #ccc;overflow:hidden">
|
|
<b>Entry Title:</b> WHID 2012-392: BB&T Site Outages Linked to DDoS<br>
|
|
<b>WHID ID:</b> 2012-392<br>
|
|
<b>Date Occurred:</b> 10/17/2012<br>
|
|
<b>Attack Method:</b> Denial of Service<br>
|
|
<b>Application Weakness:</b> Insufficient Anti-automation<br>
|
|
<b>Outcome:</b> Downtime<br>
|
|
<b>Attacked Entity Field:</b> Finance<br>
|
|
<b>Attacked Entity Geography:</b> <br>
|
|
<b>Incident Description:</b> BB&T Corp., a Winston-Salem, N.C.-based bank, acknowledged Oct. 17 that its website was suffering from intermittent outages related to a distributed denial of service attack. The $178.5 billion institution is the ninth U.S. bank to be affected by a DDoS strike in the last five weeks.<br>
|
|
<b>Reference:</b> <a href="http://www.bankinfosecurity.com/bbt-site-outages-linked-to-ddos-a-5208" target="_blank">http://www.bankinfosecurity.com/bbt-site-outages-linked-to-ddos-a-5208</a>
|
|
</div></td> <td><div class="googft-card-view" style="font-family:sans-serif;width:450px;padding:4px;border:1px solid #ccc;overflow:hidden">
|
|
<b>Entry Title:</b> WHID 2012-391: Hackers target Fairfax holiday site Stayz, altering bank details on listings<br>
|
|
<b>WHID ID:</b> 2012-391<br>
|
|
<b>Date Occurred:</b> 10/15/2012<br>
|
|
<b>Attack Method:</b> Stolen Credentials<br>
|
|
<b>Application Weakness:</b> Insufficient Authentication<br>
|
|
<b>Outcome:</b> Monetary Loss<br>
|
|
<b>Attacked Entity Field:</b> Travel<br>
|
|
<b>Attacked Entity Geography:</b> <br>
|
|
<b>Incident Description:</b> CYBER criminals tried to swindle unsuspecting holidaymakers out of their money by altering the details of listings on Fairfax's holiday rental website, Stayz.com.au.<br>
|
|
<b>Reference:</b> <a href="http://www.theaustralian.com.au/travel/news/hackers-target-fairfax-holiday-site-stayz-altering-bank-details-on-listings/story-e6frg8ro-1226496595089" target="_blank">http://www.theaustralian.com.au/travel/news/hackers-target-fairfax-holiday-site-stayz-altering-bank-details-on-listings/story-e6frg8ro-1226496595089</a>
|
|
</div></td></tr> <tr><td><div class="googft-card-view" style="font-family:sans-serif;width:450px;padding:4px;border:1px solid #ccc;overflow:hidden">
|
|
<b>Entry Title:</b> WHID 2012-390: Burlington city bank account hacked, $400k stolen<br>
|
|
<b>WHID ID:</b> 2012-390<br>
|
|
<b>Date Occurred:</b> 10/12/2012<br>
|
|
<b>Attack Method:</b> Banking Trojan<br>
|
|
<b>Application Weakness:</b> Insufficient Process Validation<br>
|
|
<b>Outcome:</b> Monetary Loss<br>
|
|
<b>Attacked Entity Field:</b> Finance<br>
|
|
<b>Attacked Entity Geography:</b> <br>
|
|
<b>Incident Description:</b> The city of Burlington is warning its employees to check their bank accounts after finding out funds have been stolen<br>
|
|
<b>Reference:</b> <a href="http://www.komonews.com/news/local/Burlington-city-bank-account-hacked-173966921.html" target="_blank">http://www.komonews.com/news/local/Burlington-city-bank-account-hacked-173966921.html</a>
|
|
</div></td> <td><div class="googft-card-view" style="font-family:sans-serif;width:450px;padding:4px;border:1px solid #ccc;overflow:hidden">
|
|
<b>Entry Title:</b> WHID 2012-39: Roland's 'Backstage' website hacked<br>
|
|
<b>WHID ID:</b> 2012-39<br>
|
|
<b>Date Occurred:</b> 2/27/2012<br>
|
|
<b>Attack Method:</b> Unknown<br>
|
|
<b>Application Weakness:</b> Unknown<br>
|
|
<b>Outcome:</b> Leakage of Information<br>
|
|
<b>Attacked Entity Field:</b> Music<br>
|
|
<b>Attacked Entity Geography:</b> United States<br>
|
|
<b>Incident Description:</b> Roland Corporation's United States arm has confirmed that its Backstage website has been hacked, exposing the personal data of customers.<br>
|
|
<b>Reference:</b> <a href="http://www.itnews.com.au/News/291778,rolands-backstage-website-hacked.aspx" target="_blank">http://www.itnews.com.au/News/291778,rolands-backstage-website-hacked.aspx</a>
|
|
</div></td></tr> <tr><td><div class="googft-card-view" style="font-family:sans-serif;width:450px;padding:4px;border:1px solid #ccc;overflow:hidden">
|
|
<b>Entry Title:</b> WHID 2012-389: Facebook (FB) Said to Be Having Technical Issues in Europe Due to Hack<br>
|
|
<b>WHID ID:</b> 2012-389<br>
|
|
<b>Date Occurred:</b> 10/11/2012<br>
|
|
<b>Attack Method:</b> Cross-site Request Forgery (CSRF)<br>
|
|
<b>Application Weakness:</b> Insufficient Process Validation<br>
|
|
<b>Outcome:</b> Worm<br>
|
|
<b>Attacked Entity Field:</b> Social<br>
|
|
<b>Attacked Entity Geography:</b> <br>
|
|
<b>Incident Description:</b> A member of the Anonymous was said to take responsibility for the issues. The member used a for of cross-site request forgery, posting this: "Cross-site Request Forgery (CSRF) is a type of attack whereby unauthorized commands are transmitted from a user that the application trusts.<br>
|
|
<b>Reference:</b> <a href="http://www.streetinsider.com/Insiders+Blog/Facebook+(FB)+Said+to+Be+Having+Technical+Issues+in+Europe+Due+to+Hack/7788607.html" target="_blank">http://www.streetinsider.com/Insiders+Blog/Facebook+(FB)+Said+to+Be+Having+Technical+Issues+in+Europe+Due+to+Hack/7788607.html</a>
|
|
</div></td> <td><div class="googft-card-view" style="font-family:sans-serif;width:450px;padding:4px;border:1px solid #ccc;overflow:hidden">
|
|
<b>Entry Title:</b> WHID 2012-388: Regions Bank Confirms Online Outage<br>
|
|
<b>WHID ID:</b> 2012-388<br>
|
|
<b>Date Occurred:</b> 10/11/2012<br>
|
|
<b>Attack Method:</b> Denial of Service<br>
|
|
<b>Application Weakness:</b> Insufficient Anti-automation<br>
|
|
<b>Outcome:</b> Downtime<br>
|
|
<b>Attacked Entity Field:</b> Finance<br>
|
|
<b>Attacked Entity Geography:</b> <br>
|
|
<b>Incident Description:</b> Regions Financial Corp. on Oct. 11 confirmed its online banking and corporate websites were suffering intermittent outages related to an Internet service disruption.<br>
|
|
<b>Reference:</b> <a href="http://www.bankinfosecurity.com/regions-bank-confirms-online-outage-a-5189" target="_blank">http://www.bankinfosecurity.com/regions-bank-confirms-online-outage-a-5189</a>
|
|
</div></td></tr> <tr><td><div class="googft-card-view" style="font-family:sans-serif;width:450px;padding:4px;border:1px solid #ccc;overflow:hidden">
|
|
<b>Entry Title:</b> WHID 2012-387: Hackers Target PlaySpan's Real World Marketplace<br>
|
|
<b>WHID ID:</b> 2012-387<br>
|
|
<b>Date Occurred:</b> 10/11/2012<br>
|
|
<b>Attack Method:</b> SQL Injection<br>
|
|
<b>Application Weakness:</b> Improper Input Handling<br>
|
|
<b>Outcome:</b> Leakage of Information<br>
|
|
<b>Attacked Entity Field:</b> Gaming<br>
|
|
<b>Attacked Entity Geography:</b> <br>
|
|
<b>Incident Description:</b> The PlaySpan hackers released details for two million accounts online<br>
|
|
<b>Reference:</b> <a href="http://www.escapistmagazine.com/news/view/120062-Hackers-Target-PlaySpans-Real-World-Marketplace" target="_blank">http://www.escapistmagazine.com/news/view/120062-Hackers-Target-PlaySpans-Real-World-Marketplace</a>
|
|
</div></td> <td><div class="googft-card-view" style="font-family:sans-serif;width:450px;padding:4px;border:1px solid #ccc;overflow:hidden">
|
|
<b>Entry Title:</b> WHID 2012-386: SunTrust Is Latest Attack Victim<br>
|
|
<b>WHID ID:</b> 2012-386<br>
|
|
<b>Date Occurred:</b> 10/10/2012<br>
|
|
<b>Attack Method:</b> Denial of Service<br>
|
|
<b>Application Weakness:</b> Insufficient Anti-automation<br>
|
|
<b>Outcome:</b> Downtime<br>
|
|
<b>Attacked Entity Field:</b> Finance<br>
|
|
<b>Attacked Entity Geography:</b> <br>
|
|
<b>Incident Description:</b> SunTrust Banks became the seventh U.S. financial institution apparently hit by a distributed denial of service attack orchestrated by the hacktivist group Izz ad-Din al-Qassam.<br>
|
|
<b>Reference:</b> <a href="http://www.bankinfosecurity.com/suntrust-latest-attack-victim-a-5184" target="_blank">http://www.bankinfosecurity.com/suntrust-latest-attack-victim-a-5184</a>
|
|
</div></td></tr> <tr><td><div class="googft-card-view" style="font-family:sans-serif;width:450px;padding:4px;border:1px solid #ccc;overflow:hidden">
|
|
<b>Entry Title:</b> WHID 2012-385: Capital One Latest Victim in Ongoing Cyber Attack<br>
|
|
<b>WHID ID:</b> 2012-385<br>
|
|
<b>Date Occurred:</b> 10/9/2012<br>
|
|
<b>Attack Method:</b> Denial of Service<br>
|
|
<b>Application Weakness:</b> Insufficient Anti-automation<br>
|
|
<b>Outcome:</b> Downtime<br>
|
|
<b>Attacked Entity Field:</b> Finance<br>
|
|
<b>Attacked Entity Geography:</b> <br>
|
|
<b>Incident Description:</b> ???I can confirm that Capital One is experiencing online systems issues due to a denial of service attack,??? a spokesperson from the bank told FOX Business. Read more: http://www.foxbusiness.com/technology/2012/10/09/capitol-one-confirms-cyber-attack/#ixzz2CoV3KILM<br>
|
|
<b>Reference:</b> <a href="http://www.foxbusiness.com/technology/2012/10/09/capitol-one-confirms-cyber-attack/" target="_blank">http://www.foxbusiness.com/technology/2012/10/09/capitol-one-confirms-cyber-attack/</a>
|
|
</div></td> <td><div class="googft-card-view" style="font-family:sans-serif;width:450px;padding:4px;border:1px solid #ccc;overflow:hidden">
|
|
<b>Entry Title:</b> WHID 2012-384: Hackers hit Philippine govt sites again<br>
|
|
<b>WHID ID:</b> 2012-384<br>
|
|
<b>Date Occurred:</b> 10/8/2012<br>
|
|
<b>Attack Method:</b> Unknown<br>
|
|
<b>Application Weakness:</b> Unknown<br>
|
|
<b>Outcome:</b> Defacement<br>
|
|
<b>Attacked Entity Field:</b> Government<br>
|
|
<b>Attacked Entity Geography:</b> <br>
|
|
<b>Incident Description:</b> The government Web sites were defaced by three separate hacker groups, which were protesting against the country's cybercrime law among other reasons.<br>
|
|
<b>Reference:</b> <a href="http://www.zdnet.com/ph/hackers-hit-philippine-govt-sites-again-7000005364/" target="_blank">http://www.zdnet.com/ph/hackers-hit-philippine-govt-sites-again-7000005364/</a>
|
|
</div></td></tr> <tr><td><div class="googft-card-view" style="font-family:sans-serif;width:450px;padding:4px;border:1px solid #ccc;overflow:hidden">
|
|
<b>Entry Title:</b> WHID 2012-383: Wagamama Hacked<br>
|
|
<b>WHID ID:</b> 2012-383<br>
|
|
<b>Date Occurred:</b> 10/2/2012<br>
|
|
<b>Attack Method:</b> Unknown<br>
|
|
<b>Application Weakness:</b> Unknown<br>
|
|
<b>Outcome:</b> Planting of Malware<br>
|
|
<b>Attacked Entity Field:</b> Retail<br>
|
|
<b>Attacked Entity Geography:</b> <br>
|
|
<b>Incident Description:</b> Visitors were redirected to sites infected with the Blackhole exploit kit.<br>
|
|
<b>Reference:</b> <a href="http://www.esecurityplanet.com/hackers/wagamama-hacked.html" target="_blank">http://www.esecurityplanet.com/hackers/wagamama-hacked.html</a>
|
|
</div></td> <td><div class="googft-card-view" style="font-family:sans-serif;width:450px;padding:4px;border:1px solid #ccc;overflow:hidden">
|
|
<b>Entry Title:</b> WHID 2012-382: GhostShell university hack: By the numbers<br>
|
|
<b>WHID ID:</b> 2012-382<br>
|
|
<b>Date Occurred:</b> 10/2/2012<br>
|
|
<b>Attack Method:</b> SQL Injection<br>
|
|
<b>Application Weakness:</b> Improper Input Handling<br>
|
|
<b>Outcome:</b> Leakage of Information<br>
|
|
<b>Attacked Entity Field:</b> Education<br>
|
|
<b>Attacked Entity Geography:</b> <br>
|
|
<b>Incident Description:</b> hacktivist group GhostShell claimed to have breached 100 top university servers, releasing 120,000 records. But how much information was sensitive?<br>
|
|
<b>Reference:</b> <a href="http://www.zdnet.com/ghostshell-university-hack-by-the-numbers-7000005194/" target="_blank">http://www.zdnet.com/ghostshell-university-hack-by-the-numbers-7000005194/</a>
|
|
</div></td></tr> <tr><td><div class="googft-card-view" style="font-family:sans-serif;width:450px;padding:4px;border:1px solid #ccc;overflow:hidden">
|
|
<b>Entry Title:</b> WHID 2012-381: Cybercriminals Hijack 4.5 Million ADLS Modems in Brazil to Serve Malware<br>
|
|
<b>WHID ID:</b> 2012-381<br>
|
|
<b>Date Occurred:</b> 10/1/2012<br>
|
|
<b>Attack Method:</b> Cross-site Request Forgery (CSRF)<br>
|
|
<b>Application Weakness:</b> Insufficient Process Validation<br>
|
|
<b>Outcome:</b> DNS Redirection<br>
|
|
<b>Attacked Entity Field:</b> Technology<br>
|
|
<b>Attacked Entity Geography:</b> <br>
|
|
<b>Incident Description:</b> The security hole allows an attacker to perform a cross-site request forgery (CSRF) in the administration panel of the device to capture the access password. Once they obtained the password, the crooks altered the modem???s DNS settings to make sure that when users wanted to visit certain websites, they would be served malicious files<br>
|
|
<b>Reference:</b> <a href="http://news.softpedia.com/news/Cybercriminals-Hijack-4-5-Million-ADLS-Modems-in-Brazil-to-Serve-Malware-295845.shtml" target="_blank">http://news.softpedia.com/news/Cybercriminals-Hijack-4-5-Million-ADLS-Modems-in-Brazil-to-Serve-Malware-295845.shtml</a>
|
|
</div></td> <td><div class="googft-card-view" style="font-family:sans-serif;width:450px;padding:4px;border:1px solid #ccc;overflow:hidden">
|
|
<b>Entry Title:</b> WHID 2012-380: Cyber attack takes down PNC website for second day<br>
|
|
<b>WHID ID:</b> 2012-380<br>
|
|
<b>Date Occurred:</b> 9/28/2012<br>
|
|
<b>Attack Method:</b> Denial of Service<br>
|
|
<b>Application Weakness:</b> Insufficient Anti-automation<br>
|
|
<b>Outcome:</b> Downtime<br>
|
|
<b>Attacked Entity Field:</b> Finance<br>
|
|
<b>Attacked Entity Geography:</b> <br>
|
|
<b>Incident Description:</b> For the second consecutive day, the Pittsburgh-based bank's website fell victim to a denial-of-service attack, in which a person or group directs a flood of traffic to a website, overwhelming the system and preventing customers from gaining access.<br>
|
|
<b>Reference:</b> <a href="http://www.equities.com/news/headline-story?dt=2012-09-27&val=533911&cat=finance" target="_blank">http://www.equities.com/news/headline-story?dt=2012-09-27&val=533911&cat=finance</a>
|
|
</div></td></tr> <tr><td><div class="googft-card-view" style="font-family:sans-serif;width:450px;padding:4px;border:1px solid #ccc;overflow:hidden">
|
|
<b>Entry Title:</b> WHID 2012-38: Lynas Corp website hacked<br>
|
|
<b>WHID ID:</b> 2012-38<br>
|
|
<b>Date Occurred:</b> 2/26/2012<br>
|
|
<b>Attack Method:</b> Denial of Service<br>
|
|
<b>Application Weakness:</b> Insufficient Anti-automation<br>
|
|
<b>Outcome:</b> Downtime<br>
|
|
<b>Attacked Entity Field:</b> Retail<br>
|
|
<b>Attacked Entity Geography:</b> Australia<br>
|
|
<b>Incident Description:</b> In a show of opposition to a near-complete rare earths processing plant in Malaysia, the website of Australian miner Lynas Corporation has been hacked.<br>
|
|
<b>Reference:</b> <a href="http://www.freemalaysiatoday.com/2012/02/27/lynas-corp-website-hacked/" target="_blank">http://www.freemalaysiatoday.com/2012/02/27/lynas-corp-website-hacked/</a>
|
|
</div></td> <td><div class="googft-card-view" style="font-family:sans-serif;width:450px;padding:4px;border:1px solid #ccc;overflow:hidden">
|
|
<b>Entry Title:</b> WHID 2012-379: Wells Fargo becomes latest bank to be hacked by cyber gang seeking revenge for anti-Islam film Read more: http://www.dailymail.co.uk/news/article-2209403/Wells-Fargo-reveal-website-hacked-cyber-gang-seeking-revenge-anti-Islam-film.html#ixzz2CoFkyink Follow us: @MailOnline on Twitter | DailyMail on Facebook<br>
|
|
<b>WHID ID:</b> 2012-379<br>
|
|
<b>Date Occurred:</b> 9/27/2012<br>
|
|
<b>Attack Method:</b> Denial of Service<br>
|
|
<b>Application Weakness:</b> Insufficient Anti-automation<br>
|
|
<b>Outcome:</b> Downtime<br>
|
|
<b>Attacked Entity Field:</b> Finance<br>
|
|
<b>Attacked Entity Geography:</b> <br>
|
|
<b>Incident Description:</b> Wells Fargo has become the latest bank to be targeted by a cyber gang seeking revenge for the anti-Islam film Innocence of Muslims<br>
|
|
<b>Reference:</b> <a href="http://www.dailymail.co.uk/news/article-2209403/Wells-Fargo-reveal-website-hacked-cyber-gang-seeking-revenge-anti-Islam-film.html?ito=feeds-newsxml" target="_blank">http://www.dailymail.co.uk/news/article-2209403/Wells-Fargo-reveal-website-hacked-cyber-gang-seeking-revenge-anti-Islam-film.html?ito=feeds-newsxml</a>
|
|
</div></td></tr> <tr><td><div class="googft-card-view" style="font-family:sans-serif;width:450px;padding:4px;border:1px solid #ccc;overflow:hidden">
|
|
<b>Entry Title:</b> WHID 2012-378: Thieves use DDoS to distract banks during cyber heists<br>
|
|
<b>WHID ID:</b> 2012-378<br>
|
|
<b>Date Occurred:</b> 9/25/2012<br>
|
|
<b>Attack Method:</b> Banking Trojan<br>
|
|
<b>Application Weakness:</b> Insufficient Process Validation<br>
|
|
<b>Outcome:</b> Monetary Loss<br>
|
|
<b>Attacked Entity Field:</b> Finance<br>
|
|
<b>Attacked Entity Geography:</b> <br>
|
|
<b>Incident Description:</b> A DDoS attack on a bank???s website could very well be a precursor to a wire transfer raid.<br>
|
|
<b>Reference:</b> <a href="http://www.cso.com.au/article/437372/thieves_use_ddos_distract_banks_during_cyber_heists/#closeme" target="_blank">http://www.cso.com.au/article/437372/thieves_use_ddos_distract_banks_during_cyber_heists/#closeme</a>
|
|
</div></td> <td><div class="googft-card-view" style="font-family:sans-serif;width:450px;padding:4px;border:1px solid #ccc;overflow:hidden">
|
|
<b>Entry Title:</b> WHID 2012-377: Hackers deface old UTS system, dump user database<br>
|
|
<b>WHID ID:</b> 2012-377<br>
|
|
<b>Date Occurred:</b> 9/24/2012<br>
|
|
<b>Attack Method:</b> SQL Injection<br>
|
|
<b>Application Weakness:</b> Improper Input Handling<br>
|
|
<b>Outcome:</b> Leakage of Information<br>
|
|
<b>Attacked Entity Field:</b> Education<br>
|
|
<b>Attacked Entity Geography:</b> <br>
|
|
<b>Incident Description:</b> Hackers broke into a subdomain used by the University of Technology, Sydney, over the weekend, and dumped the contents of a database from an old content management system.<br>
|
|
<b>Reference:</b> <a href="http://www.zdnet.com/au/hackers-deface-old-uts-system-dump-user-database-7000004694/" target="_blank">http://www.zdnet.com/au/hackers-deface-old-uts-system-dump-user-database-7000004694/</a>
|
|
</div></td></tr> <tr><td><div class="googft-card-view" style="font-family:sans-serif;width:450px;padding:4px;border:1px solid #ccc;overflow:hidden">
|
|
<b>Entry Title:</b> WHID 2012-376: American Chamber of Commerce in France Hacked<br>
|
|
<b>WHID ID:</b> 2012-376<br>
|
|
<b>Date Occurred:</b> 9/21/2012<br>
|
|
<b>Attack Method:</b> SQL Injection<br>
|
|
<b>Application Weakness:</b> Improper Input Handling<br>
|
|
<b>Outcome:</b> Leakage of Information<br>
|
|
<b>Attacked Entity Field:</b> Government<br>
|
|
<b>Attacked Entity Geography:</b> <br>
|
|
<b>Incident Description:</b> The hackers say they published e-mail addresses and passwords only after their warnings about a SQL injection error were ignored.<br>
|
|
<b>Reference:</b> <a href="http://www.esecurityplanet.com/hackers/american-chamber-of-commerce-in-france-hacked.html" target="_blank">http://www.esecurityplanet.com/hackers/american-chamber-of-commerce-in-france-hacked.html</a>
|
|
</div></td> <td><div class="googft-card-view" style="font-family:sans-serif;width:450px;padding:4px;border:1px solid #ccc;overflow:hidden">
|
|
<b>Entry Title:</b> WHID 2012-375: Hackers Get Personal Data From Navy Website<br>
|
|
<b>WHID ID:</b> 2012-375<br>
|
|
<b>Date Occurred:</b> 9/21/2012<br>
|
|
<b>Attack Method:</b> Unknown<br>
|
|
<b>Application Weakness:</b> Unknown<br>
|
|
<b>Outcome:</b> Leakage of Information<br>
|
|
<b>Attacked Entity Field:</b> Government<br>
|
|
<b>Attacked Entity Geography:</b> <br>
|
|
<b>Incident Description:</b> Hackers accessed personal information of more than 200,000 service members earlier this year and posted a sampling of the data online.<br>
|
|
<b>Reference:</b> <a href="http://www.military.com/daily-news/2012/09/21/hackers-get-personal-data-from-navy-website.html" target="_blank">http://www.military.com/daily-news/2012/09/21/hackers-get-personal-data-from-navy-website.html</a>
|
|
</div></td></tr> <tr><td><div class="googft-card-view" style="font-family:sans-serif;width:450px;padding:4px;border:1px solid #ccc;overflow:hidden">
|
|
<b>Entry Title:</b> WHID 2012-374: Japanese Web sites attacked in tense dispute with China<br>
|
|
<b>WHID ID:</b> 2012-374<br>
|
|
<b>Date Occurred:</b> 9/20/2012<br>
|
|
<b>Attack Method:</b> Denial of Service<br>
|
|
<b>Application Weakness:</b> Insufficient Anti-automation<br>
|
|
<b>Outcome:</b> Downtime<br>
|
|
<b>Attacked Entity Field:</b> Government<br>
|
|
<b>Attacked Entity Geography:</b> <br>
|
|
<b>Incident Description:</b> The territorial dispute between Japan and China has escalated into cyberattacks, Japan-based reports say.<br>
|
|
<b>Reference:</b> <a href="http://news.cnet.com/8301-1009_3-57517128-83/japanese-web-sites-attacked-in-tense-dispute-with-china/" target="_blank">http://news.cnet.com/8301-1009_3-57517128-83/japanese-web-sites-attacked-in-tense-dispute-with-china/</a>
|
|
</div></td> <td><div class="googft-card-view" style="font-family:sans-serif;width:450px;padding:4px;border:1px solid #ccc;overflow:hidden">
|
|
<b>Entry Title:</b> WHID 2012-373: Virgin Mobile PIN Brute Force Attack Issue Addressed by Sprint<br>
|
|
<b>WHID ID:</b> 2012-373<br>
|
|
<b>Date Occurred:</b> 9/20/2012<br>
|
|
<b>Attack Method:</b> Brute Force<br>
|
|
<b>Application Weakness:</b> Insufficient Anti-automation<br>
|
|
<b>Outcome:</b> Leakage of Information<br>
|
|
<b>Attacked Entity Field:</b> Telecommunications<br>
|
|
<b>Attacked Entity Geography:</b> <br>
|
|
<b>Incident Description:</b> Sprint, the mobile carrier that owns Virgin Mobile, claims to have addressed the PIN brute force attack issue discovered by Kevin Burke. However, the expert claims that more measures should be implemented.<br>
|
|
<b>Reference:</b> <a href="http://news.softpedia.com/news/Virgin-Mobile-PIN-Brute-Force-Attack-Issue-Addressed-by-Sprint-293560.shtml" target="_blank">http://news.softpedia.com/news/Virgin-Mobile-PIN-Brute-Force-Attack-Issue-Addressed-by-Sprint-293560.shtml</a>
|
|
</div></td></tr> <tr><td><div class="googft-card-view" style="font-family:sans-serif;width:450px;padding:4px;border:1px solid #ccc;overflow:hidden">
|
|
<b>Entry Title:</b> WHID 2012-372: Chase, NYSE Websites Targeted in Cyber Attacks<br>
|
|
<b>WHID ID:</b> 2012-372<br>
|
|
<b>Date Occurred:</b> 9/19/2012<br>
|
|
<b>Attack Method:</b> Denial of Service<br>
|
|
<b>Application Weakness:</b> Insufficient Anti-automation<br>
|
|
<b>Outcome:</b> Downtime<br>
|
|
<b>Attacked Entity Field:</b> Finance<br>
|
|
<b>Attacked Entity Geography:</b> <br>
|
|
<b>Incident Description:</b> J.P. Morgan Chase (JPM) and NYSE Euronext (NYX) experienced website trouble Wednesday after being targeted by apparent cyber attacks. The problems come a day after Bank of America experienced prolonged issues following a separate attack. Read more: http://www.foxbusiness.com/industries/2012/09/19/chase-website-experiences-intermittent-troubles/#ixzz2CntAd4Pz<br>
|
|
<b>Reference:</b> <a href="http://www.foxbusiness.com/industries/2012/09/19/chase-website-experiences-intermittent-troubles/" target="_blank">http://www.foxbusiness.com/industries/2012/09/19/chase-website-experiences-intermittent-troubles/</a>
|
|
</div></td> <td><div class="googft-card-view" style="font-family:sans-serif;width:450px;padding:4px;border:1px solid #ccc;overflow:hidden">
|
|
<b>Entry Title:</b> WHID 2012-371: Bank of America Website Hacked, Islamic Cyber Terrorists Takes Credit<br>
|
|
<b>WHID ID:</b> 2012-371<br>
|
|
<b>Date Occurred:</b> 9/18/2012<br>
|
|
<b>Attack Method:</b> Denial of Service<br>
|
|
<b>Application Weakness:</b> Insufficient Anti-automation<br>
|
|
<b>Outcome:</b> Downtime<br>
|
|
<b>Attacked Entity Field:</b> Finance<br>
|
|
<b>Attacked Entity Geography:</b> <br>
|
|
<b>Incident Description:</b> The Bank of America website was possibly hacked with customers experiencing intermittent problems most of Tuesday, the same time an Islamic cyber-terrorist group threatened to attack the bank, New York Stock Exchange and other U.S. targets.<br>
|
|
<b>Reference:</b> <a href="http://www.foodworldnews.com/articles/2197/20120918/bank-of-america-website-hacked-islamic-cyber-terrorists-takes-credit.htm" target="_blank">http://www.foodworldnews.com/articles/2197/20120918/bank-of-america-website-hacked-islamic-cyber-terrorists-takes-credit.htm</a>
|
|
</div></td></tr> <tr><td><div class="googft-card-view" style="font-family:sans-serif;width:450px;padding:4px;border:1px solid #ccc;overflow:hidden">
|
|
<b>Entry Title:</b> WHID 2012-370: Hacker Steals $140k From Lock Poker Account<br>
|
|
<b>WHID ID:</b> 2012-370<br>
|
|
<b>Date Occurred:</b> 9/18/2012<br>
|
|
<b>Attack Method:</b> Stolen Credentials<br>
|
|
<b>Application Weakness:</b> Insufficient Authentication<br>
|
|
<b>Outcome:</b> Monetary Loss<br>
|
|
<b>Attacked Entity Field:</b> Gaming<br>
|
|
<b>Attacked Entity Geography:</b> <br>
|
|
<b>Incident Description:</b> However, unbeknownst to MicahJ, it was in fact an .exe file possibly complete with a keylogger program which then accessed all sensitive information on his computer.<br>
|
|
<b>Reference:</b> <a href="http://www.onlinepoker.net/poker-news/general-poker-news/hacker-steals-140k-lock-poker-account/16705" target="_blank">http://www.onlinepoker.net/poker-news/general-poker-news/hacker-steals-140k-lock-poker-account/16705</a>
|
|
</div></td> <td><div class="googft-card-view" style="font-family:sans-serif;width:450px;padding:4px;border:1px solid #ccc;overflow:hidden">
|
|
<b>Entry Title:</b> WHID 2012-37: AFL Website Hacked<br>
|
|
<b>WHID ID:</b> 2012-37<br>
|
|
<b>Date Occurred:</b> 2/21/2012<br>
|
|
<b>Attack Method:</b> Unknown<br>
|
|
<b>Application Weakness:</b> Unknown<br>
|
|
<b>Outcome:</b> Downtime<br>
|
|
<b>Attacked Entity Field:</b> Sports<br>
|
|
<b>Attacked Entity Geography:</b> Australia<br>
|
|
<b>Incident Description:</b> The AFL is a little embarrassed and users surprised by a message replacing the normal screen.<br>
|
|
<b>Reference:</b> <a href="http://www.triplem.com.au/sydney/sport/afl/news/blog/afl-website-hacked-with-demetriou-is-eddies-bitch-message/20120221-fo0o.html" target="_blank">http://www.triplem.com.au/sydney/sport/afl/news/blog/afl-website-hacked-with-demetriou-is-eddies-bitch-message/20120221-fo0o.html</a>
|
|
</div></td></tr> <tr><td><div class="googft-card-view" style="font-family:sans-serif;width:450px;padding:4px;border:1px solid #ccc;overflow:hidden">
|
|
<b>Entry Title:</b> WHID 2012-369: Mexico hackers hit official websites in cyber protest<br>
|
|
<b>WHID ID:</b> 2012-369<br>
|
|
<b>Date Occurred:</b> 9/16/2012<br>
|
|
<b>Attack Method:</b> Unknown<br>
|
|
<b>Application Weakness:</b> Unknown<br>
|
|
<b>Outcome:</b> Defacement<br>
|
|
<b>Attacked Entity Field:</b> Government<br>
|
|
<b>Attacked Entity Geography:</b> <br>
|
|
<b>Incident Description:</b> Mexican computer hackers have taken over at least ten government and other websites in a political protest marking the country's independence day.<br>
|
|
<b>Reference:</b> <a href="http://www.bbc.co.uk/news/world-latin-america-19618459" target="_blank">http://www.bbc.co.uk/news/world-latin-america-19618459</a>
|
|
</div></td> <td><div class="googft-card-view" style="font-family:sans-serif;width:450px;padding:4px;border:1px solid #ccc;overflow:hidden">
|
|
<b>Entry Title:</b> WHID 2012-368: GoDaddy stopped by massive DDoS attack<br>
|
|
<b>WHID ID:</b> 2012-368<br>
|
|
<b>Date Occurred:</b> 9/10/2012<br>
|
|
<b>Attack Method:</b> Denial of Service<br>
|
|
<b>Application Weakness:</b> Insufficient Anti-automation<br>
|
|
<b>Outcome:</b> Downtime<br>
|
|
<b>Attacked Entity Field:</b> Service Providers<br>
|
|
<b>Attacked Entity Geography:</b> <br>
|
|
<b>Incident Description:</b> A lone hacker has claimed responsibility for an ongoing denial-of-service attack that may have knocked out millions of websites hosted by world's largest domain registrar GoDaddy.<br>
|
|
<b>Reference:</b> <a href="http://www.theregister.co.uk/2012/09/10/godaddy_ddos_attack/" target="_blank">http://www.theregister.co.uk/2012/09/10/godaddy_ddos_attack/</a>
|
|
</div></td></tr> <tr><td><div class="googft-card-view" style="font-family:sans-serif;width:450px;padding:4px;border:1px solid #ccc;overflow:hidden">
|
|
<b>Entry Title:</b> WHID 2012-367: Dominos' India website hacked, customer info leaked<br>
|
|
<b>WHID ID:</b> 2012-367<br>
|
|
<b>Date Occurred:</b> 9/11/2012<br>
|
|
<b>Attack Method:</b> SQL Injection<br>
|
|
<b>Application Weakness:</b> Improper Input Handling<br>
|
|
<b>Outcome:</b> Leakage of Information<br>
|
|
<b>Attacked Entity Field:</b> Retail<br>
|
|
<b>Attacked Entity Geography:</b> <br>
|
|
<b>Incident Description:</b> Domino???s India website was hacked using the SQL injection method and remote file inclusion, one of the most common methods for stealing private data from web databases. Through this, the hacker typically tricks the site???s database into revealing data that should be hidden by ???injecting??? certain commands.<br>
|
|
<b>Reference:</b> <a href="http://business-standard.com/india/news/dominos-india-website-hacked-customer-info-leaked/486057/" target="_blank">http://business-standard.com/india/news/dominos-india-website-hacked-customer-info-leaked/486057/</a>
|
|
</div></td> <td><div class="googft-card-view" style="font-family:sans-serif;width:450px;padding:4px;border:1px solid #ccc;overflow:hidden">
|
|
<b>Entry Title:</b> WHID 2012-366: Hacker suspected of stealing scores of court documents<br>
|
|
<b>WHID ID:</b> 2012-366<br>
|
|
<b>Date Occurred:</b> 9/10/2012<br>
|
|
<b>Attack Method:</b> Predictable Resource Location<br>
|
|
<b>Application Weakness:</b> Insufficient Authorization<br>
|
|
<b>Outcome:</b> Leakage of Information<br>
|
|
<b>Attacked Entity Field:</b> Government<br>
|
|
<b>Attacked Entity Geography:</b> <br>
|
|
<b>Incident Description:</b> "I accidently typed in a wrong case number and saw that I could access other cases. Some of them I just passed on to acquaintances. It's what you do today ??? like Twitter."<br>
|
|
<b>Reference:</b> <a href="http://www.ynetnews.com/articles/0,7340,L-4279655,00.html" target="_blank">http://www.ynetnews.com/articles/0,7340,L-4279655,00.html</a>
|
|
</div></td></tr> <tr><td><div class="googft-card-view" style="font-family:sans-serif;width:450px;padding:4px;border:1px solid #ccc;overflow:hidden">
|
|
<b>Entry Title:</b> WHID 2012-365: Al Jazeera???s mobile news service hacked<br>
|
|
<b>WHID ID:</b> 2012-365<br>
|
|
<b>Date Occurred:</b> 9/10/2012<br>
|
|
<b>Attack Method:</b> Unknown<br>
|
|
<b>Application Weakness:</b> Unknown<br>
|
|
<b>Outcome:</b> Disinformation<br>
|
|
<b>Attacked Entity Field:</b> Media<br>
|
|
<b>Attacked Entity Geography:</b> <br>
|
|
<b>Incident Description:</b> Al Jazeera news network's mobile service was hacked today, as per a report by AFP. This development comes barely a week after a number of its websites were hacked by Syria???s Assad loyalists, it reported on its website al-jazeera.net.<br>
|
|
<b>Reference:</b> <a href="http://tech2.in.com/news/general/al-jazeeras-mobile-news-service-hacked/424632" target="_blank">http://tech2.in.com/news/general/al-jazeeras-mobile-news-service-hacked/424632</a>
|
|
</div></td> <td><div class="googft-card-view" style="font-family:sans-serif;width:450px;padding:4px;border:1px solid #ccc;overflow:hidden">
|
|
<b>Entry Title:</b> WHID 2012-364: Thousands of 'Guild Wars 2' accounts hacked<br>
|
|
<b>WHID ID:</b> 2012-364<br>
|
|
<b>Date Occurred:</b> 9/6/2012<br>
|
|
<b>Attack Method:</b> Stolen Credentials<br>
|
|
<b>Application Weakness:</b> Insufficient Authentication<br>
|
|
<b>Outcome:</b> Account Takeover<br>
|
|
<b>Attacked Entity Field:</b> Gaming<br>
|
|
<b>Attacked Entity Geography:</b> <br>
|
|
<b>Incident Description:</b> ArenaNet ??? the company behind the massively multiplayer online game ??? has told players that hackers are actively trying to get into accounts and appear to have cracked more than 11,000 already.<br>
|
|
<b>Reference:</b> <a href="http://www.nbcnews.com/technology/ingame/thousands-guild-wars-2-accounts-hacked-985019" target="_blank">http://www.nbcnews.com/technology/ingame/thousands-guild-wars-2-accounts-hacked-985019</a>
|
|
</div></td></tr> <tr><td><div class="googft-card-view" style="font-family:sans-serif;width:450px;padding:4px;border:1px solid #ccc;overflow:hidden">
|
|
<b>Entry Title:</b> WHID 2012-363: Nova Scotia Web site clobbered by virus<br>
|
|
<b>WHID ID:</b> 2012-363<br>
|
|
<b>Date Occurred:</b> 9/6/2012<br>
|
|
<b>Attack Method:</b> Stolen Credentials<br>
|
|
<b>Application Weakness:</b> Improper Input Handling<br>
|
|
<b>Outcome:</b> Downtime<br>
|
|
<b>Attacked Entity Field:</b> Government<br>
|
|
<b>Attacked Entity Geography:</b> <br>
|
|
<b>Incident Description:</b> A SQL injection attack took down the provincial lobbyist registry site several weeks ago. A government spokesperson says viruses sometimes slip through between software updates<br>
|
|
<b>Reference:</b> <a href="http://www.itworldcanada.com/news/nova-scotia-web-site-clobbered-by-virus/146080" target="_blank">http://www.itworldcanada.com/news/nova-scotia-web-site-clobbered-by-virus/146080</a>
|
|
</div></td> <td><div class="googft-card-view" style="font-family:sans-serif;width:450px;padding:4px;border:1px solid #ccc;overflow:hidden">
|
|
<b>Entry Title:</b> WHID 2012-362: Hackers steal $250,000 from BitFloor exchange<br>
|
|
<b>WHID ID:</b> 2012-362<br>
|
|
<b>Date Occurred:</b> 9/5/2012<br>
|
|
<b>Attack Method:</b> Unknown<br>
|
|
<b>Application Weakness:</b> Unknown<br>
|
|
<b>Outcome:</b> Monetary Loss<br>
|
|
<b>Attacked Entity Field:</b> Finance<br>
|
|
<b>Attacked Entity Geography:</b> <br>
|
|
<b>Incident Description:</b> The US's biggest BitCoin trading exchange, BitFloor, has been forced to temporarily shut up shop, after a virtual heist in which the equivalent of $250,000 was stolen.<br>
|
|
<b>Reference:</b> <a href="http://www.tgdaily.com/business-and-law-features/65934-hackers-steal-250000-from-bitfloor-exchange" target="_blank">http://www.tgdaily.com/business-and-law-features/65934-hackers-steal-250000-from-bitfloor-exchange</a>
|
|
</div></td></tr> <tr><td><div class="googft-card-view" style="font-family:sans-serif;width:450px;padding:4px;border:1px solid #ccc;overflow:hidden">
|
|
<b>Entry Title:</b> WHID 2012-361: Anonymous Hackers Hit Siemens, Fujitsu<br>
|
|
<b>WHID ID:</b> 2012-361<br>
|
|
<b>Date Occurred:</b> 9/4/2012<br>
|
|
<b>Attack Method:</b> SQL Injection<br>
|
|
<b>Application Weakness:</b> Improper Input Handling<br>
|
|
<b>Outcome:</b> Leakage of Information<br>
|
|
<b>Attacked Entity Field:</b> Technology<br>
|
|
<b>Attacked Entity Geography:</b> <br>
|
|
<b>Incident Description:</b> "The hackers have published massive amounts of data -- including some e-mail addresses, usernames and passwords -- allegedly stolen from these Web sites," writes Softpedia's Eduard Kovacs. "Judging by the files posted on PrivatePaste, it appears that the attackers once again leveraged SQL Injection vulnerabilities to breach the sites and gain access to their databases."<br>
|
|
<b>Reference:</b> <a href="http://www.esecurityplanet.com/hackers/anonymous-hackers-hit-siemens-fujitsu.html" target="_blank">http://www.esecurityplanet.com/hackers/anonymous-hackers-hit-siemens-fujitsu.html</a>
|
|
</div></td> <td><div class="googft-card-view" style="font-family:sans-serif;width:450px;padding:4px;border:1px solid #ccc;overflow:hidden">
|
|
<b>Entry Title:</b> WHID 2012-360: Qatar's Al Jazeera website hacked by Syria's Assad loyalists<br>
|
|
<b>WHID ID:</b> 2012-360<br>
|
|
<b>Date Occurred:</b> 9/4/2012<br>
|
|
<b>Attack Method:</b> Unknown<br>
|
|
<b>Application Weakness:</b> Unknown<br>
|
|
<b>Outcome:</b> Defacement<br>
|
|
<b>Attacked Entity Field:</b> Media<br>
|
|
<b>Attacked Entity Geography:</b> <br>
|
|
<b>Incident Description:</b> The website of Qatar-based satellite news network Al Jazeera was apparently hacked on Tuesday by Syrian government loyalists for what they said was the television channel's support for the "armed terrorist groups and spreading lies and fabricated news".<br>
|
|
<b>Reference:</b> <a href="http://www.reuters.com/article/2012/09/04/us-qatar-jazeera-hacking-idUSBRE8830ZI20120904" target="_blank">http://www.reuters.com/article/2012/09/04/us-qatar-jazeera-hacking-idUSBRE8830ZI20120904</a>
|
|
</div></td></tr> <tr><td><div class="googft-card-view" style="font-family:sans-serif;width:450px;padding:4px;border:1px solid #ccc;overflow:hidden">
|
|
<b>Entry Title:</b> WHID 2012-36: Houston County website hacked, investigation ongoing<br>
|
|
<b>WHID ID:</b> 2012-36<br>
|
|
<b>Date Occurred:</b> 2/20/2012<br>
|
|
<b>Attack Method:</b> Unknown<br>
|
|
<b>Application Weakness:</b> Unknown<br>
|
|
<b>Outcome:</b> Downtime<br>
|
|
<b>Attacked Entity Field:</b> Government<br>
|
|
<b>Attacked Entity Geography:</b> Houston, TX<br>
|
|
<b>Incident Description:</b> Houston County???s official website is indefinitely down for maintenance after being hacked early Monday morning.<br>
|
|
<b>Reference:</b> <a href="http://www2.dothaneagle.com/news/2012/feb/20/houston-county-website-hacked-investigation-ongoin-ar-3266922/" target="_blank">http://www2.dothaneagle.com/news/2012/feb/20/houston-county-website-hacked-investigation-ongoin-ar-3266922/</a>
|
|
</div></td> <td><div class="googft-card-view" style="font-family:sans-serif;width:450px;padding:4px;border:1px solid #ccc;overflow:hidden">
|
|
<b>Entry Title:</b> WHID 2012-359: Sony Mobile's website hacked<br>
|
|
<b>WHID ID:</b> 2012-359<br>
|
|
<b>Date Occurred:</b> 9/3/2012<br>
|
|
<b>Attack Method:</b> SQL Injection<br>
|
|
<b>Application Weakness:</b> Improper Input Handling<br>
|
|
<b>Outcome:</b> Leakage of Information<br>
|
|
<b>Attacked Entity Field:</b> Entertainment<br>
|
|
<b>Attacked Entity Geography:</b> <br>
|
|
<b>Incident Description:</b> A group of hackers known as the Null Crew have laid claim to eight Sony servers, citing the company's notoriously 'lax security.'<br>
|
|
<b>Reference:</b> <a href="http://www.afterdawn.com/news/article.cfm/2012/09/03/sony_mobile_s_website_hacked" target="_blank">http://www.afterdawn.com/news/article.cfm/2012/09/03/sony_mobile_s_website_hacked</a>
|
|
</div></td></tr> <tr><td><div class="googft-card-view" style="font-family:sans-serif;width:450px;padding:4px;border:1px solid #ccc;overflow:hidden">
|
|
<b>Entry Title:</b> WHID 2012-358: WikiLeaks supporters take down Swedish government sites with DDOS attacks<br>
|
|
<b>WHID ID:</b> 2012-358<br>
|
|
<b>Date Occurred:</b> 9/3/2012<br>
|
|
<b>Attack Method:</b> Denial of Service<br>
|
|
<b>Application Weakness:</b> Insufficient Anti-automation<br>
|
|
<b>Outcome:</b> Downtime<br>
|
|
<b>Attacked Entity Field:</b> Government<br>
|
|
<b>Attacked Entity Geography:</b> <br>
|
|
<b>Incident Description:</b> Multiple government and media websites in Sweden were taken down today by coordinated Distributed Denial of Service (DDoS) attacks at around 10AM local time. The Swedish Armed Forces, Sweden.se, the Swedish Institute, and the Swedish Courts websites were among those affected. At the time of writing, the first two were down while the other two were up, but that doesn???t mean much as the sites have been going in and out all day.<br>
|
|
<b>Reference:</b> <a href="http://thenextweb.com/insider/2012/09/03/wikileaks-supporters-take-swedish-government-sites-ddos-attacks/" target="_blank">http://thenextweb.com/insider/2012/09/03/wikileaks-supporters-take-swedish-government-sites-ddos-attacks/</a>
|
|
</div></td> <td><div class="googft-card-view" style="font-family:sans-serif;width:450px;padding:4px;border:1px solid #ccc;overflow:hidden">
|
|
<b>Entry Title:</b> WHID 2012-357: Hacker hands Barto manufacturer $190,000 loss<br>
|
|
<b>WHID ID:</b> 2012-357<br>
|
|
<b>Date Occurred:</b> 9/3/2012<br>
|
|
<b>Attack Method:</b> Banking Trojan<br>
|
|
<b>Application Weakness:</b> Insufficient Process Validation<br>
|
|
<b>Outcome:</b> Monetary Loss<br>
|
|
<b>Attacked Entity Field:</b> Finance<br>
|
|
<b>Attacked Entity Geography:</b> <br>
|
|
<b>Incident Description:</b> A hacker broke into a Berks County manufacturer's computer system and stole nearly $200,000, according to state police.<br>
|
|
<b>Reference:</b> <a href="http://readingeagle.com/article.aspx?id=412706" target="_blank">http://readingeagle.com/article.aspx?id=412706</a>
|
|
</div></td></tr> <tr><td><div class="googft-card-view" style="font-family:sans-serif;width:450px;padding:4px;border:1px solid #ccc;overflow:hidden">
|
|
<b>Entry Title:</b> WHID 2012-356: Hackers deface MWSS site over high water rates<br>
|
|
<b>WHID ID:</b> 2012-356<br>
|
|
<b>Date Occurred:</b> 9/1/2012<br>
|
|
<b>Attack Method:</b> Unknown<br>
|
|
<b>Application Weakness:</b> Unknown<br>
|
|
<b>Outcome:</b> Defacement<br>
|
|
<b>Attacked Entity Field:</b> Government<br>
|
|
<b>Attacked Entity Geography:</b> <br>
|
|
<b>Incident Description:</b> Hackers claiming to be a Philippine chapter of the hacktivist collective Anonymous defaced the website of the Metropolitan Waterworks and Sewerage System (MWSS) over the weekend, supposedly over unjustified high charges by the agency's concessionaires.<br>
|
|
<b>Reference:</b> <a href="http://www.gmanetwork.com/news/story/272170/scitech/technology/hackers-deface-mwss-site-over-high-water-rates" target="_blank">http://www.gmanetwork.com/news/story/272170/scitech/technology/hackers-deface-mwss-site-over-high-water-rates</a>
|
|
</div></td> <td><div class="googft-card-view" style="font-family:sans-serif;width:450px;padding:4px;border:1px solid #ccc;overflow:hidden">
|
|
<b>Entry Title:</b> WHID 2012-355: Data stolen after Hertfordshire Constabulary website hacked<br>
|
|
<b>WHID ID:</b> 2012-355<br>
|
|
<b>Date Occurred:</b> 9/1/2012<br>
|
|
<b>Attack Method:</b> Unknown<br>
|
|
<b>Application Weakness:</b> Unknown<br>
|
|
<b>Outcome:</b> Leakage of Information<br>
|
|
<b>Attacked Entity Field:</b> Government<br>
|
|
<b>Attacked Entity Geography:</b> <br>
|
|
<b>Incident Description:</b> Hertfordshire Constabulary ???s website has been hacked and data from it published on internet by activists thought to be linked with WikiLeaks founder Julian Assange.<br>
|
|
<b>Reference:</b> <a href="http://www.times-series.co.uk/news/9905085.Data_stolen_after_Hertfordshire_Constabulary_website_hacked/" target="_blank">http://www.times-series.co.uk/news/9905085.Data_stolen_after_Hertfordshire_Constabulary_website_hacked/</a>
|
|
</div></td></tr> <tr><td><div class="googft-card-view" style="font-family:sans-serif;width:450px;padding:4px;border:1px solid #ccc;overflow:hidden">
|
|
<b>Entry Title:</b> WHID 2012-354: Toyota Employee Allegedly Hacked, Stole Confidential Information<br>
|
|
<b>WHID ID:</b> 2012-354<br>
|
|
<b>Date Occurred:</b> 8/31/2012<br>
|
|
<b>Attack Method:</b> Stolen Credentials<br>
|
|
<b>Application Weakness:</b> Insufficient Authentication<br>
|
|
<b>Outcome:</b> Leakage of Information<br>
|
|
<b>Attacked Entity Field:</b> Automotive<br>
|
|
<b>Attacked Entity Geography:</b> <br>
|
|
<b>Incident Description:</b> Investigation is now underway into whether a computer programmer allegedly stole proprietary information from the automaker Toyota and ???sabotaged??? the company???s supplier computer network after being terminated last week.<br>
|
|
<b>Reference:</b> <a href="http://threatpost.com/en_us/blogs/toyota-employee-allegedly-hacked-stole-confidential-information-083112" target="_blank">http://threatpost.com/en_us/blogs/toyota-employee-allegedly-hacked-stole-confidential-information-083112</a>
|
|
</div></td> <td><div class="googft-card-view" style="font-family:sans-serif;width:450px;padding:4px;border:1px solid #ccc;overflow:hidden">
|
|
<b>Entry Title:</b> WHID 2012-353: University IT blunder sparks hacking fears<br>
|
|
<b>WHID ID:</b> 2012-353<br>
|
|
<b>Date Occurred:</b> 8/31/2012<br>
|
|
<b>Attack Method:</b> Unknown<br>
|
|
<b>Application Weakness:</b> Unknown<br>
|
|
<b>Outcome:</b> Leakage of Information<br>
|
|
<b>Attacked Entity Field:</b> Education<br>
|
|
<b>Attacked Entity Geography:</b> <br>
|
|
<b>Incident Description:</b> On 24th and 29th August respectively both Cambridge University and Africa College Leeds (a research partnership affiliated to the University of Leeds working to improve food sources in sub-Saharan Africa) websites were infiltrated by hackers.<br>
|
|
<b>Reference:</b> <a href="http://oxfordstudent.com/2012/08/31/university-computer-systems-hacked/" target="_blank">http://oxfordstudent.com/2012/08/31/university-computer-systems-hacked/</a>
|
|
</div></td></tr> <tr><td><div class="googft-card-view" style="font-family:sans-serif;width:450px;padding:4px;border:1px solid #ccc;overflow:hidden">
|
|
<b>Entry Title:</b> WHID 2012-352: Hacker???s Overnight Attack South London Healthcare NHS Trust's Website<br>
|
|
<b>WHID ID:</b> 2012-352<br>
|
|
<b>Date Occurred:</b> 8/30/2012<br>
|
|
<b>Attack Method:</b> Unknown<br>
|
|
<b>Application Weakness:</b> Unknown<br>
|
|
<b>Outcome:</b> Defacement<br>
|
|
<b>Attacked Entity Field:</b> Healthcare<br>
|
|
<b>Attacked Entity Geography:</b> <br>
|
|
<b>Incident Description:</b> Arabic Service reports are confirming hacking of a London NHS trust, which was down for a night reading the message: Group HP-Hack in red letters with displayed images of the Syrian civil war.<br>
|
|
<b>Reference:</b> <a href="http://topnews.ae/content/212832-hacker-s-overnight-attack-south-london-healthcare-nhs-trusts-website" target="_blank">http://topnews.ae/content/212832-hacker-s-overnight-attack-south-london-healthcare-nhs-trusts-website</a>
|
|
</div></td> <td><div class="googft-card-view" style="font-family:sans-serif;width:450px;padding:4px;border:1px solid #ccc;overflow:hidden">
|
|
<b>Entry Title:</b> WHID 2012-351: Hacker makes abusive bank account attack<br>
|
|
<b>WHID ID:</b> 2012-351<br>
|
|
<b>Date Occurred:</b> 8/29/2012<br>
|
|
<b>Attack Method:</b> Unknown<br>
|
|
<b>Application Weakness:</b> Unknown<br>
|
|
<b>Outcome:</b> Defacement<br>
|
|
<b>Attacked Entity Field:</b> Finance<br>
|
|
<b>Attacked Entity Geography:</b> <br>
|
|
<b>Incident Description:</b> "Our investigation has indicated that his account was accessed by an unknown third party. Our fraud detection systems recognised the threat, meaning that no money was able to be withdrawn.<br>
|
|
<b>Reference:</b> <a href="http://www.eveningtimes.co.uk/news/hacker-makes-abusive-bank-account-attack.18721478" target="_blank">http://www.eveningtimes.co.uk/news/hacker-makes-abusive-bank-account-attack.18721478</a>
|
|
</div></td></tr> <tr><td><div class="googft-card-view" style="font-family:sans-serif;width:450px;padding:4px;border:1px solid #ccc;overflow:hidden">
|
|
<b>Entry Title:</b> WHID 2012-350: Guild Wars 2 Accounts Hacked<br>
|
|
<b>WHID ID:</b> 2012-350<br>
|
|
<b>Date Occurred:</b> 8/30/2012<br>
|
|
<b>Attack Method:</b> Stolen Credentials<br>
|
|
<b>Application Weakness:</b> Insufficient Authentication<br>
|
|
<b>Outcome:</b> Account Takeover<br>
|
|
<b>Attacked Entity Field:</b> Gaming<br>
|
|
<b>Attacked Entity Geography:</b> <br>
|
|
<b>Incident Description:</b> We're seeing an uptick in reports of account theft and attempted account theft. We believe hackers are using databases of email addresses and passwords stolen from other games and web sites, and pre-existing trojan horses, to search for matching Guild Wars 2 accounts which they attempt to compromise. To prevent this, we have temporarily disabled the 'reset password' feature, and we're working to bring email authentication online<br>
|
|
<b>Reference:</b> <a href="http://www.esecurityplanet.com/hackers/guild-wars-2-accounts-hacked.html" target="_blank">http://www.esecurityplanet.com/hackers/guild-wars-2-accounts-hacked.html</a>
|
|
</div></td> <td><div class="googft-card-view" style="font-family:sans-serif;width:450px;padding:4px;border:1px solid #ccc;overflow:hidden">
|
|
<b>Entry Title:</b> WHID 2012-35: The Herald website hacked, used to propagate pornography<br>
|
|
<b>WHID ID:</b> 2012-35<br>
|
|
<b>Date Occurred:</b> 2/15/2012<br>
|
|
<b>Attack Method:</b> Unknown<br>
|
|
<b>Application Weakness:</b> Unknown<br>
|
|
<b>Outcome:</b> Spam<br>
|
|
<b>Attacked Entity Field:</b> Media<br>
|
|
<b>Attacked Entity Geography:</b> Zimbabwe<br>
|
|
<b>Incident Description:</b> The Herald website, www.herald.co.zw, was compromised and used to host links to pornography sites.<br>
|
|
<b>Reference:</b> <a href="http://www.techzim.co.zw/2012/02/the-herald-website-hacked-used-to-propagate-pornography/" target="_blank">http://www.techzim.co.zw/2012/02/the-herald-website-hacked-used-to-propagate-pornography/</a>
|
|
</div></td></tr> <tr><td><div class="googft-card-view" style="font-family:sans-serif;width:450px;padding:4px;border:1px solid #ccc;overflow:hidden">
|
|
<b>Entry Title:</b> WHID 2012-349: Brighton shopping centre website hacked<br>
|
|
<b>WHID ID:</b> 2012-349<br>
|
|
<b>Date Occurred:</b> 8/30/2012<br>
|
|
<b>Attack Method:</b> Unknown<br>
|
|
<b>Application Weakness:</b> Unknown<br>
|
|
<b>Outcome:</b> Spam Links<br>
|
|
<b>Attacked Entity Field:</b> Retail<br>
|
|
<b>Attacked Entity Geography:</b> <br>
|
|
<b>Incident Description:</b> The Churchill Square website has been displaying links to sexual enhancement drugs and hair loss treatment after being hacked.<br>
|
|
<b>Reference:</b> <a href="http://www.theargus.co.uk/news/9901746.Sex__drugs_and_hair_loss_links_on_hacked_Brighton_shopping_centre_website/?ref=nt" target="_blank">http://www.theargus.co.uk/news/9901746.Sex__drugs_and_hair_loss_links_on_hacked_Brighton_shopping_centre_website/?ref=nt</a>
|
|
</div></td> <td><div class="googft-card-view" style="font-family:sans-serif;width:450px;padding:4px;border:1px solid #ccc;overflow:hidden">
|
|
<b>Entry Title:</b> WHID 2012-348: Guangdong PSB Website Hacked<br>
|
|
<b>WHID ID:</b> 2012-348<br>
|
|
<b>Date Occurred:</b> 8/28/2012<br>
|
|
<b>Attack Method:</b> Unknown<br>
|
|
<b>Application Weakness:</b> Unknown<br>
|
|
<b>Outcome:</b> Defacement<br>
|
|
<b>Attacked Entity Field:</b> Government<br>
|
|
<b>Attacked Entity Geography:</b> <br>
|
|
<b>Incident Description:</b> Screenshot: A message on the hacked website of the Heyuan City Public Security Department, in Guangdong Province, says ???the Chinese Communist Party deserves a terrible death.??? The website was hacked from between Aug. 22 and Aug. 27, when it was taken down and repaired. (Aboluowang.com)<br>
|
|
<b>Reference:</b> <a href="http://www.theepochtimes.com/n2/china-news/guangdong-psb-website-hacked-cheering-netizens-285263.html" target="_blank">http://www.theepochtimes.com/n2/china-news/guangdong-psb-website-hacked-cheering-netizens-285263.html</a>
|
|
</div></td></tr> <tr><td><div class="googft-card-view" style="font-family:sans-serif;width:450px;padding:4px;border:1px solid #ccc;overflow:hidden">
|
|
<b>Entry Title:</b> WHID 2012-347: South London Healthcare NHS Trust's website hacked<br>
|
|
<b>WHID ID:</b> 2012-347<br>
|
|
<b>Date Occurred:</b> 8/29/2012<br>
|
|
<b>Attack Method:</b> Unknown<br>
|
|
<b>Application Weakness:</b> Unknown<br>
|
|
<b>Outcome:</b> Defacement<br>
|
|
<b>Attacked Entity Field:</b> Healthcare<br>
|
|
<b>Attacked Entity Geography:</b> <br>
|
|
<b>Incident Description:</b> A London NHS trust had to take down its website after it was hacked. A message was written in Arabic on the South London Healthcare NHS Trust (SLHT) website on Wednesday night.<br>
|
|
<b>Reference:</b> <a href="http://www.bbc.co.uk/news/uk-england-london-19413427" target="_blank">http://www.bbc.co.uk/news/uk-england-london-19413427</a>
|
|
</div></td> <td><div class="googft-card-view" style="font-family:sans-serif;width:450px;padding:4px;border:1px solid #ccc;overflow:hidden">
|
|
<b>Entry Title:</b> WHID 2012-346: Amnesty International Website Hacked<br>
|
|
<b>WHID ID:</b> 2012-346<br>
|
|
<b>Date Occurred:</b> 8/28/2012<br>
|
|
<b>Attack Method:</b> Unknown<br>
|
|
<b>Application Weakness:</b> Unknown<br>
|
|
<b>Outcome:</b> Disinformation<br>
|
|
<b>Attacked Entity Field:</b> Blogs<br>
|
|
<b>Attacked Entity Geography:</b> <br>
|
|
<b>Incident Description:</b> Supporters of the Syrian government hacked the website of Amnesty International, posting items that falsely accused the rebels of a string of atrocities.<br>
|
|
<b>Reference:</b> <a href="http://www.northjersey.com/news/international/167726365_Amnesty_International_Website_Hacked.html?page=all" target="_blank">http://www.northjersey.com/news/international/167726365_Amnesty_International_Website_Hacked.html?page=all</a>
|
|
</div></td></tr> <tr><td><div class="googft-card-view" style="font-family:sans-serif;width:450px;padding:4px;border:1px solid #ccc;overflow:hidden">
|
|
<b>Entry Title:</b> WHID 2012-345: 1 MILLION accounts leaked in megahack on banks, websites<br>
|
|
<b>WHID ID:</b> 2012-345<br>
|
|
<b>Date Occurred:</b> 8/28/2012<br>
|
|
<b>Attack Method:</b> SQL Injection<br>
|
|
<b>Application Weakness:</b> Improper Input Handling<br>
|
|
<b>Outcome:</b> Leakage of Information<br>
|
|
<b>Attacked Entity Field:</b> Finance<br>
|
|
<b>Attacked Entity Geography:</b> <br>
|
|
<b>Incident Description:</b> Hacker collective Team GhostShell leaked a cache of more than one million user account records from 100 websites over the weekend.<br>
|
|
<b>Reference:</b> <a href="http://www.theregister.co.uk/2012/08/28/team_ghostshell_megahack/" target="_blank">http://www.theregister.co.uk/2012/08/28/team_ghostshell_megahack/</a>
|
|
</div></td> <td><div class="googft-card-view" style="font-family:sans-serif;width:450px;padding:4px;border:1px solid #ccc;overflow:hidden">
|
|
<b>Entry Title:</b> WHID 2012-344: GOVT HACKED OFF BY WEB BUG<br>
|
|
<b>WHID ID:</b> 2012-344<br>
|
|
<b>Date Occurred:</b> 8/23/2012<br>
|
|
<b>Attack Method:</b> Unknown<br>
|
|
<b>Application Weakness:</b> Unknown<br>
|
|
<b>Outcome:</b> Defacement<br>
|
|
<b>Attacked Entity Field:</b> Government<br>
|
|
<b>Attacked Entity Geography:</b> <br>
|
|
<b>Incident Description:</b> Last weekend the website www.gibraltar.gov.gi was hacked, albeit for a brief time.<br>
|
|
<b>Reference:</b> <a href="http://www.chronicle.gi/headlines_details.php?id=25802" target="_blank">http://www.chronicle.gi/headlines_details.php?id=25802</a>
|
|
</div></td></tr> <tr><td><div class="googft-card-view" style="font-family:sans-serif;width:450px;padding:4px;border:1px solid #ccc;overflow:hidden">
|
|
<b>Entry Title:</b> WHID 2012-343: MUN business school website hacked<br>
|
|
<b>WHID ID:</b> 2012-343<br>
|
|
<b>Date Occurred:</b> 8/24/2012<br>
|
|
<b>Attack Method:</b> Unknown<br>
|
|
<b>Application Weakness:</b> Unknown<br>
|
|
<b>Outcome:</b> Leakage of Information<br>
|
|
<b>Attacked Entity Field:</b> Education<br>
|
|
<b>Attacked Entity Geography:</b> <br>
|
|
<b>Incident Description:</b> Student records may have been among information exposed during a breach at Memorial University's business school website, according to officials.<br>
|
|
<b>Reference:</b> <a href="http://www.cbc.ca/news/canada/newfoundland-labrador/story/2012/08/23/nl-mun-business-website-hack-823.html" target="_blank">http://www.cbc.ca/news/canada/newfoundland-labrador/story/2012/08/23/nl-mun-business-website-hack-823.html</a>
|
|
</div></td> <td><div class="googft-card-view" style="font-family:sans-serif;width:450px;padding:4px;border:1px solid #ccc;overflow:hidden">
|
|
<b>Entry Title:</b> WHID 2012-342: Adventists Claim Hacker Swiped Manuscripts<br>
|
|
<b>WHID ID:</b> 2012-342<br>
|
|
<b>Date Occurred:</b> 8/22/2012<br>
|
|
<b>Attack Method:</b> SQL Injection<br>
|
|
<b>Application Weakness:</b> Improper Input Handling<br>
|
|
<b>Outcome:</b> Leakage of Information<br>
|
|
<b>Attacked Entity Field:</b> Religion<br>
|
|
<b>Attacked Entity Geography:</b> <br>
|
|
<b>Incident Description:</b> "Significantly, the SQL injection inquiries that were contained in the web server logs match exactly the SQL inquires posted on the Hack Forums by Knudson and the others," the complaint states. "Structured Query Language," or SQL, refers to questions written in database language intended to extract the contents of the database, the Adventists say.<br>
|
|
<b>Reference:</b> <a href="http://www.courthousenews.com/2012/08/22/49525.htm" target="_blank">http://www.courthousenews.com/2012/08/22/49525.htm</a>
|
|
</div></td></tr> <tr><td><div class="googft-card-view" style="font-family:sans-serif;width:450px;padding:4px;border:1px solid #ccc;overflow:hidden">
|
|
<b>Entry Title:</b> WHID 2012-341: AMD Blog Site Hacked, Usernames, Encrypted Passwords Stolen<br>
|
|
<b>WHID ID:</b> 2012-341<br>
|
|
<b>Date Occurred:</b> 8/20/2012<br>
|
|
<b>Attack Method:</b> Unknown<br>
|
|
<b>Application Weakness:</b> Unknown<br>
|
|
<b>Outcome:</b> Leakage of Information<br>
|
|
<b>Attacked Entity Field:</b> Blogs<br>
|
|
<b>Attacked Entity Geography:</b> <br>
|
|
<b>Incident Description:</b> A group calling itself r00tbeer claims responsibility for the attack, which forced AMD to take the site offline and to change all the passwords.<br>
|
|
<b>Reference:</b> <a href="http://www.eweek.com/c/a/Security/AMD-Blog-Site-Hacked-Usernames-Passwords-Stolen-794445/" target="_blank">http://www.eweek.com/c/a/Security/AMD-Blog-Site-Hacked-Usernames-Passwords-Stolen-794445/</a>
|
|
</div></td> <td><div class="googft-card-view" style="font-family:sans-serif;width:450px;padding:4px;border:1px solid #ccc;overflow:hidden">
|
|
<b>Entry Title:</b> WHID 2012-34: Nonprofit reports hacker's theft from payroll system<br>
|
|
<b>WHID ID:</b> 2012-340<br>
|
|
<b>Date Occurred:</b> 8/17/2012<br>
|
|
<b>Attack Method:</b> Unknown<br>
|
|
<b>Application Weakness:</b> Unknown<br>
|
|
<b>Outcome:</b> Monetary Loss<br>
|
|
<b>Attacked Entity Field:</b> Government<br>
|
|
<b>Attacked Entity Geography:</b> <br>
|
|
<b>Incident Description:</b> Police Sgt. Jay Junghans said it appeared that someone had hacked into the nonprofit???s payroll system and made a fraudulent entry.<br>
|
|
<b>Reference:</b> <a href="http://cjonline.com/news/2012-08-17/nonprofit-reports-hackers-theft-payroll-system" target="_blank">http://cjonline.com/news/2012-08-17/nonprofit-reports-hackers-theft-payroll-system</a>
|
|
</div></td></tr> <tr><td><div class="googft-card-view" style="font-family:sans-serif;width:450px;padding:4px;border:1px solid #ccc;overflow:hidden">
|
|
<b>Entry Title:</b> WHID 2012-34: Hackers Hit Anonymous's AnonyOps Website<br>
|
|
<b>WHID ID:</b> 2012-34<br>
|
|
<b>Date Occurred:</b> 2/14/2012<br>
|
|
<b>Attack Method:</b> Unknown<br>
|
|
<b>Application Weakness:</b> Unknown<br>
|
|
<b>Outcome:</b> Defacement<br>
|
|
<b>Attacked Entity Field:</b> Hacktivism<br>
|
|
<b>Attacked Entity Geography:</b> New York<br>
|
|
<b>Incident Description:</b> Reports have emerged that AnonyOps, a website associated with the hacktivist Anonymous collective, has been defaced by the hacker Exotz.<br>
|
|
<b>Reference:</b> <a href="http://www.ibtimes.co.uk/articles/298417/20120214/hackers-hit-anonymous-anonyops-website.htm" target="_blank">http://www.ibtimes.co.uk/articles/298417/20120214/hackers-hit-anonymous-anonyops-website.htm</a>
|
|
</div></td> <td><div class="googft-card-view" style="font-family:sans-serif;width:450px;padding:4px;border:1px solid #ccc;overflow:hidden">
|
|
<b>Entry Title:</b> WHID 2012-339: Activist website hacked, called 'dirty hippies'<br>
|
|
<b>WHID ID:</b> 2012-339<br>
|
|
<b>Date Occurred:</b> 8/16/2012<br>
|
|
<b>Attack Method:</b> Unknown<br>
|
|
<b>Application Weakness:</b> Unknown<br>
|
|
<b>Outcome:</b> Defacement<br>
|
|
<b>Attacked Entity Field:</b> Politics<br>
|
|
<b>Attacked Entity Geography:</b> <br>
|
|
<b>Incident Description:</b> A website curated by local activists was up and running again after being hacked by someone leaving a message about "dirty hippies," the group said in an email to supporters Thursday.<br>
|
|
<b>Reference:</b> <a href="http://www.utsandiego.com/news/2012/aug/16/activist-website-hacked-called-dirty-hippies/" target="_blank">http://www.utsandiego.com/news/2012/aug/16/activist-website-hacked-called-dirty-hippies/</a>
|
|
</div></td></tr> <tr><td><div class="googft-card-view" style="font-family:sans-serif;width:450px;padding:4px;border:1px solid #ccc;overflow:hidden">
|
|
<b>Entry Title:</b> WHID 2012-338: Ugandan Prime Minister's Website Hacked<br>
|
|
<b>WHID ID:</b> 2012-338<br>
|
|
<b>Date Occurred:</b> 8/17/2012<br>
|
|
<b>Attack Method:</b> Unknown<br>
|
|
<b>Application Weakness:</b> Unknown<br>
|
|
<b>Outcome:</b> Defacement<br>
|
|
<b>Attacked Entity Field:</b> Government<br>
|
|
<b>Attacked Entity Geography:</b> <br>
|
|
<b>Incident Description:</b> The Ugandan prime minister's website was attacked by hackers on Tuesday and Wednesday, a government official has confirmed to the BBC.<br>
|
|
<b>Reference:</b> <a href="http://reason.com/24-7/2012/08/17/ugandan-prime-ministers-website-hacked" target="_blank">http://reason.com/24-7/2012/08/17/ugandan-prime-ministers-website-hacked</a>
|
|
</div></td> <td><div class="googft-card-view" style="font-family:sans-serif;width:450px;padding:4px;border:1px solid #ccc;overflow:hidden">
|
|
<b>Entry Title:</b> WHID 2012-337: Airport website hacked by ???neighbour???<br>
|
|
<b>WHID ID:</b> 2012-337<br>
|
|
<b>Date Occurred:</b> 8/17/2012<br>
|
|
<b>Attack Method:</b> Unknown<br>
|
|
<b>Application Weakness:</b> Unknown<br>
|
|
<b>Outcome:</b> Defacement<br>
|
|
<b>Attacked Entity Field:</b> Government<br>
|
|
<b>Attacked Entity Geography:</b> <br>
|
|
<b>Incident Description:</b> The website welcomed surfers with the picture of a wrecked plane captioned that it was of a crashin Mumbai with at least 1,000 casualties. But as they scrolled down the page, it was revealed that is was a joke.<br>
|
|
<b>Reference:</b> <a href="http://www.dnaindia.com/mumbai/report_airport-website-hacked-by-neighbour_1728906" target="_blank">http://www.dnaindia.com/mumbai/report_airport-website-hacked-by-neighbour_1728906</a>
|
|
</div></td></tr> <tr><td><div class="googft-card-view" style="font-family:sans-serif;width:450px;padding:4px;border:1px solid #ccc;overflow:hidden">
|
|
<b>Entry Title:</b> WHID 2012-336: Reuters website ???hacked??? for third time in month<br>
|
|
<b>WHID ID:</b> 2012-336<br>
|
|
<b>Date Occurred:</b> 8/17/2012<br>
|
|
<b>Attack Method:</b> Unknown<br>
|
|
<b>Application Weakness:</b> Unknown<br>
|
|
<b>Outcome:</b> Disinformation<br>
|
|
<b>Attacked Entity Field:</b> Media<br>
|
|
<b>Attacked Entity Geography:</b> <br>
|
|
<b>Incident Description:</b> UK-based news agency Reuters has fallen victim to computer hackers for the third time in a month, with an article falsely claiming that Saudi Arabia's Foreign Minister Saud al-Faisal had died.<br>
|
|
<b>Reference:</b> <a href="http://zeenews.india.com/news/world/reuters-website-hacked-for-third-time-in-month_794183.html" target="_blank">http://zeenews.india.com/news/world/reuters-website-hacked-for-third-time-in-month_794183.html</a>
|
|
</div></td> <td><div class="googft-card-view" style="font-family:sans-serif;width:450px;padding:4px;border:1px solid #ccc;overflow:hidden">
|
|
<b>Entry Title:</b> WHID 2012-335: Russia Today hit by DDoS as anti-Wikileaks group claims responsibility<br>
|
|
<b>WHID ID:</b> 2012-335<br>
|
|
<b>Date Occurred:</b> 8/17/2012<br>
|
|
<b>Attack Method:</b> Denial of Service<br>
|
|
<b>Application Weakness:</b> Insufficient Anti-automation<br>
|
|
<b>Outcome:</b> Downtime<br>
|
|
<b>Attacked Entity Field:</b> Media<br>
|
|
<b>Attacked Entity Geography:</b> <br>
|
|
<b>Incident Description:</b> The Kremlin-funded channel, which featured Julian Assange as a talk-show host, says it has come under denial-of-service attack. Antileaks says it's responsible, but the timing could more to do with the Pussy Riot verdict than Wikileaks.<br>
|
|
<b>Reference:</b> <a href="http://www.zdnet.com/russia-today-hit-by-ddos-as-anti-wikileaks-group-claims-responsibility-7000002794/" target="_blank">http://www.zdnet.com/russia-today-hit-by-ddos-as-anti-wikileaks-group-claims-responsibility-7000002794/</a>
|
|
</div></td></tr> <tr><td><div class="googft-card-view" style="font-family:sans-serif;width:450px;padding:4px;border:1px solid #ccc;overflow:hidden">
|
|
<b>Entry Title:</b> WHID 2012-334: AT&T Hit by DDoS Attack, Suffers DNS Outage<br>
|
|
<b>WHID ID:</b> 2012-334<br>
|
|
<b>Date Occurred:</b> 8/15/2012<br>
|
|
<b>Attack Method:</b> Denial of Service<br>
|
|
<b>Application Weakness:</b> Insufficient Anti-automation<br>
|
|
<b>Outcome:</b> Downtime<br>
|
|
<b>Attacked Entity Field:</b> Service Providers<br>
|
|
<b>Attacked Entity Geography:</b> <br>
|
|
<b>Incident Description:</b> A distributed denial-of-service attack aimed at AT&T's DNS (Domain Name System) servers has disrupted data traffic for some of the company's customers.<br>
|
|
<b>Reference:</b> <a href="http://www.pcworld.com/article/260940/atandt_hit_by_ddos_attack_suffers_dns_outage.html" target="_blank">http://www.pcworld.com/article/260940/atandt_hit_by_ddos_attack_suffers_dns_outage.html</a>
|
|
</div></td> <td><div class="googft-card-view" style="font-family:sans-serif;width:450px;padding:4px;border:1px solid #ccc;overflow:hidden">
|
|
<b>Entry Title:</b> WHID 2012-333: RUTracker Hacked<br>
|
|
<b>WHID ID:</b> 2012-333<br>
|
|
<b>Date Occurred:</b> 8/15/2012<br>
|
|
<b>Attack Method:</b> DNS Hijacking<br>
|
|
<b>Application Weakness:</b> Insufficient Authorization<br>
|
|
<b>Outcome:</b> Defacement<br>
|
|
<b>Attacked Entity Field:</b> Torrent Site<br>
|
|
<b>Attacked Entity Geography:</b> <br>
|
|
<b>Incident Description:</b> The Russian BitTorrent tracker RUTracker was recently hit by hackers.<br>
|
|
<b>Reference:</b> <a href="http://www.esecurityplanet.com/hackers/rutracker-hacked.html" target="_blank">http://www.esecurityplanet.com/hackers/rutracker-hacked.html</a>
|
|
</div></td></tr> <tr><td><div class="googft-card-view" style="font-family:sans-serif;width:450px;padding:4px;border:1px solid #ccc;overflow:hidden">
|
|
<b>Entry Title:</b> WHID 2012-332: Indian hackers break into LDA website<br>
|
|
<b>WHID ID:</b> 2012-332<br>
|
|
<b>Date Occurred:</b> 8/15/2012<br>
|
|
<b>Attack Method:</b> Unknown<br>
|
|
<b>Application Weakness:</b> Unknown<br>
|
|
<b>Outcome:</b> Defacement<br>
|
|
<b>Attacked Entity Field:</b> Government<br>
|
|
<b>Attacked Entity Geography:</b> <br>
|
|
<b>Incident Description:</b> A group of some Indian internet hackers ??? the Indian Tigers ??? broke into the website of the Lahore Development Authority (LDA) on Tuesday and hacked it.<br>
|
|
<b>Reference:</b> <a href="http://www.pakistantoday.com.pk/2012/08/15/city/lahore/indian-hackers-break-into-lda-website/" target="_blank">http://www.pakistantoday.com.pk/2012/08/15/city/lahore/indian-hackers-break-into-lda-website/</a>
|
|
</div></td> <td><div class="googft-card-view" style="font-family:sans-serif;width:450px;padding:4px;border:1px solid #ccc;overflow:hidden">
|
|
<b>Entry Title:</b> WHID 2012-331: Reuters Hacked With Fake Story About Saudi Arabia's Foreign Minister<br>
|
|
<b>WHID ID:</b> 2012-331<br>
|
|
<b>Date Occurred:</b> 8/15/2012<br>
|
|
<b>Attack Method:</b> Unknown<br>
|
|
<b>Application Weakness:</b> Unknown<br>
|
|
<b>Outcome:</b> Disinformation<br>
|
|
<b>Attacked Entity Field:</b> Media<br>
|
|
<b>Attacked Entity Geography:</b> <br>
|
|
<b>Incident Description:</b> The Reuters news agency says hackers have broken into one of its websites for the second time in two weeks and posted a false story saying Saudi Arabia's foreign minister had died.<br>
|
|
<b>Reference:</b> <a href="http://www.huffingtonpost.com/2012/08/15/reuters-hacked-saudi-arabia-syria_n_1778525.html" target="_blank">http://www.huffingtonpost.com/2012/08/15/reuters-hacked-saudi-arabia-syria_n_1778525.html</a>
|
|
</div></td></tr> <tr><td><div class="googft-card-view" style="font-family:sans-serif;width:450px;padding:4px;border:1px solid #ccc;overflow:hidden">
|
|
<b>Entry Title:</b> WHID 2012-330: TMC Website Hacked, Declares Mamata a Maoist<br>
|
|
<b>WHID ID:</b> 2012-330<br>
|
|
<b>Date Occurred:</b> 8/14/2012<br>
|
|
<b>Attack Method:</b> Unknown<br>
|
|
<b>Application Weakness:</b> Unknown<br>
|
|
<b>Outcome:</b> Defacement<br>
|
|
<b>Attacked Entity Field:</b> Governmanet<br>
|
|
<b>Attacked Entity Geography:</b> India<br>
|
|
<b>Incident Description:</b> Trinamool Congress' website was today hacked with the hackers posting on it a quote from party chief Mamata Banerjee that she is a Maoist.<br>
|
|
<b>Reference:</b> <a href="http://news.outlookindia.com/items.aspx?artid=772006" target="_blank">http://news.outlookindia.com/items.aspx?artid=772006</a>
|
|
</div></td> <td><div class="googft-card-view" style="font-family:sans-serif;width:450px;padding:4px;border:1px solid #ccc;overflow:hidden">
|
|
<b>Entry Title:</b> WHID 2012-33: Hackers hit Israel Prime Minister Office website<br>
|
|
<b>WHID ID:</b> 2012-33<br>
|
|
<b>Date Occurred:</b> 2/13/2012<br>
|
|
<b>Attack Method:</b> Denial of Service<br>
|
|
<b>Application Weakness:</b> Insufficient Anti-automation<br>
|
|
<b>Outcome:</b> Downtime<br>
|
|
<b>Attacked Entity Field:</b> Government<br>
|
|
<b>Attacked Entity Geography:</b> Israel<br>
|
|
<b>Incident Description:</b> Other websites of large Israeli institutions and businesses were also attacked yesterday. Attacks could be a prelude to a further, broader attack today.<br>
|
|
<b>Reference:</b> <a href="http://www.haaretz.com/business/hackers-hit-israel-prime-minister-office-website-1.412769" target="_blank">http://www.haaretz.com/business/hackers-hit-israel-prime-minister-office-website-1.412769</a>
|
|
</div></td></tr> <tr><td><div class="googft-card-view" style="font-family:sans-serif;width:450px;padding:4px;border:1px solid #ccc;overflow:hidden">
|
|
<b>Entry Title:</b> WHID 2012-329: Bellevue Public Schools website hacked<br>
|
|
<b>WHID ID:</b> 2012-329<br>
|
|
<b>Date Occurred:</b> 8/10/2012<br>
|
|
<b>Attack Method:</b> Unknown<br>
|
|
<b>Application Weakness:</b> Unknown<br>
|
|
<b>Outcome:</b> Planting of Malware<br>
|
|
<b>Attacked Entity Field:</b> Education<br>
|
|
<b>Attacked Entity Geography:</b> <br>
|
|
<b>Incident Description:</b> The Bellevue Public Schools had to take down its website this week, just before school resumes on Tuesday. The website was infected with a virus on July 31 and information technology workers have been unable to ???cure??? it.<br>
|
|
<b>Reference:</b> <a href="http://www.omaha.com/article/20120810/NEWS/708119942/1707" target="_blank">http://www.omaha.com/article/20120810/NEWS/708119942/1707</a>
|
|
</div></td> <td><div class="googft-card-view" style="font-family:sans-serif;width:450px;padding:4px;border:1px solid #ccc;overflow:hidden">
|
|
<b>Entry Title:</b> WHID 2012-328: Photobucket hacked: 'Fusking' software used to gain access to private images Read more: http://www.wptv.com/dpp/news/science_tech/photobucket-hacked-fusking-software-used-to-gain-access-to-private-images#ixzz2ClvGraiL<br>
|
|
<b>WHID ID:</b> 2012-328<br>
|
|
<b>Date Occurred:</b> 8/10/2012<br>
|
|
<b>Attack Method:</b> Predictable Resource Location<br>
|
|
<b>Application Weakness:</b> Insufficient Authorization<br>
|
|
<b>Outcome:</b> Leakage of Information<br>
|
|
<b>Attacked Entity Field:</b> Social<br>
|
|
<b>Attacked Entity Geography:</b> <br>
|
|
<b>Incident Description:</b> While users who post unencrypted photos on Photobucket can make their albums password protected, individual photos, even in a private album, can be shared with others through a direct web link or URL. Read more: http://www.wptv.com/dpp/news/science_tech/photobucket-hacked-fusking-software-used-to-gain-access-to-private-images#ixzz2ClvRY6iA<br>
|
|
<b>Reference:</b> <a href="http://www.wptv.com/dpp/news/science_tech/photobucket-hacked-fusking-software-used-to-gain-access-to-private-images" target="_blank">http://www.wptv.com/dpp/news/science_tech/photobucket-hacked-fusking-software-used-to-gain-access-to-private-images</a>
|
|
</div></td></tr> <tr><td><div class="googft-card-view" style="font-family:sans-serif;width:450px;padding:4px;border:1px solid #ccc;overflow:hidden">
|
|
<b>Entry Title:</b> WHID 2012-327: Blizzard's Battle.net Servers Hacked, User Info Stolen<br>
|
|
<b>WHID ID:</b> 2012-327<br>
|
|
<b>Date Occurred:</b> 8/10/2012<br>
|
|
<b>Attack Method:</b> Unknown<br>
|
|
<b>Application Weakness:</b> Unknown<br>
|
|
<b>Outcome:</b> Leakage of Information<br>
|
|
<b>Attacked Entity Field:</b> Gaming<br>
|
|
<b>Attacked Entity Geography:</b> <br>
|
|
<b>Incident Description:</b> Blizzard announced on its website last night that its security team uncovered "unauthorized and illegal access" to Blizzard's internal network.<br>
|
|
<b>Reference:</b> <a href="http://www.pcmag.com/article2/0,2817,2408311,00.asp" target="_blank">http://www.pcmag.com/article2/0,2817,2408311,00.asp</a>
|
|
</div></td> <td><div class="googft-card-view" style="font-family:sans-serif;width:450px;padding:4px;border:1px solid #ccc;overflow:hidden">
|
|
<b>Entry Title:</b> WHID 2012-326: Hacking group Anonymous targets ASIO, DSD websites<br>
|
|
<b>WHID ID:</b> 2012-326<br>
|
|
<b>Date Occurred:</b> 8/11/2012<br>
|
|
<b>Attack Method:</b> Denial of Service<br>
|
|
<b>Application Weakness:</b> Insufficient Anti-automation<br>
|
|
<b>Outcome:</b> Downtime<br>
|
|
<b>Attacked Entity Field:</b> Government<br>
|
|
<b>Attacked Entity Geography:</b> <br>
|
|
<b>Incident Description:</b> ACTIVIST group Anonymous says it has successfully knocked offline the public website of Australia's domestic spy agency, the Australian Security Intelligence Organisation (ASIO)<br>
|
|
<b>Reference:</b> <a href="http://www.heraldsun.com.au/technology/anonymous-targets-asio-website/story-fn7celvh-1226447969866" target="_blank">http://www.heraldsun.com.au/technology/anonymous-targets-asio-website/story-fn7celvh-1226447969866</a>
|
|
</div></td></tr> <tr><td><div class="googft-card-view" style="font-family:sans-serif;width:450px;padding:4px;border:1px solid #ccc;overflow:hidden">
|
|
<b>Entry Title:</b> WHID 2012-325: Massive DDoS attack hits Chechen news agency<br>
|
|
<b>WHID ID:</b> 2012-325<br>
|
|
<b>Date Occurred:</b> 8/10/2012<br>
|
|
<b>Attack Method:</b> Denial of Service<br>
|
|
<b>Application Weakness:</b> Insufficient Anti-automation<br>
|
|
<b>Outcome:</b> Downtime<br>
|
|
<b>Attacked Entity Field:</b> Media<br>
|
|
<b>Attacked Entity Geography:</b> <br>
|
|
<b>Incident Description:</b> A massive distributed denial of service (DDoS) attack that peaked at 45 million packets per second (pps) has smashed into the Chechen internet news agency Kavkaz Center.<br>
|
|
<b>Reference:</b> <a href="http://www.scmagazine.com.au/News/311528,massive-ddos-attack-hits-chechen-news-agency.aspx" target="_blank">http://www.scmagazine.com.au/News/311528,massive-ddos-attack-hits-chechen-news-agency.aspx</a>
|
|
</div></td> <td><div class="googft-card-view" style="font-family:sans-serif;width:450px;padding:4px;border:1px solid #ccc;overflow:hidden">
|
|
<b>Entry Title:</b> WHID 2012-324: Australian Institute of Business Brokers hacked<br>
|
|
<b>WHID ID:</b> 2012-324<br>
|
|
<b>Date Occurred:</b> 8/9/2012<br>
|
|
<b>Attack Method:</b> Unknown<br>
|
|
<b>Application Weakness:</b> Unknown<br>
|
|
<b>Outcome:</b> Leakage of Information<br>
|
|
<b>Attacked Entity Field:</b> Finance<br>
|
|
<b>Attacked Entity Geography:</b> <br>
|
|
<b>Incident Description:</b> Hackers have broken into a website of the Australian Institute of Business Brokers and published 260 user login credentials on the internet.<br>
|
|
<b>Reference:</b> <a href="http://www.scmagazine.com.au/News/311387,australian-institute-of-business-brokers-hacked.aspx" target="_blank">http://www.scmagazine.com.au/News/311387,australian-institute-of-business-brokers-hacked.aspx</a>
|
|
</div></td></tr> <tr><td><div class="googft-card-view" style="font-family:sans-serif;width:450px;padding:4px;border:1px solid #ccc;overflow:hidden">
|
|
<b>Entry Title:</b> WHID 2012-323: Haines City government website returns after being hacked<br>
|
|
<b>WHID ID:</b> 2012-323<br>
|
|
<b>Date Occurred:</b> 8/8/2012<br>
|
|
<b>Attack Method:</b> Unknown<br>
|
|
<b>Application Weakness:</b> Unknown<br>
|
|
<b>Outcome:</b> Defacement<br>
|
|
<b>Attacked Entity Field:</b> Government<br>
|
|
<b>Attacked Entity Geography:</b> <br>
|
|
<b>Incident Description:</b> The city of Haines City's governmental website has returned after being down after it was hacked.<br>
|
|
<b>Reference:</b> <a href="http://www.baynews9.com/content/news/baynews9/news/article.html/content/news/articles/bn9/2012/8/8/haines_city_governme.html" target="_blank">http://www.baynews9.com/content/news/baynews9/news/article.html/content/news/articles/bn9/2012/8/8/haines_city_governme.html</a>
|
|
</div></td> <td><div class="googft-card-view" style="font-family:sans-serif;width:450px;padding:4px;border:1px solid #ccc;overflow:hidden">
|
|
<b>Entry Title:</b> WHID 2012-322: Nepalese Government Sites Hacked, Serving Zegost Malware<br>
|
|
<b>WHID ID:</b> 2012-322<br>
|
|
<b>Date Occurred:</b> 8/8/2012<br>
|
|
<b>Attack Method:</b> Unknown<br>
|
|
<b>Application Weakness:</b> Unknown<br>
|
|
<b>Outcome:</b> Planting of Malware<br>
|
|
<b>Attacked Entity Field:</b> Government<br>
|
|
<b>Attacked Entity Geography:</b> <br>
|
|
<b>Incident Description:</b> Researchers have uncovered another in an ongoing series of targeted attacks against government agencies and activists, this time an attack that compromised a pair of Nepalese government web sites with code that exploits a Java vulnerability to install a backdoor on vistors' machines.<br>
|
|
<b>Reference:</b> <a href="http://threatpost.com/en_us/blogs/nepalese-government-sites-hacked-serving-zegost-malware-080812" target="_blank">http://threatpost.com/en_us/blogs/nepalese-government-sites-hacked-serving-zegost-malware-080812</a>
|
|
</div></td></tr> <tr><td><div class="googft-card-view" style="font-family:sans-serif;width:450px;padding:4px;border:1px solid #ccc;overflow:hidden">
|
|
<b>Entry Title:</b> WHID 2012-321: MWSS website defaced by hackers claiming 'Anonymous' link<br>
|
|
<b>WHID ID:</b> 2012-321<br>
|
|
<b>Date Occurred:</b> 8/10/2012<br>
|
|
<b>Attack Method:</b> Unknown<br>
|
|
<b>Application Weakness:</b> Unknown<br>
|
|
<b>Outcome:</b> Defacement<br>
|
|
<b>Attacked Entity Field:</b> Government<br>
|
|
<b>Attacked Entity Geography:</b> <br>
|
|
<b>Incident Description:</b> The website of the Metropolitan Waterworks and Sewerage System (MWSS) was defaced Thursday by hackers claiming links or solidarity with the 'Anonymous' network.<br>
|
|
<b>Reference:</b> <a href="http://www.gmanetwork.com/news/story/269071/scitech/technology/mwss-website-defaced-by-hackers-claiming-anonymous-link" target="_blank">http://www.gmanetwork.com/news/story/269071/scitech/technology/mwss-website-defaced-by-hackers-claiming-anonymous-link</a>
|
|
</div></td> <td><div class="googft-card-view" style="font-family:sans-serif;width:450px;padding:4px;border:1px solid #ccc;overflow:hidden">
|
|
<b>Entry Title:</b> WHID 2012-320: Anonymous attacks Ukrainian government after Demonoid bust<br>
|
|
<b>WHID ID:</b> 2012-320<br>
|
|
<b>Date Occurred:</b> 8/8/2012<br>
|
|
<b>Attack Method:</b> Denial of Service<br>
|
|
<b>Application Weakness:</b> Insufficient Anti-automation<br>
|
|
<b>Outcome:</b> Downtime<br>
|
|
<b>Attacked Entity Field:</b> Government<br>
|
|
<b>Attacked Entity Geography:</b> Ukrain<br>
|
|
<b>Incident Description:</b> In retaliation to Demonoid's demise, Anonymous has begun its own denial of service attacks against the Ukrainian government.<br>
|
|
<b>Reference:</b> <a href="http://www.zdnet.com/anonymous-attacks-ukrainian-government-after-demonoid-bust-7000002348/" target="_blank">http://www.zdnet.com/anonymous-attacks-ukrainian-government-after-demonoid-bust-7000002348/</a>
|
|
</div></td></tr> <tr><td><div class="googft-card-view" style="font-family:sans-serif;width:450px;padding:4px;border:1px solid #ccc;overflow:hidden">
|
|
<b>Entry Title:</b> WHID 2012-32: Anonymous takes down Greek sites in support of Athens protests<br>
|
|
<b>WHID ID:</b> 2012-32<br>
|
|
<b>Date Occurred:</b> 2/13/2012<br>
|
|
<b>Attack Method:</b> Denial of Service<br>
|
|
<b>Application Weakness:</b> Insufficient Anti-automation<br>
|
|
<b>Outcome:</b> Downtime<br>
|
|
<b>Attacked Entity Field:</b> Government<br>
|
|
<b>Attacked Entity Geography:</b> Greece<br>
|
|
<b>Incident Description:</b> Hacktivist group Anonymous has claimed responsibility for a series of distributed denial of service (DDoS) attacks on Greek government sites.<br>
|
|
<b>Reference:</b> <a href="http://www.v3.co.uk/v3-uk/news/2152195/anonymous-takes-greek-sites-support-athens-protests" target="_blank">http://www.v3.co.uk/v3-uk/news/2152195/anonymous-takes-greek-sites-support-athens-protests</a>
|
|
</div></td> <td><div class="googft-card-view" style="font-family:sans-serif;width:450px;padding:4px;border:1px solid #ccc;overflow:hidden">
|
|
<b>Entry Title:</b> WHID 2012-319: Website of Burmese Information Ministry hacked<br>
|
|
<b>WHID ID:</b> 2012-319<br>
|
|
<b>Date Occurred:</b> 8/8/2012<br>
|
|
<b>Attack Method:</b> Unknown<br>
|
|
<b>Application Weakness:</b> Unknown<br>
|
|
<b>Outcome:</b> Defacement<br>
|
|
<b>Attacked Entity Field:</b> Government<br>
|
|
<b>Attacked Entity Geography:</b> <br>
|
|
<b>Incident Description:</b> Hackers broke into the website of the Burmese Information Ministry on Tuesday, posting a threatening message to the Burmese government which said in part, ???Stop the killing of Muslims.???<br>
|
|
<b>Reference:</b> <a href="http://www.mizzima.com/news/inside-burma/7708-website-of-burmese-information-ministry-hacked.html" target="_blank">http://www.mizzima.com/news/inside-burma/7708-website-of-burmese-information-ministry-hacked.html</a>
|
|
</div></td></tr> <tr><td><div class="googft-card-view" style="font-family:sans-serif;width:450px;padding:4px;border:1px solid #ccc;overflow:hidden">
|
|
<b>Entry Title:</b> WHID 2012-318: UFree Network website hacked by Israeli hackers??? team<br>
|
|
<b>WHID ID:</b> 2012-318<br>
|
|
<b>Date Occurred:</b> 8/8/2012<br>
|
|
<b>Attack Method:</b> Unknown<br>
|
|
<b>Application Weakness:</b> Unknown<br>
|
|
<b>Outcome:</b> Defacement<br>
|
|
<b>Attacked Entity Field:</b> Politics<br>
|
|
<b>Attacked Entity Geography:</b> <br>
|
|
<b>Incident Description:</b> Mohammed Hamdan, UFree network chairman, said that UFree website was hacked by Israeli hackers??? team, which totally paralyzed the website.<br>
|
|
<b>Reference:</b> <a href="http://www.scoop.co.nz/stories/WO1208/S00153/ufree-network-website-hacked-by-israeli-hackers-team.htm" target="_blank">http://www.scoop.co.nz/stories/WO1208/S00153/ufree-network-website-hacked-by-israeli-hackers-team.htm</a>
|
|
</div></td> <td><div class="googft-card-view" style="font-family:sans-serif;width:450px;padding:4px;border:1px solid #ccc;overflow:hidden">
|
|
<b>Entry Title:</b> WHID 20120-317: FX Broker Suffers DDoS Attack<br>
|
|
<b>WHID ID:</b> 2012-317<br>
|
|
<b>Date Occurred:</b> 8/7/2012<br>
|
|
<b>Attack Method:</b> Denial of Service<br>
|
|
<b>Application Weakness:</b> Insufficient Anti-automation<br>
|
|
<b>Outcome:</b> Monetary Loss<br>
|
|
<b>Attacked Entity Field:</b> Finance<br>
|
|
<b>Attacked Entity Geography:</b> Hong Kong<br>
|
|
<b>Incident Description:</b> Global eSolutions (Hong Kong) Limited, a provider of trade execution technology via personal computer and mobile devices, saw one of its clients, an online foreign exchange (FX) and contracts for difference (CFD) trading firm headquartered in the UK, become a target after management did not respond to a ransom demand from cybercriminals. Initially, Layer 3 and Layer 4 volumetric floods interrupted web site availability for approximately four hours. A second, more damaging Layer 7 attack occurred three weeks later, rendering the trading platform almost inaccessible to online traders.<br>
|
|
<b>Reference:</b> <a href="http://www.waterstechnology.com/sell-side-technology/news/2197260/hong-kong-broker-suffers-ddos-attack-turns-to-prolexic" target="_blank">http://www.waterstechnology.com/sell-side-technology/news/2197260/hong-kong-broker-suffers-ddos-attack-turns-to-prolexic</a>
|
|
</div></td></tr> <tr><td><div class="googft-card-view" style="font-family:sans-serif;width:450px;padding:4px;border:1px solid #ccc;overflow:hidden">
|
|
<b>Entry Title:</b> WHID 2012-316: VinaCapital Group website hacked<br>
|
|
<b>WHID ID:</b> 2012-316<br>
|
|
<b>Date Occurred:</b> 8/7/2012<br>
|
|
<b>Attack Method:</b> Unknown<br>
|
|
<b>Application Weakness:</b> Unknown<br>
|
|
<b>Outcome:</b> Defacement<br>
|
|
<b>Attacked Entity Field:</b> Finance<br>
|
|
<b>Attacked Entity Geography:</b> <br>
|
|
<b>Incident Description:</b> A hacker has just brought down the website of VinaCapital Group, the parent company of one of Vietnam???s largest tech investment fund.<br>
|
|
<b>Reference:</b> <a href="http://e27.sg/2012/08/07/vinacapital-group-website-hacked/" target="_blank">http://e27.sg/2012/08/07/vinacapital-group-website-hacked/</a>
|
|
</div></td> <td><div class="googft-card-view" style="font-family:sans-serif;width:450px;padding:4px;border:1px solid #ccc;overflow:hidden">
|
|
<b>Entry Title:</b> WHID 2012-316: Reuters hacked twice in 48 hours; pro-Syrian government stories, Tweets posted<br>
|
|
<b>WHID ID:</b> 2012-316<br>
|
|
<b>Date Occurred:</b> 8/3/2012<br>
|
|
<b>Attack Method:</b> Unknown<br>
|
|
<b>Application Weakness:</b> Unknown<br>
|
|
<b>Outcome:</b> Disinformation<br>
|
|
<b>Attacked Entity Field:</b> Social<br>
|
|
<b>Attacked Entity Geography:</b> <br>
|
|
<b>Incident Description:</b> The Reuters news service suffered a second successful hacker attack this weekend, just 48 hours after a computer intruder was able to post fake news stories on its web site.<br>
|
|
<b>Reference:</b> <a href="http://redtape.nbcnews.com/_news/2012/08/03/13106396-reuters-hacked-twice-in-48-hours-pro-syrian-government-stories-tweets-posted" target="_blank">http://redtape.nbcnews.com/_news/2012/08/03/13106396-reuters-hacked-twice-in-48-hours-pro-syrian-government-stories-tweets-posted</a>
|
|
</div></td></tr> <tr><td><div class="googft-card-view" style="font-family:sans-serif;width:450px;padding:4px;border:1px solid #ccc;overflow:hidden">
|
|
<b>Entry Title:</b> WHID 2012-315: How @Gizmodo Got Hacked and How You Should Defend Yourself<br>
|
|
<b>WHID ID:</b> 2012-315<br>
|
|
<b>Date Occurred:</b> 8/4/2012<br>
|
|
<b>Attack Method:</b> Brute Force<br>
|
|
<b>Application Weakness:</b> Insufficient Authentication<br>
|
|
<b>Outcome:</b> Disinformation<br>
|
|
<b>Attacked Entity Field:</b> Social<br>
|
|
<b>Attacked Entity Geography:</b> <br>
|
|
<b>Incident Description:</b> The weak link in the security chain turned out to be the seven digit alphanumeric password to our good buddy and former contributor Mat Honan's iCloud account.<br>
|
|
<b>Reference:</b> <a href="http://gizmodo.com/5931828/how-gizmodo-got-hacked-and-how-you-should-defend-yourself" target="_blank">http://gizmodo.com/5931828/how-gizmodo-got-hacked-and-how-you-should-defend-yourself</a>
|
|
</div></td> <td><div class="googft-card-view" style="font-family:sans-serif;width:450px;padding:4px;border:1px solid #ccc;overflow:hidden">
|
|
<b>Entry Title:</b> WHID 2012-314: Reuters News Site Hacked<br>
|
|
<b>WHID ID:</b> 2012-314<br>
|
|
<b>Date Occurred:</b> 8/3/2012<br>
|
|
<b>Attack Method:</b> Unknown<br>
|
|
<b>Application Weakness:</b> Unknown<br>
|
|
<b>Outcome:</b> Disinformation<br>
|
|
<b>Attacked Entity Field:</b> Media<br>
|
|
<b>Attacked Entity Geography:</b> <br>
|
|
<b>Incident Description:</b> Thomson Reuters Corp. said Friday that its blogging platform for Reuters News was hacked, resulting in multiple false posts to its website, including a fake interview with a Syrian rebel army leader.<br>
|
|
<b>Reference:</b> <a href="http://online.wsj.com/article/SB10000872396390443687504577567283653306226.html" target="_blank">http://online.wsj.com/article/SB10000872396390443687504577567283653306226.html</a>
|
|
</div></td></tr> <tr><td><div class="googft-card-view" style="font-family:sans-serif;width:450px;padding:4px;border:1px solid #ccc;overflow:hidden">
|
|
<b>Entry Title:</b> WHID 2012-313: Yanks, Cubs, other MLB team Facebook pages hacked<br>
|
|
<b>WHID ID:</b> 2012-313<br>
|
|
<b>Date Occurred:</b> 8/3/2012<br>
|
|
<b>Attack Method:</b> Unknown<br>
|
|
<b>Application Weakness:</b> Unknown<br>
|
|
<b>Outcome:</b> Disinformation<br>
|
|
<b>Attacked Entity Field:</b> Social<br>
|
|
<b>Attacked Entity Geography:</b> <br>
|
|
<b>Incident Description:</b> The Facebook pages of the New York Yankees, Chicago Cubs and several other Major League Baseball clubs have been restored after briefly being hacked.<br>
|
|
<b>Reference:</b> <a href="http://sports.yahoo.com/news/yanks-cubs-other-mlb-team-152805142--mlb.html" target="_blank">http://sports.yahoo.com/news/yanks-cubs-other-mlb-team-152805142--mlb.html</a>
|
|
</div></td> <td><div class="googft-card-view" style="font-family:sans-serif;width:450px;padding:4px;border:1px solid #ccc;overflow:hidden">
|
|
<b>Entry Title:</b> WHID 2012-312: Demonoid redirecting to malware after DDoS attack<br>
|
|
<b>WHID ID:</b> 2012-312<br>
|
|
<b>Date Occurred:</b> 8/3/2012<br>
|
|
<b>Attack Method:</b> Unknown<br>
|
|
<b>Application Weakness:</b> Unknown<br>
|
|
<b>Outcome:</b> Planting of Malware<br>
|
|
<b>Attacked Entity Field:</b> Torrent Site<br>
|
|
<b>Attacked Entity Geography:</b> <br>
|
|
<b>Incident Description:</b> This week, though, users are reporting redirects from the Demonoid URL to an ad network, some of which are serving up a dose of malware.<br>
|
|
<b>Reference:</b> <a href="http://www.cnet.com.au/demonoid-redirecting-to-malware-after-ddos-attack-339340995.htm" target="_blank">http://www.cnet.com.au/demonoid-redirecting-to-malware-after-ddos-attack-339340995.htm</a>
|
|
</div></td></tr> <tr><td><div class="googft-card-view" style="font-family:sans-serif;width:450px;padding:4px;border:1px solid #ccc;overflow:hidden">
|
|
<b>Entry Title:</b> WHID 2012-311: Dropbox confirms it got hacked<br>
|
|
<b>WHID ID:</b> 2012-311<br>
|
|
<b>Date Occurred:</b> 7/31/2012<br>
|
|
<b>Attack Method:</b> Stolen Credentials<br>
|
|
<b>Application Weakness:</b> Insufficient Authentication<br>
|
|
<b>Outcome:</b> Leakage of Information<br>
|
|
<b>Attacked Entity Field:</b> Technology<br>
|
|
<b>Attacked Entity Geography:</b> <br>
|
|
<b>Incident Description:</b> In an explanatory blog post, Dropbox today said a stolen password was "used to access an employee Dropbox account containing a project document with user email addresses." Hackers apparently started spamming those addresses, although there???s no indication that user passwords were revealed as well.<br>
|
|
<b>Reference:</b> <a href="http://arstechnica.com/security/2012/07/dropbox-confirms-it-got-hacked-will-offer-two-factor-authentication/" target="_blank">http://arstechnica.com/security/2012/07/dropbox-confirms-it-got-hacked-will-offer-two-factor-authentication/</a>
|
|
</div></td> <td><div class="googft-card-view" style="font-family:sans-serif;width:450px;padding:4px;border:1px solid #ccc;overflow:hidden">
|
|
<b>Entry Title:</b> WHID 2012-310: Daily Caller Hacked: Banner Replaced With Porn Ad<br>
|
|
<b>WHID ID:</b> 2012-310<br>
|
|
<b>Date Occurred:</b> 7/30/2012<br>
|
|
<b>Attack Method:</b> Unknown<br>
|
|
<b>Application Weakness:</b> Unknown<br>
|
|
<b>Outcome:</b> Defacement<br>
|
|
<b>Attacked Entity Field:</b> Politics<br>
|
|
<b>Attacked Entity Geography:</b> <br>
|
|
<b>Incident Description:</b> The Daily Caller is offering a gun as a reward for finding the person who hacked the website with porn ads.<br>
|
|
<b>Reference:</b> <a href="http://www.huffingtonpost.com/2012/07/30/daily-caller-hacked-porn-ads_n_1720830.html" target="_blank">http://www.huffingtonpost.com/2012/07/30/daily-caller-hacked-porn-ads_n_1720830.html</a>
|
|
</div></td></tr> <tr><td><div class="googft-card-view" style="font-family:sans-serif;width:450px;padding:4px;border:1px solid #ccc;overflow:hidden">
|
|
<b>Entry Title:</b> WHID 2012-31: Bursa website target of DDoS attack<br>
|
|
<b>WHID ID:</b> 2012-31<br>
|
|
<b>Date Occurred:</b> 2/13/2012<br>
|
|
<b>Attack Method:</b> Denial of Service<br>
|
|
<b>Application Weakness:</b> Insufficient Anti-automation<br>
|
|
<b>Outcome:</b> Downtime<br>
|
|
<b>Attacked Entity Field:</b> Finance<br>
|
|
<b>Attacked Entity Geography:</b> Malaysia<br>
|
|
<b>Incident Description:</b> Stock market operator Bursa Malaysia Bhd's website was the target of a distributed denial of service attack (DDoS), whereby the site was overloaded with excess traffic from multiple sources.<br>
|
|
<b>Reference:</b> <a href="http://biz.thestar.com.my/news/story.asp?file=/2012/2/14/business/20120214091735&sec=business" target="_blank">http://biz.thestar.com.my/news/story.asp?file=/2012/2/14/business/20120214091735&sec=business</a>
|
|
</div></td> <td><div class="googft-card-view" style="font-family:sans-serif;width:450px;padding:4px;border:1px solid #ccc;overflow:hidden">
|
|
<b>Entry Title:</b> WHID 2012-309: NewsOne website hacked for media???s ???inadequate coverage of Burma killings???<br>
|
|
<b>WHID ID:</b> 2012-309<br>
|
|
<b>Date Occurred:</b> 7/31/2012<br>
|
|
<b>Attack Method:</b> Unknown<br>
|
|
<b>Application Weakness:</b> Unknown<br>
|
|
<b>Outcome:</b> Defacement<br>
|
|
<b>Attacked Entity Field:</b> Media<br>
|
|
<b>Attacked Entity Geography:</b> <br>
|
|
<b>Incident Description:</b> The website of private TV channel NewsOne was hacked in an attempt ???to open the eyes of Pakistanis as well as the media personnel??? towards the killings of Rohingya Muslims in Myanmar, reported ProPakistani on Tuesday. However, the site has been recovered now.<br>
|
|
<b>Reference:</b> <a href="http://tribune.com.pk/story/415403/newsone-website-hacked-for-medias-inadequate-coverage-of-burma-killings/" target="_blank">http://tribune.com.pk/story/415403/newsone-website-hacked-for-medias-inadequate-coverage-of-burma-killings/</a>
|
|
</div></td></tr> <tr><td><div class="googft-card-view" style="font-family:sans-serif;width:450px;padding:4px;border:1px solid #ccc;overflow:hidden">
|
|
<b>Entry Title:</b> WHID 2012-308: Data of 8.7 million KT subscribers hacked in South Korea<br>
|
|
<b>WHID ID:</b> 2012-308<br>
|
|
<b>Date Occurred:</b> 7/29/2012<br>
|
|
<b>Attack Method:</b> Unknown<br>
|
|
<b>Application Weakness:</b> Unknown<br>
|
|
<b>Outcome:</b> Leakage of Information<br>
|
|
<b>Attacked Entity Field:</b> Service Providers<br>
|
|
<b>Attacked Entity Geography:</b> South Korea<br>
|
|
<b>Incident Description:</b> KT Corp., South Korea's No. 2 wireless service provider, apologized on Sunday after personal data of millions of mobile phone subscribers was hacked.<br>
|
|
<b>Reference:</b> <a href="http://in.reuters.com/article/2012/07/29/us-korea-hacking-idINBRE86S01Y20120729" target="_blank">http://in.reuters.com/article/2012/07/29/us-korea-hacking-idINBRE86S01Y20120729</a>
|
|
</div></td> <td><div class="googft-card-view" style="font-family:sans-serif;width:450px;padding:4px;border:1px solid #ccc;overflow:hidden">
|
|
<b>Entry Title:</b> WHID 2012-307: Demonoid hit by DDoS attack<br>
|
|
<b>WHID ID:</b> 2012-307<br>
|
|
<b>Date Occurred:</b> 7/27/2012<br>
|
|
<b>Attack Method:</b> Denial of Service<br>
|
|
<b>Application Weakness:</b> Insufficient Anti-automation<br>
|
|
<b>Outcome:</b> Downtime<br>
|
|
<b>Attacked Entity Field:</b> Torrent Site<br>
|
|
<b>Attacked Entity Geography:</b> <br>
|
|
<b>Incident Description:</b> Demonoid, one of the biggest torrent sites around, has been taken down by a massive Distributed Denial of Service (DDoS) attack. The website has been hit many times before, and this outage is another one that will take quite a while to resolve.<br>
|
|
<b>Reference:</b> <a href="http://www.zdnet.com/demonoid-hit-by-ddos-attack-7000001732/" target="_blank">http://www.zdnet.com/demonoid-hit-by-ddos-attack-7000001732/</a>
|
|
</div></td></tr> <tr><td><div class="googft-card-view" style="font-family:sans-serif;width:450px;padding:4px;border:1px solid #ccc;overflow:hidden">
|
|
<b>Entry Title:</b> WHID 2012-306: AAPT hacked<br>
|
|
<b>WHID ID:</b> 2012-306<br>
|
|
<b>Date Occurred:</b> 7/26/2012<br>
|
|
<b>Attack Method:</b> Unknown<br>
|
|
<b>Application Weakness:</b> Unknown<br>
|
|
<b>Outcome:</b> Leakage of Information<br>
|
|
<b>Attacked Entity Field:</b> Service Providers<br>
|
|
<b>Attacked Entity Geography:</b> <br>
|
|
<b>Incident Description:</b> AAPT has confirmed a breach of systems held at an external service provider that saw some of the telco's "business customer data" compromised.<br>
|
|
<b>Reference:</b> <a href="http://www.scmagazine.com.au/News/309922,confirmed-aapt-hacked.aspx" target="_blank">http://www.scmagazine.com.au/News/309922,confirmed-aapt-hacked.aspx</a>
|
|
</div></td> <td><div class="googft-card-view" style="font-family:sans-serif;width:450px;padding:4px;border:1px solid #ccc;overflow:hidden">
|
|
<b>Entry Title:</b> WHID 2012-305: Union website shut by Anonymous ???hacktivist???<br>
|
|
<b>WHID ID:</b> 2012-305<br>
|
|
<b>Date Occurred:</b> 7/25/2012<br>
|
|
<b>Attack Method:</b> Denial of Service<br>
|
|
<b>Application Weakness:</b> Insufficient Anti-automation<br>
|
|
<b>Outcome:</b> Downtime<br>
|
|
<b>Attacked Entity Field:</b> Politics<br>
|
|
<b>Attacked Entity Geography:</b> <br>
|
|
<b>Incident Description:</b> Last Friday, 3F???s website was shutdown after a so-called DDoS attack in which the site was flooded with traffic causing a virtual traffic jam and rendering the site inaccessible for legitimate users.<br>
|
|
<b>Reference:</b> <a href="http://cphpost.dk/news/national/union-website-shut-anonymous-%E2%80%98hacktivist%E2%80%99" target="_blank">http://cphpost.dk/news/national/union-website-shut-anonymous-%E2%80%98hacktivist%E2%80%99</a>
|
|
</div></td></tr> <tr><td><div class="googft-card-view" style="font-family:sans-serif;width:450px;padding:4px;border:1px solid #ccc;overflow:hidden">
|
|
<b>Entry Title:</b> WHID 2012-304: Zerigo falls victim to DDoS attackers<br>
|
|
<b>WHID ID:</b> 2012-304<br>
|
|
<b>Date Occurred:</b> 7/25/2012<br>
|
|
<b>Attack Method:</b> Denial of Service<br>
|
|
<b>Application Weakness:</b> Insufficient Anti-automation<br>
|
|
<b>Outcome:</b> Downtime<br>
|
|
<b>Attacked Entity Field:</b> Hosting Provider<br>
|
|
<b>Attacked Entity Geography:</b> <br>
|
|
<b>Incident Description:</b> Cloud services provider Zerigo has lost at least one client after its DNS servers suffered a ???sustained??? distributed denial of service (DDoS) attack.<br>
|
|
<b>Reference:</b> <a href="http://www.cloudpro.co.uk/cloud-essentials/general/4171/zerigo-falls-victim-ddos-attackers" target="_blank">http://www.cloudpro.co.uk/cloud-essentials/general/4171/zerigo-falls-victim-ddos-attackers</a>
|
|
</div></td> <td><div class="googft-card-view" style="font-family:sans-serif;width:450px;padding:4px;border:1px solid #ccc;overflow:hidden">
|
|
<b>Entry Title:</b> WHID 2012-303: Anonymous hackers cripple Australian gov't websites<br>
|
|
<b>WHID ID:</b> 2012-303<br>
|
|
<b>Date Occurred:</b> 7/24/2012<br>
|
|
<b>Attack Method:</b> Denial of Service<br>
|
|
<b>Application Weakness:</b> Insufficient Anti-automation<br>
|
|
<b>Outcome:</b> Downtime<br>
|
|
<b>Attacked Entity Field:</b> Government<br>
|
|
<b>Attacked Entity Geography:</b> Australia<br>
|
|
<b>Incident Description:</b> International hacking group Anonymous took at least 10 Australian government websites offline briefly Tuesday in a series of escalating attacks over proposed changes to privacy laws. Read more: http://www.foxnews.com/tech/2012/07/24/anonymous-hackers-cripple-australian-govt-websites/#ixzz2ChlstWvb<br>
|
|
<b>Reference:</b> <a href="http://www.foxnews.com/tech/2012/07/24/anonymous-hackers-cripple-australian-govt-websites/" target="_blank">http://www.foxnews.com/tech/2012/07/24/anonymous-hackers-cripple-australian-govt-websites/</a>
|
|
</div></td></tr> <tr><td><div class="googft-card-view" style="font-family:sans-serif;width:450px;padding:4px;border:1px solid #ccc;overflow:hidden">
|
|
<b>Entry Title:</b> WHID 2012-302: FP?? website hacked by Anonymous<br>
|
|
<b>WHID ID:</b> 2012-302<br>
|
|
<b>Date Occurred:</b> 7/23/2012<br>
|
|
<b>Attack Method:</b> Unknown<br>
|
|
<b>Application Weakness:</b> Unknown<br>
|
|
<b>Outcome:</b> Defacement<br>
|
|
<b>Attacked Entity Field:</b> Politics<br>
|
|
<b>Attacked Entity Geography:</b> Austria<br>
|
|
<b>Incident Description:</b> The hacker group Anonymous managed to hack the Freedom Party website and switched the usual content of the site with a protest against the EU Monitoring Project INDECT.<br>
|
|
<b>Reference:</b> <a href="http://austrianindependent.com/news/Politics/2012-07-23/11758/FP%D6_website_hacked_by_Anonymous." target="_blank">http://austrianindependent.com/news/Politics/2012-07-23/11758/FP%D6_website_hacked_by_Anonymous.</a>
|
|
</div></td> <td><div class="googft-card-view" style="font-family:sans-serif;width:450px;padding:4px;border:1px solid #ccc;overflow:hidden">
|
|
<b>Entry Title:</b> WHID 2012-301: Bokaro school website hacked<br>
|
|
<b>WHID ID:</b> 2012-301<br>
|
|
<b>Date Occurred:</b> 7/24/2012<br>
|
|
<b>Attack Method:</b> Unknown<br>
|
|
<b>Application Weakness:</b> Unknown<br>
|
|
<b>Outcome:</b> Data Loss<br>
|
|
<b>Attacked Entity Field:</b> Education<br>
|
|
<b>Attacked Entity Geography:</b> India<br>
|
|
<b>Incident Description:</b> The official website of Chinmaya Vidyalaya, a prominent school in the city, has been hacked recently.<br>
|
|
<b>Reference:</b> <a href="http://articles.timesofindia.indiatimes.com/2012-07-24/ranchi/32826694_1_website-chinmaya-vidyalaya-bokaro" target="_blank">http://articles.timesofindia.indiatimes.com/2012-07-24/ranchi/32826694_1_website-chinmaya-vidyalaya-bokaro</a>
|
|
</div></td></tr> <tr><td><div class="googft-card-view" style="font-family:sans-serif;width:450px;padding:4px;border:1px solid #ccc;overflow:hidden">
|
|
<b>Entry Title:</b> WHID 2012-300: Eight Million Email Addresses And Passwords Spilled From Gaming Site Gamigo Months After Hacker Breach<br>
|
|
<b>WHID ID:</b> 2012-300<br>
|
|
<b>Date Occurred:</b> 7/23/2012<br>
|
|
<b>Attack Method:</b> Unknown<br>
|
|
<b>Application Weakness:</b> Unknown<br>
|
|
<b>Outcome:</b> Leakage of Information<br>
|
|
<b>Attacked Entity Field:</b> Gaming<br>
|
|
<b>Attacked Entity Geography:</b> <br>
|
|
<b>Incident Description:</b> Four months after the gaming site Gamigo warned users about a hacker intrusion that accessed some portions of its users??? credentials, more than 8 million usernames, emails and and encrypted passwords from the site have been published on the Web, according to the data breach alert service PwnedList.<br>
|
|
<b>Reference:</b> <a href="http://www.forbes.com/sites/andygreenberg/2012/07/23/eight-million-passwords-spilled-from-gaming-site-gamigo-months-after-breach/" target="_blank">http://www.forbes.com/sites/andygreenberg/2012/07/23/eight-million-passwords-spilled-from-gaming-site-gamigo-months-after-breach/</a>
|
|
</div></td> <td><div class="googft-card-view" style="font-family:sans-serif;width:450px;padding:4px;border:1px solid #ccc;overflow:hidden">
|
|
<b>Entry Title:</b> WHID 2012-30: Hackers Claim Attack on American Tear Gas Company<br>
|
|
<b>WHID ID:</b> 2012-30<br>
|
|
<b>Date Occurred:</b> 2/14/2012<br>
|
|
<b>Attack Method:</b> Unknown<br>
|
|
<b>Application Weakness:</b> Unknown<br>
|
|
<b>Outcome:</b> Leakage of Information<br>
|
|
<b>Attacked Entity Field:</b> Retail<br>
|
|
<b>Attacked Entity Geography:</b> Florida<br>
|
|
<b>Incident Description:</b> A U.S. security company whose tear gas has been used against Egyptian demonstrators has become the latest victim of the Anonymous movement, hackers claimed Tuesday.A U.S. seA U.S. security company whose tear gas has been used against Egyptian demonstrators has become the latest victim of the Anonymous movement, hackers claimed Tuesday. curity company whose tear gas has been used against Egyptian demonstrators has become the latest victim of the Anonymous movement, hackers claimed Tuesday.<br>
|
|
<b>Reference:</b> <a href="http://abcnews.go.com/International/wireStory/hackers-claim-attack-american-tear-gas-company-15579671#.TzsfFUxSS_c" target="_blank">http://abcnews.go.com/International/wireStory/hackers-claim-attack-american-tear-gas-company-15579671#.TzsfFUxSS_c</a>
|
|
</div></td></tr> <tr><td><div class="googft-card-view" style="font-family:sans-serif;width:450px;padding:4px;border:1px solid #ccc;overflow:hidden">
|
|
<b>Entry Title:</b> WHID 2012-3: Pastebin on the mend after DDoS battering<br>
|
|
<b>WHID ID:</b> 2012-3<br>
|
|
<b>Date Occurred:</b> 1/3/2012<br>
|
|
<b>Attack Method:</b> Denial of Service<br>
|
|
<b>Application Weakness:</b> Insufficient Anti-automation<br>
|
|
<b>Outcome:</b> Downtime<br>
|
|
<b>Attacked Entity Field:</b> Information<br>
|
|
<b>Attacked Entity Geography:</b> Los Angeles, CA<br>
|
|
<b>Incident Description:</b> Popular text file sharing service Pastebin.com has returned online following a denial of service attack on Tuesday.<br>
|
|
<b>Reference:</b> <a href="http://www.theregister.co.uk/2012/01/04/pastebin_ddos_recovery/" target="_blank">http://www.theregister.co.uk/2012/01/04/pastebin_ddos_recovery/</a>
|
|
</div></td> <td><div class="googft-card-view" style="font-family:sans-serif;width:450px;padding:4px;border:1px solid #ccc;overflow:hidden">
|
|
<b>Entry Title:</b> WHID 2012-299: Pinterest Locks Out Hacked Accounts, Investigates Security Breach<br>
|
|
<b>WHID ID:</b> 2012-299<br>
|
|
<b>Date Occurred:</b> 7/20/2012<br>
|
|
<b>Attack Method:</b> Unknown<br>
|
|
<b>Application Weakness:</b> Unknown<br>
|
|
<b>Outcome:</b> Account Takeover<br>
|
|
<b>Attacked Entity Field:</b> Social<br>
|
|
<b>Attacked Entity Geography:</b> <br>
|
|
<b>Incident Description:</b> Pinterest has been locking user accounts due to suspicious activity, after a string of disappearing or changed user data. But as the source of the security breach is still being determined, users are advised to keep their passwords unique and to make sure they don't fall victim to social engineering attacks.<br>
|
|
<b>Reference:</b> <a href="http://www.cmswire.com/cms/customer-experience/pinterest-locks-out-hacked-accounts-investigates-security-breach-016607.php" target="_blank">http://www.cmswire.com/cms/customer-experience/pinterest-locks-out-hacked-accounts-investigates-security-breach-016607.php</a>
|
|
</div></td></tr> <tr><td><div class="googft-card-view" style="font-family:sans-serif;width:450px;padding:4px;border:1px solid #ccc;overflow:hidden">
|
|
<b>Entry Title:</b> WHID 2012-299: Hackers breached password security to steal UEA climate change emails<br>
|
|
<b>WHID ID:</b> 2012-299<br>
|
|
<b>Date Occurred:</b> 7/19/2012<br>
|
|
<b>Attack Method:</b> Abuse of Functionality<br>
|
|
<b>Application Weakness:</b> Insufficient Password Recovery<br>
|
|
<b>Outcome:</b> Account Takeover<br>
|
|
<b>Attacked Entity Field:</b> Education<br>
|
|
<b>Attacked Entity Geography:</b> <br>
|
|
<b>Incident Description:</b> Hackers broke into climate change emails sent by scientists at the University of East Anglia (UEA) on at least three occasions, a senior investigating officer revealed today.<br>
|
|
<b>Reference:</b> <a href="http://www.eveningnews24.co.uk/news/hackers_breached_password_security_to_steal_uea_climate_change_emails_1_1452449" target="_blank">http://www.eveningnews24.co.uk/news/hackers_breached_password_security_to_steal_uea_climate_change_emails_1_1452449</a>
|
|
</div></td> <td><div class="googft-card-view" style="font-family:sans-serif;width:450px;padding:4px;border:1px solid #ccc;overflow:hidden">
|
|
<b>Entry Title:</b> WHID 2012-298: Pennsylvania mom allegedly hacked school website to change kids' grades<br>
|
|
<b>WHID ID:</b> 2012-298<br>
|
|
<b>Date Occurred:</b> 7/19/2012<br>
|
|
<b>Attack Method:</b> Stolen Credentials<br>
|
|
<b>Application Weakness:</b> Insufficient Authentication<br>
|
|
<b>Outcome:</b> Fraud<br>
|
|
<b>Attacked Entity Field:</b> Education<br>
|
|
<b>Attacked Entity Geography:</b> <br>
|
|
<b>Incident Description:</b> A Pennsylvania woman allegedly changed her children's grades after logging into a school computer system using passwords obtained when she worked for the district. Read more: http://www.foxnews.com/us/2012/07/19/pennsylvania-mom-allegedly-hacked-school-website-to-change-kids-grades/#ixzz2ChbzMl3Z<br>
|
|
<b>Reference:</b> <a href="http://www.foxnews.com/us/2012/07/19/pennsylvania-mom-allegedly-hacked-school-website-to-change-kids-grades/" target="_blank">http://www.foxnews.com/us/2012/07/19/pennsylvania-mom-allegedly-hacked-school-website-to-change-kids-grades/</a>
|
|
</div></td></tr> <tr><td><div class="googft-card-view" style="font-family:sans-serif;width:450px;padding:4px;border:1px solid #ccc;overflow:hidden">
|
|
<b>Entry Title:</b> WHID 2012-297: Hackers Claim Wall Street Resume Leak<br>
|
|
<b>WHID ID:</b> 2012-297<br>
|
|
<b>Date Occurred:</b> 7/19/2012<br>
|
|
<b>Attack Method:</b> Unknown<br>
|
|
<b>Application Weakness:</b> Unknown<br>
|
|
<b>Outcome:</b> Leakage of Information<br>
|
|
<b>Attacked Entity Field:</b> Technology<br>
|
|
<b>Attacked Entity Geography:</b> <br>
|
|
<b>Incident Description:</b> Team GhostShell leaked what it said was 50,000 user accounts for an online jobs board that focuses on Wall Street. The site, ITWallStreet.com, allows users to upload their resumes for searching by recruiters.<br>
|
|
<b>Reference:</b> <a href="http://www.informationweek.com/security/attacks/hackers-claim-wall-street-resume-leak/240004023" target="_blank">http://www.informationweek.com/security/attacks/hackers-claim-wall-street-resume-leak/240004023</a>
|
|
</div></td> <td><div class="googft-card-view" style="font-family:sans-serif;width:450px;padding:4px;border:1px solid #ccc;overflow:hidden">
|
|
<b>Entry Title:</b> WHID 2012-296: Tango Down: Anonymous takes down Syrian hackers??? website<br>
|
|
<b>WHID ID:</b> 2012-296<br>
|
|
<b>Date Occurred:</b> 7/18/2012<br>
|
|
<b>Attack Method:</b> Denial of Service<br>
|
|
<b>Application Weakness:</b> Insufficient Anti-automation<br>
|
|
<b>Outcome:</b> Downtime<br>
|
|
<b>Attacked Entity Field:</b> Blog<br>
|
|
<b>Attacked Entity Geography:</b> <br>
|
|
<b>Incident Description:</b> As events in Syria inch ever closer to a critical mass, Anonymous has hit the pro-Syrian hackers, the Syrian Electronic Army. Anonymous just announced that they have taken down the SEA???s website with a DDoS attack.<br>
|
|
<b>Reference:</b> <a href="http://www.deathandtaxesmag.com/186003/tango-down-anonymous-takes-down-syrian-hackers-website/" target="_blank">http://www.deathandtaxesmag.com/186003/tango-down-anonymous-takes-down-syrian-hackers-website/</a>
|
|
</div></td></tr> <tr><td><div class="googft-card-view" style="font-family:sans-serif;width:450px;padding:4px;border:1px solid #ccc;overflow:hidden">
|
|
<b>Entry Title:</b> WHID 2012-295: Nike Gets Hacked by Brad Stephenson for $80,000+ in Sports Gear<br>
|
|
<b>WHID ID:</b> 2012-295<br>
|
|
<b>Date Occurred:</b> 7/17/2012<br>
|
|
<b>Attack Method:</b> Abuse of Functionality<br>
|
|
<b>Application Weakness:</b> Insufficient Process Validation<br>
|
|
<b>Outcome:</b> Fraud<br>
|
|
<b>Attacked Entity Field:</b> Retail<br>
|
|
<b>Attacked Entity Geography:</b> <br>
|
|
<b>Incident Description:</b> Nike Hacker Brad Stephenson went on a shopping spree for 5 months after he found a loophole in one of Nike's websites??_ until the Secret Service caught up with him. Read more: http://www.virtual-strategy.com/2012/07/17/nike-gets-hacked-brad-stephenson-80000-sports-gear#ixzz2ChXhise4 Read more at http://www.virtual-strategy.com/2012/07/17/nike-gets-hacked-brad-stephenson-80000-sports-gear#Bx1UQ6PdmTmmoSvY.99<br>
|
|
<b>Reference:</b> <a href="http://www.virtual-strategy.com/2012/07/17/nike-gets-hacked-brad-stephenson-80000-sports-gear" target="_blank">http://www.virtual-strategy.com/2012/07/17/nike-gets-hacked-brad-stephenson-80000-sports-gear</a>
|
|
</div></td> <td><div class="googft-card-view" style="font-family:sans-serif;width:450px;padding:4px;border:1px solid #ccc;overflow:hidden">
|
|
<b>Entry Title:</b> WHID 2012-294: Billabong website hacked; reveals passwords of 21,000 users<br>
|
|
<b>WHID ID:</b> 2012-294<br>
|
|
<b>Date Occurred:</b> 7/14/2012<br>
|
|
<b>Attack Method:</b> Unknown<br>
|
|
<b>Application Weakness:</b> Unknown<br>
|
|
<b>Outcome:</b> Leakage of Information<br>
|
|
<b>Attacked Entity Field:</b> Retail<br>
|
|
<b>Attacked Entity Geography:</b> <br>
|
|
<b>Incident Description:</b> According to a dump from their password database, Billabong stored all passwords in plain text - presumably this made it easier to tell a user what their password was if they'd forgotten it. It also made life very easy for any hackers who wished to masquerade as the users on the site.<br>
|
|
<b>Reference:</b> <a href="http://www.itwire.com/business-it-news/security/55708-billabong-website-hacked-reveals-passwords-of-21000-users" target="_blank">http://www.itwire.com/business-it-news/security/55708-billabong-website-hacked-reveals-passwords-of-21000-users</a>
|
|
</div></td></tr> <tr><td><div class="googft-card-view" style="font-family:sans-serif;width:450px;padding:4px;border:1px solid #ccc;overflow:hidden">
|
|
<b>Entry Title:</b> WHID 2012-293: Nvidia and Android forums fall victim to hackers<br>
|
|
<b>WHID ID:</b> 2012-293<br>
|
|
<b>Date Occurred:</b> 7/13/2012<br>
|
|
<b>Attack Method:</b> Unknown<br>
|
|
<b>Application Weakness:</b> Unknown<br>
|
|
<b>Outcome:</b> Leakage of Information<br>
|
|
<b>Attacked Entity Field:</b> Forums<br>
|
|
<b>Attacked Entity Geography:</b> <br>
|
|
<b>Incident Description:</b> Add two more websites to the already long list of sites that have been hacked as of late. Nvidia???s developer forum and Phandroid???s AndroidForums.com have both been breached and it is believed that usernames and hashed passwords were among the data stolen during each attack<br>
|
|
<b>Reference:</b> <a href="http://www.techspot.com/news/49388-nvidia-and-android-forums-fall-victim-to-hackers.html" target="_blank">http://www.techspot.com/news/49388-nvidia-and-android-forums-fall-victim-to-hackers.html</a>
|
|
</div></td> <td><div class="googft-card-view" style="font-family:sans-serif;width:450px;padding:4px;border:1px solid #ccc;overflow:hidden">
|
|
<b>Entry Title:</b> WHID 2012-292: Microsoft patches Windows Live identity theft flaw<br>
|
|
<b>WHID ID:</b> 2012-292<br>
|
|
<b>Date Occurred:</b> 7/12/2012<br>
|
|
<b>Attack Method:</b> Cross-site Scripting (XSS)<br>
|
|
<b>Application Weakness:</b> Improper Output Handling<br>
|
|
<b>Outcome:</b> Session Hijacking<br>
|
|
<b>Attacked Entity Field:</b> Technology<br>
|
|
<b>Attacked Entity Geography:</b> <br>
|
|
<b>Incident Description:</b> Microsoft recently fixed an XSS flaw in its Windows Live service that allowed an attacker to steal victims' online identities. The vulnerability was disclosed by two security researchers from Morocco.<br>
|
|
<b>Reference:</b> <a href="http://www.zdnet.com/microsoft-patches-windows-live-identity-theft-flaw-7000000832/" target="_blank">http://www.zdnet.com/microsoft-patches-windows-live-identity-theft-flaw-7000000832/</a>
|
|
</div></td></tr> <tr><td><div class="googft-card-view" style="font-family:sans-serif;width:450px;padding:4px;border:1px solid #ccc;overflow:hidden">
|
|
<b>Entry Title:</b> WHID 2012-291: 50,000 sites compromised in sustained attack<br>
|
|
<b>WHID ID:</b> 2012-291<br>
|
|
<b>Date Occurred:</b> 7/10/2012<br>
|
|
<b>Attack Method:</b> SQL Injection<br>
|
|
<b>Application Weakness:</b> Improper Input Handling<br>
|
|
<b>Outcome:</b> Planting of Malware<br>
|
|
<b>Attacked Entity Field:</b> Blogs<br>
|
|
<b>Attacked Entity Geography:</b> <br>
|
|
<b>Incident Description:</b> Some 50,000 websites have been compromised as part of a sustained iframe injection attack campaign targeting vulnerable plug-ins for web servers and content management systems.<br>
|
|
<b>Reference:</b> <a href="http://www.scmagazine.com.au/News/308164,50000-sites-compromised-in-sustained-attack.aspx" target="_blank">http://www.scmagazine.com.au/News/308164,50000-sites-compromised-in-sustained-attack.aspx</a>
|
|
</div></td> <td><div class="googft-card-view" style="font-family:sans-serif;width:450px;padding:4px;border:1px solid #ccc;overflow:hidden">
|
|
<b>Entry Title:</b> WHID 2012-290: Social site Formspring hacked, passwords disabled<br>
|
|
<b>WHID ID:</b> 2012-290<br>
|
|
<b>Date Occurred:</b> 7/11/2012<br>
|
|
<b>Attack Method:</b> Unknown<br>
|
|
<b>Application Weakness:</b> Unknown<br>
|
|
<b>Outcome:</b> Leakage of Information<br>
|
|
<b>Attacked Entity Field:</b> Social<br>
|
|
<b>Attacked Entity Geography:</b> <br>
|
|
<b>Incident Description:</b> Social networking site Formspring said Tuesday that it was disabling nearly 30 million registered users??? passwords after hundreds of thousands of them were leaked to the Web in their encrypted form.<br>
|
|
<b>Reference:</b> <a href="http://www.boston.com/business/technology/2012/07/11/formspring-site-hacked-passwords-leaked-web/qsm1Ytov74SW6zyuQnG18J/story.html" target="_blank">http://www.boston.com/business/technology/2012/07/11/formspring-site-hacked-passwords-leaked-web/qsm1Ytov74SW6zyuQnG18J/story.html</a>
|
|
</div></td></tr> <tr><td><div class="googft-card-view" style="font-family:sans-serif;width:450px;padding:4px;border:1px solid #ccc;overflow:hidden">
|
|
<b>Entry Title:</b> WHID 2012-29: CIA Website Hacked, Struggles To Recover<br>
|
|
<b>WHID ID:</b> 2012-29<br>
|
|
<b>Date Occurred:</b> 2/10/2012<br>
|
|
<b>Attack Method:</b> Denial of Service<br>
|
|
<b>Application Weakness:</b> Insufficient Anti-automation<br>
|
|
<b>Outcome:</b> Downtime<br>
|
|
<b>Attacked Entity Field:</b> Government<br>
|
|
<b>Attacked Entity Geography:</b> Washington D.C.<br>
|
|
<b>Incident Description:</b> An Anonymous-related Twitter channel claimed Friday that the group had successfully taken down the CIA's public-facing website.<br>
|
|
<b>Reference:</b> <a href="http://www.informationweek.com/news/security/attacks/232600729" target="_blank">http://www.informationweek.com/news/security/attacks/232600729</a>
|
|
</div></td> <td><div class="googft-card-view" style="font-family:sans-serif;width:450px;padding:4px;border:1px solid #ccc;overflow:hidden">
|
|
<b>Entry Title:</b> WHID 2012-289: State server hacked in ???war??? on graft<br>
|
|
<b>WHID ID:</b> 2012-289<br>
|
|
<b>Date Occurred:</b> 7/10/2012<br>
|
|
<b>Attack Method:</b> Unknown<br>
|
|
<b>Application Weakness:</b> Unknown<br>
|
|
<b>Outcome:</b> Leakage of Information<br>
|
|
<b>Attacked Entity Field:</b> Government<br>
|
|
<b>Attacked Entity Geography:</b> <br>
|
|
<b>Incident Description:</b> It has come to light that a group called ???OpIndia??? had hacked government servers and posted large files of complaints received online by the Tamil Nadu police and its responses on Anonymous India???s Facebook page.<br>
|
|
<b>Reference:</b> <a href="http://www.asianage.com/chennai/state-server-hacked-war-graft-644" target="_blank">http://www.asianage.com/chennai/state-server-hacked-war-graft-644</a>
|
|
</div></td></tr> <tr><td><div class="googft-card-view" style="font-family:sans-serif;width:450px;padding:4px;border:1px solid #ccc;overflow:hidden">
|
|
<b>Entry Title:</b> WHID 2012-288: Best Buy says some customer accounts hacked<br>
|
|
<b>WHID ID:</b> 2012-288<br>
|
|
<b>Date Occurred:</b> 7/7/2012<br>
|
|
<b>Attack Method:</b> Brute Force<br>
|
|
<b>Application Weakness:</b> Insufficient Authentication<br>
|
|
<b>Outcome:</b> Account Takeover<br>
|
|
<b>Attacked Entity Field:</b> Retail<br>
|
|
<b>Attacked Entity Geography:</b> <br>
|
|
<b>Incident Description:</b> Best Buy says some customers' email accounts may have been hacked. The retail giant is notifying those customers via email, telling them their current passwords have been disabled and asking them to reset their passwords.<br>
|
|
<b>Reference:</b> <a href="http://www.nbcnews.com/technology/technolog/best-buy-says-some-customer-accounts-hacked-867048" target="_blank">http://www.nbcnews.com/technology/technolog/best-buy-says-some-customer-accounts-hacked-867048</a>
|
|
</div></td> <td><div class="googft-card-view" style="font-family:sans-serif;width:450px;padding:4px;border:1px solid #ccc;overflow:hidden">
|
|
<b>Entry Title:</b> WHID 2012-287: NetGear routers rooted by SQLi<br>
|
|
<b>WHID ID:</b> 2012-287<br>
|
|
<b>Date Occurred:</b> 7/6/2012<br>
|
|
<b>Attack Method:</b> SQL Injection<br>
|
|
<b>Application Weakness:</b> Improper Input Handling<br>
|
|
<b>Outcome:</b> Leakage of Information<br>
|
|
<b>Attacked Entity Field:</b> Technology<br>
|
|
<b>Attacked Entity Geography:</b> <br>
|
|
<b>Incident Description:</b> A BlackHat presenter has extracted passwords from temporary databases in consumer routers including Netgear using SQL Injection attacks.<br>
|
|
<b>Reference:</b> <a href="http://www.scmagazine.com.au/News/307818,netgear-routers-rooted-by-sqli.aspx" target="_blank">http://www.scmagazine.com.au/News/307818,netgear-routers-rooted-by-sqli.aspx</a>
|
|
</div></td></tr> <tr><td><div class="googft-card-view" style="font-family:sans-serif;width:450px;padding:4px;border:1px solid #ccc;overflow:hidden">
|
|
<b>Entry Title:</b> WHID 2012-286: Jets??? Darrelle Revis: Trade Tweet Came From Hacker<br>
|
|
<b>WHID ID:</b> 2012-286<br>
|
|
<b>Date Occurred:</b> 7/5/2012<br>
|
|
<b>Attack Method:</b> Unknown<br>
|
|
<b>Application Weakness:</b> Unknown<br>
|
|
<b>Outcome:</b> Disinformation<br>
|
|
<b>Attacked Entity Field:</b> Social<br>
|
|
<b>Attacked Entity Geography:</b> <br>
|
|
<b>Incident Description:</b> A message was posted to Darrelle Revis??? Twitter page just after 6:30 p.m. on Wednesday, in which the star cornerback appeared to curse out agents Neil Schwartz and Jonathan Feinsod ??? along with business manager John Geiger ??? for ???getting me traded.???<br>
|
|
<b>Reference:</b> <a href="http://newyork.cbslocal.com/2012/07/05/jets-darrelle-revis-trade-tweet-came-from-hacker/" target="_blank">http://newyork.cbslocal.com/2012/07/05/jets-darrelle-revis-trade-tweet-came-from-hacker/</a>
|
|
</div></td> <td><div class="googft-card-view" style="font-family:sans-serif;width:450px;padding:4px;border:1px solid #ccc;overflow:hidden">
|
|
<b>Entry Title:</b> WHID 2012-285: Al Jazeera's 'The Stream' Twitter Account Hacked By Assad Supporters<br>
|
|
<b>WHID ID:</b> 2012-285<br>
|
|
<b>Date Occurred:</b> 7/5/2012<br>
|
|
<b>Attack Method:</b> Unknown<br>
|
|
<b>Application Weakness:</b> Unknown<br>
|
|
<b>Outcome:</b> Disinformation<br>
|
|
<b>Attacked Entity Field:</b> Social<br>
|
|
<b>Attacked Entity Geography:</b> <br>
|
|
<b>Incident Description:</b> The Twitter account of Al-Jazeera's English-language social media show has been hacked by supporters of Syrian President Bashar Assad.<br>
|
|
<b>Reference:</b> <a href="http://www.huffingtonpost.com/2012/07/05/al-jazeera-stream-twitter-hacked-assad_n_1651410.html" target="_blank">http://www.huffingtonpost.com/2012/07/05/al-jazeera-stream-twitter-hacked-assad_n_1651410.html</a>
|
|
</div></td></tr> <tr><td><div class="googft-card-view" style="font-family:sans-serif;width:450px;padding:4px;border:1px solid #ccc;overflow:hidden">
|
|
<b>Entry Title:</b> WHID 2012-284: Hackers skew poll on alcohol reform<br>
|
|
<b>WHID ID:</b> 2012-284<br>
|
|
<b>Date Occurred:</b> 7/3/2012<br>
|
|
<b>Attack Method:</b> Automation<br>
|
|
<b>Application Weakness:</b> Insufficient Anti-automation<br>
|
|
<b>Outcome:</b> Disinformation<br>
|
|
<b>Attacked Entity Field:</b> Government<br>
|
|
<b>Attacked Entity Geography:</b> <br>
|
|
<b>Incident Description:</b> He said voting on the poll jumped from about 100 votes to 4000 in the space of about 24 hours. He said the source of the votes couldn't be traced but said technicians suggested the source was either a robot or a programme which had been written to continuously vote on one option.<br>
|
|
<b>Reference:</b> <a href="http://www.rotoruadailypost.co.nz/news/hackers-skew-poll-on-alcohol-reform/1439503/" target="_blank">http://www.rotoruadailypost.co.nz/news/hackers-skew-poll-on-alcohol-reform/1439503/</a>
|
|
</div></td> <td><div class="googft-card-view" style="font-family:sans-serif;width:450px;padding:4px;border:1px solid #ccc;overflow:hidden">
|
|
<b>Entry Title:</b> WHID 2012-283: Hackers take down Turkish Foreign Ministry website<br>
|
|
<b>WHID ID:</b> 2012-283<br>
|
|
<b>Date Occurred:</b> 7/3/2012<br>
|
|
<b>Attack Method:</b> Unknown<br>
|
|
<b>Application Weakness:</b> Unknown<br>
|
|
<b>Outcome:</b> Defacement<br>
|
|
<b>Attacked Entity Field:</b> Government<br>
|
|
<b>Attacked Entity Geography:</b> Turkey<br>
|
|
<b>Incident Description:</b> Socialist group RedHack brought down the Turkish Foreign Ministry website on July 3 morning, replacing its contents with pictures showing the Turkish prime minister embracing former Libyan dictator Muammar Gaddafi and Syrian President Bashar al-Assad.<br>
|
|
<b>Reference:</b> <a href="http://www.panarmenian.net/eng/news/114518/Hackers_take_down_Turkish_Foreign_Ministry_website" target="_blank">http://www.panarmenian.net/eng/news/114518/Hackers_take_down_Turkish_Foreign_Ministry_website</a>
|
|
</div></td></tr> <tr><td><div class="googft-card-view" style="font-family:sans-serif;width:450px;padding:4px;border:1px solid #ccc;overflow:hidden">
|
|
<b>Entry Title:</b> WHID 2012-282: The Daily News website suffers hacking<br>
|
|
<b>WHID ID:</b> 2012-282<br>
|
|
<b>Date Occurred:</b> 7/2/2012<br>
|
|
<b>Attack Method:</b> Unknown<br>
|
|
<b>Application Weakness:</b> Unknown<br>
|
|
<b>Outcome:</b> Defacement<br>
|
|
<b>Attacked Entity Field:</b> Media<br>
|
|
<b>Attacked Entity Geography:</b> Zimbabwe<br>
|
|
<b>Incident Description:</b> One of Zimbabwe???s 3 most read daily newspapers, the Daily News, had its website hacked yesterday. An email tip we got, and a tweet early Sunday morning say the site was showing the page below instead of the usual content.<br>
|
|
<b>Reference:</b> <a href="http://www.techzim.co.zw/2012/07/the-daily-news-website-suffers-hacking/" target="_blank">http://www.techzim.co.zw/2012/07/the-daily-news-website-suffers-hacking/</a>
|
|
</div></td> <td><div class="googft-card-view" style="font-family:sans-serif;width:450px;padding:4px;border:1px solid #ccc;overflow:hidden">
|
|
<b>Entry Title:</b> WHID 2012-281: European aeronautical parts supplier website hacked<br>
|
|
<b>WHID ID:</b> 2012-281<br>
|
|
<b>Date Occurred:</b> 6/27/2012<br>
|
|
<b>Attack Method:</b> Unknown<br>
|
|
<b>Application Weakness:</b> Unknown<br>
|
|
<b>Outcome:</b> Planting of Malware<br>
|
|
<b>Attacked Entity Field:</b> Technology<br>
|
|
<b>Attacked Entity Geography:</b> Bangalore, India<br>
|
|
<b>Incident Description:</b> The Web site of a European aeronautical parts supplier had been hacked and a malicious attack ??? which exploits zero-day Microsoft security vulnerability ??? was planted<br>
|
|
<b>Reference:</b> <a href="http://www.thehindubusinessline.com/industry-and-economy/logistics/article3576021.ece?ref=wl_industry-and-economy" target="_blank">http://www.thehindubusinessline.com/industry-and-economy/logistics/article3576021.ece?ref=wl_industry-and-economy</a>
|
|
</div></td></tr> <tr><td><div class="googft-card-view" style="font-family:sans-serif;width:450px;padding:4px;border:1px solid #ccc;overflow:hidden">
|
|
<b>Entry Title:</b> WHID 2012-280: Russian opposition leader's Twitter and email accounts hacked<br>
|
|
<b>WHID ID:</b> 2012-280<br>
|
|
<b>Date Occurred:</b> 6/27/2012<br>
|
|
<b>Attack Method:</b> Unknown<br>
|
|
<b>Application Weakness:</b> Unknown<br>
|
|
<b>Outcome:</b> Disinformation<br>
|
|
<b>Attacked Entity Field:</b> Social<br>
|
|
<b>Attacked Entity Geography:</b> <br>
|
|
<b>Incident Description:</b> HACKERS have broken into a prominent Russian opposition leader's Twitter and email accounts, sending his followers abusive messages.<br>
|
|
<b>Reference:</b> <a href="http://www.theaustralian.com.au/australian-it/russian-opposition-leaders-twitter-and-email-accounts-hacked/story-e6frgakx-1226409706806" target="_blank">http://www.theaustralian.com.au/australian-it/russian-opposition-leaders-twitter-and-email-accounts-hacked/story-e6frgakx-1226409706806</a>
|
|
</div></td> <td><div class="googft-card-view" style="font-family:sans-serif;width:450px;padding:4px;border:1px solid #ccc;overflow:hidden">
|
|
<b>Entry Title:</b> WHID 2012-28: Microsoft India's retail website hacked<br>
|
|
<b>WHID ID:</b> 2012-28<br>
|
|
<b>Date Occurred:</b> 2/13/2012<br>
|
|
<b>Attack Method:</b> Unknown<br>
|
|
<b>Application Weakness:</b> Unknown<br>
|
|
<b>Outcome:</b> Leakage of Information<br>
|
|
<b>Attacked Entity Field:</b> Technology<br>
|
|
<b>Attacked Entity Geography:</b> India<br>
|
|
<b>Incident Description:</b> Chinese hackers on Monday attacked Microsoft India's retail website and stole the usernames and passwords of its customers, forcing the company to shut it down temporarily.<br>
|
|
<b>Reference:</b> <a href="http://www.hindustantimes.com/technology/BusinessComputing-Updates/Microsoft-India-s-retail-website-hacked/SP-Article1-810639.aspx" target="_blank">http://www.hindustantimes.com/technology/BusinessComputing-Updates/Microsoft-India-s-retail-website-hacked/SP-Article1-810639.aspx</a>
|
|
</div></td></tr> <tr><td><div class="googft-card-view" style="font-family:sans-serif;width:450px;padding:4px;border:1px solid #ccc;overflow:hidden">
|
|
<b>Entry Title:</b> WHID 2012-279: 'Anonymous' hackers attack govt websites<br>
|
|
<b>WHID ID:</b> 2012-279<br>
|
|
<b>Date Occurred:</b> 6/28/2012<br>
|
|
<b>Attack Method:</b> Denial of Service<br>
|
|
<b>Application Weakness:</b> Insufficient Anti-automation<br>
|
|
<b>Outcome:</b> Downtime<br>
|
|
<b>Attacked Entity Field:</b> Government<br>
|
|
<b>Attacked Entity Geography:</b> Japan<br>
|
|
<b>Incident Description:</b> The international hackers group Anonymous has launched a series of cyber-attacks against Japanese government websites in an operation apparently triggered by the group's displeasure with the recent introduction of stiffer punishments for illegal downloads.<br>
|
|
<b>Reference:</b> <a href="http://www.yomiuri.co.jp/dy/national/T120627005770.htm" target="_blank">http://www.yomiuri.co.jp/dy/national/T120627005770.htm</a>
|
|
</div></td> <td><div class="googft-card-view" style="font-family:sans-serif;width:450px;padding:4px;border:1px solid #ccc;overflow:hidden">
|
|
<b>Entry Title:</b> WHID 2012-278: Gang hacks IRCTC website and books Tatkal tickets<br>
|
|
<b>WHID ID:</b> 2012-278<br>
|
|
<b>Date Occurred:</b> 6/24/2012<br>
|
|
<b>Attack Method:</b> Predictable Resource Location<br>
|
|
<b>Application Weakness:</b> Insufficient Process Validation<br>
|
|
<b>Outcome:</b> Monetary Loss<br>
|
|
<b>Attacked Entity Field:</b> Transportation<br>
|
|
<b>Attacked Entity Geography:</b> India<br>
|
|
<b>Incident Description:</b> But it has now emerged that a gang has been operating for a couple of years, hacking into the IRCTC website and buying Tatkal tickets even before you could log into the system. The gang, which was operating out of Uttar Pradesh, was making quite a killing, selling these Tatkal tickets at a commission ranging from Rs.500 to Rs.1,000. Read more at: http://indiatoday.intoday.in/story/gang-hacks-irctc-website-and-books-tatkal-tickets/1/202152.html<br>
|
|
<b>Reference:</b> <a href="http://indiatoday.intoday.in/story/gang-hacks-irctc-website-and-books-tatkal-tickets/1/202152.html" target="_blank">http://indiatoday.intoday.in/story/gang-hacks-irctc-website-and-books-tatkal-tickets/1/202152.html</a>
|
|
</div></td></tr> <tr><td><div class="googft-card-view" style="font-family:sans-serif;width:450px;padding:4px;border:1px solid #ccc;overflow:hidden">
|
|
<b>Entry Title:</b> WHID 2012-277: Colombian hackers attack govt, political website to protest justice reform<br>
|
|
<b>WHID ID:</b> 2012-277<br>
|
|
<b>Date Occurred:</b> 6/23/2012<br>
|
|
<b>Attack Method:</b> Unknown<br>
|
|
<b>Application Weakness:</b> Unknown<br>
|
|
<b>Outcome:</b> Defacement<br>
|
|
<b>Attacked Entity Field:</b> Government<br>
|
|
<b>Attacked Entity Geography:</b> Columbia<br>
|
|
<b>Incident Description:</b> Hackers shut down the websites of Colombia's Justice Ministry and a coalition party Friday to protest a widely criticized judicial reform. Hacker collective Anonymous announced the shut-down of the Justice Ministry website on Friday evening. The website was back online Saturday morning.<br>
|
|
<b>Reference:</b> <a href="http://colombiareports.com/colombia-news/news/24736-colombian-hackers-attack-govt-political-website-to-protest-justice-reform.html" target="_blank">http://colombiareports.com/colombia-news/news/24736-colombian-hackers-attack-govt-political-website-to-protest-justice-reform.html</a>
|
|
</div></td> <td><div class="googft-card-view" style="font-family:sans-serif;width:450px;padding:4px;border:1px solid #ccc;overflow:hidden">
|
|
<b>Entry Title:</b> WHID 2012-276: Android Forums website hacked<br>
|
|
<b>WHID ID:</b> 2012-276<br>
|
|
<b>Date Occurred:</b> 7/13/2012<br>
|
|
<b>Attack Method:</b> SQL Injection<br>
|
|
<b>Application Weakness:</b> Improper Input Handling<br>
|
|
<b>Outcome:</b> Leakage of Information<br>
|
|
<b>Attacked Entity Field:</b> Forums<br>
|
|
<b>Attacked Entity Geography:</b> Ellicott City, MD<br>
|
|
<b>Incident Description:</b> Android fansite Phandroid has admitted that its website was hacked this week and details of more than 1,034,235 were exposed.<br>
|
|
<b>Reference:</b> <a href="http://news.techeye.net/security/android-forums-website-hacked" target="_blank">http://news.techeye.net/security/android-forums-website-hacked</a>
|
|
</div></td></tr> <tr><td><div class="googft-card-view" style="font-family:sans-serif;width:450px;padding:4px;border:1px solid #ccc;overflow:hidden">
|
|
<b>Entry Title:</b> WHID 2012-275: Yahoo Voice Website Reportedly Hacked, Over 453,000 User Accounts And Passwords Allegedly Exposed<br>
|
|
<b>WHID ID:</b> 2012-275<br>
|
|
<b>Date Occurred:</b> 7/12/2012<br>
|
|
<b>Attack Method:</b> SQL Injection<br>
|
|
<b>Application Weakness:</b> Improper Input Handling<br>
|
|
<b>Outcome:</b> Leakage of Information<br>
|
|
<b>Attacked Entity Field:</b> Telecommunications<br>
|
|
<b>Attacked Entity Geography:</b> Netherlands<br>
|
|
<b>Incident Description:</b> Yahoo has reportedly fallen prey to a latest cyber attack, in which hackers of a hacking group named D33Ds Company claimed to have breached a Yahoo Voice server and posted over 453,000 user accounts and passwords, retrieved in plaintext.<br>
|
|
<b>Reference:</b> <a href="http://www.ibtimes.com/yahoo-voice-website-reportedly-hacked-over-453000-user-accounts-and-passwords-allegedly-exposed" target="_blank">http://www.ibtimes.com/yahoo-voice-website-reportedly-hacked-over-453000-user-accounts-and-passwords-allegedly-exposed</a>
|
|
</div></td> <td><div class="googft-card-view" style="font-family:sans-serif;width:450px;padding:4px;border:1px solid #ccc;overflow:hidden">
|
|
<b>Entry Title:</b> WHID 2012-274: Social site Formspring hacked, passwords disabled<br>
|
|
<b>WHID ID:</b> 2012-274<br>
|
|
<b>Date Occurred:</b> 7/9/2012<br>
|
|
<b>Attack Method:</b> Unknown<br>
|
|
<b>Application Weakness:</b> Unknown<br>
|
|
<b>Outcome:</b> Leakage of Information<br>
|
|
<b>Attacked Entity Field:</b> Social Networking<br>
|
|
<b>Attacked Entity Geography:</b> San Francisco<br>
|
|
<b>Incident Description:</b> Social networking site Formspring said that it was disabling nearly 30 million registered users??? passwords after hundreds of thousands of them were leaked to the Web in their encrypted form.<br>
|
|
<b>Reference:</b> <a href="http://www.boston.com/business/technology/2012/07/11/formspring-site-hacked-passwords-leaked-web/qsm1Ytov74SW6zyuQnG18J/story.html" target="_blank">http://www.boston.com/business/technology/2012/07/11/formspring-site-hacked-passwords-leaked-web/qsm1Ytov74SW6zyuQnG18J/story.html</a>
|
|
</div></td></tr> <tr><td><div class="googft-card-view" style="font-family:sans-serif;width:450px;padding:4px;border:1px solid #ccc;overflow:hidden">
|
|
<b>Entry Title:</b> WHID 2012-273: Tamil Nadu's police website hacked<br>
|
|
<b>WHID ID:</b> 2012-273<br>
|
|
<b>Date Occurred:</b> 7/11/2012<br>
|
|
<b>Attack Method:</b> Unknown<br>
|
|
<b>Application Weakness:</b> Unknown<br>
|
|
<b>Outcome:</b> Leakage of Information<br>
|
|
<b>Attacked Entity Field:</b> Law Enforcment<br>
|
|
<b>Attacked Entity Geography:</b> India<br>
|
|
<b>Incident Description:</b> The Cyber Crime Cell of Tamil Nadu Police has been directed to probe the hacking of the state police's website allegedly by a hacktivist group named 'Anonymous.'<br>
|
|
<b>Reference:</b> <a href="http://articles.timesofindia.indiatimes.com/2012-07-11/security/32631877_1_police-website-hacktivist-group-security-audit" target="_blank">http://articles.timesofindia.indiatimes.com/2012-07-11/security/32631877_1_police-website-hacktivist-group-security-audit</a>
|
|
</div></td> <td><div class="googft-card-view" style="font-family:sans-serif;width:450px;padding:4px;border:1px solid #ccc;overflow:hidden">
|
|
<b>Entry Title:</b> WHID 2012-272: Indian hacker defaces National Highway Authority website<br>
|
|
<b>WHID ID:</b> 2012-272<br>
|
|
<b>Date Occurred:</b> 7/7/2012<br>
|
|
<b>Attack Method:</b> Unknown<br>
|
|
<b>Application Weakness:</b> Unknown<br>
|
|
<b>Outcome:</b> Defacement<br>
|
|
<b>Attacked Entity Field:</b> Government<br>
|
|
<b>Attacked Entity Geography:</b> Pakistan<br>
|
|
<b>Incident Description:</b> The website of the National Highway Authority was defaced by an Indian hacker going by the alias Ashell.<br>
|
|
<b>Reference:</b> <a href="http://tribune.com.pk/story/404965/indian-hacker-defaces-national-highway-authority-website/" target="_blank">http://tribune.com.pk/story/404965/indian-hacker-defaces-national-highway-authority-website/</a>
|
|
</div></td></tr> <tr><td><div class="googft-card-view" style="font-family:sans-serif;width:450px;padding:4px;border:1px solid #ccc;overflow:hidden">
|
|
<b>Entry Title:</b> WHID 2012-271: Majid Michel???s website hacked<br>
|
|
<b>WHID ID:</b> 2012-271<br>
|
|
<b>Date Occurred:</b> 7/6/2012<br>
|
|
<b>Attack Method:</b> Malware Injection<br>
|
|
<b>Application Weakness:</b> Unknown<br>
|
|
<b>Outcome:</b> Downtime<br>
|
|
<b>Attacked Entity Field:</b> Entertainment<br>
|
|
<b>Attacked Entity Geography:</b> Ghana<br>
|
|
<b>Incident Description:</b> According to ZebraChild / Erawoc Brothers Group, handlers of actor Majid Michel???s official website, the website has been hacked on a grand scale, forcing them to put it offline for a while.<br>
|
|
<b>Reference:</b> <a href="http://www.ghanaweb.com/GhanaHomePage/NewsArchive/artikel.php?ID=243952" target="_blank">http://www.ghanaweb.com/GhanaHomePage/NewsArchive/artikel.php?ID=243952</a>
|
|
</div></td> <td><div class="googft-card-view" style="font-family:sans-serif;width:450px;padding:4px;border:1px solid #ccc;overflow:hidden">
|
|
<b>Entry Title:</b> WHID 2012-270: Maldives websites report denial-of-service (DDoS) cyberattacks<br>
|
|
<b>WHID ID:</b> 2012-270<br>
|
|
<b>Date Occurred:</b> 7/4/2012<br>
|
|
<b>Attack Method:</b> Denial of Service<br>
|
|
<b>Application Weakness:</b> Insufficient Anti-automation<br>
|
|
<b>Outcome:</b> Downtime<br>
|
|
<b>Attacked Entity Field:</b> Telecommunications<br>
|
|
<b>Attacked Entity Geography:</b> Maldives<br>
|
|
<b>Incident Description:</b> Telecommunications firm Dhiraagu has confirmed that websites in the Maldives have been targeted in apparent Denial of Service (DDoS) cyberattacks.<br>
|
|
<b>Reference:</b> <a href="http://minivannews.com/society/maldives-websites-report-denial-of-service-ddos-cyberattacks-40282" target="_blank">http://minivannews.com/society/maldives-websites-report-denial-of-service-ddos-cyberattacks-40282</a>
|
|
</div></td></tr> <tr><td><div class="googft-card-view" style="font-family:sans-serif;width:450px;padding:4px;border:1px solid #ccc;overflow:hidden">
|
|
<b>Entry Title:</b> WHID 2012-27: Teampoison hacktivists deface Daily Mail recipe page<br>
|
|
<b>WHID ID:</b> 2012-27<br>
|
|
<b>Date Occurred:</b> 2/5/2012<br>
|
|
<b>Attack Method:</b> Unknown<br>
|
|
<b>Application Weakness:</b> Unknown<br>
|
|
<b>Outcome:</b> Defacement<br>
|
|
<b>Attacked Entity Field:</b> Media<br>
|
|
<b>Attacked Entity Geography:</b> United Kingdom<br>
|
|
<b>Incident Description:</b> The Daily Mail, one of the UK???s leading newspapers, and generally considered to be politically right of center, has had its website defaced by the Teampoison hacking group.<br>
|
|
<b>Reference:</b> <a href="http://www.infosecurity-magazine.com/view/23720/teampoison-hacktivists-deface-daily-mail-recipe-page/" target="_blank">http://www.infosecurity-magazine.com/view/23720/teampoison-hacktivists-deface-daily-mail-recipe-page/</a>
|
|
</div></td> <td><div class="googft-card-view" style="font-family:sans-serif;width:450px;padding:4px;border:1px solid #ccc;overflow:hidden">
|
|
<b>Entry Title:</b> WHID 2012-269: Colombian hackers attack govt, political website to protest justice reform<br>
|
|
<b>WHID ID:</b> 2012-269<br>
|
|
<b>Date Occurred:</b> 6/22/2012<br>
|
|
<b>Attack Method:</b> Denial of Service<br>
|
|
<b>Application Weakness:</b> Unknown<br>
|
|
<b>Outcome:</b> Downtime<br>
|
|
<b>Attacked Entity Field:</b> Government<br>
|
|
<b>Attacked Entity Geography:</b> Columbia, South America<br>
|
|
<b>Incident Description:</b> Hackers shut down the websites of Colombia's Justice Ministry and a coalition party to protest a widely criticized judicial reform.<br>
|
|
<b>Reference:</b> <a href="http://colombiareports.com/colombia-news/news/24736-colombian-hackers-attack-govt-political-website-to-protest-justice-reform.html" target="_blank">http://colombiareports.com/colombia-news/news/24736-colombian-hackers-attack-govt-political-website-to-protest-justice-reform.html</a>
|
|
</div></td></tr> <tr><td><div class="googft-card-view" style="font-family:sans-serif;width:450px;padding:4px;border:1px solid #ccc;overflow:hidden">
|
|
<b>Entry Title:</b> WHID 2012-268: Hackers hit US Navy, Homeland Security sites<br>
|
|
<b>WHID ID:</b> 2012-268<br>
|
|
<b>Date Occurred:</b> 6/23/2012<br>
|
|
<b>Attack Method:</b> SQL Injection<br>
|
|
<b>Application Weakness:</b> Unknown<br>
|
|
<b>Outcome:</b> Leakage of Information<br>
|
|
<b>Attacked Entity Field:</b> Government<br>
|
|
<b>Attacked Entity Geography:</b> United States<br>
|
|
<b>Incident Description:</b> Hackers claimed to break into the subdomains of two major United States government agencies, posting what appeared to be stolen data online.<br>
|
|
<b>Reference:</b> <a href="http://www.gmanetwork.com/news/story/262936/scitech/technology/hackers-hit-us-navy-homeland-security-sites" target="_blank">http://www.gmanetwork.com/news/story/262936/scitech/technology/hackers-hit-us-navy-homeland-security-sites</a>
|
|
</div></td> <td><div class="googft-card-view" style="font-family:sans-serif;width:450px;padding:4px;border:1px solid #ccc;overflow:hidden">
|
|
<b>Entry Title:</b> WHID 2012-267: One more Gujarat government website hacked<br>
|
|
<b>WHID ID:</b> 2012-267<br>
|
|
<b>Date Occurred:</b> 6/22/2012<br>
|
|
<b>Attack Method:</b> Unknown<br>
|
|
<b>Application Weakness:</b> Unknown<br>
|
|
<b>Outcome:</b> Downtime<br>
|
|
<b>Attacked Entity Field:</b> Government<br>
|
|
<b>Attacked Entity Geography:</b> India<br>
|
|
<b>Incident Description:</b> If any one visits the official Gujarat Government website for Narmada and water supply department one would find it to be forbidden.<br>
|
|
<b>Reference:</b> <a href="http://articles.timesofindia.indiatimes.com/2012-06-22/ahmedabad/32368378_1_website-water-supply-state-government" target="_blank">http://articles.timesofindia.indiatimes.com/2012-06-22/ahmedabad/32368378_1_website-water-supply-state-government</a>
|
|
</div></td></tr> <tr><td><div class="googft-card-view" style="font-family:sans-serif;width:450px;padding:4px;border:1px solid #ccc;overflow:hidden">
|
|
<b>Entry Title:</b> WHID 2012-266: Lebanese government Web sites hacked<br>
|
|
<b>WHID ID:</b> 2012-266<br>
|
|
<b>Date Occurred:</b> 6/16/2012<br>
|
|
<b>Attack Method:</b> Unknown<br>
|
|
<b>Application Weakness:</b> Unknown<br>
|
|
<b>Outcome:</b> Defacement<br>
|
|
<b>Attacked Entity Field:</b> Government<br>
|
|
<b>Attacked Entity Geography:</b> Lebanon, Beirut<br>
|
|
<b>Incident Description:</b> Two Lebanese government Web sites were hacked Saturday by a group associated with Anonymous.<br>
|
|
<b>Reference:</b> <a href="http://www.upi.com/Top_News/World-News/2012/06/16/Lebanese-government-Web-sites-hacked/UPI-61361339857705/?spt=hs&or=tn" target="_blank">http://www.upi.com/Top_News/World-News/2012/06/16/Lebanese-government-Web-sites-hacked/UPI-61361339857705/?spt=hs&or=tn</a>
|
|
</div></td> <td><div class="googft-card-view" style="font-family:sans-serif;width:450px;padding:4px;border:1px solid #ccc;overflow:hidden">
|
|
<b>Entry Title:</b> WHID 2012-265: Doug Ford's website hacked by "Dbuzz"<br>
|
|
<b>WHID ID:</b> 2012-265<br>
|
|
<b>Date Occurred:</b> 6/12/2012<br>
|
|
<b>Attack Method:</b> Unknown<br>
|
|
<b>Application Weakness:</b> Unknown<br>
|
|
<b>Outcome:</b> Defacement<br>
|
|
<b>Attacked Entity Field:</b> Canadian government<br>
|
|
<b>Attacked Entity Geography:</b> Toronto<br>
|
|
<b>Incident Description:</b> Anyone who visited Doug Ford's (Ward 2, Etobicoke North) website since at least yesterday afternoon didn't get the councillor's usual web presence.<br>
|
|
<b>Reference:</b> <a href="http://www.openfile.ca/toronto/blog/2012/doug-fords-website-hacked-dbuzz" target="_blank">http://www.openfile.ca/toronto/blog/2012/doug-fords-website-hacked-dbuzz</a>
|
|
</div></td></tr> <tr><td><div class="googft-card-view" style="font-family:sans-serif;width:450px;padding:4px;border:1px solid #ccc;overflow:hidden">
|
|
<b>Entry Title:</b> WHID 2012-264: Langley City website hacked<br>
|
|
<b>WHID ID:</b> 2012-264<br>
|
|
<b>Date Occurred:</b> 6/6/2012<br>
|
|
<b>Attack Method:</b> Unknown<br>
|
|
<b>Application Weakness:</b> Unknown<br>
|
|
<b>Outcome:</b> Defacement<br>
|
|
<b>Attacked Entity Field:</b> State government<br>
|
|
<b>Attacked Entity Geography:</b> Virginia<br>
|
|
<b>Incident Description:</b> The City of Langley website was hacked by a group calling themselves the LatinHackTeam against corruption of the governments.<br>
|
|
<b>Reference:</b> <a href="http://www.langleytimes.com/news/158504945.html" target="_blank">http://www.langleytimes.com/news/158504945.html</a>
|
|
</div></td> <td><div class="googft-card-view" style="font-family:sans-serif;width:450px;padding:4px;border:1px solid #ccc;overflow:hidden">
|
|
<b>Entry Title:</b> WHID 2012-263: Wawa's Website Hacked<br>
|
|
<b>WHID ID:</b> 2012-263<br>
|
|
<b>Date Occurred:</b> 6/8/2012<br>
|
|
<b>Attack Method:</b> SQL Injection<br>
|
|
<b>Application Weakness:</b> Unknown<br>
|
|
<b>Outcome:</b> Defacement<br>
|
|
<b>Attacked Entity Field:</b> Gas sales<br>
|
|
<b>Attacked Entity Geography:</b> Pennsylvania<br>
|
|
<b>Incident Description:</b> Hackers caused problems for Wawa's website, www.wawa.com<br>
|
|
<b>Reference:</b> <a href="http://www.cspnet.com/news/technology/articles/update-wawas-website-hacked" target="_blank">http://www.cspnet.com/news/technology/articles/update-wawas-website-hacked</a>
|
|
</div></td></tr> <tr><td><div class="googft-card-view" style="font-family:sans-serif;width:450px;padding:4px;border:1px solid #ccc;overflow:hidden">
|
|
<b>Entry Title:</b> WHID 2012-262: Vice President Binay???s website hacked<br>
|
|
<b>WHID ID:</b> 2012-262<br>
|
|
<b>Date Occurred:</b> 6/12/2012<br>
|
|
<b>Attack Method:</b> Unknown<br>
|
|
<b>Application Weakness:</b> Unknown<br>
|
|
<b>Outcome:</b> Defacement<br>
|
|
<b>Attacked Entity Field:</b> Government<br>
|
|
<b>Attacked Entity Geography:</b> Philippines<br>
|
|
<b>Incident Description:</b> The website of the Office of the Vice President (OVP) was hacked<br>
|
|
<b>Reference:</b> <a href="http://technology.inquirer.net/12081/vice-president-binays-website-hacked" target="_blank">http://technology.inquirer.net/12081/vice-president-binays-website-hacked</a>
|
|
</div></td> <td><div class="googft-card-view" style="font-family:sans-serif;width:450px;padding:4px;border:1px solid #ccc;overflow:hidden">
|
|
<b>Entry Title:</b> WHID 2012-261: Russian sites go offline as protests begin<br>
|
|
<b>WHID ID:</b> 2012-261<br>
|
|
<b>Date Occurred:</b> 6/12/2012<br>
|
|
<b>Attack Method:</b> Denial of Service<br>
|
|
<b>Application Weakness:</b> Insufficient Anti-automation<br>
|
|
<b>Outcome:</b> Downtime<br>
|
|
<b>Attacked Entity Field:</b> Media<br>
|
|
<b>Attacked Entity Geography:</b> Russia<br>
|
|
<b>Incident Description:</b> The websites of Russia's main independent news sources became inaccessible on Tuesday as protesters gathered in Moscow for a march against President Vladimir Putin's third Kremlin term.<br>
|
|
<b>Reference:</b> <a href="http://www.abs-cbnnews.com/global-filipino/world/06/12/12/russian-sites-go-offline-protests-begin" target="_blank">http://www.abs-cbnnews.com/global-filipino/world/06/12/12/russian-sites-go-offline-protests-begin</a>
|
|
</div></td></tr> <tr><td><div class="googft-card-view" style="font-family:sans-serif;width:450px;padding:4px;border:1px solid #ccc;overflow:hidden">
|
|
<b>Entry Title:</b> WHID 2012-260: Govt site taken down in censorship protest<br>
|
|
<b>WHID ID:</b> 2012-260<br>
|
|
<b>Date Occurred:</b> 6/10/2012<br>
|
|
<b>Attack Method:</b> Denial of Service<br>
|
|
<b>Application Weakness:</b> Insufficient Anti-automation<br>
|
|
<b>Outcome:</b> Downtime<br>
|
|
<b>Attacked Entity Field:</b> Internet Security<br>
|
|
<b>Attacked Entity Geography:</b> India<br>
|
|
<b>Incident Description:</b> Hours ahead of its planned protest against certain incidents of internet censorship in India , hacker collective Anonymous attacked andbroughtdown the website run by Computer Emergency Response Team India (CERT-I n), the country's premier agency dealing with cyber security contingencies .<br>
|
|
<b>Reference:</b> <a href="http://articles.timesofindia.indiatimes.com/2012-06-10/chennai/32155621_1_opindia-web-censorship-cert" target="_blank">http://articles.timesofindia.indiatimes.com/2012-06-10/chennai/32155621_1_opindia-web-censorship-cert</a>
|
|
</div></td> <td><div class="googft-card-view" style="font-family:sans-serif;width:450px;padding:4px;border:1px solid #ccc;overflow:hidden">
|
|
<b>Entry Title:</b> WHID 2012-26: Russia???s Largest BitTorrent Tracker Under Huge DDoS Attack<br>
|
|
<b>WHID ID:</b> 2012-26<br>
|
|
<b>Date Occurred:</b> 2/6/2012<br>
|
|
<b>Attack Method:</b> Denial of Service<br>
|
|
<b>Application Weakness:</b> Insufficient Anti-automation<br>
|
|
<b>Outcome:</b> Downtime<br>
|
|
<b>Attacked Entity Field:</b> Information<br>
|
|
<b>Attacked Entity Geography:</b> Russia<br>
|
|
<b>Incident Description:</b> RUTracker, Russia???s largest BitTorrent tracker, has been dealing with the effects of a DDoS attack over the past 48 hours.<br>
|
|
<b>Reference:</b> <a href="http://torrentfreak.com/russias-largest-bittorrent-tracker-under-huge-ddos-attack-120208/" target="_blank">http://torrentfreak.com/russias-largest-bittorrent-tracker-under-huge-ddos-attack-120208/</a>
|
|
</div></td></tr> <tr><td><div class="googft-card-view" style="font-family:sans-serif;width:450px;padding:4px;border:1px solid #ccc;overflow:hidden">
|
|
<b>Entry Title:</b> WHID 2012-259: Anonymous all set for June 9 Nation-wide Protests against Censorship<br>
|
|
<b>WHID ID:</b> 2012-259<br>
|
|
<b>Date Occurred:</b> 6/7/2012<br>
|
|
<b>Attack Method:</b> Denial of Service<br>
|
|
<b>Application Weakness:</b> Unknown<br>
|
|
<b>Outcome:</b> Downtime<br>
|
|
<b>Attacked Entity Field:</b> Telekom<br>
|
|
<b>Attacked Entity Geography:</b> India<br>
|
|
<b>Incident Description:</b> Anonymous claims to have taken down the website of Telecom Company MTNL yesterday via a Distributed Denial of Service (DDoS) attack.<br>
|
|
<b>Reference:</b> <a href="http://www.cio.in/news/anonymous-all-set-june-9-nation-wide-protests-against-censorship-269642012" target="_blank">http://www.cio.in/news/anonymous-all-set-june-9-nation-wide-protests-against-censorship-269642012</a>
|
|
</div></td> <td><div class="googft-card-view" style="font-family:sans-serif;width:450px;padding:4px;border:1px solid #ccc;overflow:hidden">
|
|
<b>Entry Title:</b> WHID 2012-258: 6.5 Million LinkedIn Passwords May Be In Hands of Hackers<br>
|
|
<b>WHID ID:</b> 2012-258<br>
|
|
<b>Date Occurred:</b> 6/6/2012<br>
|
|
<b>Attack Method:</b> SQL Injection<br>
|
|
<b>Application Weakness:</b> Unknown<br>
|
|
<b>Outcome:</b> Leakage of Information<br>
|
|
<b>Attacked Entity Field:</b> Social Networking<br>
|
|
<b>Attacked Entity Geography:</b> Mountain View, CA<br>
|
|
<b>Incident Description:</b> LinkedIn on Wednesday morning was still unable to confirm reports that 6.5 million user passwords had been exposed. But Sophos has discovered LinkedIn password information posted on a Russian hacker site.<br>
|
|
<b>Reference:</b> <a href="http://www.newsfactor.com/news/6-5M-LinkedIn-Passwords-May-Be-Stolen/story.xhtml?story_id=013000G54XRY" target="_blank">http://www.newsfactor.com/news/6-5M-LinkedIn-Passwords-May-Be-Stolen/story.xhtml?story_id=013000G54XRY</a>
|
|
</div></td></tr> <tr><td><div class="googft-card-view" style="font-family:sans-serif;width:450px;padding:4px;border:1px solid #ccc;overflow:hidden">
|
|
<b>Entry Title:</b> WHID 2012-257: UMass website hacked, Google searchers get offer to sell Viagra<br>
|
|
<b>WHID ID:</b> 2012-257<br>
|
|
<b>Date Occurred:</b> 6/6/2012<br>
|
|
<b>Attack Method:</b> Search Engine Poisoning<br>
|
|
<b>Application Weakness:</b> Improper Output Handling<br>
|
|
<b>Outcome:</b> Spam<br>
|
|
<b>Attacked Entity Field:</b> United States University<br>
|
|
<b>Attacked Entity Geography:</b> Massachusetts<br>
|
|
<b>Incident Description:</b> A lot of people who did a Google search for UMass Amherst Wednesday morning found themselves with a bitter pill to swallow -- and it wasn't blue.<br>
|
|
<b>Reference:</b> <a href="http://www.masslive.com/business-news/index.ssf/2012/06/umass_website_hacked_google_searchers_ge.html" target="_blank">http://www.masslive.com/business-news/index.ssf/2012/06/umass_website_hacked_google_searchers_ge.html</a>
|
|
</div></td> <td><div class="googft-card-view" style="font-family:sans-serif;width:450px;padding:4px;border:1px solid #ccc;overflow:hidden">
|
|
<b>Entry Title:</b> WHID 2012-256: Defence, Panasonic hacked and defaced<br>
|
|
<b>WHID ID:</b> 2012-256<br>
|
|
<b>Date Occurred:</b> 6/7/2012<br>
|
|
<b>Attack Method:</b> Unknown<br>
|
|
<b>Application Weakness:</b> Unknown<br>
|
|
<b>Outcome:</b> Defacement<br>
|
|
<b>Attacked Entity Field:</b> Australian Department of Defense<br>
|
|
<b>Attacked Entity Geography:</b> Australia<br>
|
|
<b>Incident Description:</b> One of the Defence Materiel Organisation's (DMO) websites has been compromised by hackers, while Panasonic Australia has taken its website down after one of its subdomains was also hacked and then defaced.<br>
|
|
<b>Reference:</b> <a href="http://www.zdnet.com/defence-panasonic-hacked-and-defaced-1339339331/" target="_blank">http://www.zdnet.com/defence-panasonic-hacked-and-defaced-1339339331/</a>
|
|
</div></td></tr> <tr><td><div class="googft-card-view" style="font-family:sans-serif;width:450px;padding:4px;border:1px solid #ccc;overflow:hidden">
|
|
<b>Entry Title:</b> WHID 2012-255: Indian ISPs Targeted in Anonymous Censorship Protest<br>
|
|
<b>WHID ID:</b> 2012-255<br>
|
|
<b>Date Occurred:</b> 6/6/2012<br>
|
|
<b>Attack Method:</b> Denial of Service<br>
|
|
<b>Application Weakness:</b> Insufficient Anti-automation<br>
|
|
<b>Outcome:</b> Downtime<br>
|
|
<b>Attacked Entity Field:</b> Internet Service Provider<br>
|
|
<b>Attacked Entity Geography:</b> India<br>
|
|
<b>Incident Description:</b> The websites of Indian government-run communications company Mahanagar Telephone Nigam and the Internet Service Providers Association of India faced DDoS (distributed denial of service) attacks from Anonymous.<br>
|
|
<b>Reference:</b> <a href="http://www.pcworld.com/businesscenter/article/257032/indian_isps_targeted_in_anonymous_censorship_protest.html" target="_blank">http://www.pcworld.com/businesscenter/article/257032/indian_isps_targeted_in_anonymous_censorship_protest.html</a>
|
|
</div></td> <td><div class="googft-card-view" style="font-family:sans-serif;width:450px;padding:4px;border:1px solid #ccc;overflow:hidden">
|
|
<b>Entry Title:</b> WHID 2012-254: DigiCape website hacked<br>
|
|
<b>WHID ID:</b> 2012-254<br>
|
|
<b>Date Occurred:</b> 6/4/2012<br>
|
|
<b>Attack Method:</b> Unknown<br>
|
|
<b>Application Weakness:</b> Unknown<br>
|
|
<b>Outcome:</b> Defacement<br>
|
|
<b>Attacked Entity Field:</b> Online retail<br>
|
|
<b>Attacked Entity Geography:</b> South Africa<br>
|
|
<b>Incident Description:</b> Independent Apple retailer DigiCape is the victim of a cyber attack, with the company's website hacked.<br>
|
|
<b>Reference:</b> <a href="http://technology.iafrica.com/news/technology/798318.html" target="_blank">http://technology.iafrica.com/news/technology/798318.html</a>
|
|
</div></td></tr> <tr><td><div class="googft-card-view" style="font-family:sans-serif;width:450px;padding:4px;border:1px solid #ccc;overflow:hidden">
|
|
<b>Entry Title:</b> WHID 2012-253: Cyber watchdog website hacked<br>
|
|
<b>WHID ID:</b> 2012-253<br>
|
|
<b>Date Occurred:</b> 6/2/2012<br>
|
|
<b>Attack Method:</b> Unknown<br>
|
|
<b>Application Weakness:</b> Unknown<br>
|
|
<b>Outcome:</b> Downtime<br>
|
|
<b>Attacked Entity Field:</b> Government<br>
|
|
<b>Attacked Entity Geography:</b> India<br>
|
|
<b>Incident Description:</b> Even after a series of government defacements by Anonymous, the website of the Indian Computer Emergency Response Team website was trolled and defaced by by Anonymous.<br>
|
|
<b>Reference:</b> <a href="http://www.deccanchronicle.com/channels/cities/hyderabad/cyber-watchdog-website-hacked-988" target="_blank">http://www.deccanchronicle.com/channels/cities/hyderabad/cyber-watchdog-website-hacked-988</a>
|
|
</div></td> <td><div class="googft-card-view" style="font-family:sans-serif;width:450px;padding:4px;border:1px solid #ccc;overflow:hidden">
|
|
<b>Entry Title:</b> WHID 2012-252: Hosting firm suffers 'innocent' intrusion after billing system hacked<br>
|
|
<b>WHID ID:</b> 2012-252<br>
|
|
<b>Date Occurred:</b> 4/30/2012<br>
|
|
<b>Attack Method:</b> Unknown<br>
|
|
<b>Application Weakness:</b> Unknown<br>
|
|
<b>Outcome:</b> Leakage of Information<br>
|
|
<b>Attacked Entity Field:</b> Hosting Provider<br>
|
|
<b>Attacked Entity Geography:</b> <br>
|
|
<b>Incident Description:</b> Web-hosting firm eUKHost has been hacked by Pakistani hacking team UrduHack, which appeared to have gained access to its billing system.<br>
|
|
<b>Reference:</b> <a href="http://www.theregister.co.uk/2012/04/30/eukhost_billing_system_compromise/" target="_blank">http://www.theregister.co.uk/2012/04/30/eukhost_billing_system_compromise/</a>
|
|
</div></td></tr> <tr><td><div class="googft-card-view" style="font-family:sans-serif;width:450px;padding:4px;border:1px solid #ccc;overflow:hidden">
|
|
<b>Entry Title:</b> WHID 2012-251: Quick fix for Hotmail password bug<br>
|
|
<b>WHID ID:</b> 2012-251<br>
|
|
<b>Date Occurred:</b> 4/27/2012<br>
|
|
<b>Attack Method:</b> Parameter Manipulation<br>
|
|
<b>Application Weakness:</b> Insufficient Password Recovery<br>
|
|
<b>Outcome:</b> Account Takeover<br>
|
|
<b>Attacked Entity Field:</b> Service Providers<br>
|
|
<b>Attacked Entity Geography:</b> <br>
|
|
<b>Incident Description:</b> The bug allowed a hacker to reset the password for a Hotmail account, locking out its owner and giving the attacker access to the inbox. The fix was put together because the bug was starting to be actively exploited online.<br>
|
|
<b>Reference:</b> <a href="http://www.bbc.co.uk/news/technology-17866897" target="_blank">http://www.bbc.co.uk/news/technology-17866897</a>
|
|
</div></td> <td><div class="googft-card-view" style="font-family:sans-serif;width:450px;padding:4px;border:1px solid #ccc;overflow:hidden">
|
|
<b>Entry Title:</b> WHID 2012-250: Just like the share price... Facebook goes down after being 'hacked by Anonymous'<br>
|
|
<b>WHID ID:</b> 2012-250<br>
|
|
<b>Date Occurred:</b> 6/1/2012<br>
|
|
<b>Attack Method:</b> Denial of Service<br>
|
|
<b>Application Weakness:</b> Insufficient Anti-automation<br>
|
|
<b>Outcome:</b> Downtime<br>
|
|
<b>Attacked Entity Field:</b> Social Networking<br>
|
|
<b>Attacked Entity Geography:</b> United States<br>
|
|
<b>Incident Description:</b> Facebook experienced service outages for portions of its 900 million users tonight after the social networking site was apparently targeted by hacking group Anonymous.<br>
|
|
<b>Reference:</b> <a href="http://www.dailymail.co.uk/sciencetech/article-2153081/Facebook-goes-just-like-share-price--Social-networking-giant-caps-end-week-forget-website-outages-apparently-hacked-Anonymous.html" target="_blank">http://www.dailymail.co.uk/sciencetech/article-2153081/Facebook-goes-just-like-share-price--Social-networking-giant-caps-end-week-forget-website-outages-apparently-hacked-Anonymous.html</a>
|
|
</div></td></tr> <tr><td><div class="googft-card-view" style="font-family:sans-serif;width:450px;padding:4px;border:1px solid #ccc;overflow:hidden">
|
|
<b>Entry Title:</b> WHID 2012-25: Website of Vietnam's top Internet security firm hacked<br>
|
|
<b>WHID ID:</b> 2012-25<br>
|
|
<b>Date Occurred:</b> 2/4/2012<br>
|
|
<b>Attack Method:</b> Denial of Service<br>
|
|
<b>Application Weakness:</b> Insufficient Anti-automation<br>
|
|
<b>Outcome:</b> Downtime<br>
|
|
<b>Attacked Entity Field:</b> Technology<br>
|
|
<b>Attacked Entity Geography:</b> Hanoi, Vietnam<br>
|
|
<b>Incident Description:</b> The website of Vietnam???s leading internet security firm, the Hanoi-based Bach Khoa Internetwork Security Company, has been attacked by hackers, Vietnam News Agency (VNA) quoted its representative as saying Monday.<br>
|
|
<b>Reference:</b> <a href="http://www.thanhniennews.com/index/pages/20120206-vietnam-leading-internet-security-company-hacked.aspx" target="_blank">http://www.thanhniennews.com/index/pages/20120206-vietnam-leading-internet-security-company-hacked.aspx</a>
|
|
</div></td> <td><div class="googft-card-view" style="font-family:sans-serif;width:450px;padding:4px;border:1px solid #ccc;overflow:hidden">
|
|
<b>Entry Title:</b> WHID 2012-249: Agriboffins' site downed by DDoS after GM protest<br>
|
|
<b>WHID ID:</b> 2012-249<br>
|
|
<b>Date Occurred:</b> 5/28/2012<br>
|
|
<b>Attack Method:</b> Denial of Service<br>
|
|
<b>Application Weakness:</b> Unknown<br>
|
|
<b>Outcome:</b> Downtime<br>
|
|
<b>Attacked Entity Field:</b> Agriculture research<br>
|
|
<b>Attacked Entity Geography:</b> United Kingdom<br>
|
|
<b>Incident Description:</b> Agricultural research institute Rothamsted Research was pulled offline in a DDoS attack just hours after police stopped protestors destroying a GM crop trial at the facility.<br>
|
|
<b>Reference:</b> <a href="http://www.theregister.co.uk/2012/05/28/rothamsted_site_down_ddos/" target="_blank">http://www.theregister.co.uk/2012/05/28/rothamsted_site_down_ddos/</a>
|
|
</div></td></tr> <tr><td><div class="googft-card-view" style="font-family:sans-serif;width:450px;padding:4px;border:1px solid #ccc;overflow:hidden">
|
|
<b>Entry Title:</b> WHID 2012-248: Yemeni tribal website hacked by US, divulges Hilary Clinton<br>
|
|
<b>WHID ID:</b> 2012-248<br>
|
|
<b>Date Occurred:</b> 5/24/2012<br>
|
|
<b>Attack Method:</b> Unknown<br>
|
|
<b>Application Weakness:</b> Unknown<br>
|
|
<b>Outcome:</b> Defacement<br>
|
|
<b>Attacked Entity Field:</b> Government<br>
|
|
<b>Attacked Entity Geography:</b> Yemin<br>
|
|
<b>Incident Description:</b> US Secretary of State Hilary Clinton admitted that cyber experts based at her department hacked Yemeni tribal websites, and tracked messages about killing Americans.<br>
|
|
<b>Reference:</b> <a href="http://www.globalnewsdesk.co.uk/north-america/us-hacking-al-qaeda/0992/" target="_blank">http://www.globalnewsdesk.co.uk/north-america/us-hacking-al-qaeda/0992/</a>
|
|
</div></td> <td><div class="googft-card-view" style="font-family:sans-serif;width:450px;padding:4px;border:1px solid #ccc;overflow:hidden">
|
|
<b>Entry Title:</b> WHID 2012-247:123-reg outtage caused by DDoS attack from China<br>
|
|
<b>WHID ID:</b> 2012-247<br>
|
|
<b>Date Occurred:</b> 5/23/2012<br>
|
|
<b>Attack Method:</b> Denial of Service<br>
|
|
<b>Application Weakness:</b> Unknown<br>
|
|
<b>Outcome:</b> Downtime<br>
|
|
<b>Attacked Entity Field:</b> Web site hosting<br>
|
|
<b>Attacked Entity Geography:</b> United Kingdom<br>
|
|
<b>Incident Description:</b> It appears that 123-reg are having some network problems caused by a distributed denial of service attack from China.<br>
|
|
<b>Reference:</b> <a href="http://tamebay.com/2012/05/123-reg-outtage-caused-by-ddos-attack-from-china.html" target="_blank">http://tamebay.com/2012/05/123-reg-outtage-caused-by-ddos-attack-from-china.html</a>
|
|
</div></td></tr> <tr><td><div class="googft-card-view" style="font-family:sans-serif;width:450px;padding:4px;border:1px solid #ccc;overflow:hidden">
|
|
<b>Entry Title:</b> WHID 2012-246: Web Hosting Control Panel WHMCS Hit by DDoS and Social Engineering Attack<br>
|
|
<b>WHID ID:</b> 2012-246<br>
|
|
<b>Date Occurred:</b> 5/22/2012<br>
|
|
<b>Attack Method:</b> Denial of Service<br>
|
|
<b>Application Weakness:</b> Unknown<br>
|
|
<b>Outcome:</b> Downtime<br>
|
|
<b>Attacked Entity Field:</b> Client management<br>
|
|
<b>Attacked Entity Geography:</b> United Kingdom<br>
|
|
<b>Incident Description:</b> WHMCS experienced a DDoS and social engineering attack this week<br>
|
|
<b>Reference:</b> <a href="http://www.thewhir.com/web-hosting-news/web-hosting-control-panel-whmcs-hit-by-ddos-and-social-engineering-attack" target="_blank">http://www.thewhir.com/web-hosting-news/web-hosting-control-panel-whmcs-hit-by-ddos-and-social-engineering-attack</a>
|
|
</div></td> <td><div class="googft-card-view" style="font-family:sans-serif;width:450px;padding:4px;border:1px solid #ccc;overflow:hidden">
|
|
<b>Entry Title:</b> WHID 2012-245: Solar Impulse website hacked<br>
|
|
<b>WHID ID:</b> 2012-245<br>
|
|
<b>Date Occurred:</b> 5/21/2012<br>
|
|
<b>Attack Method:</b> Unknown<br>
|
|
<b>Application Weakness:</b> Unknown<br>
|
|
<b>Outcome:</b> Defacement<br>
|
|
<b>Attacked Entity Field:</b> Solar flight<br>
|
|
<b>Attacked Entity Geography:</b> Sitzerland<br>
|
|
<b>Incident Description:</b> The team of the Swiss airplane Solar Impulse warns its supporters that its website was hacked<br>
|
|
<b>Reference:</b> <a href="http://worldradio.ch/wrs/news/wrsnews/solar-impulse-website-hacked.shtml?30729" target="_blank">http://worldradio.ch/wrs/news/wrsnews/solar-impulse-website-hacked.shtml?30729</a>
|
|
</div></td></tr> <tr><td><div class="googft-card-view" style="font-family:sans-serif;width:450px;padding:4px;border:1px solid #ccc;overflow:hidden">
|
|
<b>Entry Title:</b> WHID 2012-244: Anonymous takes out Indian CERT as attacks continue<br>
|
|
<b>WHID ID:</b> 2012-244<br>
|
|
<b>Date Occurred:</b> 5/20/2012<br>
|
|
<b>Attack Method:</b> Denial of Service<br>
|
|
<b>Application Weakness:</b> Unknown<br>
|
|
<b>Outcome:</b> Downtime<br>
|
|
<b>Attacked Entity Field:</b> Government<br>
|
|
<b>Attacked Entity Geography:</b> India<br>
|
|
<b>Incident Description:</b> Hacktivist group Anonymous continued its attacks on the Indian government and creative industries.<br>
|
|
<b>Reference:</b> <a href="http://www.theregister.co.uk/2012/05/21/india_anonymous_cert_ddos/" target="_blank">http://www.theregister.co.uk/2012/05/21/india_anonymous_cert_ddos/</a>
|
|
</div></td> <td><div class="googft-card-view" style="font-family:sans-serif;width:450px;padding:4px;border:1px solid #ccc;overflow:hidden">
|
|
<b>Entry Title:</b> WHID 2012-243: Anonymous Hackers Claim to Take Down Chicago Police Website<br>
|
|
<b>WHID ID:</b> 2012-243<br>
|
|
<b>Date Occurred:</b> 5/20/2012<br>
|
|
<b>Attack Method:</b> Denial of Service<br>
|
|
<b>Application Weakness:</b> Unknown<br>
|
|
<b>Outcome:</b> Downtime<br>
|
|
<b>Attacked Entity Field:</b> Law enforcement<br>
|
|
<b>Attacked Entity Geography:</b> Chicago<br>
|
|
<b>Incident Description:</b> The Chicago Police Department website is down, and ???hactivists??? from the group Anonymous are taking credit.<br>
|
|
<b>Reference:</b> <a href="http://mashable.com/2012/05/20/anonymous-hackers-police-website/" target="_blank">http://mashable.com/2012/05/20/anonymous-hackers-police-website/</a>
|
|
</div></td></tr> <tr><td><div class="googft-card-view" style="font-family:sans-serif;width:450px;padding:4px;border:1px solid #ccc;overflow:hidden">
|
|
<b>Entry Title:</b> WHID 2012-242: Anonymous Launches Cyberattacks Against India<br>
|
|
<b>WHID ID:</b> 2012-242<br>
|
|
<b>Date Occurred:</b> 5/18/2012<br>
|
|
<b>Attack Method:</b> Denial of Service<br>
|
|
<b>Application Weakness:</b> Unknown<br>
|
|
<b>Outcome:</b> Downtime<br>
|
|
<b>Attacked Entity Field:</b> Government<br>
|
|
<b>Attacked Entity Geography:</b> India<br>
|
|
<b>Incident Description:</b> Websites belonging to India???s Supreme Court, the Ministry of Communications and Information Technology, the Department of Telecommunications, and both of the nation???s political parties were targets of an Anonymous-led hacking attack.<br>
|
|
<b>Reference:</b> <a href="http://www.redorbit.com/news/technology/1112538563/anonymous-launches-cyberattacks-against-india/" target="_blank">http://www.redorbit.com/news/technology/1112538563/anonymous-launches-cyberattacks-against-india/</a>
|
|
</div></td> <td><div class="googft-card-view" style="font-family:sans-serif;width:450px;padding:4px;border:1px solid #ccc;overflow:hidden">
|
|
<b>Entry Title:</b> WHID 2012-241: Basketball TV website hacked<br>
|
|
<b>WHID ID:</b> 2012-241<br>
|
|
<b>Date Occurred:</b> 5/18/2012<br>
|
|
<b>Attack Method:</b> Unknown<br>
|
|
<b>Application Weakness:</b> Unknown<br>
|
|
<b>Outcome:</b> Defacement<br>
|
|
<b>Attacked Entity Field:</b> Sports<br>
|
|
<b>Attacked Entity Geography:</b> Phillipines<br>
|
|
<b>Incident Description:</b> The official website of local cable channel Basketball TV was compromised today, May 18, by hackers claiming to be Chinese.<br>
|
|
<b>Reference:</b> <a href="http://www.rappler.com/nation/5582-btv-website-hacked" target="_blank">http://www.rappler.com/nation/5582-btv-website-hacked</a>
|
|
</div></td></tr> <tr><td><div class="googft-card-view" style="font-family:sans-serif;width:450px;padding:4px;border:1px solid #ccc;overflow:hidden">
|
|
<b>Entry Title:</b> WHID 2012-240: Popular Eurovision website hacked in response to ???parade of homosexuals???<br>
|
|
<b>WHID ID:</b> 2012-240<br>
|
|
<b>Date Occurred:</b> 5/17/2012<br>
|
|
<b>Attack Method:</b> Denial of Service<br>
|
|
<b>Application Weakness:</b> Unknown<br>
|
|
<b>Outcome:</b> Downtime<br>
|
|
<b>Attacked Entity Field:</b> News<br>
|
|
<b>Attacked Entity Geography:</b> Australia<br>
|
|
<b>Incident Description:</b> A group is reportedly targeting websites related to the Eurovision Song Contest in Azerbaijan in protest at a ???parade of homosexuals??? it believes will take place at the event.<br>
|
|
<b>Reference:</b> <a href="http://www.pinknews.co.uk/2012/05/17/popular-eurovision-website-hacked-in-response-to-parade-of-homosexuals/" target="_blank">http://www.pinknews.co.uk/2012/05/17/popular-eurovision-website-hacked-in-response-to-parade-of-homosexuals/</a>
|
|
</div></td> <td><div class="googft-card-view" style="font-family:sans-serif;width:450px;padding:4px;border:1px solid #ccc;overflow:hidden">
|
|
<b>Entry Title:</b> WHID 2012-24: More fallout; Salt Lake City police website hacked<br>
|
|
<b>WHID ID:</b> 2012-24<br>
|
|
<b>Date Occurred:</b> 2/1/2012<br>
|
|
<b>Attack Method:</b> SQL Injection<br>
|
|
<b>Application Weakness:</b> Improper Input Handling<br>
|
|
<b>Outcome:</b> Leakage of Information<br>
|
|
<b>Attacked Entity Field:</b> Law Enforcement<br>
|
|
<b>Attacked Entity Geography:</b> Salt Lake City, Utah<br>
|
|
<b>Incident Description:</b> The Salt Lake City police department is asking their tipsters and informants to be careful after a hacker compromised their website<br>
|
|
<b>Reference:</b> <a href="http://www.abc4.com/content/news/slc/story/More-fallout-Salt-Lake-City-police-website-hacked/PiSspE768UiioitJ3K4gyQ.cspx" target="_blank">http://www.abc4.com/content/news/slc/story/More-fallout-Salt-Lake-City-police-website-hacked/PiSspE768UiioitJ3K4gyQ.cspx</a>
|
|
</div></td></tr> <tr><td><div class="googft-card-view" style="font-family:sans-serif;width:450px;padding:4px;border:1px solid #ccc;overflow:hidden">
|
|
<b>Entry Title:</b> WHID 2012-239: Pirate Bay Under DDoS Attack From Unknown Enemy<br>
|
|
<b>WHID ID:</b> 2012-239<br>
|
|
<b>Date Occurred:</b> 5/16/2012<br>
|
|
<b>Attack Method:</b> Denial of Service<br>
|
|
<b>Application Weakness:</b> Unknown<br>
|
|
<b>Outcome:</b> Downtime<br>
|
|
<b>Attacked Entity Field:</b> Media web site<br>
|
|
<b>Attacked Entity Geography:</b> United Kingdom<br>
|
|
<b>Incident Description:</b> After the site openly criticized Anonymous last week for DDoS???ing UK ISP Virgin Media, The Pirate Bay itself is now under attack.<br>
|
|
<b>Reference:</b> <a href="http://torrentfreak.com/pirate-bay-under-ddos-attack-from-unknown-enemy-120516/" target="_blank">http://torrentfreak.com/pirate-bay-under-ddos-attack-from-unknown-enemy-120516/</a>
|
|
</div></td> <td><div class="googft-card-view" style="font-family:sans-serif;width:450px;padding:4px;border:1px solid #ccc;overflow:hidden">
|
|
<b>Entry Title:</b> WHID 2012-238: ICO blasted offline by DDoS cannon in Leveson protest<br>
|
|
<b>WHID ID:</b> 2012-238<br>
|
|
<b>Date Occurred:</b> 5/15/2012<br>
|
|
<b>Attack Method:</b> Denial of Service<br>
|
|
<b>Application Weakness:</b> Unknown<br>
|
|
<b>Outcome:</b> Downtime<br>
|
|
<b>Attacked Entity Field:</b> Information Rights<br>
|
|
<b>Attacked Entity Geography:</b> United Kingdom<br>
|
|
<b>Incident Description:</b> The UK's Information Commissioner's Office website has been blown offline by a distributed-denial-of-service attack that appears to be a hacktivist protest over the Leveson Inquiry.<br>
|
|
<b>Reference:</b> <a href="http://www.theregister.co.uk/2012/05/15/ico_downed_by_ddos_leveson/" target="_blank">http://www.theregister.co.uk/2012/05/15/ico_downed_by_ddos_leveson/</a>
|
|
</div></td></tr> <tr><td><div class="googft-card-view" style="font-family:sans-serif;width:450px;padding:4px;border:1px solid #ccc;overflow:hidden">
|
|
<b>Entry Title:</b> WHID 2012-237: Amnesty UK website hacked to serve lethal Gh0st RAT Trojan<br>
|
|
<b>WHID ID:</b> 2012-237<br>
|
|
<b>Date Occurred:</b> 5/11/2012<br>
|
|
<b>Attack Method:</b> Hosting malicious code<br>
|
|
<b>Application Weakness:</b> Unknown<br>
|
|
<b>Outcome:</b> Planting of Malware<br>
|
|
<b>Attacked Entity Field:</b> Human Rights<br>
|
|
<b>Attacked Entity Geography:</b> United Kingdom<br>
|
|
<b>Incident Description:</b> Amnesty International's UK website was hacked to host the dangerous Gh0st RAT Trojan for two days.<br>
|
|
<b>Reference:</b> <a href="http://news.idg.no/cw/art.cfm?id=8D5B5FA7-FBEE-927B-4C5DADA27F1AE4AD" target="_blank">http://news.idg.no/cw/art.cfm?id=8D5B5FA7-FBEE-927B-4C5DADA27F1AE4AD</a>
|
|
</div></td> <td><div class="googft-card-view" style="font-family:sans-serif;width:450px;padding:4px;border:1px solid #ccc;overflow:hidden">
|
|
<b>Entry Title:</b> WHID 2012-236: 4Chan vandalises Tea Party website, reveals private donors<br>
|
|
<b>WHID ID:</b> 2012-236<br>
|
|
<b>Date Occurred:</b> 5/11/2012<br>
|
|
<b>Attack Method:</b> Account compromise<br>
|
|
<b>Application Weakness:</b> Weak password<br>
|
|
<b>Outcome:</b> Defacement<br>
|
|
<b>Attacked Entity Field:</b> American political movement<br>
|
|
<b>Attacked Entity Geography:</b> United States<br>
|
|
<b>Incident Description:</b> The Tea Party has had its PAC website hacked by what looks like a legion of users from the notorious 4Chan image board.<br>
|
|
<b>Reference:</b> <a href="http://news.techeye.net/internet/4chan-vandalises-tea-party-website-reveals-private-donors" target="_blank">http://news.techeye.net/internet/4chan-vandalises-tea-party-website-reveals-private-donors</a>
|
|
</div></td></tr> <tr><td><div class="googft-card-view" style="font-family:sans-serif;width:450px;padding:4px;border:1px solid #ccc;overflow:hidden">
|
|
<b>Entry Title:</b> WHID 2012-235: Activist hackers temporarily block Putin's website<br>
|
|
<b>WHID ID:</b> 2012-235<br>
|
|
<b>Date Occurred:</b> 5/9/2012<br>
|
|
<b>Attack Method:</b> Denial of Service<br>
|
|
<b>Application Weakness:</b> Unknown<br>
|
|
<b>Outcome:</b> Downtime<br>
|
|
<b>Attacked Entity Field:</b> Government<br>
|
|
<b>Attacked Entity Geography:</b> Russia<br>
|
|
<b>Incident Description:</b> Hackers temporarily blocked President Vladimir Putin's web site<br>
|
|
<b>Reference:</b> <a href="http://www.reuters.com/article/2012/05/09/us-russia-hackers-kremlin-idUSBRE8480L020120509" target="_blank">http://www.reuters.com/article/2012/05/09/us-russia-hackers-kremlin-idUSBRE8480L020120509</a>
|
|
</div></td> <td><div class="googft-card-view" style="font-family:sans-serif;width:450px;padding:4px;border:1px solid #ccc;overflow:hidden">
|
|
<b>Entry Title:</b> 2012-234: PAGASA website hacked<br>
|
|
<b>WHID ID:</b> 2012-234<br>
|
|
<b>Date Occurred:</b> 5/9/2012<br>
|
|
<b>Attack Method:</b> Unknown<br>
|
|
<b>Application Weakness:</b> Unknown<br>
|
|
<b>Outcome:</b> Defacement<br>
|
|
<b>Attacked Entity Field:</b> Science<br>
|
|
<b>Attacked Entity Geography:</b> Philipines<br>
|
|
<b>Incident Description:</b> The Philippine Atmospheric, Geophysical and Astronomical Services Administration (PAGASA) website was hacked.<br>
|
|
<b>Reference:</b> <a href="http://www.abs-cbnnews.com/nation/05/09/12/pagasa-website-hacked" target="_blank">http://www.abs-cbnnews.com/nation/05/09/12/pagasa-website-hacked</a>
|
|
</div></td></tr> <tr><td><div class="googft-card-view" style="font-family:sans-serif;width:450px;padding:4px;border:1px solid #ccc;overflow:hidden">
|
|
<b>Entry Title:</b> WHID 2012-231: Anonymous Hackers Target CIA, UK Supreme Court Over ???Pirate Bay??? Censorship<br>
|
|
<b>WHID ID:</b> 2012-233<br>
|
|
<b>Date Occurred:</b> 5/4/2012<br>
|
|
<b>Attack Method:</b> Denial of Service<br>
|
|
<b>Application Weakness:</b> Unknown<br>
|
|
<b>Outcome:</b> Downtime<br>
|
|
<b>Attacked Entity Field:</b> Government<br>
|
|
<b>Attacked Entity Geography:</b> United States and United Kingdom<br>
|
|
<b>Incident Description:</b> Hacktivist members of the online collective called "Anonymous" targeted the websites of the United Kingdom Supreme Court and the CIA.<br>
|
|
<b>Reference:</b> <a href="http://www.ibtimes.com/articles/337473/20120504/anonymous-hackers-cispa-cia-supreme-court-optpb.htm" target="_blank">http://www.ibtimes.com/articles/337473/20120504/anonymous-hackers-cispa-cia-supreme-court-optpb.htm</a>
|
|
</div></td> <td><div class="googft-card-view" style="font-family:sans-serif;width:450px;padding:4px;border:1px solid #ccc;overflow:hidden">
|
|
<b>Entry Title:</b> WHID 2012-232: 'Unknowns' hack European Space Agency<br>
|
|
<b>WHID ID:</b> 2012-232<br>
|
|
<b>Date Occurred:</b> 5/3/2012<br>
|
|
<b>Attack Method:</b> SQL Injection<br>
|
|
<b>Application Weakness:</b> Improper Input Handling<br>
|
|
<b>Outcome:</b> Leakage of Information<br>
|
|
<b>Attacked Entity Field:</b> Space Agency<br>
|
|
<b>Attacked Entity Geography:</b> Paris, France<br>
|
|
<b>Incident Description:</b> The European Space Agency has said that a group of hackers called 'The Unknowns' successfully hacked into external servers and got access to user identity information.<br>
|
|
<b>Reference:</b> <a href="http://www.zdnet.co.uk/blogs/security-bulletin-10000166/unknowns-hack-european-space-agency-10026071/" target="_blank">http://www.zdnet.co.uk/blogs/security-bulletin-10000166/unknowns-hack-european-space-agency-10026071/</a>
|
|
</div></td></tr> <tr><td><div class="googft-card-view" style="font-family:sans-serif;width:450px;padding:4px;border:1px solid #ccc;overflow:hidden">
|
|
<b>Entry Title:</b> WHID 2012-231: Philippine Star's website hacked<br>
|
|
<b>WHID ID:</b> 2012-231<br>
|
|
<b>Date Occurred:</b> 5/4/2012<br>
|
|
<b>Attack Method:</b> Unknown<br>
|
|
<b>Application Weakness:</b> Unknown<br>
|
|
<b>Outcome:</b> Defacement<br>
|
|
<b>Attacked Entity Field:</b> Newspaper media<br>
|
|
<b>Attacked Entity Geography:</b> Phillipines<br>
|
|
<b>Incident Description:</b> The website of national newspaper Philippine Star was hacked.<br>
|
|
<b>Reference:</b> <a href="http://www.abs-cbnnews.com/nation/05/04/12/philippine-stars-website-hacked" target="_blank">http://www.abs-cbnnews.com/nation/05/04/12/philippine-stars-website-hacked</a>
|
|
</div></td> <td><div class="googft-card-view" style="font-family:sans-serif;width:450px;padding:4px;border:1px solid #ccc;overflow:hidden">
|
|
<b>Entry Title:</b> WHID 2012-230: Three Rivers Park District Website Hacked, Credit Card Information Safe<br>
|
|
<b>WHID ID:</b> 2012-230<br>
|
|
<b>Date Occurred:</b> 4/19/2012<br>
|
|
<b>Attack Method:</b> Information leakage<br>
|
|
<b>Application Weakness:</b> Unknown<br>
|
|
<b>Outcome:</b> Leakage of Information<br>
|
|
<b>Attacked Entity Field:</b> State Park<br>
|
|
<b>Attacked Entity Geography:</b> Minneapolis, Minnesota<br>
|
|
<b>Incident Description:</b> The Three Rivers Park District online reservation system was the target of a cyber attack.<br>
|
|
<b>Reference:</b> <a href="http://kaaltv.com/article/stories/S2603448.shtml?cat=10728" target="_blank">http://kaaltv.com/article/stories/S2603448.shtml?cat=10728</a>
|
|
</div></td></tr> <tr><td><div class="googft-card-view" style="font-family:sans-serif;width:450px;padding:4px;border:1px solid #ccc;overflow:hidden">
|
|
<b>Entry Title:</b> WHID 2012-23: Anonymous hackers access Greek ministry website<br>
|
|
<b>WHID ID:</b> 2012-23<br>
|
|
<b>Date Occurred:</b> 2/3/2012<br>
|
|
<b>Attack Method:</b> Unknown<br>
|
|
<b>Application Weakness:</b> Unknown<br>
|
|
<b>Outcome:</b> Defacement<br>
|
|
<b>Attacked Entity Field:</b> Government<br>
|
|
<b>Attacked Entity Geography:</b> Greece<br>
|
|
<b>Incident Description:</b> Hackers associated with the activist group Anonymous posted a protest against Greece's EU and IMF-inspired austerity policies on the website of the country's justice ministry Friday, a ministry spokeswoman said.<br>
|
|
<b>Reference:</b> <a href="http://www.reuters.com/article/2012/02/03/us-greece-hackers-idUSTRE8120D320120203" target="_blank">http://www.reuters.com/article/2012/02/03/us-greece-hackers-idUSTRE8120D320120203</a>
|
|
</div></td> <td><div class="googft-card-view" style="font-family:sans-serif;width:450px;padding:4px;border:1px solid #ccc;overflow:hidden">
|
|
<b>Entry Title:</b> WHID 2012-229: ANCYL website hacked, league responds<br>
|
|
<b>WHID ID:</b> 2012-229<br>
|
|
<b>Date Occurred:</b> 5/2/2012<br>
|
|
<b>Attack Method:</b> Unknown<br>
|
|
<b>Application Weakness:</b> Unknown<br>
|
|
<b>Outcome:</b> Defacement<br>
|
|
<b>Attacked Entity Field:</b> Youth organization<br>
|
|
<b>Attacked Entity Geography:</b> Africa<br>
|
|
<b>Incident Description:</b> ANCYL website was defaced.<br>
|
|
<b>Reference:</b> <a href="http://mybroadband.co.za/news/security/49043-ancyl-website-hacked-league-responds.html" target="_blank">http://mybroadband.co.za/news/security/49043-ancyl-website-hacked-league-responds.html</a>
|
|
</div></td></tr> <tr><td><div class="googft-card-view" style="font-family:sans-serif;width:450px;padding:4px;border:1px solid #ccc;overflow:hidden">
|
|
<b>Entry Title:</b> WHID 2012-228: SOCA Website Downed By DDoS Attack<br>
|
|
<b>WHID ID:</b> 2012-228<br>
|
|
<b>Date Occurred:</b> 5/2/2012<br>
|
|
<b>Attack Method:</b> Denial of Service<br>
|
|
<b>Application Weakness:</b> Unknown<br>
|
|
<b>Outcome:</b> Downtime<br>
|
|
<b>Attacked Entity Field:</b> Law enforcement<br>
|
|
<b>Attacked Entity Geography:</b> United Kingdom<br>
|
|
<b>Incident Description:</b> The website of the Serious Organised Crime Agency, SOCA, has been hit by a distributed-denial-of-service attack.<br>
|
|
<b>Reference:</b> <a href="http://www.itproportal.com/2012/05/04/soca-website-downed-by-ddos-attack/" target="_blank">http://www.itproportal.com/2012/05/04/soca-website-downed-by-ddos-attack/</a>
|
|
</div></td> <td><div class="googft-card-view" style="font-family:sans-serif;width:450px;padding:4px;border:1px solid #ccc;overflow:hidden">
|
|
<b>Entry Title:</b> WHID 2012-227: Confidential information released in Lake County Sheriff's website hacking<br>
|
|
<b>WHID ID:</b> 2012-227<br>
|
|
<b>Date Occurred:</b> 4/27/2012<br>
|
|
<b>Attack Method:</b> Unknown<br>
|
|
<b>Application Weakness:</b> Unknown<br>
|
|
<b>Outcome:</b> Leakage of Information<br>
|
|
<b>Attacked Entity Field:</b> Law enforcement<br>
|
|
<b>Attacked Entity Geography:</b> Lake County,Florida<br>
|
|
<b>Incident Description:</b> Lake County sheriff's deputies have launched an investigation into how its computer system was hacked, which forced officials to shut down all electronic communication and Internet.<br>
|
|
<b>Reference:</b> <a href="http://www.clickorlando.com/news/Lake-County-Sheriff-s-Office-website-hacked-over-weekend/-/1637132/12246044/-/7j5xot/-/" target="_blank">http://www.clickorlando.com/news/Lake-County-Sheriff-s-Office-website-hacked-over-weekend/-/1637132/12246044/-/7j5xot/-/</a>
|
|
</div></td></tr> <tr><td><div class="googft-card-view" style="font-family:sans-serif;width:450px;padding:4px;border:1px solid #ccc;overflow:hidden">
|
|
<b>Entry Title:</b> WHID 2012-226: Philippines DBM site defaced<br>
|
|
<b>WHID ID:</b> 2012-226<br>
|
|
<b>Date Occurred:</b> 4/25/2012<br>
|
|
<b>Attack Method:</b> Unknown<br>
|
|
<b>Application Weakness:</b> Unknown<br>
|
|
<b>Outcome:</b> Defacement<br>
|
|
<b>Attacked Entity Field:</b> Government<br>
|
|
<b>Attacked Entity Geography:</b> Philippines<br>
|
|
<b>Incident Description:</b> The website of the Philippines Department of Budget and Management was defaced Wednesday afternoon and was quickly taken down for a "security audit".<br>
|
|
<b>Reference:</b> <a href="http://www.gmanetwork.com/news/story/256173/scitech/technology/dbm-site-defaced-other-govt-sites-down" target="_blank">http://www.gmanetwork.com/news/story/256173/scitech/technology/dbm-site-defaced-other-govt-sites-down</a>
|
|
</div></td> <td><div class="googft-card-view" style="font-family:sans-serif;width:450px;padding:4px;border:1px solid #ccc;overflow:hidden">
|
|
<b>Entry Title:</b> WHID 2012-225: Taliban Website Hacked As Afghan Cyberwar Heats Up<br>
|
|
<b>WHID ID:</b> 2012-225<br>
|
|
<b>Date Occurred:</b> 4/26/2012<br>
|
|
<b>Attack Method:</b> Unknown<br>
|
|
<b>Application Weakness:</b> Unknown<br>
|
|
<b>Outcome:</b> Defacement<br>
|
|
<b>Attacked Entity Field:</b> Political Group<br>
|
|
<b>Attacked Entity Geography:</b> Afghanistan<br>
|
|
<b>Incident Description:</b> Unidentified hackers have broken into the main website of the Afghan Taliban, replacing the usual militant claims of victories with images of executions carried out by the militants and messages condemning violence in English, Arabic, and Pashto.<br>
|
|
<b>Reference:</b> <a href="http://www.rferl.org/content/taliban_website_hacked/24562004.html" target="_blank">http://www.rferl.org/content/taliban_website_hacked/24562004.html</a>
|
|
</div></td></tr> <tr><td><div class="googft-card-view" style="font-family:sans-serif;width:450px;padding:4px;border:1px solid #ccc;overflow:hidden">
|
|
<b>Entry Title:</b> WHID 2012-224: The Man Who Hacked Hollywood<br>
|
|
<b>WHID ID:</b> 2012-224<br>
|
|
<b>Date Occurred:</b> 4/26/2012<br>
|
|
<b>Attack Method:</b> Brute Force<br>
|
|
<b>Application Weakness:</b> Insufficient Password Recovery<br>
|
|
<b>Outcome:</b> Leakage of Information<br>
|
|
<b>Attacked Entity Field:</b> Service Providers<br>
|
|
<b>Attacked Entity Geography:</b> Multiple<br>
|
|
<b>Incident Description:</b> Describes how Chris Chaney used brute force techniques to gain access to celebrity email accounts.<br>
|
|
<b>Reference:</b> <a href="http://www.gq.com/news-politics/newsmakers/201205/chris-chaney-hacker-nude-photos-scarlett-johansson?printable=true" target="_blank">http://www.gq.com/news-politics/newsmakers/201205/chris-chaney-hacker-nude-photos-scarlett-johansson?printable=true</a>
|
|
</div></td> <td><div class="googft-card-view" style="font-family:sans-serif;width:450px;padding:4px;border:1px solid #ccc;overflow:hidden">
|
|
<b>Entry Title:</b> WHID 2012-223: UK2.NET smashed offline by '10-million-strong' botnet<br>
|
|
<b>WHID ID:</b> 2012-223<br>
|
|
<b>Date Occurred:</b> 4/26/2012<br>
|
|
<b>Attack Method:</b> Denial of Service<br>
|
|
<b>Application Weakness:</b> Insufficient Anti-automation<br>
|
|
<b>Outcome:</b> Downtime<br>
|
|
<b>Attacked Entity Field:</b> Hosting Providers<br>
|
|
<b>Attacked Entity Geography:</b> UK<br>
|
|
<b>Incident Description:</b> British web hosting outfit UK2.NET was on the business end of a distributed denial-of-service attack last night that took down customers' websites.<br>
|
|
<b>Reference:</b> <a href="http://www.theregister.co.uk/2012/04/26/uk2net_outage_in_ddos_attack/" target="_blank">http://www.theregister.co.uk/2012/04/26/uk2net_outage_in_ddos_attack/</a>
|
|
</div></td></tr> <tr><td><div class="googft-card-view" style="font-family:sans-serif;width:450px;padding:4px;border:1px solid #ccc;overflow:hidden">
|
|
<b>Entry Title:</b> WHID 2012-222: DBM website hacked<br>
|
|
<b>WHID ID:</b> 2012-222<br>
|
|
<b>Date Occurred:</b> 4/25/2012<br>
|
|
<b>Attack Method:</b> Unknown<br>
|
|
<b>Application Weakness:</b> Unknown<br>
|
|
<b>Outcome:</b> Defacement<br>
|
|
<b>Attacked Entity Field:</b> Government<br>
|
|
<b>Attacked Entity Geography:</b> Manila, Philippines<br>
|
|
<b>Incident Description:</b> Purported Chinese hackers attacked the website of the Department of Budget and Management (DBM) on Wednesday.<br>
|
|
<b>Reference:</b> <a href="http://www.abs-cbnnews.com/nation/04/25/12/dbm-website-hacked" target="_blank">http://www.abs-cbnnews.com/nation/04/25/12/dbm-website-hacked</a>
|
|
</div></td> <td><div class="googft-card-view" style="font-family:sans-serif;width:450px;padding:4px;border:1px solid #ccc;overflow:hidden">
|
|
<b>Entry Title:</b> WHID 2012-221: Local bank website hacked<br>
|
|
<b>WHID ID:</b> 2012-221<br>
|
|
<b>Date Occurred:</b> 4/23/2012<br>
|
|
<b>Attack Method:</b> Unknown<br>
|
|
<b>Application Weakness:</b> Unknown<br>
|
|
<b>Outcome:</b> Defacement<br>
|
|
<b>Attacked Entity Field:</b> Finance<br>
|
|
<b>Attacked Entity Geography:</b> Richmond, VA<br>
|
|
<b>Incident Description:</b> The bank executive said that they believe it was the work of an automated hacking tool that simply swapped their home page with the image that Grech saw. Management contends it was purely superficial and at no time were customer accounts at risk, putting some worries at ease.<br>
|
|
<b>Reference:</b> <a href="http://wtvr.com/2012/04/23/local-bank-website-hacked/" target="_blank">http://wtvr.com/2012/04/23/local-bank-website-hacked/</a>
|
|
</div></td></tr> <tr><td><div class="googft-card-view" style="font-family:sans-serif;width:450px;padding:4px;border:1px solid #ccc;overflow:hidden">
|
|
<b>Entry Title:</b> WHID 2012-220: CIA site downed as Anonymous claims attack<br>
|
|
<b>WHID ID:</b> 2012-220<br>
|
|
<b>Date Occurred:</b> 4/24/2012<br>
|
|
<b>Attack Method:</b> Denial of Service<br>
|
|
<b>Application Weakness:</b> Insufficient Anti-automation<br>
|
|
<b>Outcome:</b> Downtime<br>
|
|
<b>Attacked Entity Field:</b> Government<br>
|
|
<b>Attacked Entity Geography:</b> Langley, Virginia<br>
|
|
<b>Incident Description:</b> The CIA website is now back online following a DDoS attack reportedly perpetrated by the hacktivist group Anonymous. This is the latest attack in a series of assaults carried out against US government websites.<br>
|
|
<b>Reference:</b> <a href="https://rt.com/news/cia-site-claims-attack-807/" target="_blank">https://rt.com/news/cia-site-claims-attack-807/</a>
|
|
</div></td> <td><div class="googft-card-view" style="font-family:sans-serif;width:450px;padding:4px;border:1px solid #ccc;overflow:hidden">
|
|
<b>Entry Title:</b> WHID 2012-22: Irish Aid website 'hacked'<br>
|
|
<b>WHID ID:</b> 2012-22<br>
|
|
<b>Date Occurred:</b> 2/1/2012<br>
|
|
<b>Attack Method:</b> Unknown<br>
|
|
<b>Application Weakness:</b> Unknown<br>
|
|
<b>Outcome:</b> Leakage of Information<br>
|
|
<b>Attacked Entity Field:</b> Government<br>
|
|
<b>Attacked Entity Geography:</b> Ireland<br>
|
|
<b>Incident Description:</b> The website of the Government???s overseas development programme, Irish Aid was taken down for a time last night after the email addresses and passwords of staff were posted online.<br>
|
|
<b>Reference:</b> <a href="http://www.irishtimes.com/newspaper/breaking/2012/0202/breaking6.html" target="_blank">http://www.irishtimes.com/newspaper/breaking/2012/0202/breaking6.html</a>
|
|
</div></td></tr> <tr><td><div class="googft-card-view" style="font-family:sans-serif;width:450px;padding:4px;border:1px solid #ccc;overflow:hidden">
|
|
<b>Entry Title:</b> WHID 2012-219: Hacker strikes Parliament website<br>
|
|
<b>WHID ID:</b> 2012-219<br>
|
|
<b>Date Occurred:</b> 4/22/2012<br>
|
|
<b>Attack Method:</b> Unknown<br>
|
|
<b>Application Weakness:</b> Unknown<br>
|
|
<b>Outcome:</b> Defacement<br>
|
|
<b>Attacked Entity Field:</b> Government<br>
|
|
<b>Attacked Entity Geography:</b> Trinidad<br>
|
|
<b>Incident Description:</b> The Government's parliamentary website, www.ttparliament.org, was taken offline yesterday after a computer software hacker apparently breached the security codes of the site and left a mischievous message announcing the security break.<br>
|
|
<b>Reference:</b> <a href="http://www.trinidadexpress.com/news/Hacker_strikes_Parliament_website-148466945.html" target="_blank">http://www.trinidadexpress.com/news/Hacker_strikes_Parliament_website-148466945.html</a>
|
|
</div></td> <td><div class="googft-card-view" style="font-family:sans-serif;width:450px;padding:4px;border:1px solid #ccc;overflow:hidden">
|
|
<b>Entry Title:</b> WHID 2012-218: Anonymous Shuts Down Formula 1 Website Ahead of Bahrain Grand Prix<br>
|
|
<b>WHID ID:</b> 2012-218<br>
|
|
<b>Date Occurred:</b> 4/20/2012<br>
|
|
<b>Attack Method:</b> Denial of Service<br>
|
|
<b>Application Weakness:</b> Insufficient Anti-automation<br>
|
|
<b>Outcome:</b> Downtime<br>
|
|
<b>Attacked Entity Field:</b> Sports<br>
|
|
<b>Attacked Entity Geography:</b> Bahrain<br>
|
|
<b>Incident Description:</b> Anonymous, a hacker collective, has shut down the official Formula 1 website after a series of violent protests ahead of its race in Bahrain.<br>
|
|
<b>Reference:</b> <a href="http://www.ibtimes.com/articles/331171/20120420/anonymous-formula-1-website-bahrain-grand-prix.htm" target="_blank">http://www.ibtimes.com/articles/331171/20120420/anonymous-formula-1-website-bahrain-grand-prix.htm</a>
|
|
</div></td></tr> <tr><td><div class="googft-card-view" style="font-family:sans-serif;width:450px;padding:4px;border:1px solid #ccc;overflow:hidden">
|
|
<b>Entry Title:</b> WHID 2012-217: U.S. Web site covering China scandal disrupted by cyberattack<br>
|
|
<b>WHID ID:</b> 2012-217<br>
|
|
<b>Date Occurred:</b> 4/20/2012<br>
|
|
<b>Attack Method:</b> Denial of Service<br>
|
|
<b>Application Weakness:</b> Insufficient Anti-automation<br>
|
|
<b>Outcome:</b> Downtime<br>
|
|
<b>Attacked Entity Field:</b> Media<br>
|
|
<b>Attacked Entity Geography:</b> China<br>
|
|
<b>Incident Description:</b> A U.S.-based Web site that has aggressively covered China???s biggest political scandal in decades was the victim of a disruptive attack that was accompanied by threats to the service that registers its domain name, the site???s manager said Friday.<br>
|
|
<b>Reference:</b> <a href="http://www.washingtonpost.com/world/national-security/us-web-site-covering-china-scandal-disrupted-by-cyberattack/2012/04/20/gIQAZbRcWT_story.html" target="_blank">http://www.washingtonpost.com/world/national-security/us-web-site-covering-china-scandal-disrupted-by-cyberattack/2012/04/20/gIQAZbRcWT_story.html</a>
|
|
</div></td> <td><div class="googft-card-view" style="font-family:sans-serif;width:450px;padding:4px;border:1px solid #ccc;overflow:hidden">
|
|
<b>Entry Title:</b> WHID 2012-216: Cyber war: Palace websites attacked<br>
|
|
<b>WHID ID:</b> 2012-216<br>
|
|
<b>Date Occurred:</b> 4/22/2012<br>
|
|
<b>Attack Method:</b> Denial of Service<br>
|
|
<b>Application Weakness:</b> Insufficient Anti-automation<br>
|
|
<b>Outcome:</b> Downtime<br>
|
|
<b>Attacked Entity Field:</b> Government<br>
|
|
<b>Attacked Entity Geography:</b> Philipines<br>
|
|
<b>Incident Description:</b> Chinese hackers were at it again, and this time they attacked the presidential websites.<br>
|
|
<b>Reference:</b> <a href="http://globalnation.inquirer.net/34465/cyber-war-palace-websites-attacked" target="_blank">http://globalnation.inquirer.net/34465/cyber-war-palace-websites-attacked</a>
|
|
</div></td></tr> <tr><td><div class="googft-card-view" style="font-family:sans-serif;width:450px;padding:4px;border:1px solid #ccc;overflow:hidden">
|
|
<b>Entry Title:</b> WHID 2012-215: Berrien County government website hacked<br>
|
|
<b>WHID ID:</b> 2012-215<br>
|
|
<b>Date Occurred:</b> 4/20/2012<br>
|
|
<b>Attack Method:</b> Brute Force<br>
|
|
<b>Application Weakness:</b> Insufficient Anti-automation<br>
|
|
<b>Outcome:</b> Defacement<br>
|
|
<b>Attacked Entity Field:</b> Government<br>
|
|
<b>Attacked Entity Geography:</b> ST. JOSEPH, MI<br>
|
|
<b>Incident Description:</b> A group of hackers got into the Berrien County government website earlier this week and left behind profanity and their views on government, authorities said Thursday.<br>
|
|
<b>Reference:</b> <a href="http://www.mlive.com/news/kalamazoo/index.ssf/2012/04/berrien_county_government_webs.html" target="_blank">http://www.mlive.com/news/kalamazoo/index.ssf/2012/04/berrien_county_government_webs.html</a>
|
|
</div></td> <td><div class="googft-card-view" style="font-family:sans-serif;width:450px;padding:4px;border:1px solid #ccc;overflow:hidden">
|
|
<b>Entry Title:</b> WHID 2012-214: 'Chinese' hackers deface Philippine website<br>
|
|
<b>WHID ID:</b> 2012-214<br>
|
|
<b>Date Occurred:</b> 4/20/2012<br>
|
|
<b>Attack Method:</b> Unknown<br>
|
|
<b>Application Weakness:</b> Unknown<br>
|
|
<b>Outcome:</b> Defacement<br>
|
|
<b>Attacked Entity Field:</b> Education<br>
|
|
<b>Attacked Entity Geography:</b> Manila, Philippines<br>
|
|
<b>Incident Description:</b> Hackers claiming to come from China defaced the website of the Philippines' top university on Friday to assert their country's claim over the hotly disputed South China Sea, the government said.<br>
|
|
<b>Reference:</b> <a href="http://www.google.com/hostednews/afp/article/ALeqM5ieavMTCtsDq6Jzd8wBfyGQTNj4NA?docId=CNG.46b40181ee39a090b52dd63a46e30e61.421" target="_blank">http://www.google.com/hostednews/afp/article/ALeqM5ieavMTCtsDq6Jzd8wBfyGQTNj4NA?docId=CNG.46b40181ee39a090b52dd63a46e30e61.421</a>
|
|
</div></td></tr> <tr><td><div class="googft-card-view" style="font-family:sans-serif;width:450px;padding:4px;border:1px solid #ccc;overflow:hidden">
|
|
<b>Entry Title:</b> WHID 2012-213: Hacker attack underlines Web role in China scandal<br>
|
|
<b>WHID ID:</b> 2012-213<br>
|
|
<b>Date Occurred:</b> 4/20/2012<br>
|
|
<b>Attack Method:</b> Denial of Service<br>
|
|
<b>Application Weakness:</b> Insufficient Anti-automation<br>
|
|
<b>Outcome:</b> Downtime<br>
|
|
<b>Attacked Entity Field:</b> Media<br>
|
|
<b>Attacked Entity Geography:</b> North Carolina<br>
|
|
<b>Incident Description:</b> A massive hacker attack has crippled an overseas website that has reported extensively on China's biggest political turmoil in years, underscoring the pivotal role the Internet has played in the unfolding scandal.<br>
|
|
<b>Reference:</b> <a href="https://www.ajc.com/news/nation-world/hacker-attack-underlines-web-1422689.html" target="_blank">https://www.ajc.com/news/nation-world/hacker-attack-underlines-web-1422689.html</a>
|
|
</div></td> <td><div class="googft-card-view" style="font-family:sans-serif;width:450px;padding:4px;border:1px solid #ccc;overflow:hidden">
|
|
<b>Entry Title:</b> WHID 2012-212: D.C. government website downed by hackers<br>
|
|
<b>WHID ID:</b> 2012-212<br>
|
|
<b>Date Occurred:</b> 4/19/2012<br>
|
|
<b>Attack Method:</b> Denial of Service<br>
|
|
<b>Application Weakness:</b> Insufficient Anti-automation<br>
|
|
<b>Outcome:</b> Downtime<br>
|
|
<b>Attacked Entity Field:</b> Government<br>
|
|
<b>Attacked Entity Geography:</b> Washington, DC<br>
|
|
<b>Incident Description:</b> City government websites in the District failed to load for hours on Thursday, the apparent victims of hackers who wanted to target government sites.<br>
|
|
<b>Reference:</b> <a href="http://www.washingtontimes.com/news/2012/apr/19/dc-government-website-downed-hackers/" target="_blank">http://www.washingtontimes.com/news/2012/apr/19/dc-government-website-downed-hackers/</a>
|
|
</div></td></tr> <tr><td><div class="googft-card-view" style="font-family:sans-serif;width:450px;padding:4px;border:1px solid #ccc;overflow:hidden">
|
|
<b>Entry Title:</b> WHID 2012-211: Anti-abortion hacker jailed for stealing 10,000 records<br>
|
|
<b>WHID ID:</b> 2012-211<br>
|
|
<b>Date Occurred:</b> 4/17/2012<br>
|
|
<b>Attack Method:</b> Unknown<br>
|
|
<b>Application Weakness:</b> Unknown<br>
|
|
<b>Outcome:</b> Leakage of Information<br>
|
|
<b>Attacked Entity Field:</b> Healthcare<br>
|
|
<b>Attacked Entity Geography:</b> UK<br>
|
|
<b>Incident Description:</b> Anonymous member James Jeffery last month hacked into the British Pregnancy Advisory Service (BPAS) and stole 10,000 database records. He has now been sentenced to 32 months in jail.<br>
|
|
<b>Reference:</b> <a href="https://www.zdnet.com/blog/security/anti-abortion-hacker-jailed-for-stealing-10000-records/11558?tag=content;siu-container" target="_blank">https://www.zdnet.com/blog/security/anti-abortion-hacker-jailed-for-stealing-10000-records/11558?tag=content;siu-container</a>
|
|
</div></td> <td><div class="googft-card-view" style="font-family:sans-serif;width:450px;padding:4px;border:1px solid #ccc;overflow:hidden">
|
|
<b>Entry Title:</b> WHID 2012-210: 15-year-old arrested for hacking 259 companies<br>
|
|
<b>WHID ID:</b> 2012-210<br>
|
|
<b>Date Occurred:</b> 4/17/2012<br>
|
|
<b>Attack Method:</b> Unknown<br>
|
|
<b>Application Weakness:</b> Unknown<br>
|
|
<b>Outcome:</b> Leakage of Information<br>
|
|
<b>Attacked Entity Field:</b> Multiple<br>
|
|
<b>Attacked Entity Geography:</b> Multiple<br>
|
|
<b>Incident Description:</b> A 15-year-old boy has been arrested for hacking into 259 companies during a 90-day spree. In other words, during the last quarter he successfully attacked an average of three websites per day.<br>
|
|
<b>Reference:</b> <a href="https://www.zdnet.com/blog/security/15-year-old-arrested-for-hacking-259-companies/11585?tag=content;siu-container" target="_blank">https://www.zdnet.com/blog/security/15-year-old-arrested-for-hacking-259-companies/11585?tag=content;siu-container</a>
|
|
</div></td></tr> <tr><td><div class="googft-card-view" style="font-family:sans-serif;width:450px;padding:4px;border:1px solid #ccc;overflow:hidden">
|
|
<b>Entry Title:</b> WHID 2012-21: Hackers attack law enforcement websites<br>
|
|
<b>WHID ID:</b> 2012-21<br>
|
|
<b>Date Occurred:</b> 2/3/2012<br>
|
|
<b>Attack Method:</b> Unknown<br>
|
|
<b>Application Weakness:</b> Unknown<br>
|
|
<b>Outcome:</b> Leakage of Information<br>
|
|
<b>Attacked Entity Field:</b> Law Enforcement<br>
|
|
<b>Attacked Entity Geography:</b> Virginia<br>
|
|
<b>Incident Description:</b> Saboteurs have hacked into the websites of several law enforcement agencies worldwide in attacks attributed to the collective called Anonymous, including in Boston and in Salt Lake City, where police say personal information of confidential informants and tipsters was accessed.<br>
|
|
<b>Reference:</b> <a href="http://www.washingtontimes.com/news/2012/feb/5/hackers-attack-law-enforcement-websites/" target="_blank">http://www.washingtontimes.com/news/2012/feb/5/hackers-attack-law-enforcement-websites/</a>
|
|
</div></td> <td><div class="googft-card-view" style="font-family:sans-serif;width:450px;padding:4px;border:1px solid #ccc;overflow:hidden">
|
|
<b>Entry Title:</b> WHID 2012-209: Hundreds of thousands of medical records accessible<br>
|
|
<b>WHID ID:</b> 2012-209<br>
|
|
<b>Date Occurred:</b> 4/19/2012<br>
|
|
<b>Attack Method:</b> SQL Injection<br>
|
|
<b>Application Weakness:</b> Improper Input Handling<br>
|
|
<b>Outcome:</b> Leakage of Information<br>
|
|
<b>Attacked Entity Field:</b> Healthcare<br>
|
|
<b>Attacked Entity Geography:</b> Netherlands<br>
|
|
<b>Incident Description:</b> Medical and personal information of more than 300,000 employees through a leak in the software of the computer Humannet IT business VCD months been accessible to unauthorized persons. This is the finding of Zembla, in the episode "The police absenteeism II 'Friday, April 20.<br>
|
|
<b>Reference:</b> <a href="http://www.dutchnews.nl/news/archives/2012/04/new_online_medical_records_sca.php" target="_blank">http://www.dutchnews.nl/news/archives/2012/04/new_online_medical_records_sca.php</a>
|
|
</div></td></tr> <tr><td><div class="googft-card-view" style="font-family:sans-serif;width:450px;padding:4px;border:1px solid #ccc;overflow:hidden">
|
|
<b>Entry Title:</b> WHID 2012-208: Tosh UK rewards competition hopefuls by exposing their privates<br>
|
|
<b>WHID ID:</b> 2012-208<br>
|
|
<b>Date Occurred:</b> 4/18/2012<br>
|
|
<b>Attack Method:</b> Forceful Browsing<br>
|
|
<b>Application Weakness:</b> Predictable Resource Location<br>
|
|
<b>Outcome:</b> Leakage of Information<br>
|
|
<b>Attacked Entity Field:</b> Technology<br>
|
|
<b>Attacked Entity Geography:</b> UK<br>
|
|
<b>Incident Description:</b> "A security fault with the incremental numbering of the competition entrants registration URL created the potential for access to other customers' personal data for a two-month period," the regulator said.<br>
|
|
<b>Reference:</b> <a href="http://www.theregister.co.uk/2012/04/18/toshiba_slapped_by_ico/" target="_blank">http://www.theregister.co.uk/2012/04/18/toshiba_slapped_by_ico/</a>
|
|
</div></td> <td><div class="googft-card-view" style="font-family:sans-serif;width:450px;padding:4px;border:1px solid #ccc;overflow:hidden">
|
|
<b>Entry Title:</b> WHID 2012-207: SHSU website hacked by black hat SEO techniques<br>
|
|
<b>WHID ID:</b> 2012-207<br>
|
|
<b>Date Occurred:</b> 4/12/2012<br>
|
|
<b>Attack Method:</b> Unknown<br>
|
|
<b>Application Weakness:</b> Unknown<br>
|
|
<b>Outcome:</b> Spam<br>
|
|
<b>Attacked Entity Field:</b> Education<br>
|
|
<b>Attacked Entity Geography:</b> Texas<br>
|
|
<b>Incident Description:</b> Changes have been restored to the Sam Houston State University catalog website after it was hacked on April 12, according to an email sent out to SHSU web developers by Jurden Bruce, web services manager.<br>
|
|
<b>Reference:</b> <a href="http://www.houstonianonline.com/news/shsu-website-hacked-by-black-hat-seo-techniques-1.2732151#.T5BPa5pWr6Q" target="_blank">http://www.houstonianonline.com/news/shsu-website-hacked-by-black-hat-seo-techniques-1.2732151#.T5BPa5pWr6Q</a>
|
|
</div></td></tr> <tr><td><div class="googft-card-view" style="font-family:sans-serif;width:450px;padding:4px;border:1px solid #ccc;overflow:hidden">
|
|
<b>Entry Title:</b> WHID 2012-206: FBI Charges Man In $1 Million Stock-Fraud Hacking Scheme<br>
|
|
<b>WHID ID:</b> 2012-206<br>
|
|
<b>Date Occurred:</b> 4/18/2012<br>
|
|
<b>Attack Method:</b> Unknown<br>
|
|
<b>Application Weakness:</b> Unknown<br>
|
|
<b>Outcome:</b> Monetary Loss<br>
|
|
<b>Attacked Entity Field:</b> Finance<br>
|
|
<b>Attacked Entity Geography:</b> Multiple<br>
|
|
<b>Incident Description:</b> Hacking crew used accounts under its control to conduct sham trades<br>
|
|
<b>Reference:</b> <a href="http://www.darkreading.com/security-monitoring/167901086/security/news/232900535/fbi-charges-man-in-1-million-stock-fraud-hacking-scheme.html" target="_blank">http://www.darkreading.com/security-monitoring/167901086/security/news/232900535/fbi-charges-man-in-1-million-stock-fraud-hacking-scheme.html</a>
|
|
</div></td> <td><div class="googft-card-view" style="font-family:sans-serif;width:450px;padding:4px;border:1px solid #ccc;overflow:hidden">
|
|
<b>Entry Title:</b> WHID 2012-205: Nikjju Mass injection campaign (180k+ pages compromised)<br>
|
|
<b>WHID ID:</b> 2012-205<br>
|
|
<b>Date Occurred:</b> 4/17/2012<br>
|
|
<b>Attack Method:</b> SQL Injection<br>
|
|
<b>Application Weakness:</b> Improper Input Handling<br>
|
|
<b>Outcome:</b> Planting of Malware<br>
|
|
<b>Attacked Entity Field:</b> Multiple<br>
|
|
<b>Attacked Entity Geography:</b> Multiple<br>
|
|
<b>Incident Description:</b> Our research team have been tracking a new mass SQL injection campaign that started early this month. So far more than 180,000 URLs have been compromised. We will keep posting updates as we get them.<br>
|
|
<b>Reference:</b> <a href="http://blog.sucuri.net/2012/04/nikjju-mass-injection-campaign-150k-sites-compromised.html" target="_blank">http://blog.sucuri.net/2012/04/nikjju-mass-injection-campaign-150k-sites-compromised.html</a>
|
|
</div></td></tr> <tr><td><div class="googft-card-view" style="font-family:sans-serif;width:450px;padding:4px;border:1px solid #ccc;overflow:hidden">
|
|
<b>Entry Title:</b> WHID 2012-204: GetMama ??? Conditional malware affecting thousands of sites<br>
|
|
<b>WHID ID:</b> 2012-204<br>
|
|
<b>Date Occurred:</b> 4/10/2012<br>
|
|
<b>Attack Method:</b> Unknown<br>
|
|
<b>Application Weakness:</b> Improper Output Handling<br>
|
|
<b>Outcome:</b> Planting of Malware<br>
|
|
<b>Attacked Entity Field:</b> Multiple<br>
|
|
<b>Attacked Entity Geography:</b> Multiple<br>
|
|
<b>Incident Description:</b> We have been tracking an interesting malware that is affecting thousands of compromised sites. We call it GetMama!!<br>
|
|
<b>Reference:</b> <a href="http://blog.sucuri.net/2012/04/getmama-conditional-malware-affecting-thousands-of-sites.html" target="_blank">http://blog.sucuri.net/2012/04/getmama-conditional-malware-affecting-thousands-of-sites.html</a>
|
|
</div></td> <td><div class="googft-card-view" style="font-family:sans-serif;width:450px;padding:4px;border:1px solid #ccc;overflow:hidden">
|
|
<b>Entry Title:</b> WHID 2012-203: Hackers Briefly Shut Down NYC.gov<br>
|
|
<b>WHID ID:</b> 2012-203<br>
|
|
<b>Date Occurred:</b> 4/17/2012<br>
|
|
<b>Attack Method:</b> Denial of Service<br>
|
|
<b>Application Weakness:</b> Insufficient Anti-automation<br>
|
|
<b>Outcome:</b> Downtime<br>
|
|
<b>Attacked Entity Field:</b> Government<br>
|
|
<b>Attacked Entity Geography:</b> New York, NY<br>
|
|
<b>Incident Description:</b> Hackers briefly shut down the official city website Tuesday. The city's information technology department says NYC.gov was the target of what's called a "denial of service attack" Tuesday.<br>
|
|
<b>Reference:</b> <a href="http://www.ny1.com/content/news_beats/political_news/159597/hackers-briefly-shut-down-nyc-gov" target="_blank">http://www.ny1.com/content/news_beats/political_news/159597/hackers-briefly-shut-down-nyc-gov</a>
|
|
</div></td></tr> <tr><td><div class="googft-card-view" style="font-family:sans-serif;width:450px;padding:4px;border:1px solid #ccc;overflow:hidden">
|
|
<b>Entry Title:</b> WHID 2012-202: XS4ALL hit by massive DDoS attack<br>
|
|
<b>WHID ID:</b> 2012-202<br>
|
|
<b>Date Occurred:</b> 4/18/2012<br>
|
|
<b>Attack Method:</b> Denial of Service<br>
|
|
<b>Application Weakness:</b> Insufficient Anti-automation<br>
|
|
<b>Outcome:</b> Downtime<br>
|
|
<b>Attacked Entity Field:</b> Service Provider<br>
|
|
<b>Attacked Entity Geography:</b> Netherlands<br>
|
|
<b>Incident Description:</b> Dutch ISP XS4ALL has been hit by a large-scale DDoS attack, Tweakers.net reported. Customers are experiencing difficulties in accessing webmail; other services are also available on a limited basis.<br>
|
|
<b>Reference:</b> <a href="http://www.telecompaper.com/news/xs4all-hit-by-massive-ddos-attack" target="_blank">http://www.telecompaper.com/news/xs4all-hit-by-massive-ddos-attack</a>
|
|
</div></td> <td><div class="googft-card-view" style="font-family:sans-serif;width:450px;padding:4px;border:1px solid #ccc;overflow:hidden">
|
|
<b>Entry Title:</b> WHID 2012-201: Cyber attack hits Melbourne firm York Butter Factory<br>
|
|
<b>WHID ID:</b> 2012-201<br>
|
|
<b>Date Occurred:</b> 4/18/2012<br>
|
|
<b>Attack Method:</b> Denial of Service<br>
|
|
<b>Application Weakness:</b> Insufficient Anti-automation<br>
|
|
<b>Outcome:</b> Downtime<br>
|
|
<b>Attacked Entity Field:</b> Media<br>
|
|
<b>Attacked Entity Geography:</b> Melbourne, Australia<br>
|
|
<b>Incident Description:</b> A LOW-SCALE cyber-attack on a US hosting company has created a headache for Melbourne tech-incubation space York Butter Factory.<br>
|
|
<b>Reference:</b> <a href="http://www.theaustralian.com.au/australian-it/cyber-attack-hits-melbourne-firm-york-butter-factory/story-e6frgakx-1226331872949" target="_blank">http://www.theaustralian.com.au/australian-it/cyber-attack-hits-melbourne-firm-york-butter-factory/story-e6frgakx-1226331872949</a>
|
|
</div></td></tr> <tr><td><div class="googft-card-view" style="font-family:sans-serif;width:450px;padding:4px;border:1px solid #ccc;overflow:hidden">
|
|
<b>Entry Title:</b> WHID 2012-200: Bersih website suffers DDoS attack<br>
|
|
<b>WHID ID:</b> 2012-200<br>
|
|
<b>Date Occurred:</b> 4/17/2012<br>
|
|
<b>Attack Method:</b> Denial of Service<br>
|
|
<b>Application Weakness:</b> Insufficient Anti-automation<br>
|
|
<b>Outcome:</b> Downtime<br>
|
|
<b>Attacked Entity Field:</b> Politics<br>
|
|
<b>Attacked Entity Geography:</b> Selangor, Malaysia<br>
|
|
<b>Incident Description:</b> The coalition for clean and fair elections Bersih claimed that its website was under a distributed denial-of-service (DDoS) attack for 13 hours yesterday.<br>
|
|
<b>Reference:</b> <a href="http://www.malaysiakini.com/news/195392" target="_blank">http://www.malaysiakini.com/news/195392</a>
|
|
</div></td> <td><div class="googft-card-view" style="font-family:sans-serif;width:450px;padding:4px;border:1px solid #ccc;overflow:hidden">
|
|
<b>Entry Title:</b> WHID 2012-20: Citigroup Inc. (NYSE:C) Hit By Hackers<br>
|
|
<b>WHID ID:</b> 2012-20<br>
|
|
<b>Date Occurred:</b> 2/4/2012<br>
|
|
<b>Attack Method:</b> Denial of Service<br>
|
|
<b>Application Weakness:</b> Insufficient Anti-automation<br>
|
|
<b>Outcome:</b> Downtime<br>
|
|
<b>Attacked Entity Field:</b> Finance<br>
|
|
<b>Attacked Entity Geography:</b> South America<br>
|
|
<b>Incident Description:</b> Hackers have attacked Brazilian financial websites, including Citigroup Inc. (NYSE:C).<br>
|
|
<b>Reference:</b> <a href="http://www.emoneydaily.com/citigroup-inc-nysec-hit-by-hackers/69823284/" target="_blank">http://www.emoneydaily.com/citigroup-inc-nysec-hit-by-hackers/69823284/</a>
|
|
</div></td></tr> <tr><td><div class="googft-card-view" style="font-family:sans-serif;width:450px;padding:4px;border:1px solid #ccc;overflow:hidden">
|
|
<b>Entry Title:</b> WHID-2012-2: Hackers disable German right-wing websites<br>
|
|
<b>WHID ID:</b> 2012-2<br>
|
|
<b>Date Occurred:</b> 1/1/2012<br>
|
|
<b>Attack Method:</b> Denial of Service<br>
|
|
<b>Application Weakness:</b> Insufficient Anti-automation<br>
|
|
<b>Outcome:</b> Downtime<br>
|
|
<b>Attacked Entity Field:</b> Politics<br>
|
|
<b>Attacked Entity Geography:</b> Germany<br>
|
|
<b>Incident Description:</b> The websites of several right-wing extremists in Germany have been attacked by hackers.<br>
|
|
<b>Reference:</b> <a href="http://www.jta.org/news/article/2012/01/05/3091030/hackers-disable-german-right-wing-websites" target="_blank">http://www.jta.org/news/article/2012/01/05/3091030/hackers-disable-german-right-wing-websites</a>
|
|
</div></td> <td><div class="googft-card-view" style="font-family:sans-serif;width:450px;padding:4px;border:1px solid #ccc;overflow:hidden">
|
|
<b>Entry Title:</b> WHID 2012-199: Google Sends Out 20,000 Weird Redirect Hacked Notifications<br>
|
|
<b>WHID ID:</b> 2012-199<br>
|
|
<b>Date Occurred:</b> 4/16/2012<br>
|
|
<b>Attack Method:</b> Unknown<br>
|
|
<b>Application Weakness:</b> Improper Output Handling<br>
|
|
<b>Outcome:</b> Planting of Malware<br>
|
|
<b>Attacked Entity Field:</b> Search Engine<br>
|
|
<b>Attacked Entity Geography:</b> Mountain View, CA<br>
|
|
<b>Incident Description:</b> Yesterday, Google sent out about 20,000 warnings to webmasters that have had their sites compromised and may have no idea about it.<br>
|
|
<b>Reference:</b> <a href="http://www.seroundtable.com/google-hacked-redirect-warning-15022.html" target="_blank">http://www.seroundtable.com/google-hacked-redirect-warning-15022.html</a>
|
|
</div></td></tr> <tr><td><div class="googft-card-view" style="font-family:sans-serif;width:450px;padding:4px;border:1px solid #ccc;overflow:hidden">
|
|
<b>Entry Title:</b> WHID 2012-198: 3 million bank accounts hacked in Iran<br>
|
|
<b>WHID ID:</b> 2012-198<br>
|
|
<b>Date Occurred:</b> 4/16/2012<br>
|
|
<b>Attack Method:</b> Unknown<br>
|
|
<b>Application Weakness:</b> Unknown<br>
|
|
<b>Outcome:</b> Leakage of Information<br>
|
|
<b>Attacked Entity Field:</b> Finance<br>
|
|
<b>Attacked Entity Geography:</b> Iran<br>
|
|
<b>Incident Description:</b> First, he warned of the security flaw in Iran???s banking system. Then he provided them with 1,000 bank account details. When they didn???t listen, he hacked 3 million accounts across at least 22 banks.<br>
|
|
<b>Reference:</b> <a href="https://www.zdnet.com/blog/security/3-million-bank-accounts-hacked-in-iran/11577" target="_blank">https://www.zdnet.com/blog/security/3-million-bank-accounts-hacked-in-iran/11577</a>
|
|
</div></td> <td><div class="googft-card-view" style="font-family:sans-serif;width:450px;padding:4px;border:1px solid #ccc;overflow:hidden">
|
|
<b>Entry Title:</b> WHID 2012-197: Hackers take down 15 Lebanese government websites<br>
|
|
<b>WHID ID:</b> 2012-197<br>
|
|
<b>Date Occurred:</b> 4/17/2012<br>
|
|
<b>Attack Method:</b> Unknown<br>
|
|
<b>Application Weakness:</b> Unknown<br>
|
|
<b>Outcome:</b> Defacement<br>
|
|
<b>Attacked Entity Field:</b> Government<br>
|
|
<b>Attacked Entity Geography:</b> Beirut, Lebanon<br>
|
|
<b>Incident Description:</b> A group calling itself "Raise Your Voice" hacked into 15 Lebanese government websites on Tuesday, demanding an improvement in living standards and an end to widespread electricity and water shortages.<br>
|
|
<b>Reference:</b> <a href="http://www.reuters.com/article/2012/04/17/lebanon-hackers-idUSL6E8FH1P320120417" target="_blank">http://www.reuters.com/article/2012/04/17/lebanon-hackers-idUSL6E8FH1P320120417</a>
|
|
</div></td></tr> <tr><td><div class="googft-card-view" style="font-family:sans-serif;width:450px;padding:4px;border:1px solid #ccc;overflow:hidden">
|
|
<b>Entry Title:</b> WHID 2012-196: US, UK govt. websites downed in Anonymous-claimed attack<br>
|
|
<b>WHID ID:</b> 2012-196<br>
|
|
<b>Date Occurred:</b> 4/16/2012<br>
|
|
<b>Attack Method:</b> Denial of Service<br>
|
|
<b>Application Weakness:</b> Insufficient Anti-automation<br>
|
|
<b>Outcome:</b> Downtime<br>
|
|
<b>Attacked Entity Field:</b> Government<br>
|
|
<b>Attacked Entity Geography:</b> Multiple<br>
|
|
<b>Incident Description:</b> More US and UK government websites have fallen prey to DDoS attacks by the hacktivist group Anonymous. The victims now include the US Department of Justice, CIA and two MI6 sites.<br>
|
|
<b>Reference:</b> <a href="https://rt.com/news/cia-ddos-attacks-usa-120/" target="_blank">https://rt.com/news/cia-ddos-attacks-usa-120/</a>
|
|
</div></td> <td><div class="googft-card-view" style="font-family:sans-serif;width:450px;padding:4px;border:1px solid #ccc;overflow:hidden">
|
|
<b>Entry Title:</b> WHID 2012-195: Zimbabwe International Trade Fair website hacked, taken down<br>
|
|
<b>WHID ID:</b> 2012-195<br>
|
|
<b>Date Occurred:</b> 4/13/2012<br>
|
|
<b>Attack Method:</b> Unknown<br>
|
|
<b>Application Weakness:</b> Unknown<br>
|
|
<b>Outcome:</b> Defacement<br>
|
|
<b>Attacked Entity Field:</b> Media<br>
|
|
<b>Attacked Entity Geography:</b> Zimbabwe<br>
|
|
<b>Incident Description:</b> We established this morning that the website belonging to the Zimbabwe International Trade Fair Company, www.zitf.net was hacked.<br>
|
|
<b>Reference:</b> <a href="http://www.techzim.co.zw/2012/04/zimbabwe-international-trade-fair-website-hacked/" target="_blank">http://www.techzim.co.zw/2012/04/zimbabwe-international-trade-fair-website-hacked/</a>
|
|
</div></td></tr> <tr><td><div class="googft-card-view" style="font-family:sans-serif;width:450px;padding:4px;border:1px solid #ccc;overflow:hidden">
|
|
<b>Entry Title:</b> WHID 2012-194: Dude, you???ve just been ???Likejacked??? by the Fortune 500<br>
|
|
<b>WHID ID:</b> 2012-194<br>
|
|
<b>Date Occurred:</b> 4/10/2012<br>
|
|
<b>Attack Method:</b> Clickjacking<br>
|
|
<b>Application Weakness:</b> Insufficient Process Validation<br>
|
|
<b>Outcome:</b> Spam<br>
|
|
<b>Attacked Entity Field:</b> Social<br>
|
|
<b>Attacked Entity Geography:</b> Menlo Park, CA<br>
|
|
<b>Incident Description:</b> Facebook 'Likejacking' scams can fool even the savviest users. But behind the scammers lie some of the powerful marketing firms in the world.<br>
|
|
<b>Reference:</b> <a href="http://www.itworld.com/it-managementstrategy/266618/dude-you-ve-just-been-likejacked-fortune-500" target="_blank">http://www.itworld.com/it-managementstrategy/266618/dude-you-ve-just-been-likejacked-fortune-500</a>
|
|
</div></td> <td><div class="googft-card-view" style="font-family:sans-serif;width:450px;padding:4px;border:1px solid #ccc;overflow:hidden">
|
|
<b>Entry Title:</b> WHID 2012-193: National Organization For Marriage Twitter Account Hacked<br>
|
|
<b>WHID ID:</b> 2012-193<br>
|
|
<b>Date Occurred:</b> 4/11/2012<br>
|
|
<b>Attack Method:</b> Unknown<br>
|
|
<b>Application Weakness:</b> Unknown<br>
|
|
<b>Outcome:</b> Disinformation<br>
|
|
<b>Attacked Entity Field:</b> Social<br>
|
|
<b>Attacked Entity Geography:</b> San Francisco, CA<br>
|
|
<b>Incident Description:</b> The hacker also put up a tweet on NOM's Twitter account, NOMTweets, reading, "Yes, creating a wedge between the black community and #lgbt was wrong. We vow to work on how we address our opponents in the future."<br>
|
|
<b>Reference:</b> <a href="http://www.huffingtonpost.com/2012/04/11/mitt-romney-endorsed-nom-national-organization-marriage_n_1417338.html?ref=mostpopular" target="_blank">http://www.huffingtonpost.com/2012/04/11/mitt-romney-endorsed-nom-national-organization-marriage_n_1417338.html?ref=mostpopular</a>
|
|
</div></td></tr> <tr><td><div class="googft-card-view" style="font-family:sans-serif;width:450px;padding:4px;border:1px solid #ccc;overflow:hidden">
|
|
<b>Entry Title:</b> WHID 2012-192: National Organization For Marriage Website Hacked On Same Day Group Endorses Mitt Romney<br>
|
|
<b>WHID ID:</b> 2012-192<br>
|
|
<b>Date Occurred:</b> 4/11/2012<br>
|
|
<b>Attack Method:</b> Unknown<br>
|
|
<b>Application Weakness:</b> Unknown<br>
|
|
<b>Outcome:</b> Defacement<br>
|
|
<b>Attacked Entity Field:</b> Politics<br>
|
|
<b>Attacked Entity Geography:</b> San Francisco, CA<br>
|
|
<b>Incident Description:</b> On the same morning that the National Organization for Marriage announced that it was endorsing Mitt Romney, the group dedicated to stopping the marriage equality movement also found its website and social media outlets hacked with a promise to stop dividing Americans.<br>
|
|
<b>Reference:</b> <a href="http://www.huffingtonpost.com/2012/04/11/mitt-romney-endorsed-nom-national-organization-marriage_n_1417338.html?ref=mostpopular" target="_blank">http://www.huffingtonpost.com/2012/04/11/mitt-romney-endorsed-nom-national-organization-marriage_n_1417338.html?ref=mostpopular</a>
|
|
</div></td> <td><div class="googft-card-view" style="font-family:sans-serif;width:450px;padding:4px;border:1px solid #ccc;overflow:hidden">
|
|
<b>Entry Title:</b> WHID 2012-191: Anonymous takes out Boeing website<br>
|
|
<b>WHID ID:</b> 2012-191<br>
|
|
<b>Date Occurred:</b> 4/10/2012<br>
|
|
<b>Attack Method:</b> Denial of Service<br>
|
|
<b>Application Weakness:</b> Insufficient Anti-automation<br>
|
|
<b>Outcome:</b> Downtime<br>
|
|
<b>Attacked Entity Field:</b> Technology<br>
|
|
<b>Attacked Entity Geography:</b> US<br>
|
|
<b>Incident Description:</b> Anonymous is taking responsibility for launching a coordinated cyberattack on Boeing's website, a high-profile takedown that's part of the hacking collective's campaign against what it believes is a stifling piece of federal legislation.<br>
|
|
<b>Reference:</b> <a href="http://www.technolog.msnbc.msn.com/technology/technolog/anonymous-takes-out-boeing-website-708942" target="_blank">http://www.technolog.msnbc.msn.com/technology/technolog/anonymous-takes-out-boeing-website-708942</a>
|
|
</div></td></tr> <tr><td><div class="googft-card-view" style="font-family:sans-serif;width:450px;padding:4px;border:1px solid #ccc;overflow:hidden">
|
|
<b>Entry Title:</b> WHID 2012-190: Anonymous Said to Be Behind Website Attacks on Trade Groups<br>
|
|
<b>WHID ID:</b> 2012-190<br>
|
|
<b>Date Occurred:</b> 4/9/2012<br>
|
|
<b>Attack Method:</b> Denial of Service<br>
|
|
<b>Application Weakness:</b> Insufficient Anti-automation<br>
|
|
<b>Outcome:</b> Downtime<br>
|
|
<b>Attacked Entity Field:</b> Technology<br>
|
|
<b>Attacked Entity Geography:</b> Washington, DC<br>
|
|
<b>Incident Description:</b> The hacker-activist group known as Anonymous led attacks on the websites of two technology trade associations for supporting cybersecurity legislation, the organizations said. Read more: http://www.sfgate.com/cgi-bin/article.cgi?f=/g/a/2012/04/09/bloomberg_articlesM283AE1A1I4G01-M28AL.DTL#ixzz1sOvvLODH<br>
|
|
<b>Reference:</b> <a href="http://www.sfgate.com/cgi-bin/article.cgi?f=/g/a/2012/04/09/bloomberg_articlesM283AE1A1I4G01-M28AL.DTL#ixzz1sOvjfa7v" target="_blank">http://www.sfgate.com/cgi-bin/article.cgi?f=/g/a/2012/04/09/bloomberg_articlesM283AE1A1I4G01-M28AL.DTL#ixzz1sOvjfa7v</a>
|
|
</div></td> <td><div class="googft-card-view" style="font-family:sans-serif;width:450px;padding:4px;border:1px solid #ccc;overflow:hidden">
|
|
<b>Entry Title:</b> WHID 2012-19: Anonymous hackers claim hit on Swedish government<br>
|
|
<b>WHID ID:</b> 2012-19<br>
|
|
<b>Date Occurred:</b> 2/4/2012<br>
|
|
<b>Attack Method:</b> Denial of Service<br>
|
|
<b>Application Weakness:</b> Insufficient Anti-automation<br>
|
|
<b>Outcome:</b> Downtime<br>
|
|
<b>Attacked Entity Field:</b> Government<br>
|
|
<b>Attacked Entity Geography:</b> Sweden<br>
|
|
<b>Incident Description:</b> A group linked to the hacker network Anonymous on Saturday said it had attacked the Swedish government's website, bringing it down for periods of time by overloading it with traffic.<br>
|
|
<b>Reference:</b> <a href="http://www.deseretnews.com/article/700222228/Anonymous-hackers-claim-hit-on-Swedish-government.html" target="_blank">http://www.deseretnews.com/article/700222228/Anonymous-hackers-claim-hit-on-Swedish-government.html</a>
|
|
</div></td></tr> <tr><td><div class="googft-card-view" style="font-family:sans-serif;width:450px;padding:4px;border:1px solid #ccc;overflow:hidden">
|
|
<b>Entry Title:</b> WHID 2012-189: FP?? website hacked by Annonymous<br>
|
|
<b>WHID ID:</b> 2012-189<br>
|
|
<b>Date Occurred:</b> 4/9/2012<br>
|
|
<b>Attack Method:</b> Unknown<br>
|
|
<b>Application Weakness:</b> Unknown<br>
|
|
<b>Outcome:</b> Defacement<br>
|
|
<b>Attacked Entity Field:</b> Politics<br>
|
|
<b>Attacked Entity Geography:</b> Austria<br>
|
|
<b>Incident Description:</b> The website of the Austrian Freedom Party's (FP??) education institute was hacked on Easter Sunday with the slogan "Osterei statt Nazipartei" which translates as Easter eggs instead of Nazi Party.<br>
|
|
<b>Reference:</b> <a href="http://austrianindependent.com/news/General_News/2012-04-09/10827/FP%D6_website_hacked_by_Annonymous" target="_blank">http://austrianindependent.com/news/General_News/2012-04-09/10827/FP%D6_website_hacked_by_Annonymous</a>
|
|
</div></td> <td><div class="googft-card-view" style="font-family:sans-serif;width:450px;padding:4px;border:1px solid #ccc;overflow:hidden">
|
|
<b>Entry Title:</b> WHID 2012-188: Reports: Gulf Air's Facebook page gets hacked<br>
|
|
<b>WHID ID:</b> 2012-188<br>
|
|
<b>Date Occurred:</b> 4/10/2012<br>
|
|
<b>Attack Method:</b> Unknown<br>
|
|
<b>Application Weakness:</b> Unknown<br>
|
|
<b>Outcome:</b> Defacement<br>
|
|
<b>Attacked Entity Field:</b> Social<br>
|
|
<b>Attacked Entity Geography:</b> Menlo Park, CA<br>
|
|
<b>Incident Description:</b> Gulf Air, Bahrain's state airline, said that its Facebook page had been hacked on Monday and that the nation's Internet crime division is investigating, according to the Associated Press.<br>
|
|
<b>Reference:</b> <a href="http://travel.usatoday.com/flights/post/2012/04/gulf-airs-facebook-page-gets-hacked/667184/1" target="_blank">http://travel.usatoday.com/flights/post/2012/04/gulf-airs-facebook-page-gets-hacked/667184/1</a>
|
|
</div></td></tr> <tr><td><div class="googft-card-view" style="font-family:sans-serif;width:450px;padding:4px;border:1px solid #ccc;overflow:hidden">
|
|
<b>Entry Title:</b> WHID 2012-187: Hacked Again: Lessons Learned<br>
|
|
<b>WHID ID:</b> 2012-187<br>
|
|
<b>Date Occurred:</b> 4/8/2012<br>
|
|
<b>Attack Method:</b> Remote File Inclusion (RFI)<br>
|
|
<b>Application Weakness:</b> Misconfiguration<br>
|
|
<b>Outcome:</b> Spam<br>
|
|
<b>Attacked Entity Field:</b> Blogs<br>
|
|
<b>Attacked Entity Geography:</b> San Francisco, CA<br>
|
|
<b>Incident Description:</b> Analysis: For the second time in two years my WordPress site was hacked, this time by Viagra spammers. Here are a few of the hard lessons I learned.<br>
|
|
<b>Reference:</b> <a href="https://www.pcworld.com/article/253408/hacked_again_lessons_learned.html" target="_blank">https://www.pcworld.com/article/253408/hacked_again_lessons_learned.html</a>
|
|
</div></td> <td><div class="googft-card-view" style="font-family:sans-serif;width:450px;padding:4px;border:1px solid #ccc;overflow:hidden">
|
|
<b>Entry Title:</b> WHID 2012-186: Hackers claiming ties to Anonymous target UK government website<br>
|
|
<b>WHID ID:</b> 2012-186<br>
|
|
<b>Date Occurred:</b> 4/8/2012<br>
|
|
<b>Attack Method:</b> Denial of Service<br>
|
|
<b>Application Weakness:</b> Insufficient Anti-automation<br>
|
|
<b>Outcome:</b> Downtime<br>
|
|
<b>Attacked Entity Field:</b> Government<br>
|
|
<b>Attacked Entity Geography:</b> UK<br>
|
|
<b>Incident Description:</b> Britain???s Home Office confirmed Sunday that its website was attacked overnight after hackers claimed responsibility for shutting it down.<br>
|
|
<b>Reference:</b> <a href="http://www.washingtonpost.com/world/europe/hackers-claiming-ties-to-anonymous-target-uk-government-website/2012/04/08/gIQAZZch3S_story.html" target="_blank">http://www.washingtonpost.com/world/europe/hackers-claiming-ties-to-anonymous-target-uk-government-website/2012/04/08/gIQAZZch3S_story.html</a>
|
|
</div></td></tr> <tr><td><div class="googft-card-view" style="font-family:sans-serif;width:450px;padding:4px;border:1px solid #ccc;overflow:hidden">
|
|
<b>Entry Title:</b> WHID 2012-185: FedEx employee charged with cyber attack on Marlboro company<br>
|
|
<b>WHID ID:</b> 2012-185<br>
|
|
<b>Date Occurred:</b> 4/6/2012<br>
|
|
<b>Attack Method:</b> Brute Force<br>
|
|
<b>Application Weakness:</b> Insufficient Anti-automation<br>
|
|
<b>Outcome:</b> Account Takeover<br>
|
|
<b>Attacked Entity Field:</b> Healthcare<br>
|
|
<b>Attacked Entity Geography:</b> Marlborough, MA<br>
|
|
<b>Incident Description:</b> A 20-year-old FedEx employee is facing a charge in federal court after he allegedly launched a cyber attack on a Marlboro human resources company.<br>
|
|
<b>Reference:</b> <a href="http://www.telegram.com/article/20120406/NEWS/120409643/1116" target="_blank">http://www.telegram.com/article/20120406/NEWS/120409643/1116</a>
|
|
</div></td> <td><div class="googft-card-view" style="font-family:sans-serif;width:450px;padding:4px;border:1px solid #ccc;overflow:hidden">
|
|
<b>Entry Title:</b> WHID 2012-184: Hacker steals Chinese government defense contracts<br>
|
|
<b>WHID ID:</b> 2012-184<br>
|
|
<b>Date Occurred:</b> 4/6/2012<br>
|
|
<b>Attack Method:</b> Unknown<br>
|
|
<b>Application Weakness:</b> Unknown<br>
|
|
<b>Outcome:</b> Leakage of Information<br>
|
|
<b>Attacked Entity Field:</b> Government<br>
|
|
<b>Attacked Entity Geography:</b> China<br>
|
|
<b>Incident Description:</b> Hacktivist Hardcore Charlie says he has hacked China National Import & Export Corp (CEIC), a Chinese government defense contractor, and stole over 500MB worth of documents.<br>
|
|
<b>Reference:</b> <a href="https://www.zdnet.com/blog/security/hacker-steals-chinese-government-defense-contracts/11386" target="_blank">https://www.zdnet.com/blog/security/hacker-steals-chinese-government-defense-contracts/11386</a>
|
|
</div></td></tr> <tr><td><div class="googft-card-view" style="font-family:sans-serif;width:450px;padding:4px;border:1px solid #ccc;overflow:hidden">
|
|
<b>Entry Title:</b> WHID 2012-183: European hackers suspected in Utah Medicaid files breach<br>
|
|
<b>WHID ID:</b> 2012-183<br>
|
|
<b>Date Occurred:</b> 4/4/2012<br>
|
|
<b>Attack Method:</b> Unknown<br>
|
|
<b>Application Weakness:</b> Unknown<br>
|
|
<b>Outcome:</b> Leakage of Information<br>
|
|
<b>Attacked Entity Field:</b> Healthcare<br>
|
|
<b>Attacked Entity Geography:</b> Salt Lake City, UT<br>
|
|
<b>Incident Description:</b> A data security breach at the Utah Health Department, believed to be the work of Eastern European hackers, has exposed 24,000 U.S. Medicaid files bearing names, Social Security numbers and other private information, state officials said on Wednesday.<br>
|
|
<b>Reference:</b> <a href="http://articles.chicagotribune.com/2012-04-04/news/sns-rt-us-usa-hackers-utahbre83404g-20120404_1_data-security-breach-cyber-attack-hackers" target="_blank">http://articles.chicagotribune.com/2012-04-04/news/sns-rt-us-usa-hackers-utahbre83404g-20120404_1_data-security-breach-cyber-attack-hackers</a>
|
|
</div></td> <td><div class="googft-card-view" style="font-family:sans-serif;width:450px;padding:4px;border:1px solid #ccc;overflow:hidden">
|
|
<b>Entry Title:</b> WHID 2012-182: Anonymous hacks hundreds of Chinese government sites<br>
|
|
<b>WHID ID:</b> 2012-182<br>
|
|
<b>Date Occurred:</b> 4/4/2012<br>
|
|
<b>Attack Method:</b> Unknown<br>
|
|
<b>Application Weakness:</b> Unknown<br>
|
|
<b>Outcome:</b> Defacement<br>
|
|
<b>Attacked Entity Field:</b> Government<br>
|
|
<b>Attacked Entity Geography:</b> China<br>
|
|
<b>Incident Description:</b> Anonymous has hacked hundreds of Chinese government, company, and other general websites. The attacks range from basic defacements to personal data being compromised.<br>
|
|
<b>Reference:</b> <a href="https://www.zdnet.com/blog/security/anonymous-hacks-hundreds-of-chinese-government-sites/11303" target="_blank">https://www.zdnet.com/blog/security/anonymous-hacks-hundreds-of-chinese-government-sites/11303</a>
|
|
</div></td></tr> <tr><td><div class="googft-card-view" style="font-family:sans-serif;width:450px;padding:4px;border:1px solid #ccc;overflow:hidden">
|
|
<b>Entry Title:</b> WHID 2012-181: Hackers leak Czech PM's private data<br>
|
|
<b>WHID ID:</b> 2012-181<br>
|
|
<b>Date Occurred:</b> 4/4/2012<br>
|
|
<b>Attack Method:</b> Unknown<br>
|
|
<b>Application Weakness:</b> Unknown<br>
|
|
<b>Outcome:</b> Leakage of Information<br>
|
|
<b>Attacked Entity Field:</b> Government<br>
|
|
<b>Attacked Entity Geography:</b> Czechoslovakia<br>
|
|
<b>Incident Description:</b> Hackers posted on the internet the private data of Czech Prime Minister Petr Necas, including the numbers of his three mobile telephones, after a series of cyber attacks on government web sites, Czech media reported Wednesday.<br>
|
|
<b>Reference:</b> <a href="http://twocircles.net/2012apr04/hackers_leak_czech_pms_private_data.html" target="_blank">http://twocircles.net/2012apr04/hackers_leak_czech_pms_private_data.html</a>
|
|
</div></td> <td><div class="googft-card-view" style="font-family:sans-serif;width:450px;padding:4px;border:1px solid #ccc;overflow:hidden">
|
|
<b>Entry Title:</b> WHID 2012-180: Coordinated cyberattack knocks Al Qaeda jihadi websites offline<br>
|
|
<b>WHID ID:</b> 2012-180<br>
|
|
<b>Date Occurred:</b> 4/3/2012<br>
|
|
<b>Attack Method:</b> Denial of Service<br>
|
|
<b>Application Weakness:</b> Insufficient Anti-automation<br>
|
|
<b>Outcome:</b> Downtime<br>
|
|
<b>Attacked Entity Field:</b> Politics<br>
|
|
<b>Attacked Entity Geography:</b> Pakistan<br>
|
|
<b>Incident Description:</b> Five jihadi websites that make up the core online forums promoting Al Qaeda were knocked out 12 days ago and remain mostly offline in what appears to be a major cyberattack against the group.<br>
|
|
<b>Reference:</b> <a href="http://www.alaskadispatch.com/article/coordinated-cyberattack-knocks-al-qaeda-jihadi-websites-offline" target="_blank">http://www.alaskadispatch.com/article/coordinated-cyberattack-knocks-al-qaeda-jihadi-websites-offline</a>
|
|
</div></td></tr> <tr><td><div class="googft-card-view" style="font-family:sans-serif;width:450px;padding:4px;border:1px solid #ccc;overflow:hidden">
|
|
<b>Entry Title:</b> WHID 2012-18: barnesville.com hit by denial of service attack<br>
|
|
<b>WHID ID:</b> 2012-18<br>
|
|
<b>Date Occurred:</b> 2/1/2012<br>
|
|
<b>Attack Method:</b> Denial of Service<br>
|
|
<b>Application Weakness:</b> Insufficient Anti-automation<br>
|
|
<b>Outcome:</b> Downtime<br>
|
|
<b>Attacked Entity Field:</b> Media<br>
|
|
<b>Attacked Entity Geography:</b> Barnesville, Georgia<br>
|
|
<b>Incident Description:</b> websites at barnesville.com and pikecountygeorgia.com were hit by a denial of service attack emanating from Chicago and various points in China.<br>
|
|
<b>Reference:</b> <a href="http://www.barnesville.com/archives/4414-barnesville.com-hit-by-denial-of-service-attack.html" target="_blank">http://www.barnesville.com/archives/4414-barnesville.com-hit-by-denial-of-service-attack.html</a>
|
|
</div></td> <td><div class="googft-card-view" style="font-family:sans-serif;width:450px;padding:4px;border:1px solid #ccc;overflow:hidden">
|
|
<b>Entry Title:</b> WHID 2012-179: Canadian opposition party targeted in botnet attack<br>
|
|
<b>WHID ID:</b> 2012-179<br>
|
|
<b>Date Occurred:</b> 4/2/2012<br>
|
|
<b>Attack Method:</b> Denial of Service<br>
|
|
<b>Application Weakness:</b> Insufficient Anti-automation<br>
|
|
<b>Outcome:</b> Downtime<br>
|
|
<b>Attacked Entity Field:</b> Politics<br>
|
|
<b>Attacked Entity Geography:</b> Canada<br>
|
|
<b>Incident Description:</b> A malicious attacker deliberately attempted to interfere with a crucial party leadership vote in Canada last month, according to a company commissioned to run the online voting system used.<br>
|
|
<b>Reference:</b> <a href="http://www.scmagazine.com/canadian-opposition-party-targeted-in-botnet-attack/article/234644/" target="_blank">http://www.scmagazine.com/canadian-opposition-party-targeted-in-botnet-attack/article/234644/</a>
|
|
</div></td></tr> <tr><td><div class="googft-card-view" style="font-family:sans-serif;width:450px;padding:4px;border:1px solid #ccc;overflow:hidden">
|
|
<b>Entry Title:</b> WHID 2012-178: Denial of Service Attack Targets Epoch Times<br>
|
|
<b>WHID ID:</b> 2012-178<br>
|
|
<b>Date Occurred:</b> 4/2/2012<br>
|
|
<b>Attack Method:</b> Denial of Service<br>
|
|
<b>Application Weakness:</b> Insufficient Anti-automation<br>
|
|
<b>Outcome:</b> Downtime<br>
|
|
<b>Attacked Entity Field:</b> Media<br>
|
|
<b>Attacked Entity Geography:</b> New York, NY<br>
|
|
<b>Incident Description:</b> The Epoch Times was hit with a series of cyber attacks beginning on March 29, with an unsuccessful distributed denial of service attack first targeting epochtimes.com, before follow-up stories on connected servers on the morning of April 1.<br>
|
|
<b>Reference:</b> <a href="http://www.theepochtimes.com/n2/technology/denial-of-service-attack-targets-epoch-times-213907.html" target="_blank">http://www.theepochtimes.com/n2/technology/denial-of-service-attack-targets-epoch-times-213907.html</a>
|
|
</div></td> <td><div class="googft-card-view" style="font-family:sans-serif;width:450px;padding:4px;border:1px solid #ccc;overflow:hidden">
|
|
<b>Entry Title:</b> WHID 2012-177: Klout Hacked!<br>
|
|
<b>WHID ID:</b> 2012-177<br>
|
|
<b>Date Occurred:</b> 4/2/2012<br>
|
|
<b>Attack Method:</b> Cross-site Scripting (XSS)<br>
|
|
<b>Application Weakness:</b> Improper Output Handling<br>
|
|
<b>Outcome:</b> Fraud<br>
|
|
<b>Attacked Entity Field:</b> Social<br>
|
|
<b>Attacked Entity Geography:</b> US<br>
|
|
<b>Incident Description:</b> Some crafty Internet user recently announced that he/she has detected an exploitable XSS vulnerability that allows you to virtually inflate your score.<br>
|
|
<b>Reference:</b> <a href="http://www.digitalversus.com/klout-hacked-n23928.html" target="_blank">http://www.digitalversus.com/klout-hacked-n23928.html</a>
|
|
</div></td></tr> <tr><td><div class="googft-card-view" style="font-family:sans-serif;width:450px;padding:4px;border:1px solid #ccc;overflow:hidden">
|
|
<b>Entry Title:</b> WHID 2012-176: Computer hacker tries to steal $1.8 million from Arlington's bank account Read more here: http://www.star-telegram.com/2012/04/01/3850876/computer-hacker-tries-to-steal.html#storylink=cpy<br>
|
|
<b>WHID ID:</b> 2012-176<br>
|
|
<b>Date Occurred:</b> 4/1/2012<br>
|
|
<b>Attack Method:</b> Banking Trojan<br>
|
|
<b>Application Weakness:</b> Insufficient Process Validation<br>
|
|
<b>Outcome:</b> Monetary Loss<br>
|
|
<b>Attacked Entity Field:</b> Finance<br>
|
|
<b>Attacked Entity Geography:</b> Arlington, TX<br>
|
|
<b>Incident Description:</b> A computer hacker tried to steal $1.8 million from the city's bank account in late February, but officials won't release details, citing an ongoing investigation. Read more here: http://www.star-telegram.com/2012/04/01/3850876/computer-hacker-tries-to-steal.html#storylink=cpy<br>
|
|
<b>Reference:</b> <a href="http://www.star-telegram.com/2012/04/01/3850876/computer-hacker-tries-to-steal.html" target="_blank">http://www.star-telegram.com/2012/04/01/3850876/computer-hacker-tries-to-steal.html</a>
|
|
</div></td> <td><div class="googft-card-view" style="font-family:sans-serif;width:450px;padding:4px;border:1px solid #ccc;overflow:hidden">
|
|
<b>Entry Title:</b> WHID 2012-175: Anonymous Takes Down And Defaces Chinese Government Web Sites<br>
|
|
<b>WHID ID:</b> 2012-175<br>
|
|
<b>Date Occurred:</b> 3/30/2012<br>
|
|
<b>Attack Method:</b> Unknown<br>
|
|
<b>Application Weakness:</b> Unknown<br>
|
|
<b>Outcome:</b> Defacement<br>
|
|
<b>Attacked Entity Field:</b> Government<br>
|
|
<b>Attacked Entity Geography:</b> China<br>
|
|
<b>Incident Description:</b> All has been relatively quiet on the Anonymous front as far as defacing Web sites are concerned. That has changed today as Anonymous China has attacked and defaced a number of Chinese government Web sites to protest the country???s censorship of the Internet.<br>
|
|
<b>Reference:</b> <a href="http://www.webpronews.com/anonymous-takes-down-and-defaces-chines-government-web-sites-2012-03" target="_blank">http://www.webpronews.com/anonymous-takes-down-and-defaces-chines-government-web-sites-2012-03</a>
|
|
</div></td></tr> <tr><td><div class="googft-card-view" style="font-family:sans-serif;width:450px;padding:4px;border:1px solid #ccc;overflow:hidden">
|
|
<b>Entry Title:</b> WHID 2012-174: Hackers Breach Credit Card Processor; 50K Cards Compromised<br>
|
|
<b>WHID ID:</b> 2012-174<br>
|
|
<b>Date Occurred:</b> 3/30/2012<br>
|
|
<b>Attack Method:</b> Unknown<br>
|
|
<b>Application Weakness:</b> Unknown<br>
|
|
<b>Outcome:</b> Leakage of Information<br>
|
|
<b>Attacked Entity Field:</b> Finance<br>
|
|
<b>Attacked Entity Geography:</b> Atlanta, GA<br>
|
|
<b>Incident Description:</b> Global Payments Inc, an Atlanta-based payments processor, has been broken into by hackers, leaving more than 50,000 card accounts potentially compromised, according to news reports.<br>
|
|
<b>Reference:</b> <a href="http://www.wired.com/threatlevel/2012/03/global-payments-breached/" target="_blank">http://www.wired.com/threatlevel/2012/03/global-payments-breached/</a>
|
|
</div></td> <td><div class="googft-card-view" style="font-family:sans-serif;width:450px;padding:4px;border:1px solid #ccc;overflow:hidden">
|
|
<b>Entry Title:</b> WHID 2012-173: Hackers booby-trap WordPress site with botnet-weaving Trojan<br>
|
|
<b>WHID ID:</b> 2012-173<br>
|
|
<b>Date Occurred:</b> 3/23/2012<br>
|
|
<b>Attack Method:</b> Unknown<br>
|
|
<b>Application Weakness:</b> Improper Output Handling<br>
|
|
<b>Outcome:</b> Planting of Malware<br>
|
|
<b>Attacked Entity Field:</b> Blogs<br>
|
|
<b>Attacked Entity Geography:</b> US<br>
|
|
<b>Incident Description:</b> Malware-flingers are taking advantage of vulnerable WordPress sites as part of an attack ultimately designed to spread an information-stealing botnet agent.<br>
|
|
<b>Reference:</b> <a href="http://www.theregister.co.uk/2012/03/23/wordpress_vuln_botnet_exploit/" target="_blank">http://www.theregister.co.uk/2012/03/23/wordpress_vuln_botnet_exploit/</a>
|
|
</div></td></tr> <tr><td><div class="googft-card-view" style="font-family:sans-serif;width:450px;padding:4px;border:1px solid #ccc;overflow:hidden">
|
|
<b>Entry Title:</b> WHID 2012-172: Zappos CTO: hacking detected ???while it was in progress???<br>
|
|
<b>WHID ID:</b> 2012-172<br>
|
|
<b>Date Occurred:</b> 3/23/2012<br>
|
|
<b>Attack Method:</b> SQL Injection<br>
|
|
<b>Application Weakness:</b> Improper Input Handling<br>
|
|
<b>Outcome:</b> Leakage of Information<br>
|
|
<b>Attacked Entity Field:</b> Retail<br>
|
|
<b>Attacked Entity Geography:</b> Nevada, US<br>
|
|
<b>Incident Description:</b> When a hacker targeted Amazon subsidiary Zappos.com in January, the attacker went after company servers in both Nevada and Kentucky.<br>
|
|
<b>Reference:</b> <a href="http://www.techflash.com/seattle/2012/03/zappos-cto-hacking-detected-in-progress.html" target="_blank">http://www.techflash.com/seattle/2012/03/zappos-cto-hacking-detected-in-progress.html</a>
|
|
</div></td> <td><div class="googft-card-view" style="font-family:sans-serif;width:450px;padding:4px;border:1px solid #ccc;overflow:hidden">
|
|
<b>Entry Title:</b> WHID 2012-171: PayPal closes potential flaw in login pages<br>
|
|
<b>WHID ID:</b> 2012-171<br>
|
|
<b>Date Occurred:</b> 3/23/2012<br>
|
|
<b>Attack Method:</b> Cross-site Scripting (XSS)<br>
|
|
<b>Application Weakness:</b> Improper Output Handling<br>
|
|
<b>Outcome:</b> Account Takeover<br>
|
|
<b>Attacked Entity Field:</b> Finance<br>
|
|
<b>Attacked Entity Geography:</b> US<br>
|
|
<b>Incident Description:</b> PayPal has closed a potentially serious security hole on its site, which cyber criminals could have used to steal passwords belonging to users of the online payment service. Read more: http://www.computing.co.uk/ctg/news/2163065/paypal-closes-potential-flaw-login-pages#ixzz1sKLhwvyd Computing - Insight for IT leaders Claim your free subscription today.<br>
|
|
<b>Reference:</b> <a href="http://www.computing.co.uk/ctg/news/2163065/paypal-closes-potential-flaw-login-pages" target="_blank">http://www.computing.co.uk/ctg/news/2163065/paypal-closes-potential-flaw-login-pages</a>
|
|
</div></td></tr> <tr><td><div class="googft-card-view" style="font-family:sans-serif;width:450px;padding:4px;border:1px solid #ccc;overflow:hidden">
|
|
<b>Entry Title:</b> WHID 2012-170: Hackers attack Mexican websites over pope's visit<br>
|
|
<b>WHID ID:</b> 2012-170<br>
|
|
<b>Date Occurred:</b> 3/20/2012<br>
|
|
<b>Attack Method:</b> Unknown<br>
|
|
<b>Application Weakness:</b> Unknown<br>
|
|
<b>Outcome:</b> Defacement<br>
|
|
<b>Attacked Entity Field:</b> Religious<br>
|
|
<b>Attacked Entity Geography:</b> Mexico City, Mexico<br>
|
|
<b>Incident Description:</b> The group of cyberactivists known as Anonymous blocked access to two websites linked to the upcoming visit to Mexico by Pope Benedict XVI.<br>
|
|
<b>Reference:</b> <a href="http://en.europeonline-magazine.eu/hackers-attack-mexican-websites-over-popes-visit_197890.html" target="_blank">http://en.europeonline-magazine.eu/hackers-attack-mexican-websites-over-popes-visit_197890.html</a>
|
|
</div></td> <td><div class="googft-card-view" style="font-family:sans-serif;width:450px;padding:4px;border:1px solid #ccc;overflow:hidden">
|
|
<b>Entry Title:</b> WHID 2012-170: Qwest Datacenter "Held Hostage" by Hacker (Exclusive)<br>
|
|
<b>WHID ID:</b> 2012-170<br>
|
|
<b>Date Occurred:</b> 3/19/2012<br>
|
|
<b>Attack Method:</b> Unknown<br>
|
|
<b>Application Weakness:</b> Unknown<br>
|
|
<b>Outcome:</b> Downtime<br>
|
|
<b>Attacked Entity Field:</b> Service Provider<br>
|
|
<b>Attacked Entity Geography:</b> US<br>
|
|
<b>Incident Description:</b> The hacker known as BlackJester claims that he managed to breach a number of servers owned by Qwest Communications International, one of the largest telecoms carrier in the United States.<br>
|
|
<b>Reference:</b> <a href="http://news.softpedia.com/news/Qwest-Datacenter-quot-Held-Hostage-quot-by-Hacker-Exclusive-259500.shtml" target="_blank">http://news.softpedia.com/news/Qwest-Datacenter-quot-Held-Hostage-quot-by-Hacker-Exclusive-259500.shtml</a>
|
|
</div></td></tr> <tr><td><div class="googft-card-view" style="font-family:sans-serif;width:450px;padding:4px;border:1px solid #ccc;overflow:hidden">
|
|
<b>Entry Title:</b> WHID 2012-8: Zappos website hacked; credit card database not affected, CEO says<br>
|
|
<b>WHID ID:</b> 2012-17<br>
|
|
<b>Date Occurred:</b> 2/2/2012<br>
|
|
<b>Attack Method:</b> Unknown<br>
|
|
<b>Application Weakness:</b> Unknown<br>
|
|
<b>Outcome:</b> Leakage of Information<br>
|
|
<b>Attacked Entity Field:</b> Retail<br>
|
|
<b>Attacked Entity Geography:</b> Australia<br>
|
|
<b>Incident Description:</b> Computer hackers have penetrated the database of Australia's biggest internet domain name auction house, possibly accessing client home addresses and encrypted credit card numbers<br>
|
|
<b>Reference:</b> <a href="http://www.theage.com.au/national/hackers-infiltrate-domain-name-auction-house-20120201-1qtgk.html" target="_blank">http://www.theage.com.au/national/hackers-infiltrate-domain-name-auction-house-20120201-1qtgk.html</a>
|
|
</div></td> <td><div class="googft-card-view" style="font-family:sans-serif;width:450px;padding:4px;border:1px solid #ccc;overflow:hidden">
|
|
<b>Entry Title:</b> WHID 2012-169: Presidenta's Website Hacked<br>
|
|
<b>WHID ID:</b> 2012-169<br>
|
|
<b>Date Occurred:</b> 3/20/2012<br>
|
|
<b>Attack Method:</b> Unknown<br>
|
|
<b>Application Weakness:</b> Unknown<br>
|
|
<b>Outcome:</b> Defacement<br>
|
|
<b>Attacked Entity Field:</b> Government<br>
|
|
<b>Attacked Entity Geography:</b> Costa Rica<br>
|
|
<b>Incident Description:</b> The Casa Presidencial website (www.casapres.go.cr) was in temporary control of hackers on Sunday night, according to Communications Minister, Francisco Chac?_n.<br>
|
|
<b>Reference:</b> <a href="http://www.insidecostarica.com/dailynews/2012/march/20/costarica12032005.htm" target="_blank">http://www.insidecostarica.com/dailynews/2012/march/20/costarica12032005.htm</a>
|
|
</div></td></tr> <tr><td><div class="googft-card-view" style="font-family:sans-serif;width:450px;padding:4px;border:1px solid #ccc;overflow:hidden">
|
|
<b>Entry Title:</b> WHID 2012-168: Doc outrage: Anonymous 'behind' web-siege on Russian TV channel<br>
|
|
<b>WHID ID:</b> 2012-168<br>
|
|
<b>Date Occurred:</b> 3/20/2012<br>
|
|
<b>Attack Method:</b> Denial of Service<br>
|
|
<b>Application Weakness:</b> Insufficient Anti-automation<br>
|
|
<b>Outcome:</b> Downtime<br>
|
|
<b>Attacked Entity Field:</b> Media<br>
|
|
<b>Attacked Entity Geography:</b> Russia<br>
|
|
<b>Incident Description:</b> The Russian faction of Anonymous has claimed responsibility for a cyber-attack on a Russian TV station's website. The outage follows a controversial documentary about Russian protestors produced by NTV.<br>
|
|
<b>Reference:</b> <a href="https://rt.com/news/tv-station-site-attacked-922/" target="_blank">https://rt.com/news/tv-station-site-attacked-922/</a>
|
|
</div></td> <td><div class="googft-card-view" style="font-family:sans-serif;width:450px;padding:4px;border:1px solid #ccc;overflow:hidden">
|
|
<b>Entry Title:</b> WHID 2012-167: Hackers hit 112 Indian gov sites in three months<br>
|
|
<b>WHID ID:</b> 2012-167<br>
|
|
<b>Date Occurred:</b> 3/16/2012<br>
|
|
<b>Attack Method:</b> Unknown<br>
|
|
<b>Application Weakness:</b> Unknown<br>
|
|
<b>Outcome:</b> Defacement<br>
|
|
<b>Attacked Entity Field:</b> Government<br>
|
|
<b>Attacked Entity Geography:</b> India<br>
|
|
<b>Incident Description:</b> There was embarrassing news for the Indian government this week as one of its ministers was forced to admit that over 100 of its web sites had been hacked in just three months at the beginning of the year, including that of a state-owned telecoms company.<br>
|
|
<b>Reference:</b> <a href="http://www.theregister.co.uk/2012/03/16/indian_government_sites_hacked/" target="_blank">http://www.theregister.co.uk/2012/03/16/indian_government_sites_hacked/</a>
|
|
</div></td></tr> <tr><td><div class="googft-card-view" style="font-family:sans-serif;width:450px;padding:4px;border:1px solid #ccc;overflow:hidden">
|
|
<b>Entry Title:</b> WHID 2012-166: Hackers expose Ancestry.com security bug<br>
|
|
<b>WHID ID:</b> 2012-166<br>
|
|
<b>Date Occurred:</b> 3/14/2012<br>
|
|
<b>Attack Method:</b> SQL Injection<br>
|
|
<b>Application Weakness:</b> Improper Input Handling<br>
|
|
<b>Outcome:</b> Leakage of Information<br>
|
|
<b>Attacked Entity Field:</b> Information<br>
|
|
<b>Attacked Entity Geography:</b> Provo, UT<br>
|
|
<b>Incident Description:</b> A security bug may exist on Ancestry.com that could leave the personal information of its registered users exposed and vulnerable to theft.<br>
|
|
<b>Reference:</b> <a href="http://www.msnbc.msn.com/id/46735808/ns/technology_and_science-security/#.T422QppWrUU" target="_blank">http://www.msnbc.msn.com/id/46735808/ns/technology_and_science-security/#.T422QppWrUU</a>
|
|
</div></td> <td><div class="googft-card-view" style="font-family:sans-serif;width:450px;padding:4px;border:1px solid #ccc;overflow:hidden">
|
|
<b>Entry Title:</b> WHID 2012-165: BBC hit with cyberattack, Iran link suspected<br>
|
|
<b>WHID ID:</b> 2012-165<br>
|
|
<b>Date Occurred:</b> 3/14/2012<br>
|
|
<b>Attack Method:</b> Denial of Service<br>
|
|
<b>Application Weakness:</b> Insufficient Anti-automation<br>
|
|
<b>Outcome:</b> Downtime<br>
|
|
<b>Attacked Entity Field:</b> Media<br>
|
|
<b>Attacked Entity Geography:</b> UK<br>
|
|
<b>Incident Description:</b> Hackers attacked the BBC earlier this month, leaving some parts of the organization without access to e-mail and Internet services, the BBC has confirmed.<br>
|
|
<b>Reference:</b> <a href="http://www.washingtonpost.com/business/technology/bbc-hit-with-cyberattack-iran-link-suspected/2012/03/14/gIQAvnL4BS_story.html" target="_blank">http://www.washingtonpost.com/business/technology/bbc-hit-with-cyberattack-iran-link-suspected/2012/03/14/gIQAvnL4BS_story.html</a>
|
|
</div></td></tr> <tr><td><div class="googft-card-view" style="font-family:sans-serif;width:450px;padding:4px;border:1px solid #ccc;overflow:hidden">
|
|
<b>Entry Title:</b> WHID 2012-164: Anonymous Attacks Vatican For Third Time in One Week<br>
|
|
<b>WHID ID:</b> 2012-164<br>
|
|
<b>Date Occurred:</b> 3/13/2012<br>
|
|
<b>Attack Method:</b> Denial of Service<br>
|
|
<b>Application Weakness:</b> Insufficient Anti-automation<br>
|
|
<b>Outcome:</b> Downtime<br>
|
|
<b>Attacked Entity Field:</b> Religious<br>
|
|
<b>Attacked Entity Geography:</b> Rome, Italy<br>
|
|
<b>Incident Description:</b> It???s been a hard past week for the Vatican???s online presence. Since members of Anonymous declared war on religion last Monday, and as a part of the latest retaliatory cyber attacks following the indictment of several suspected hackers, Vatican servers have been targeted at least three times. First they took down the Vatican homepage, then they broke into a Vatican Radio Server, and now Anonymous-affiliated hacker Agent_Anon is claiming a DDoS of related site catholic.va, with a corresponding database dump on pastebin.<br>
|
|
<b>Reference:</b> <a href="http://www.webpronews.com/anonymous-attacks-vatican-for-third-time-in-one-week-2012-03" target="_blank">http://www.webpronews.com/anonymous-attacks-vatican-for-third-time-in-one-week-2012-03</a>
|
|
</div></td> <td><div class="googft-card-view" style="font-family:sans-serif;width:450px;padding:4px;border:1px solid #ccc;overflow:hidden">
|
|
<b>Entry Title:</b> WHID 2012-163: Anonymous hacks Vatican again<br>
|
|
<b>WHID ID:</b> 2012-163<br>
|
|
<b>Date Occurred:</b> 3/12/2012<br>
|
|
<b>Attack Method:</b> Backdoor<br>
|
|
<b>Application Weakness:</b> Unknown<br>
|
|
<b>Outcome:</b> Defacement<br>
|
|
<b>Attacked Entity Field:</b> Religious<br>
|
|
<b>Attacked Entity Geography:</b> Rome, Italy<br>
|
|
<b>Incident Description:</b> The hacktivist group Anonymous has taken down the Vatican???s website for a second time. The attack is part of the organization???s recent declaration of war against religion.<br>
|
|
<b>Reference:</b> <a href="https://www.zdnet.com/blog/security/anonymous-hacks-vatican-again/10721" target="_blank">https://www.zdnet.com/blog/security/anonymous-hacks-vatican-again/10721</a>
|
|
</div></td></tr> <tr><td><div class="googft-card-view" style="font-family:sans-serif;width:450px;padding:4px;border:1px solid #ccc;overflow:hidden">
|
|
<b>Entry Title:</b> WHID 2012-162: Porn site Digital Playground hacked, hackers say ???too enticing to resist???<br>
|
|
<b>WHID ID:</b> 2012-162<br>
|
|
<b>Date Occurred:</b> 3/9/2012<br>
|
|
<b>Attack Method:</b> Unknown<br>
|
|
<b>Application Weakness:</b> Unknown<br>
|
|
<b>Outcome:</b> Leakage of Information<br>
|
|
<b>Attacked Entity Field:</b> Entertainment<br>
|
|
<b>Attacked Entity Geography:</b> Luxembourg<br>
|
|
<b>Incident Description:</b> Yet another porn site was hacked this week, losing 73,000 e-mail addresses, user names, and passwords, and some 40,000 plain-text credit card numbers, including CCV numbers and expiration dates, according to SC Magazine.<br>
|
|
<b>Reference:</b> <a href="http://www.scmagazine.com/porn-site-digital-playground-hacked-to-expose-card-numbers/article/231472/" target="_blank">http://www.scmagazine.com/porn-site-digital-playground-hacked-to-expose-card-numbers/article/231472/</a>
|
|
</div></td> <td><div class="googft-card-view" style="font-family:sans-serif;width:450px;padding:4px;border:1px solid #ccc;overflow:hidden">
|
|
<b>Entry Title:</b> WHID 2012-161: Rogue Antivirus Campaign Targets WordPress<br>
|
|
<b>WHID ID:</b> 2012-161<br>
|
|
<b>Date Occurred:</b> 3/8/2012<br>
|
|
<b>Attack Method:</b> Unknown<br>
|
|
<b>Application Weakness:</b> Improper Output Handling<br>
|
|
<b>Outcome:</b> Planting of Malware<br>
|
|
<b>Attacked Entity Field:</b> Blogs<br>
|
|
<b>Attacked Entity Geography:</b> Multiple<br>
|
|
<b>Incident Description:</b> A new wave of mass-injections of a fake antivirus campaign that appears to be targeting sites hosted by popular blogging platform WordPress, according to Websense it has detected<br>
|
|
<b>Reference:</b> <a href="http://www.techweekeurope.co.uk/news/rogue-antivirus-campaign-targets-wordpress-65755" target="_blank">http://www.techweekeurope.co.uk/news/rogue-antivirus-campaign-targets-wordpress-65755</a>
|
|
</div></td></tr> <tr><td><div class="googft-card-view" style="font-family:sans-serif;width:450px;padding:4px;border:1px solid #ccc;overflow:hidden">
|
|
<b>Entry Title:</b> WHID 2012-160: Turkish police website hacked with password '123456'<br>
|
|
<b>WHID ID:</b> 2012-160<br>
|
|
<b>Date Occurred:</b> 3/7/2012<br>
|
|
<b>Attack Method:</b> Brute Force<br>
|
|
<b>Application Weakness:</b> Insufficient Anti-automation<br>
|
|
<b>Outcome:</b> Leakage of Information<br>
|
|
<b>Attacked Entity Field:</b> Law Enforcement<br>
|
|
<b>Attacked Entity Geography:</b> Turkey<br>
|
|
<b>Incident Description:</b> Internet security phail: for a group of Turkish hackers, breaking into the Ankara Police Department's website and stealing secret data was as simple as 123...456.<br>
|
|
<b>Reference:</b> <a href="http://www.gmanetwork.com/news/story/250626/scitech/technology/turkish-police-website-hacked-with-password-123456" target="_blank">http://www.gmanetwork.com/news/story/250626/scitech/technology/turkish-police-website-hacked-with-password-123456</a>
|
|
</div></td> <td><div class="googft-card-view" style="font-family:sans-serif;width:450px;padding:4px;border:1px solid #ccc;overflow:hidden">
|
|
<b>Entry Title:</b> WHID 2012-16: SLCPD website hacked by activist group<br>
|
|
<b>WHID ID:</b> 2012-16<br>
|
|
<b>Date Occurred:</b> 1/31/2012<br>
|
|
<b>Attack Method:</b> SQL Injection<br>
|
|
<b>Application Weakness:</b> Improper Input Handling<br>
|
|
<b>Outcome:</b> Downtime<br>
|
|
<b>Attacked Entity Field:</b> Law Enforcement<br>
|
|
<b>Attacked Entity Geography:</b> Salt Lake City, Utah<br>
|
|
<b>Incident Description:</b> The Salt Lake Police Department???s website has been hacked by the activist group ???Anonymous??? forcing a temporary shutdown on Tuesday afternoon.<br>
|
|
<b>Reference:</b> <a href="http://www.abc4.com/content/news/top_stories/story/SLCPD-website-hacked-by-activist-group/bnNbGp8-yESR9QSm9PhKGQ.cspx" target="_blank">http://www.abc4.com/content/news/top_stories/story/SLCPD-website-hacked-by-activist-group/bnNbGp8-yESR9QSm9PhKGQ.cspx</a>
|
|
</div></td></tr> <tr><td><div class="googft-card-view" style="font-family:sans-serif;width:450px;padding:4px;border:1px solid #ccc;overflow:hidden">
|
|
<b>Entry Title:</b> WHID 2012-159: Facebook Goes Down Temporarily in Parts of Europe<br>
|
|
<b>WHID ID:</b> 2012-159<br>
|
|
<b>Date Occurred:</b> 3/7/2012<br>
|
|
<b>Attack Method:</b> Denial of Service<br>
|
|
<b>Application Weakness:</b> Insufficient Anti-automation<br>
|
|
<b>Outcome:</b> Downtime<br>
|
|
<b>Attacked Entity Field:</b> Social<br>
|
|
<b>Attacked Entity Geography:</b> US<br>
|
|
<b>Incident Description:</b> Facebook was down temporarily in parts of Europe on Wednesday, with users in some countries outside the region also reporting problems. CERT.be, the federal cyberemergency team for Belgium, said Facebook was hit by a DDOS (distributed denial of service) attack.<br>
|
|
<b>Reference:</b> <a href="https://www.pcworld.com/article/251420/facebook_goes_down_temporarily_in_parts_of_europe.html" target="_blank">https://www.pcworld.com/article/251420/facebook_goes_down_temporarily_in_parts_of_europe.html</a>
|
|
</div></td> <td><div class="googft-card-view" style="font-family:sans-serif;width:450px;padding:4px;border:1px solid #ccc;overflow:hidden">
|
|
<b>Entry Title:</b> WHID 2012-158: Allphones hacked, staff passwords exposed<br>
|
|
<b>WHID ID:</b> 2012-158<br>
|
|
<b>Date Occurred:</b> 3/6/2012<br>
|
|
<b>Attack Method:</b> SQL Injection<br>
|
|
<b>Application Weakness:</b> Improper Input Handling<br>
|
|
<b>Outcome:</b> Leakage of Information<br>
|
|
<b>Attacked Entity Field:</b> Retail<br>
|
|
<b>Attacked Entity Geography:</b> Australia<br>
|
|
<b>Incident Description:</b> Telecommunications retailer Allphones has had hundreds of staff usernames, passwords and company administrator logins exposed following a hacking attack. The breach occurred when the company's web administration interface was accessed through a SQL injection attack that targeted the Allphones website.<br>
|
|
<b>Reference:</b> <a href="http://www.scmagazine.com.au/News/292592,allphones-hacked-staff-passwords-exposed.aspx" target="_blank">http://www.scmagazine.com.au/News/292592,allphones-hacked-staff-passwords-exposed.aspx</a>
|
|
</div></td></tr> <tr><td><div class="googft-card-view" style="font-family:sans-serif;width:450px;padding:4px;border:1px solid #ccc;overflow:hidden">
|
|
<b>Entry Title:</b> WHID 2012-157: Sony Says Michael Jackson Recordings Were Stolen From Its Site<br>
|
|
<b>WHID ID:</b> 2012-157<br>
|
|
<b>Date Occurred:</b> 3/5/2012<br>
|
|
<b>Attack Method:</b> Unknown<br>
|
|
<b>Application Weakness:</b> Unknown<br>
|
|
<b>Outcome:</b> Leakage of Information<br>
|
|
<b>Attacked Entity Field:</b> Entertainment<br>
|
|
<b>Attacked Entity Geography:</b> Japan<br>
|
|
<b>Incident Description:</b> This could be bad for Sony, in many senses of the word: that media giant has confirmed that several tracks recorded by Michael Jackson were stolen from its Web site after it was hacked<br>
|
|
<b>Reference:</b> <a href="http://artsbeat.blogs.nytimes.com/2012/03/05/sony-says-michael-jackson-recordings-were-stolen-from-its-site/" target="_blank">http://artsbeat.blogs.nytimes.com/2012/03/05/sony-says-michael-jackson-recordings-were-stolen-from-its-site/</a>
|
|
</div></td> <td><div class="googft-card-view" style="font-family:sans-serif;width:450px;padding:4px;border:1px solid #ccc;overflow:hidden">
|
|
<b>Entry Title:</b> WHID 2012-156: How GitHub handled getting hacked<br>
|
|
<b>WHID ID:</b> 2012-156<br>
|
|
<b>Date Occurred:</b> 3/4/2012<br>
|
|
<b>Attack Method:</b> Mass Assignment<br>
|
|
<b>Application Weakness:</b> Insufficient Authorization<br>
|
|
<b>Outcome:</b> Account Takeover<br>
|
|
<b>Attacked Entity Field:</b> Technology<br>
|
|
<b>Attacked Entity Geography:</b> San Francisco, CA<br>
|
|
<b>Incident Description:</b> Here is the story of how GitHub was hacked, and how the company reacted to the event. The first response was very poor, but thankfully the second one was a significant improvement.<br>
|
|
<b>Reference:</b> <a href="https://www.zdnet.com/blog/security/how-github-handled-getting-hacked/10473" target="_blank">https://www.zdnet.com/blog/security/how-github-handled-getting-hacked/10473</a>
|
|
</div></td></tr> <tr><td><div class="googft-card-view" style="font-family:sans-serif;width:450px;padding:4px;border:1px solid #ccc;overflow:hidden">
|
|
<b>Entry Title:</b> WHID 2012-155: Hackers Elect Futurama???s Bender to the Washington DC School Board<br>
|
|
<b>WHID ID:</b> 2012-155<br>
|
|
<b>Date Occurred:</b> 3/2/2012<br>
|
|
<b>Attack Method:</b> Code Injection<br>
|
|
<b>Application Weakness:</b> Improper Input Handling<br>
|
|
<b>Outcome:</b> Fraud<br>
|
|
<b>Attacked Entity Field:</b> Education<br>
|
|
<b>Attacked Entity Geography:</b> Washington, DC<br>
|
|
<b>Incident Description:</b> Electronic voting has earned a pretty bad reputation for being insecure and completely unreliable. Well, get ready to add another entry to e-voting's list of woes.<br>
|
|
<b>Reference:</b> <a href="https://www.pcworld.com/article/251187/hackers_elect_futuramas_bender_to_the_washington_dc_school_board.html" target="_blank">https://www.pcworld.com/article/251187/hackers_elect_futuramas_bender_to_the_washington_dc_school_board.html</a>
|
|
</div></td> <td><div class="googft-card-view" style="font-family:sans-serif;width:450px;padding:4px;border:1px solid #ccc;overflow:hidden">
|
|
<b>Entry Title:</b> WHID 2012-154: Linode hackers escape with $70K in daring bitcoin heist<br>
|
|
<b>WHID ID:</b> 2012-154<br>
|
|
<b>Date Occurred:</b> 3/2/2012<br>
|
|
<b>Attack Method:</b> Brute Force<br>
|
|
<b>Application Weakness:</b> Insufficient Anti-automation<br>
|
|
<b>Outcome:</b> Monetary Loss<br>
|
|
<b>Attacked Entity Field:</b> Finance<br>
|
|
<b>Attacked Entity Geography:</b> Nobby Beach, AU<br>
|
|
<b>Incident Description:</b> Popular web host Linode has been hacked by cyber-thieves who made off with a stash of bitcoins worth $71,000 (??44,736) in real money.<br>
|
|
<b>Reference:</b> <a href="http://www.theregister.co.uk/2012/03/02/linode_bitcoin_heist/" target="_blank">http://www.theregister.co.uk/2012/03/02/linode_bitcoin_heist/</a>
|
|
</div></td></tr> <tr><td><div class="googft-card-view" style="font-family:sans-serif;width:450px;padding:4px;border:1px solid #ccc;overflow:hidden">
|
|
<b>Entry Title:</b> WHID 2012-153: Bug in Plesk administration software is being actively exploited<br>
|
|
<b>WHID ID:</b> 2012-153<br>
|
|
<b>Date Occurred:</b> 3/1/2012<br>
|
|
<b>Attack Method:</b> SQL Injection<br>
|
|
<b>Application Weakness:</b> Improper Input Handling<br>
|
|
<b>Outcome:</b> Leakage of Information<br>
|
|
<b>Attacked Entity Field:</b> Multiple<br>
|
|
<b>Attacked Entity Geography:</b> Multiple<br>
|
|
<b>Incident Description:</b> A critical security vulnerability in the Plesk administration program is currently being actively used to compromise affected servers. Plesk is used most often by hosting providers and provides a web front-end for administering rented servers. The vulnerability seems to be a SQL injection problem, which an attacker can exploit to gain full administrative access to a system.<br>
|
|
<b>Reference:</b> <a href="http://www.h-online.com/security/news/item/Bug-in-Plesk-administration-software-is-being-actively-exploited-1446587.html" target="_blank">http://www.h-online.com/security/news/item/Bug-in-Plesk-administration-software-is-being-actively-exploited-1446587.html</a>
|
|
</div></td> <td><div class="googft-card-view" style="font-family:sans-serif;width:450px;padding:4px;border:1px solid #ccc;overflow:hidden">
|
|
<b>Entry Title:</b> WHID 2012-152: Uznews.net server comes under DDoS attack<br>
|
|
<b>WHID ID:</b> 2012-152<br>
|
|
<b>Date Occurred:</b> 3/2/2012<br>
|
|
<b>Attack Method:</b> Denial of Service<br>
|
|
<b>Application Weakness:</b> Insufficient Anti-automation<br>
|
|
<b>Outcome:</b> Downtime<br>
|
|
<b>Attacked Entity Field:</b> Media<br>
|
|
<b>Attacked Entity Geography:</b> US<br>
|
|
<b>Incident Description:</b> The website of the Uznews.net independent news service has come under a Distributed Denial of Service (DDoS) attack which has rendered the site temporarily inaccessible.<br>
|
|
<b>Reference:</b> <a href="http://www.uznews.net/news_single.php?lng=en&sub=top&cid=3&nid=19245" target="_blank">http://www.uznews.net/news_single.php?lng=en&sub=top&cid=3&nid=19245</a>
|
|
</div></td></tr> <tr><td><div class="googft-card-view" style="font-family:sans-serif;width:450px;padding:4px;border:1px solid #ccc;overflow:hidden">
|
|
<b>Entry Title:</b> WHID 2012-151: Hackers attack Ontario police chiefs' website<br>
|
|
<b>WHID ID:</b> 2012-151<br>
|
|
<b>Date Occurred:</b> 2/25/2012<br>
|
|
<b>Attack Method:</b> Unknown<br>
|
|
<b>Application Weakness:</b> Unknown<br>
|
|
<b>Outcome:</b> Defacement<br>
|
|
<b>Attacked Entity Field:</b> Law Enforcement<br>
|
|
<b>Attacked Entity Geography:</b> Ontario, Canada<br>
|
|
<b>Incident Description:</b> Anonymous -- the hacker group affiliated with a string of cyber attacks against corporations and law enforcement agencies -- has apparently added the Ontario Association of Chiefs of Police to its hit list.<br>
|
|
<b>Reference:</b> <a href="http://ottawa.ctv.ca/servlet/an/local/CTVNews/20120225/ontario-chiefs-of-police-website-hacked-120225/20120225/?hub=OttawaHome" target="_blank">http://ottawa.ctv.ca/servlet/an/local/CTVNews/20120225/ontario-chiefs-of-police-website-hacked-120225/20120225/?hub=OttawaHome</a>
|
|
</div></td> <td><div class="googft-card-view" style="font-family:sans-serif;width:450px;padding:4px;border:1px solid #ccc;overflow:hidden">
|
|
<b>Entry Title:</b> WHID 2012-150: Dayton FBI partner website hacked<br>
|
|
<b>WHID ID:</b> 2012-150<br>
|
|
<b>Date Occurred:</b> 2/24/2012<br>
|
|
<b>Attack Method:</b> Unknown<br>
|
|
<b>Application Weakness:</b> Unknown<br>
|
|
<b>Outcome:</b> Defacement<br>
|
|
<b>Attacked Entity Field:</b> Law Enforcement<br>
|
|
<b>Attacked Entity Geography:</b> Dayton, OH<br>
|
|
<b>Incident Description:</b> A Dayton-based partner organization to the FBI had its website vandalized Friday by hackers who claimed to be allied to the loose-knit Anonymous movement.<br>
|
|
<b>Reference:</b> <a href="http://www.daytondailynews.com/news/dayton-news/dayton-fbi-partner-website-hacked-1333986.html" target="_blank">http://www.daytondailynews.com/news/dayton-news/dayton-fbi-partner-website-hacked-1333986.html</a>
|
|
</div></td></tr> <tr><td><div class="googft-card-view" style="font-family:sans-serif;width:450px;padding:4px;border:1px solid #ccc;overflow:hidden">
|
|
<b>Entry Title:</b> WHID 2012-15: Hackers Take Down Mexico Gov't Websites to Protest Anti-Piracy Bill<br>
|
|
<b>WHID ID:</b> 2012-15<br>
|
|
<b>Date Occurred:</b> 1/27/2012<br>
|
|
<b>Attack Method:</b> Denial of Service<br>
|
|
<b>Application Weakness:</b> Insufficient Anti-automation<br>
|
|
<b>Outcome:</b> Downtime<br>
|
|
<b>Attacked Entity Field:</b> Government<br>
|
|
<b>Attacked Entity Geography:</b> Mexico<br>
|
|
<b>Incident Description:</b> Hackers thought to be part of the Anonymous organization attacked and took down the web sites of Mexico's interior department and Senate, officials in both government bodies said.<br>
|
|
<b>Reference:</b> <a href="http://latino.foxnews.com/latino/news/2012/01/28/hackers-take-down-mexico-govt-websites-to-protest-anti-piracy-bill/" target="_blank">http://latino.foxnews.com/latino/news/2012/01/28/hackers-take-down-mexico-govt-websites-to-protest-anti-piracy-bill/</a>
|
|
</div></td> <td><div class="googft-card-view" style="font-family:sans-serif;width:450px;padding:4px;border:1px solid #ccc;overflow:hidden">
|
|
<b>Entry Title:</b> WHID 2012-149: Twilight author's website found hosting malware<br>
|
|
<b>WHID ID:</b> 2012-149<br>
|
|
<b>Date Occurred:</b> 2/24/2012<br>
|
|
<b>Attack Method:</b> Unknown<br>
|
|
<b>Application Weakness:</b> Improper Output Handling<br>
|
|
<b>Outcome:</b> Planting of Malware<br>
|
|
<b>Attacked Entity Field:</b> Media<br>
|
|
<b>Attacked Entity Geography:</b> US<br>
|
|
<b>Incident Description:</b> For a time, fans of the "Twilight" saga who regularly visit the official website of the series' writer Stephenie Meyer may be in for a real-life horror story. Meyer's website (www.stepheniemeyer.com) had been found to host "Crimepack," an exploit kit that installs malware on Windows PCs, security firm GFI labs reported.<br>
|
|
<b>Reference:</b> <a href="http://www.gmanetwork.com/news/story/249301/scitech/technology/twilight-author-s-website-found-hosting-malware" target="_blank">http://www.gmanetwork.com/news/story/249301/scitech/technology/twilight-author-s-website-found-hosting-malware</a>
|
|
</div></td></tr> <tr><td><div class="googft-card-view" style="font-family:sans-serif;width:450px;padding:4px;border:1px solid #ccc;overflow:hidden">
|
|
<b>Entry Title:</b> WHID 2012-148: Hackers Target Sony Australia, Hit Reseller Instead<br>
|
|
<b>WHID ID:</b> 2012-148<br>
|
|
<b>Date Occurred:</b> 2/23/2012<br>
|
|
<b>Attack Method:</b> Unknown<br>
|
|
<b>Application Weakness:</b> Unknown<br>
|
|
<b>Outcome:</b> Defacement<br>
|
|
<b>Attacked Entity Field:</b> Retail<br>
|
|
<b>Attacked Entity Geography:</b> Australia<br>
|
|
<b>Incident Description:</b> The local domain sonyvaio.com.au has been hacked and a defacement page posted claiming credit for the attack. A Malaysian-based group bragged on a since-removed Facebook post, ???W00t SONY VAIO Australia hacked.??? However, Gizmodo AU checked whois records and found the domain actually belongs to TX Computer Solutions, an authorised Sony reseller.<br>
|
|
<b>Reference:</b> <a href="http://www.gizmodo.com.au/2012/02/hackers-target-sony-australia-hit-reseller-instead/" target="_blank">http://www.gizmodo.com.au/2012/02/hackers-target-sony-australia-hit-reseller-instead/</a>
|
|
</div></td> <td><div class="googft-card-view" style="font-family:sans-serif;width:450px;padding:4px;border:1px solid #ccc;overflow:hidden">
|
|
<b>Entry Title:</b> WHID 2012-147: Azerbaijani TV, AZAL websites hacked by Iranians<br>
|
|
<b>WHID ID:</b> 2012-147<br>
|
|
<b>Date Occurred:</b> 2/23/2012<br>
|
|
<b>Attack Method:</b> Unknown<br>
|
|
<b>Application Weakness:</b> Unknown<br>
|
|
<b>Outcome:</b> Defacement<br>
|
|
<b>Attacked Entity Field:</b> Media<br>
|
|
<b>Attacked Entity Geography:</b> Azerbaijan<br>
|
|
<b>Incident Description:</b> Iranian hackers attacked the websites of the Azerbaijan State Television & Radio Company, AzTV, and Azerbaijani Airlines (AZAL) on 22-23 February.<br>
|
|
<b>Reference:</b> <a href="http://www.news.az/articles/tech/55220" target="_blank">http://www.news.az/articles/tech/55220</a>
|
|
</div></td></tr> <tr><td><div class="googft-card-view" style="font-family:sans-serif;width:450px;padding:4px;border:1px solid #ccc;overflow:hidden">
|
|
<b>Entry Title:</b> WHID 2012-146: Nagoya zoo website hacked to display messages on Nanjing Massacre: media<br>
|
|
<b>WHID ID:</b> 2012-146<br>
|
|
<b>Date Occurred:</b> 2/23/2012<br>
|
|
<b>Attack Method:</b> Unknown<br>
|
|
<b>Application Weakness:</b> Unknown<br>
|
|
<b>Outcome:</b> Defacement<br>
|
|
<b>Attacked Entity Field:</b> Government<br>
|
|
<b>Attacked Entity Geography:</b> Nagoya, Japan<br>
|
|
<b>Incident Description:</b> The website of a Nagoya city-run zoo was hacked Thursday and displayed messages saying that the massacre of civilians of eastern China's Nanjing City by Japanese soldiers in 1937 should be acknowledged, according to local media citing the city of Nagoya as saying.<br>
|
|
<b>Reference:</b> <a href="http://www.shanghaidaily.com/article/article_xinhua.asp?id=52830" target="_blank">http://www.shanghaidaily.com/article/article_xinhua.asp?id=52830</a>
|
|
</div></td> <td><div class="googft-card-view" style="font-family:sans-serif;width:450px;padding:4px;border:1px solid #ccc;overflow:hidden">
|
|
<b>Entry Title:</b> WHID 2012-145: Newark city website attacked by hacker group<br>
|
|
<b>WHID ID:</b> 2012-145<br>
|
|
<b>Date Occurred:</b> 2/22/2012<br>
|
|
<b>Attack Method:</b> Unknown<br>
|
|
<b>Application Weakness:</b> Unknown<br>
|
|
<b>Outcome:</b> Defacement<br>
|
|
<b>Attacked Entity Field:</b> Government<br>
|
|
<b>Attacked Entity Geography:</b> Newark, NJ<br>
|
|
<b>Incident Description:</b> For the second time this month, the group CabinCr3w ??? an affiliate of the pro-free speech hackers Anonymous ??? is taking credit for infiltrating the city of Newark???s website and protesting corruption and police brutality, according to several city officials and statements by the group itself.<br>
|
|
<b>Reference:</b> <a href="http://www.nj.com/news/index.ssf/2012/02/newark_city_website_attacked_b.html" target="_blank">http://www.nj.com/news/index.ssf/2012/02/newark_city_website_attacked_b.html</a>
|
|
</div></td></tr> <tr><td><div class="googft-card-view" style="font-family:sans-serif;width:450px;padding:4px;border:1px solid #ccc;overflow:hidden">
|
|
<b>Entry Title:</b> WHID 2012-144: Hackers hit Los Angeles police canine group<br>
|
|
<b>WHID ID:</b> 2012-144<br>
|
|
<b>Date Occurred:</b> 2/22/2012<br>
|
|
<b>Attack Method:</b> Unknown<br>
|
|
<b>Application Weakness:</b> Unknown<br>
|
|
<b>Outcome:</b> Leakage of Information<br>
|
|
<b>Attacked Entity Field:</b> Law Enforcement<br>
|
|
<b>Attacked Entity Geography:</b> Los Angeles, California<br>
|
|
<b>Incident Description:</b> A group of hacktivists has leaked the names, addresses, phone numbers and email passwords of more than 100 police officers stolen from the database of the Los Angeles County Police Canine Association (LACPCA) website.<br>
|
|
<b>Reference:</b> <a href="http://www.msnbc.msn.com/id/46480682/ns/technology_and_science-security/#.T419t5pWrUU" target="_blank">http://www.msnbc.msn.com/id/46480682/ns/technology_and_science-security/#.T419t5pWrUU</a>
|
|
</div></td> <td><div class="googft-card-view" style="font-family:sans-serif;width:450px;padding:4px;border:1px solid #ccc;overflow:hidden">
|
|
<b>Entry Title:</b> WHID 2012-143: FTC sites hacked by Anonymous<br>
|
|
<b>WHID ID:</b> 2012-143<br>
|
|
<b>Date Occurred:</b> 2/17/2012<br>
|
|
<b>Attack Method:</b> Unknown<br>
|
|
<b>Application Weakness:</b> Unknown<br>
|
|
<b>Outcome:</b> Defacement<br>
|
|
<b>Attacked Entity Field:</b> Government<br>
|
|
<b>Attacked Entity Geography:</b> US<br>
|
|
<b>Incident Description:</b> The hacking group known as Anonymous has claimed a new series of hacks against the U.S. Federal Trade Commission and consumer rights websites.<br>
|
|
<b>Reference:</b> <a href="http://www.usatoday.com/tech/news/story/2012-02-17/ftc-sites-hacked-anonymous/53128914/1" target="_blank">http://www.usatoday.com/tech/news/story/2012-02-17/ftc-sites-hacked-anonymous/53128914/1</a>
|
|
</div></td></tr> <tr><td><div class="googft-card-view" style="font-family:sans-serif;width:450px;padding:4px;border:1px solid #ccc;overflow:hidden">
|
|
<b>Entry Title:</b> WHID 2012-142: East African firms caught up in hacking spree<br>
|
|
<b>WHID ID:</b> 2012-142<br>
|
|
<b>Date Occurred:</b> 2/15/2012<br>
|
|
<b>Attack Method:</b> SQL Injection<br>
|
|
<b>Application Weakness:</b> Improper Input Handling<br>
|
|
<b>Outcome:</b> Leakage of Information<br>
|
|
<b>Attacked Entity Field:</b> Retail<br>
|
|
<b>Attacked Entity Geography:</b> Africa<br>
|
|
<b>Incident Description:</b> A number of sites in East Africa were hacked starting last week by multiple hackers, in what appears to be an uncordinated hacking spree .The hacks come just after an overnight hack involving 103 Government of Kenya websites by an Indonesian hacker. This include the website of MTN, the largest mobile operator in Rwanda and a major player across the continent.<br>
|
|
<b>Reference:</b> <a href="http://news.idg.no/cw/art.cfm?id=10D8AA4C-9644-9A7D-E93200E945A6E32B" target="_blank">http://news.idg.no/cw/art.cfm?id=10D8AA4C-9644-9A7D-E93200E945A6E32B</a>
|
|
</div></td> <td><div class="googft-card-view" style="font-family:sans-serif;width:450px;padding:4px;border:1px solid #ccc;overflow:hidden">
|
|
<b>Entry Title:</b> WHID 2012-141: Hackers siphon Penticton man???s bank account<br>
|
|
<b>WHID ID:</b> 2012-141<br>
|
|
<b>Date Occurred:</b> 2/14/2012<br>
|
|
<b>Attack Method:</b> Banking Trojan<br>
|
|
<b>Application Weakness:</b> Insufficient Process Validation<br>
|
|
<b>Outcome:</b> Monetary Loss<br>
|
|
<b>Attacked Entity Field:</b> Finance<br>
|
|
<b>Attacked Entity Geography:</b> Penticton, B.C.<br>
|
|
<b>Incident Description:</b> A Penticton man is issuing a warning after $3,000 was drained from his bank account.<br>
|
|
<b>Reference:</b> <a href="http://www.pentictonwesternnews.com/news/139300688.html" target="_blank">http://www.pentictonwesternnews.com/news/139300688.html</a>
|
|
</div></td></tr> <tr><td><div class="googft-card-view" style="font-family:sans-serif;width:450px;padding:4px;border:1px solid #ccc;overflow:hidden">
|
|
<b>Entry Title:</b> WHID 2012-140: Anonymous Hacked BTK Database<br>
|
|
<b>WHID ID:</b> 2012-140<br>
|
|
<b>Date Occurred:</b> 2/15/2012<br>
|
|
<b>Attack Method:</b> SQL Injection<br>
|
|
<b>Application Weakness:</b> Improper Input Handling<br>
|
|
<b>Outcome:</b> Leakage of Information<br>
|
|
<b>Attacked Entity Field:</b> Government<br>
|
|
<b>Attacked Entity Geography:</b> Istanbul<br>
|
|
<b>Incident Description:</b> The group got hold of four different databases of the BTK and published the according information on Twitter. Information about companies like Vodafone, TurkNet, Superonline, Avea or Turkcell was published encrypted. Data from the fourth database contained clear information on the full names of BTK employees, their user names, e-mails, passwords, mobile, home and office phone numbers, date of birth and their ID numbers.<br>
|
|
<b>Reference:</b> <a href="http://www.bianet.org/english/world/136178-anonymous-hacked-btk-database" target="_blank">http://www.bianet.org/english/world/136178-anonymous-hacked-btk-database</a>
|
|
</div></td> <td><div class="googft-card-view" style="font-family:sans-serif;width:450px;padding:4px;border:1px solid #ccc;overflow:hidden">
|
|
<b>Entry Title:</b> WHID 2012-15: Hackers Take Down Irish Gov't Websites to Protest Anti-Piracy Bill<br>
|
|
<b>WHID ID:</b> 2012-14<br>
|
|
<b>Date Occurred:</b> 1/25/2012<br>
|
|
<b>Attack Method:</b> Denial of Service<br>
|
|
<b>Application Weakness:</b> Insufficient Anti-automation<br>
|
|
<b>Outcome:</b> Downtime<br>
|
|
<b>Attacked Entity Field:</b> Government<br>
|
|
<b>Attacked Entity Geography:</b> Ireland<br>
|
|
<b>Incident Description:</b> Anonymous Sweden has claimed responsibility on Twitter for the over-night shutdown of two Irish government websites. The hacking was used in protest of new copyright legislation that is being considered by Ireland.<br>
|
|
<b>Reference:</b> <a href="http://www.irishcentral.com/news/Hacker-group-Anonymous-forces-Irish-government-sites-offline-over-Internet-privacy-act-138115538.html" target="_blank">http://www.irishcentral.com/news/Hacker-group-Anonymous-forces-Irish-government-sites-offline-over-Internet-privacy-act-138115538.html</a>
|
|
</div></td></tr> <tr><td><div class="googft-card-view" style="font-family:sans-serif;width:450px;padding:4px;border:1px solid #ccc;overflow:hidden">
|
|
<b>Entry Title:</b> WHID 2012-139: Nasdaq Web Site Shut Down By Denial Of Service Attacks<br>
|
|
<b>WHID ID:</b> 2012-139<br>
|
|
<b>Date Occurred:</b> 2/14/2012<br>
|
|
<b>Attack Method:</b> Denial of Service<br>
|
|
<b>Application Weakness:</b> Insufficient Anti-automation<br>
|
|
<b>Outcome:</b> Downtime<br>
|
|
<b>Attacked Entity Field:</b> Finance<br>
|
|
<b>Attacked Entity Geography:</b> US<br>
|
|
<b>Incident Description:</b> Nasdaq.com is down for the count at the moment, apparently felled by a distributed denial-of-service attack from a group of hackers possibly connected with Anonymous, the hacking collective.<br>
|
|
<b>Reference:</b> <a href="http://www.forbes.com/sites/ericsavitz/2012/02/14/nasdaq-web-site-shut-down-by-denial-of-service-attacks/" target="_blank">http://www.forbes.com/sites/ericsavitz/2012/02/14/nasdaq-web-site-shut-down-by-denial-of-service-attacks/</a>
|
|
</div></td> <td><div class="googft-card-view" style="font-family:sans-serif;width:450px;padding:4px;border:1px solid #ccc;overflow:hidden">
|
|
<b>Entry Title:</b> WHID 2012-138: Breaches galore as Cryptome hacked to infect visitors with malware<br>
|
|
<b>WHID ID:</b> 2012-138<br>
|
|
<b>Date Occurred:</b> 2/14/2012<br>
|
|
<b>Attack Method:</b> Unknown<br>
|
|
<b>Application Weakness:</b> Improper Output Handling<br>
|
|
<b>Outcome:</b> Planting of Malware<br>
|
|
<b>Attacked Entity Field:</b> Media<br>
|
|
<b>Attacked Entity Geography:</b> US<br>
|
|
<b>Incident Description:</b> A breach that caused Cryptome.org to infect visitors with virulent malware was one of at least six attacks reported to hit high-profile sites or services in the past few days. Others affected included Ticketmaster, websites for Mexico and the state of Alabama, Dutch ISP KPN, and the Microsoft store in India.<br>
|
|
<b>Reference:</b> <a href="http://arstechnica.com/business/news/2012/02/breaches-galore-as-cryptome-hacked-to-infect-visitors-with-malware.ars" target="_blank">http://arstechnica.com/business/news/2012/02/breaches-galore-as-cryptome-hacked-to-infect-visitors-with-malware.ars</a>
|
|
</div></td></tr> <tr><td><div class="googft-card-view" style="font-family:sans-serif;width:450px;padding:4px;border:1px solid #ccc;overflow:hidden">
|
|
<b>Entry Title:</b> WHID 2012-137: Hackers Target Thai Government Over Censorship Allegations<br>
|
|
<b>WHID ID:</b> 2012-137<br>
|
|
<b>Date Occurred:</b> 2/14/2012<br>
|
|
<b>Attack Method:</b> Unknown<br>
|
|
<b>Application Weakness:</b> Unknown<br>
|
|
<b>Outcome:</b> Defacement<br>
|
|
<b>Attacked Entity Field:</b> Government<br>
|
|
<b>Attacked Entity Geography:</b> Thailand<br>
|
|
<b>Incident Description:</b> The attack saw the two hackers target a Thai government website, defacing several of its pages. The defacements made contained an air of humour, with one of the more prominent changes making the site list Hax.r00t as the country's president and Saadi as its Prime Minister. Read more: http://www.ibtimes.co.uk/articles/298390/20120214/hackers-thai-government-censorship-online-saadi-hax.htm#ixzz1sFNCqQG0<br>
|
|
<b>Reference:</b> <a href="http://www.ibtimes.co.uk/articles/298390/20120214/hackers-thai-government-censorship-online-saadi-hax.htm" target="_blank">http://www.ibtimes.co.uk/articles/298390/20120214/hackers-thai-government-censorship-online-saadi-hax.htm</a>
|
|
</div></td> <td><div class="googft-card-view" style="font-family:sans-serif;width:450px;padding:4px;border:1px solid #ccc;overflow:hidden">
|
|
<b>Entry Title:</b> WHID 2012-136: 700,000 kroner stolen in NemID attack<br>
|
|
<b>WHID ID:</b> 2012-136<br>
|
|
<b>Date Occurred:</b> 2/12/2012<br>
|
|
<b>Attack Method:</b> Banking Trojan<br>
|
|
<b>Application Weakness:</b> Insufficient Process Validation<br>
|
|
<b>Outcome:</b> Monetary Loss<br>
|
|
<b>Attacked Entity Field:</b> Finance<br>
|
|
<b>Attacked Entity Geography:</b> Copenhagen<br>
|
|
<b>Incident Description:</b> Hackers used spy software to help them steal money from the online bank accounts of eight individuals by bypassing the NemID digital signature<br>
|
|
<b>Reference:</b> <a href="http://www.cphpost.dk/news/national/700000-kroner-stolen-nemid-attack" target="_blank">http://www.cphpost.dk/news/national/700000-kroner-stolen-nemid-attack</a>
|
|
</div></td></tr> <tr><td><div class="googft-card-view" style="font-family:sans-serif;width:450px;padding:4px;border:1px solid #ccc;overflow:hidden">
|
|
<b>Entry Title:</b> WHID 2012-135: Hacker says porn site users compromised<br>
|
|
<b>WHID ID:</b> 2012-135<br>
|
|
<b>Date Occurred:</b> 2/11/2012<br>
|
|
<b>Attack Method:</b> SQL Injection<br>
|
|
<b>Application Weakness:</b> Improper Input Handling<br>
|
|
<b>Outcome:</b> Leakage of Information<br>
|
|
<b>Attacked Entity Field:</b> Entertainment<br>
|
|
<b>Attacked Entity Geography:</b> Luxembourg<br>
|
|
<b>Incident Description:</b> A hacker claims to have compromised the personal information of more than 350,000 users after breaking into a disused website operated by pornography provider Brazzers.<br>
|
|
<b>Reference:</b> <a href="http://www.usatoday.com/news/nation/story/2012-02-11/hackers-anonymous-brazzers-porn/53048096/1" target="_blank">http://www.usatoday.com/news/nation/story/2012-02-11/hackers-anonymous-brazzers-porn/53048096/1</a>
|
|
</div></td> <td><div class="googft-card-view" style="font-family:sans-serif;width:450px;padding:4px;border:1px solid #ccc;overflow:hidden">
|
|
<b>Entry Title:</b> WHID 2012-135: Anonymous attacks Croatian presidency website<br>
|
|
<b>WHID ID:</b> 2012-135<br>
|
|
<b>Date Occurred:</b> 2/10/2012<br>
|
|
<b>Attack Method:</b> Denial of Service<br>
|
|
<b>Application Weakness:</b> Insufficient Anti-automation<br>
|
|
<b>Outcome:</b> Downtime<br>
|
|
<b>Attacked Entity Field:</b> Government<br>
|
|
<b>Attacked Entity Geography:</b> Croatia<br>
|
|
<b>Incident Description:</b> Hacking collective Anonymous launched on February 9 a distributed denial of service (DDOS) attack on the website of the Croatian presidency after incumbent Ivo Josipovic defended the Anti-Counterfeiting Treaty Agreement (ACTA).<br>
|
|
<b>Reference:</b> <a href="http://www.sofiaecho.com/2012/02/10/1764013_anonymous-attacks-croatian-presidency-website" target="_blank">http://www.sofiaecho.com/2012/02/10/1764013_anonymous-attacks-croatian-presidency-website</a>
|
|
</div></td></tr> <tr><td><div class="googft-card-view" style="font-family:sans-serif;width:450px;padding:4px;border:1px solid #ccc;overflow:hidden">
|
|
<b>Entry Title:</b> WHID 2012-134: Hackers Claims to compromise Intel's Sensitive Data<br>
|
|
<b>WHID ID:</b> 2012-134<br>
|
|
<b>Date Occurred:</b> 2/10/2012<br>
|
|
<b>Attack Method:</b> SQL Injection<br>
|
|
<b>Application Weakness:</b> Improper Input Handling<br>
|
|
<b>Outcome:</b> Leakage of Information<br>
|
|
<b>Attacked Entity Field:</b> Technology<br>
|
|
<b>Attacked Entity Geography:</b> US<br>
|
|
<b>Incident Description:</b> A security researcher under the name of "WeedGrower", or "X-pOSed" has been on a roll since the start of 2012. He has ambushed huge sites such as AOL, NASA, Hotmail, Myspace, Xbox, USBank, Yahoo, and VISA, he has also leaked sensitive data on most of those websites.<br>
|
|
<b>Reference:</b> <a href="http://thehackernews.com/2012/02/hackers-claims-to-compromise-intels.html" target="_blank">http://thehackernews.com/2012/02/hackers-claims-to-compromise-intels.html</a>
|
|
</div></td> <td><div class="googft-card-view" style="font-family:sans-serif;width:450px;padding:4px;border:1px solid #ccc;overflow:hidden">
|
|
<b>Entry Title:</b> WHID 2012-133: TeamPoison Hackers Hit the United Nations<br>
|
|
<b>WHID ID:</b> 2012-133<br>
|
|
<b>Date Occurred:</b> 2/9/2012<br>
|
|
<b>Attack Method:</b> SQL Injection<br>
|
|
<b>Application Weakness:</b> Improper Input Handling<br>
|
|
<b>Outcome:</b> Leakage of Information<br>
|
|
<b>Attacked Entity Field:</b> Government<br>
|
|
<b>Attacked Entity Geography:</b> US<br>
|
|
<b>Incident Description:</b> Following on from the OpNigeria assault, a hacker operating under TeamPoison's banner has targeted the United Nations (UN), releasing the data stolen in a statement posted on Pastebin.<br>
|
|
<b>Reference:</b> <a href="http://www.ibtimes.co.uk/articles/295795/20120209/teampoison-hack-hackers-united-nations-un-cali.htm#ixzz1sEVVtO8X" target="_blank">http://www.ibtimes.co.uk/articles/295795/20120209/teampoison-hack-hackers-united-nations-un-cali.htm#ixzz1sEVVtO8X</a>
|
|
</div></td></tr> <tr><td><div class="googft-card-view" style="font-family:sans-serif;width:450px;padding:4px;border:1px solid #ccc;overflow:hidden">
|
|
<b>Entry Title:</b> WHID 2012-132: Israel Today hacked; Israeli army jumps into cyber war<br>
|
|
<b>WHID ID:</b> 2012-132<br>
|
|
<b>Date Occurred:</b> 2/9/2012<br>
|
|
<b>Attack Method:</b> Denial of Service<br>
|
|
<b>Application Weakness:</b> Insufficient Anti-automation<br>
|
|
<b>Outcome:</b> Downtime<br>
|
|
<b>Attacked Entity Field:</b> Media<br>
|
|
<b>Attacked Entity Geography:</b> Israel<br>
|
|
<b>Incident Description:</b> Over the past few days, an unknown hacker or group of hackers pounded the israeltoday.co.il domain with so many requests that it repeatedly crashed.<br>
|
|
<b>Reference:</b> <a href="http://israeltoday.co.il/News/tabid/178/nid/23111/language/en-US/Default.aspx" target="_blank">http://israeltoday.co.il/News/tabid/178/nid/23111/language/en-US/Default.aspx</a>
|
|
</div></td> <td><div class="googft-card-view" style="font-family:sans-serif;width:450px;padding:4px;border:1px solid #ccc;overflow:hidden">
|
|
<b>Entry Title:</b> WHID 2012-131: United Russia Site Attacked by Hacker Group Anonymous<br>
|
|
<b>WHID ID:</b> 2012-131<br>
|
|
<b>Date Occurred:</b> 2/10/2012<br>
|
|
<b>Attack Method:</b> Denial of Service<br>
|
|
<b>Application Weakness:</b> Insufficient Anti-automation<br>
|
|
<b>Outcome:</b> Downtime<br>
|
|
<b>Attacked Entity Field:</b> Government<br>
|
|
<b>Attacked Entity Geography:</b> Moscow, Russia<br>
|
|
<b>Incident Description:</b> A United Russia party website was knocked offline Thursday after hackers from the group Anonymous claimed to have directed a denial of service attack on the site.<br>
|
|
<b>Reference:</b> <a href="http://www.themoscowtimes.com/news/article/united-russia-site-attacked-by-hacker-group-anonymous/452761.html" target="_blank">http://www.themoscowtimes.com/news/article/united-russia-site-attacked-by-hacker-group-anonymous/452761.html</a>
|
|
</div></td></tr> <tr><td><div class="googft-card-view" style="font-family:sans-serif;width:450px;padding:4px;border:1px solid #ccc;overflow:hidden">
|
|
<b>Entry Title:</b> WHID 2012-130: Citigroup Inc. (NYSE:C) Hit By Hackers<br>
|
|
<b>WHID ID:</b> 2012-130<br>
|
|
<b>Date Occurred:</b> 2/6/2012<br>
|
|
<b>Attack Method:</b> Denial of Service<br>
|
|
<b>Application Weakness:</b> Insufficient Anti-automation<br>
|
|
<b>Outcome:</b> Downtime<br>
|
|
<b>Attacked Entity Field:</b> Finance<br>
|
|
<b>Attacked Entity Geography:</b> Brazil<br>
|
|
<b>Incident Description:</b> Hackers have attacked Brazilian financial websites, including Citigroup Inc. (NYSE:C). Citigroup Inc. (NYSE:C) Hit By Hackers Citigroup, Inc. 34.35 +0.94 (+2.81%) Intraday 3 Month 6 Month 1 Year A group of Brazilian hackers named ???Anonymous Brazil??? have attacked a series of financial websites in Brazil, including Citigroup Inc. (NYSE:C), Febraban, Banco BMG and other institutions.<br>
|
|
<b>Reference:</b> <a href="http://www.emoneydaily.com/citigroup-inc-nysec-hit-by-hackers/69823284/" target="_blank">http://www.emoneydaily.com/citigroup-inc-nysec-hit-by-hackers/69823284/</a>
|
|
</div></td> <td><div class="googft-card-view" style="font-family:sans-serif;width:450px;padding:4px;border:1px solid #ccc;overflow:hidden">
|
|
<b>Entry Title:</b> WHID 2012-13: MMA notes: UFC website hacked<br>
|
|
<b>WHID ID:</b> 2012-13<br>
|
|
<b>Date Occurred:</b> 1/25/2012<br>
|
|
<b>Attack Method:</b> DNS Hijacking<br>
|
|
<b>Application Weakness:</b> Unknown<br>
|
|
<b>Outcome:</b> Defacement<br>
|
|
<b>Attacked Entity Field:</b> Entertainment<br>
|
|
<b>Attacked Entity Geography:</b> Las Vegas, NV<br>
|
|
<b>Incident Description:</b> A criminal investigation is underway after UFC.com was hacked Sunday.<br>
|
|
<b>Reference:</b> <a href="http://www.torontosun.com/2012/01/25/mma-notes-ufc-website-hacked" target="_blank">http://www.torontosun.com/2012/01/25/mma-notes-ufc-website-hacked</a>
|
|
</div></td></tr> <tr><td><div class="googft-card-view" style="font-family:sans-serif;width:450px;padding:4px;border:1px solid #ccc;overflow:hidden">
|
|
<b>Entry Title:</b> WHID 2012-129: Hackers block Slovenian largest bank NLB's website<br>
|
|
<b>WHID ID:</b> 2012-129<br>
|
|
<b>Date Occurred:</b> 2/4/2012<br>
|
|
<b>Attack Method:</b> Denial of Service<br>
|
|
<b>Application Weakness:</b> Insufficient Anti-automation<br>
|
|
<b>Outcome:</b> Downtime<br>
|
|
<b>Attacked Entity Field:</b> Finance<br>
|
|
<b>Attacked Entity Geography:</b> Slovenia<br>
|
|
<b>Incident Description:</b> Online hackers' group Anonymous blocked temporarily on Saturday the website of Slovenia's largest bank NLB, while thousands protested in Ljubljana against an anti-piracy pact.<br>
|
|
<b>Reference:</b> <a href="http://www.google.com/hostednews/afp/article/ALeqM5ilturtoKhGM1fSlrXKtodx5KAysw?docId=CNG.e27edd710da10fc1025f9684e4b281b4.471" target="_blank">http://www.google.com/hostednews/afp/article/ALeqM5ilturtoKhGM1fSlrXKtodx5KAysw?docId=CNG.e27edd710da10fc1025f9684e4b281b4.471</a>
|
|
</div></td> <td><div class="googft-card-view" style="font-family:sans-serif;width:450px;padding:4px;border:1px solid #ccc;overflow:hidden">
|
|
<b>Entry Title:</b> WHID 2012-128: Department of Homeland Security website hacked by Anonymous<br>
|
|
<b>WHID ID:</b> 2012-128<br>
|
|
<b>Date Occurred:</b> 2/4/2012<br>
|
|
<b>Attack Method:</b> Denial of Service<br>
|
|
<b>Application Weakness:</b> Insufficient Anti-automation<br>
|
|
<b>Outcome:</b> Downtime<br>
|
|
<b>Attacked Entity Field:</b> Government<br>
|
|
<b>Attacked Entity Geography:</b> Washington, DC<br>
|
|
<b>Incident Description:</b> Only hours after two of its biggest releases ever, the online collective Anonymous is taking credit for crashing the website of the US Department of Homeland Security.<br>
|
|
<b>Reference:</b> <a href="https://rt.com/usa/news/homeland-security-website-anonymous-473/" target="_blank">https://rt.com/usa/news/homeland-security-website-anonymous-473/</a>
|
|
</div></td></tr> <tr><td><div class="googft-card-view" style="font-family:sans-serif;width:450px;padding:4px;border:1px solid #ccc;overflow:hidden">
|
|
<b>Entry Title:</b> WHID 2012-127: Hackers apparently hit Swedish government site<br>
|
|
<b>WHID ID:</b> 2012-127<br>
|
|
<b>Date Occurred:</b> 2/4/2012<br>
|
|
<b>Attack Method:</b> Denial of Service<br>
|
|
<b>Application Weakness:</b> Insufficient Anti-automation<br>
|
|
<b>Outcome:</b> Downtime<br>
|
|
<b>Attacked Entity Field:</b> Government<br>
|
|
<b>Attacked Entity Geography:</b> Stockholm, Sweden<br>
|
|
<b>Incident Description:</b> A group linked to the hacker network Anonymous on Saturday said it had attacked the Swedish government's website, bringing it down for periods of time by overloading it with traffic. Read more: http://www.foxnews.com/scitech/2012/02/04/hackers-apparently-hit-swedish-government-site/#ixzz1sEEKo9es<br>
|
|
<b>Reference:</b> <a href="http://www.foxnews.com/scitech/2012/02/04/hackers-apparently-hit-swedish-government-site/" target="_blank">http://www.foxnews.com/scitech/2012/02/04/hackers-apparently-hit-swedish-government-site/</a>
|
|
</div></td> <td><div class="googft-card-view" style="font-family:sans-serif;width:450px;padding:4px;border:1px solid #ccc;overflow:hidden">
|
|
<b>Entry Title:</b> WHID 2012-126: Daniel Negreanu???s PokerStars Account Hacked<br>
|
|
<b>WHID ID:</b> 2012-126<br>
|
|
<b>Date Occurred:</b> 2/3/2012<br>
|
|
<b>Attack Method:</b> Unknown<br>
|
|
<b>Application Weakness:</b> Unknown<br>
|
|
<b>Outcome:</b> Monetary Loss<br>
|
|
<b>Attacked Entity Field:</b> Entertainment<br>
|
|
<b>Attacked Entity Geography:</b> UK<br>
|
|
<b>Incident Description:</b> A computer hacker managed to compromise Daniel Negreanu???s PokerStars and e-mail accounts, sitting down at the virtual felt under the Canadian pro???s screen name and recklessly playing with Negreanu???s $100,000 in funds on account at the world???s top poker site.<br>
|
|
<b>Reference:</b> <a href="http://www.pokernewsreport.com/daniel-negreanus-pokerstars-account-hacked-7299" target="_blank">http://www.pokernewsreport.com/daniel-negreanus-pokerstars-account-hacked-7299</a>
|
|
</div></td></tr> <tr><td><div class="googft-card-view" style="font-family:sans-serif;width:450px;padding:4px;border:1px solid #ccc;overflow:hidden">
|
|
<b>Entry Title:</b> WHID 2012-125: Hackers outwit online banking identity security systems<br>
|
|
<b>WHID ID:</b> 2012-125<br>
|
|
<b>Date Occurred:</b> 2/10/2012<br>
|
|
<b>Attack Method:</b> Banking Trojan<br>
|
|
<b>Application Weakness:</b> Insufficient Process Validation<br>
|
|
<b>Outcome:</b> Monetary Loss<br>
|
|
<b>Attacked Entity Field:</b> Finance<br>
|
|
<b>Attacked Entity Geography:</b> UK<br>
|
|
<b>Incident Description:</b> Criminal hackers have found a way round the latest generation of online banking security devices given out by banks, the BBC has learned.<br>
|
|
<b>Reference:</b> <a href="http://www.bbc.co.uk/news/technology-16812064" target="_blank">http://www.bbc.co.uk/news/technology-16812064</a>
|
|
</div></td> <td><div class="googft-card-view" style="font-family:sans-serif;width:450px;padding:4px;border:1px solid #ccc;overflow:hidden">
|
|
<b>Entry Title:</b> WHID 2012-124: DHI website hacked thrice in a month<br>
|
|
<b>WHID ID:</b> 2012-124<br>
|
|
<b>Date Occurred:</b> 2/3/2012<br>
|
|
<b>Attack Method:</b> Unknown<br>
|
|
<b>Application Weakness:</b> Unknown<br>
|
|
<b>Outcome:</b> Defacement<br>
|
|
<b>Attacked Entity Field:</b> Finance<br>
|
|
<b>Attacked Entity Geography:</b> Bhutan<br>
|
|
<b>Incident Description:</b> With its website hacked thrice in the past month officials of Druk Holdings and Investments (DHI), a Nu 45 B company and the investment arm of the government, say the problem is partly because of lapses with Bhutan Telecom.<br>
|
|
<b>Reference:</b> <a href="http://www.kuenselonline.com/2011/?p=26344" target="_blank">http://www.kuenselonline.com/2011/?p=26344</a>
|
|
</div></td></tr> <tr><td><div class="googft-card-view" style="font-family:sans-serif;width:450px;padding:4px;border:1px solid #ccc;overflow:hidden">
|
|
<b>Entry Title:</b> WHID 2012-123: President's Website Comes Under Hacker Attack<br>
|
|
<b>WHID ID:</b> 2012-123<br>
|
|
<b>Date Occurred:</b> 2/1/2012<br>
|
|
<b>Attack Method:</b> Denial of Service<br>
|
|
<b>Application Weakness:</b> Insufficient Anti-automation<br>
|
|
<b>Outcome:</b> Downtime<br>
|
|
<b>Attacked Entity Field:</b> Government<br>
|
|
<b>Attacked Entity Geography:</b> Ukraine<br>
|
|
<b>Incident Description:</b> Ukrainian News Agency The President's website has come under hacker attack, the President's press secretary, Daria Chepak, writes in her blog at Ukrainska Pravda. "Unknown persons have been attacking the official website of the President of Ukraine since today's night," she said.<br>
|
|
<b>Reference:</b> <a href="http://un.ua/eng/article/373136.html" target="_blank">http://un.ua/eng/article/373136.html</a>
|
|
</div></td> <td><div class="googft-card-view" style="font-family:sans-serif;width:450px;padding:4px;border:1px solid #ccc;overflow:hidden">
|
|
<b>Entry Title:</b> WHID 2012-122: Fairfax microsites hacked<br>
|
|
<b>WHID ID:</b> 2012-122<br>
|
|
<b>Date Occurred:</b> 2/1/2012<br>
|
|
<b>Attack Method:</b> SQL Injection<br>
|
|
<b>Application Weakness:</b> Improper Input Handling<br>
|
|
<b>Outcome:</b> Leakage of Information<br>
|
|
<b>Attacked Entity Field:</b> Media<br>
|
|
<b>Attacked Entity Geography:</b> Australia<br>
|
|
<b>Incident Description:</b> Media giant Fairfax has confirmed that two of its microsites were hacked this month but claims that up to 10,000 unencrypted credit card details compromised in the same attack were not Fairfax customers.<br>
|
|
<b>Reference:</b> <a href="http://www.scmagazine.com.au/News/288661,fairfax-microsites-hacked.aspx" target="_blank">http://www.scmagazine.com.au/News/288661,fairfax-microsites-hacked.aspx</a>
|
|
</div></td></tr> <tr><td><div class="googft-card-view" style="font-family:sans-serif;width:450px;padding:4px;border:1px solid #ccc;overflow:hidden">
|
|
<b>Entry Title:</b> WHID 2012-121: iTunes hackers are emptying accounts<br>
|
|
<b>WHID ID:</b> 2012-121<br>
|
|
<b>Date Occurred:</b> 1/30/2012<br>
|
|
<b>Attack Method:</b> Unknown<br>
|
|
<b>Application Weakness:</b> Unknown<br>
|
|
<b>Outcome:</b> Monetary Loss<br>
|
|
<b>Attacked Entity Field:</b> Retail<br>
|
|
<b>Attacked Entity Geography:</b> Cupertino, CA<br>
|
|
<b>Incident Description:</b> Emert isn???t alone. There is an ever-growing Apple support forum of people who have say their iTunes accounts have been hacked. It's been going on more than a year and now there are more than 65 pages in the forum with hundreds of replies. Most of them ask the same questions of Apple, wondering if they can get their money back. Emert was able to get a one-time refund.<br>
|
|
<b>Reference:</b> <a href="http://www.abc2news.com/dpp/money/consumer/scam_alerts/itunes-hackers-are-emptying-accounts" target="_blank">http://www.abc2news.com/dpp/money/consumer/scam_alerts/itunes-hackers-are-emptying-accounts</a>
|
|
</div></td> <td><div class="googft-card-view" style="font-family:sans-serif;width:450px;padding:4px;border:1px solid #ccc;overflow:hidden">
|
|
<b>Entry Title:</b> WHID 2012-120: Hackers infect WordPress 3.2.1 blogs to distribute TDSS rootkit<br>
|
|
<b>WHID ID:</b> 2012-120<br>
|
|
<b>Date Occurred:</b> 2/1/2012<br>
|
|
<b>Attack Method:</b> Unknown<br>
|
|
<b>Application Weakness:</b> Improper Output Handling<br>
|
|
<b>Outcome:</b> Planting of Malware<br>
|
|
<b>Attacked Entity Field:</b> Blogs<br>
|
|
<b>Attacked Entity Geography:</b> Multiple<br>
|
|
<b>Incident Description:</b> Hackers are compromising WordPress 3.2.1 blogs in order to infect their visitors with the notorious TDSS rootkit, according to researchers from Web security firm Websense.<br>
|
|
<b>Reference:</b> <a href="http://www.techworld.com.au/article/413924/hackers_infect_wordpress_3_2_1_blogs_distribute_tdss_rootkit/?fp=16&fpid=1" target="_blank">http://www.techworld.com.au/article/413924/hackers_infect_wordpress_3_2_1_blogs_distribute_tdss_rootkit/?fp=16&fpid=1</a>
|
|
</div></td></tr> <tr><td><div class="googft-card-view" style="font-family:sans-serif;width:450px;padding:4px;border:1px solid #ccc;overflow:hidden">
|
|
<b>Entry Title:</b> WHID 2012-12: Anonymous takedown FBI as Megaupload Shutdown retaliation<br>
|
|
<b>WHID ID:</b> 2012-12<br>
|
|
<b>Date Occurred:</b> 1/20/2012<br>
|
|
<b>Attack Method:</b> Denial of Service<br>
|
|
<b>Application Weakness:</b> Insufficient Anti-automation<br>
|
|
<b>Outcome:</b> Downtime<br>
|
|
<b>Attacked Entity Field:</b> Government<br>
|
|
<b>Attacked Entity Geography:</b> United States<br>
|
|
<b>Incident Description:</b> After FBI Federal agents executed a shutdown on the files sharing website Megaupload on Thursday, the response of Internet comes rapidly from none other than Anonymous.<br>
|
|
<b>Reference:</b> <a href="http://www.nationalturk.com/en/anonymous-takedown-fbi-as-megaupload-shutdown-retaliation-16006" target="_blank">http://www.nationalturk.com/en/anonymous-takedown-fbi-as-megaupload-shutdown-retaliation-16006</a>
|
|
</div></td> <td><div class="googft-card-view" style="font-family:sans-serif;width:450px;padding:4px;border:1px solid #ccc;overflow:hidden">
|
|
<b>Entry Title:</b> WHID 2012-119: Hackers Attack Website of Brazil's Itau; May Try Other Banks<br>
|
|
<b>WHID ID:</b> 2012-119<br>
|
|
<b>Date Occurred:</b> 1/30/2012<br>
|
|
<b>Attack Method:</b> Denial of Service<br>
|
|
<b>Application Weakness:</b> Insufficient Anti-automation<br>
|
|
<b>Outcome:</b> Downtime<br>
|
|
<b>Attacked Entity Field:</b> Finance<br>
|
|
<b>Attacked Entity Geography:</b> Sao Paulo, Brazil<br>
|
|
<b>Incident Description:</b> Hackers from the Anonymous Movement group fought out a day-long attack against websites of Brazil's Banco Itau SA on Monday, shutting down service on several occasions, and threatened more action during the week.<br>
|
|
<b>Reference:</b> <a href="http://online.wsj.com/article/SB10001424052970204652904577193920234068442.html" target="_blank">http://online.wsj.com/article/SB10001424052970204652904577193920234068442.html</a>
|
|
</div></td></tr> <tr><td><div class="googft-card-view" style="font-family:sans-serif;width:450px;padding:4px;border:1px solid #ccc;overflow:hidden">
|
|
<b>Entry Title:</b> WHID 2012-118: Universal Music Portugal database dumped by Hackers<br>
|
|
<b>WHID ID:</b> 2012-118<br>
|
|
<b>Date Occurred:</b> 1/29/2012<br>
|
|
<b>Attack Method:</b> SQL Injection<br>
|
|
<b>Application Weakness:</b> Improper Input Handling<br>
|
|
<b>Outcome:</b> Leakage of Information<br>
|
|
<b>Attacked Entity Field:</b> Entertainment<br>
|
|
<b>Attacked Entity Geography:</b> Portugal<br>
|
|
<b>Incident Description:</b> Another Latest Tip come in my Inbox today about the leak of Database of Universal Music Portugal's website. Hacker did not mention his name,or Codename, But he enumerate the Database and Extract it by Hacking the Site. 100's of Tables from Database and Users Data has been leaked via a pastebin File. It includes the Usernames, Passwords and Emails ID's of Users of Site.<br>
|
|
<b>Reference:</b> <a href="http://thehackernews.com/2012/01/universal-music-portugal-database.html" target="_blank">http://thehackernews.com/2012/01/universal-music-portugal-database.html</a>
|
|
</div></td> <td><div class="googft-card-view" style="font-family:sans-serif;width:450px;padding:4px;border:1px solid #ccc;overflow:hidden">
|
|
<b>Entry Title:</b> WHID 2012-117: UFC president hacked after scrapping with Anonymous<br>
|
|
<b>WHID ID:</b> 2012-117<br>
|
|
<b>Date Occurred:</b> 1/27/2012<br>
|
|
<b>Attack Method:</b> Denial of Service<br>
|
|
<b>Application Weakness:</b> Insufficient Anti-automation<br>
|
|
<b>Outcome:</b> Downtime<br>
|
|
<b>Attacked Entity Field:</b> Entertainment<br>
|
|
<b>Attacked Entity Geography:</b> US<br>
|
|
<b>Incident Description:</b> Dana White loves a good fight. But the Ultimate Fighting Championship president may have second thoughts about mixing it up with members of the hacker collective Anonymous on Thursday night on Twitter, where he was on the receiving end of a brutal punch.<br>
|
|
<b>Reference:</b> <a href="http://www.cnn.com/2012/01/27/tech/web/ufc-anonymous-sopa/index.html" target="_blank">http://www.cnn.com/2012/01/27/tech/web/ufc-anonymous-sopa/index.html</a>
|
|
</div></td></tr> <tr><td><div class="googft-card-view" style="font-family:sans-serif;width:450px;padding:4px;border:1px solid #ccc;overflow:hidden">
|
|
<b>Entry Title:</b> WHID 2012-116: Scalpers aggressively go after Bruce Springsteen tickets, disappoint fans<br>
|
|
<b>WHID ID:</b> 2012-116<br>
|
|
<b>Date Occurred:</b> 1/29/2012<br>
|
|
<b>Attack Method:</b> Denial of Service<br>
|
|
<b>Application Weakness:</b> Insufficient Anti-automation<br>
|
|
<b>Outcome:</b> Downtime<br>
|
|
<b>Attacked Entity Field:</b> Retail<br>
|
|
<b>Attacked Entity Geography:</b> US<br>
|
|
<b>Incident Description:</b> According to a statement from Ticketmaster, scalpers with ???sophisticated??? computer programs are to blame. Scalpers targeted the site with Distributed Denial of Service attacks, which generated extra junk traffic, resulting in the unresponsiveness of the site. Read more at http://www.inquisitr.com/187910/scalpers-aggressively-go-after-bruce-springsteen-tickets-disappoint-fans/#HYCdxfUHLpbzUS9E.99<br>
|
|
<b>Reference:</b> <a href="http://www.inquisitr.com/187910/scalpers-aggressively-go-after-bruce-springsteen-tickets-disappoint-fans/#HYCdxfUHLpbzUS9E.99" target="_blank">http://www.inquisitr.com/187910/scalpers-aggressively-go-after-bruce-springsteen-tickets-disappoint-fans/#HYCdxfUHLpbzUS9E.99</a>
|
|
</div></td> <td><div class="googft-card-view" style="font-family:sans-serif;width:450px;padding:4px;border:1px solid #ccc;overflow:hidden">
|
|
<b>Entry Title:</b> WHID 2012-115: Forbes Exploited: XSS Vulnerabilities Allow Phishers to Hijack Sessions & Steal Logins Read more: Forbes Exploited: XSS Vulnerabilities Allow Phishers to Hijack Sessions & Steal Logins<br>
|
|
<b>WHID ID:</b> 2012-115<br>
|
|
<b>Date Occurred:</b> 1/27/2012<br>
|
|
<b>Attack Method:</b> Cross-site Scripting (XSS)<br>
|
|
<b>Application Weakness:</b> Improper Output Handling<br>
|
|
<b>Outcome:</b> Account Takeover<br>
|
|
<b>Attacked Entity Field:</b> Media<br>
|
|
<b>Attacked Entity Geography:</b> US<br>
|
|
<b>Incident Description:</b> Here's another delicious Byte. Ucha Gobejishvili, a Georgian Security Researcher under the handle of longrifle0x, discovered two cross site scripting (XSS) vulnerabilities on the official website of Forbes. Read more: http://null-byte.wonderhowto.com/blog/forbes-exploited-xss-vulnerabilities-allow-phishers-hijack-sessions-steal-logins-0133051/#ixzz1sDnk6Vc7<br>
|
|
<b>Reference:</b> <a href="http://null-byte.wonderhowto.com/blog/forbes-exploited-xss-vulnerabilities-allow-phishers-hijack-sessions-steal-logins-0133051/#ixzz1sDnUwuwm" target="_blank">http://null-byte.wonderhowto.com/blog/forbes-exploited-xss-vulnerabilities-allow-phishers-hijack-sessions-steal-logins-0133051/#ixzz1sDnUwuwm</a>
|
|
</div></td></tr> <tr><td><div class="googft-card-view" style="font-family:sans-serif;width:450px;padding:4px;border:1px solid #ccc;overflow:hidden">
|
|
<b>Entry Title:</b> WHID 2012-114: NLC???s website hacked<br>
|
|
<b>WHID ID:</b> 2012-114<br>
|
|
<b>Date Occurred:</b> 1/28/2012<br>
|
|
<b>Attack Method:</b> Unknown<br>
|
|
<b>Application Weakness:</b> Unknown<br>
|
|
<b>Outcome:</b> Defacement<br>
|
|
<b>Attacked Entity Field:</b> Government<br>
|
|
<b>Attacked Entity Geography:</b> Nigeria<br>
|
|
<b>Incident Description:</b> The official website of the Nigeria Labour Congress (NLC) came under attack yesterday from a group calling itself NaijaCyber Hacktivites. The hackers defaced the website and called two leaders of the union traitors for allegedly selling out to the Federal Government over the oil subsidy removal.<br>
|
|
<b>Reference:</b> <a href="http://www.thenationonlineng.net/2011/index.php/news-update/34830-nlc%E2%80%99s-website-hacked.html" target="_blank">http://www.thenationonlineng.net/2011/index.php/news-update/34830-nlc%E2%80%99s-website-hacked.html</a>
|
|
</div></td> <td><div class="googft-card-view" style="font-family:sans-serif;width:450px;padding:4px;border:1px solid #ccc;overflow:hidden">
|
|
<b>Entry Title:</b> WHID 2012-113: Students busted for hacking computers, changing grades<br>
|
|
<b>WHID ID:</b> 2012-113<br>
|
|
<b>Date Occurred:</b> 1/27/2012<br>
|
|
<b>Attack Method:</b> Stolen Credentials<br>
|
|
<b>Application Weakness:</b> Insufficient Authentication<br>
|
|
<b>Outcome:</b> Fraud<br>
|
|
<b>Attacked Entity Field:</b> Education<br>
|
|
<b>Attacked Entity Geography:</b> California<br>
|
|
<b>Incident Description:</b> Three high school juniors have been arrested after they devised a sophisticated hacking scheme to up their grades and make money selling quiz answers to their classmates.<br>
|
|
<b>Reference:</b> <a href="http://www.theregister.co.uk/2012/01/27/students_hack_teachers_computers/" target="_blank">http://www.theregister.co.uk/2012/01/27/students_hack_teachers_computers/</a>
|
|
</div></td></tr> <tr><td><div class="googft-card-view" style="font-family:sans-serif;width:450px;padding:4px;border:1px solid #ccc;overflow:hidden">
|
|
<b>Entry Title:</b> WHID 2012-112: Lithuanian central bank hit by cyber-attack<br>
|
|
<b>WHID ID:</b> 2012-112<br>
|
|
<b>Date Occurred:</b> 1/27/2012<br>
|
|
<b>Attack Method:</b> Denial of Service<br>
|
|
<b>Application Weakness:</b> Insufficient Anti-automation<br>
|
|
<b>Outcome:</b> Downtime<br>
|
|
<b>Attacked Entity Field:</b> Finance<br>
|
|
<b>Attacked Entity Geography:</b> Vilnius, Lithuania<br>
|
|
<b>Incident Description:</b> Lithuania's central bank said Friday it had been hit by a cyber-attack, but had eventually overcome the assault on its website and other online services.<br>
|
|
<b>Reference:</b> <a href="http://www.google.com/hostednews/afp/article/ALeqM5ifPzsAaVafW485uqxHES1G5YjxgQ?docId=CNG.db52691d2005cab46bbe09fa2b685ee4.ee1" target="_blank">http://www.google.com/hostednews/afp/article/ALeqM5ifPzsAaVafW485uqxHES1G5YjxgQ?docId=CNG.db52691d2005cab46bbe09fa2b685ee4.ee1</a>
|
|
</div></td> <td><div class="googft-card-view" style="font-family:sans-serif;width:450px;padding:4px;border:1px solid #ccc;overflow:hidden">
|
|
<b>Entry Title:</b> WHID 2012-111: Israeli Hacker Steals 85,000 Arabs' Facebook Logins<br>
|
|
<b>WHID ID:</b> 2012-111<br>
|
|
<b>Date Occurred:</b> 1/25/2012<br>
|
|
<b>Attack Method:</b> Unknown<br>
|
|
<b>Application Weakness:</b> Unknown<br>
|
|
<b>Outcome:</b> Leakage of Information<br>
|
|
<b>Attacked Entity Field:</b> Social<br>
|
|
<b>Attacked Entity Geography:</b> San Francisco, CA<br>
|
|
<b>Incident Description:</b> An Israeli hacker calling himself Hannibal stole and exposed the Facebook login credentials of 85,000 Arabs earlier this week. It's the latest retaliatory strike in a politically motivated battle between Israeli and Arab hackers that's been going strong since the beginning of the month.<br>
|
|
<b>Reference:</b> <a href="http://www.msnbc.msn.com/id/46133351/ns/technology_and_science-security/#.T4w5lZpWrUU" target="_blank">http://www.msnbc.msn.com/id/46133351/ns/technology_and_science-security/#.T4w5lZpWrUU</a>
|
|
</div></td></tr> <tr><td><div class="googft-card-view" style="font-family:sans-serif;width:450px;padding:4px;border:1px solid #ccc;overflow:hidden">
|
|
<b>Entry Title:</b> WHID 2012-110: 'Anonymous' hackers target FTC<br>
|
|
<b>WHID ID:</b> 2012-110<br>
|
|
<b>Date Occurred:</b> 1/24/2012<br>
|
|
<b>Attack Method:</b> Denial of Service<br>
|
|
<b>Application Weakness:</b> Insufficient Anti-automation<br>
|
|
<b>Outcome:</b> Downtime<br>
|
|
<b>Attacked Entity Field:</b> Government<br>
|
|
<b>Attacked Entity Geography:</b> Washington, DC<br>
|
|
<b>Incident Description:</b> Infamous hacking enclave Anonymous continued its quest for retribution Tuesday, claiming responsibility for shutting down OnGuardOnline.com, a Website managed by the U.S. Federal Trade Commission (FTC)<br>
|
|
<b>Reference:</b> <a href="http://news.medill.northwestern.edu/chicago/news.aspx?id=199000" target="_blank">http://news.medill.northwestern.edu/chicago/news.aspx?id=199000</a>
|
|
</div></td> <td><div class="googft-card-view" style="font-family:sans-serif;width:450px;padding:4px;border:1px solid #ccc;overflow:hidden">
|
|
<b>Entry Title:</b> WHID 2012-11: Mercier Bridge website hacked<br>
|
|
<b>WHID ID:</b> 2012-11<br>
|
|
<b>Date Occurred:</b> 1/19/2012<br>
|
|
<b>Attack Method:</b> Unknown<br>
|
|
<b>Application Weakness:</b> Unknown<br>
|
|
<b>Outcome:</b> Defacement<br>
|
|
<b>Attacked Entity Field:</b> Government<br>
|
|
<b>Attacked Entity Geography:</b> Canada<br>
|
|
<b>Incident Description:</b> With construction work shutting down the inbound lanes of the Mercier Bridge later today you may find yourself looking for information on the Mercier Bridge website.<br>
|
|
<b>Reference:</b> <a href="http://www.cjad.com/CJADLocalNews/entry.aspx?BlogEntryID=10337095" target="_blank">http://www.cjad.com/CJADLocalNews/entry.aspx?BlogEntryID=10337095</a>
|
|
</div></td></tr> <tr><td><div class="googft-card-view" style="font-family:sans-serif;width:450px;padding:4px;border:1px solid #ccc;overflow:hidden">
|
|
<b>Entry Title:</b> WHID 2012-109: Hackers crash Government websites<br>
|
|
<b>WHID ID:</b> 2012-109<br>
|
|
<b>Date Occurred:</b> 1/25/2012<br>
|
|
<b>Attack Method:</b> Denial of Service<br>
|
|
<b>Application Weakness:</b> Insufficient Anti-automation<br>
|
|
<b>Outcome:</b> Downtime<br>
|
|
<b>Attacked Entity Field:</b> Government<br>
|
|
<b>Attacked Entity Geography:</b> Ireland<br>
|
|
<b>Incident Description:</b> ONLINE hackers have shut down the websites of the two of the Government's biggest departments.<br>
|
|
<b>Reference:</b> <a href="http://www.herald.ie/news/hackers-crash-government-websites-2999104.html" target="_blank">http://www.herald.ie/news/hackers-crash-government-websites-2999104.html</a>
|
|
</div></td> <td><div class="googft-card-view" style="font-family:sans-serif;width:450px;padding:4px;border:1px solid #ccc;overflow:hidden">
|
|
<b>Entry Title:</b> WHID 2012-108: Facebook under Denial of Service Attack, confirms AnonSec<br>
|
|
<b>WHID ID:</b> 2012-108<br>
|
|
<b>Date Occurred:</b> 1/26/2012<br>
|
|
<b>Attack Method:</b> Denial of Service<br>
|
|
<b>Application Weakness:</b> Insufficient Anti-automation<br>
|
|
<b>Outcome:</b> Downtime<br>
|
|
<b>Attacked Entity Field:</b> Social<br>
|
|
<b>Attacked Entity Geography:</b> San Francisco, CA<br>
|
|
<b>Incident Description:</b> On the afternoon of January 25, 2012 around 5:30pm Pacific Time, the world's largest social network underwent a Denial of Service attack and service outages were reported in several countries.<br>
|
|
<b>Reference:</b> <a href="http://www.fudzilla.com/home/item/25713-facebook-under-denial-of-service-attack-confirms-anonsec" target="_blank">http://www.fudzilla.com/home/item/25713-facebook-under-denial-of-service-attack-confirms-anonsec</a>
|
|
</div></td></tr> <tr><td><div class="googft-card-view" style="font-family:sans-serif;width:450px;padding:4px;border:1px solid #ccc;overflow:hidden">
|
|
<b>Entry Title:</b> WHID 2012-107: Hackers immobilize websites of two Israeli hospitals<br>
|
|
<b>WHID ID:</b> 2012-107<br>
|
|
<b>Date Occurred:</b> 1/25/2012<br>
|
|
<b>Attack Method:</b> Denial of Service<br>
|
|
<b>Application Weakness:</b> Insufficient Anti-automation<br>
|
|
<b>Outcome:</b> Downtime<br>
|
|
<b>Attacked Entity Field:</b> Healthcare<br>
|
|
<b>Attacked Entity Geography:</b> Tel-Aviv, Israel<br>
|
|
<b>Incident Description:</b> Tel Aviv - Unknown hackers immobilized the websites of two Israeli hospitals Wednesday, after targeting them with denial of service attacks, the latest salvo in the cyber war between pro-Israelis and pro-Palestinians.<br>
|
|
<b>Reference:</b> <a href="http://news.monstersandcritics.com/middleeast/news/article_1687401.php/LEAD-Hackers-immobilize-websites-of-two-Israeli-hospitals" target="_blank">http://news.monstersandcritics.com/middleeast/news/article_1687401.php/LEAD-Hackers-immobilize-websites-of-two-Israeli-hospitals</a>
|
|
</div></td> <td><div class="googft-card-view" style="font-family:sans-serif;width:450px;padding:4px;border:1px solid #ccc;overflow:hidden">
|
|
<b>Entry Title:</b> WHID 2012-106: Sen. Grassley???s Twitter Account Hacked by SOPA Protesters<br>
|
|
<b>WHID ID:</b> 2012-106<br>
|
|
<b>Date Occurred:</b> 1/23/2012<br>
|
|
<b>Attack Method:</b> Brute Force<br>
|
|
<b>Application Weakness:</b> Insufficient Authentication<br>
|
|
<b>Outcome:</b> Disinformation<br>
|
|
<b>Attacked Entity Field:</b> Social<br>
|
|
<b>Attacked Entity Geography:</b> San Francisco, CA<br>
|
|
<b>Incident Description:</b> Republican Iowa Sen. Chuck Grassley???s twitter account was hacked today by the group ???Anonymous,??? protesting the anti-piracy bills being considered in Congress.<br>
|
|
<b>Reference:</b> <a href="http://abcnews.go.com/blogs/politics/2012/01/sen-grassleys-twitter-account-hacked-by-sopa-protesters/" target="_blank">http://abcnews.go.com/blogs/politics/2012/01/sen-grassleys-twitter-account-hacked-by-sopa-protesters/</a>
|
|
</div></td></tr> <tr><td><div class="googft-card-view" style="font-family:sans-serif;width:450px;padding:4px;border:1px solid #ccc;overflow:hidden">
|
|
<b>Entry Title:</b> WHID 2012-105: Kevin Bacon - Kevin Bacon's Twitter Blog Hacked<br>
|
|
<b>WHID ID:</b> 2012-105<br>
|
|
<b>Date Occurred:</b> 1/22/2012<br>
|
|
<b>Attack Method:</b> Unknown<br>
|
|
<b>Application Weakness:</b> Unknown<br>
|
|
<b>Outcome:</b> Spam<br>
|
|
<b>Attacked Entity Field:</b> Social<br>
|
|
<b>Attacked Entity Geography:</b> San Francisco, CA<br>
|
|
<b>Incident Description:</b> Kevin Bacon has warned fans to beware of hoax Twitter.com posts advertising a weightloss product after his blog was targeted by hackers.<br>
|
|
<b>Reference:</b> <a href="http://www.contactmusic.com/news/kevin-bacons-twitter-blog-hacked_1285736" target="_blank">http://www.contactmusic.com/news/kevin-bacons-twitter-blog-hacked_1285736</a>
|
|
</div></td> <td><div class="googft-card-view" style="font-family:sans-serif;width:450px;padding:4px;border:1px solid #ccc;overflow:hidden">
|
|
<b>Entry Title:</b> WHID 2012-104: How 103 Kenya govt sites were hacked<br>
|
|
<b>WHID ID:</b> 2012-104<br>
|
|
<b>Date Occurred:</b> 1/22/2012<br>
|
|
<b>Attack Method:</b> Brute Force<br>
|
|
<b>Application Weakness:</b> Insufficient Authentication<br>
|
|
<b>Outcome:</b> Defacement<br>
|
|
<b>Attacked Entity Field:</b> Government<br>
|
|
<b>Attacked Entity Geography:</b> Kenya<br>
|
|
<b>Incident Description:</b> We spoke about it last year, and this year, it has happened again. Yes, against every imaginable possibility, 103 government web sites were hacked by an individual calling himself Direxer.<br>
|
|
<b>Reference:</b> <a href="http://www.nation.co.ke/Tech/How+103+govt+sites+were+hacked+/-/1017288/1312336/-/item/0/-/a8i6bj/-/index.html" target="_blank">http://www.nation.co.ke/Tech/How+103+govt+sites+were+hacked+/-/1017288/1312336/-/item/0/-/a8i6bj/-/index.html</a>
|
|
</div></td></tr> <tr><td><div class="googft-card-view" style="font-family:sans-serif;width:450px;padding:4px;border:1px solid #ccc;overflow:hidden">
|
|
<b>Entry Title:</b> WHID 2012-103: 'The Daily Show' And 'Colbert Report' Twitter Accounts Hacked By Anonymous Sympathizers<br>
|
|
<b>WHID ID:</b> 2012-103<br>
|
|
<b>Date Occurred:</b> 1/23/2012<br>
|
|
<b>Attack Method:</b> Unknown<br>
|
|
<b>Application Weakness:</b> Unknown<br>
|
|
<b>Outcome:</b> Disinformation<br>
|
|
<b>Attacked Entity Field:</b> Social<br>
|
|
<b>Attacked Entity Geography:</b> San Francisco, CA<br>
|
|
<b>Incident Description:</b> Late Sunday evening, both "The Daily Show" and "The Colbert Report" official Twitter accounts were hacked.<br>
|
|
<b>Reference:</b> <a href="http://www.huffingtonpost.com/2012/01/23/the-daily-show-colbert-report-twitter-hacked_n_1223267.html" target="_blank">http://www.huffingtonpost.com/2012/01/23/the-daily-show-colbert-report-twitter-hacked_n_1223267.html</a>
|
|
</div></td> <td><div class="googft-card-view" style="font-family:sans-serif;width:450px;padding:4px;border:1px solid #ccc;overflow:hidden">
|
|
<b>Entry Title:</b> WHID 2012-102: Anonymous attacks Polish government websites<br>
|
|
<b>WHID ID:</b> 2012-102<br>
|
|
<b>Date Occurred:</b> 1/23/2012<br>
|
|
<b>Attack Method:</b> Denial of Service<br>
|
|
<b>Application Weakness:</b> Insufficient Anti-automation<br>
|
|
<b>Outcome:</b> Downtime<br>
|
|
<b>Attacked Entity Field:</b> Government<br>
|
|
<b>Attacked Entity Geography:</b> Warsaw, PL<br>
|
|
<b>Incident Description:</b> Hackers' group Anonymous brought down several Polish government websites over the weekend, including the websites of the Sejm (Poland's lower house of parliament), the Prime Minister's Chancellery, the Ministry of Culture, the Ministry of Justice and the Internal Security Agency. Even the prime minster's daughter's blog was targeted.<br>
|
|
<b>Reference:</b> <a href="http://www.wbj.pl/article-57691-anonymous-attacks-polish-government-websites.html?typ=wbj" target="_blank">http://www.wbj.pl/article-57691-anonymous-attacks-polish-government-websites.html?typ=wbj</a>
|
|
</div></td></tr> <tr><td><div class="googft-card-view" style="font-family:sans-serif;width:450px;padding:4px;border:1px solid #ccc;overflow:hidden">
|
|
<b>Entry Title:</b> WHID 2012-101: CBS is offline and its servers are wiped<br>
|
|
<b>WHID ID:</b> 2012-101<br>
|
|
<b>Date Occurred:</b> 1/23/2012<br>
|
|
<b>Attack Method:</b> DNS Hijacking<br>
|
|
<b>Application Weakness:</b> Unknown<br>
|
|
<b>Outcome:</b> Defacement<br>
|
|
<b>Attacked Entity Field:</b> Entertainment<br>
|
|
<b>Attacked Entity Geography:</b> New York, NY<br>
|
|
<b>Incident Description:</b> Hackactivist outfit Anonymous has had a busy weekend and appears to have done a little more than its trademark denial-of-service attack against CBS. According to Gizmodo, Anonymous not only managed to take down the CBS.com website yesterday but it managed to wipe every file it found in its servers.<br>
|
|
<b>Reference:</b> <a href="http://news.techeye.net/security/cbs-is-offline-and-its-servers-are-wiped#ixzz1sDE7V5ir" target="_blank">http://news.techeye.net/security/cbs-is-offline-and-its-servers-are-wiped#ixzz1sDE7V5ir</a>
|
|
</div></td> <td><div class="googft-card-view" style="font-family:sans-serif;width:450px;padding:4px;border:1px solid #ccc;overflow:hidden">
|
|
<b>Entry Title:</b> WHID 2012-100: Stockbrokers hit by cyber hack<br>
|
|
<b>WHID ID:</b> 2012-100<br>
|
|
<b>Date Occurred:</b> 1/20/2012<br>
|
|
<b>Attack Method:</b> Stolen Credentials<br>
|
|
<b>Application Weakness:</b> Insufficient Authentication<br>
|
|
<b>Outcome:</b> Monetary Loss<br>
|
|
<b>Attacked Entity Field:</b> Finance<br>
|
|
<b>Attacked Entity Geography:</b> Sydney, Australia<br>
|
|
<b>Incident Description:</b> The Australian Securities & Investment Commission has warned stockbrokers and shareholders of hacking events involving unauthorised online account access and tradin Read more: http://www.smh.com.au/it-pro/security-it/stockbrokers-hit-by-cyber-hack-20120123-1qdox.html#ixzz1sDCs9pqh<br>
|
|
<b>Reference:</b> <a href="http://www.smh.com.au/it-pro/security-it/stockbrokers-hit-by-cyber-hack-20120123-1qdox.html" target="_blank">http://www.smh.com.au/it-pro/security-it/stockbrokers-hit-by-cyber-hack-20120123-1qdox.html</a>
|
|
</div></td></tr> <tr><td><div class="googft-card-view" style="font-family:sans-serif;width:450px;padding:4px;border:1px solid #ccc;overflow:hidden">
|
|
<b>Entry Title:</b> WHID 2012-10: Rancho Mirage city website hacked<br>
|
|
<b>WHID ID:</b> 2012-10<br>
|
|
<b>Date Occurred:</b> 1/17/2012<br>
|
|
<b>Attack Method:</b> Unknown<br>
|
|
<b>Application Weakness:</b> Unknown<br>
|
|
<b>Outcome:</b> Defacement<br>
|
|
<b>Attacked Entity Field:</b> Government<br>
|
|
<b>Attacked Entity Geography:</b> California<br>
|
|
<b>Incident Description:</b> A hacker or hackers took over the front page of the city website, leaving a message that could be seen Tuesday supporting the Occupy movement and denouncing the proposed Stop Online Piracy Act.<br>
|
|
<b>Reference:</b> <a href="http://www.mydesert.com/article/20120117/NEWS01/120117002/Rancho-Mirage-city-website-hacked" target="_blank">http://www.mydesert.com/article/20120117/NEWS01/120117002/Rancho-Mirage-city-website-hacked</a>
|
|
</div></td> <td><div class="googft-card-view" style="font-family:sans-serif;width:450px;padding:4px;border:1px solid #ccc;overflow:hidden">
|
|
<b>Entry Title:</b> WHID-2012-1: PrivateX hacker group defaces Office of Vice President site again<br>
|
|
<b>WHID ID:</b> 2012-1<br>
|
|
<b>Date Occurred:</b> 1/1/2012<br>
|
|
<b>Attack Method:</b> Unknown<br>
|
|
<b>Application Weakness:</b> Unknown<br>
|
|
<b>Outcome:</b> Defacement<br>
|
|
<b>Attacked Entity Field:</b> Government<br>
|
|
<b>Attacked Entity Geography:</b> Phillipines<br>
|
|
<b>Incident Description:</b> Hackers struck twice on New Year's Day, defacing another government website on Sunday evening and calling anew for "information security" but this time, also appearing to taunt its target.<br>
|
|
<b>Reference:</b> <a href="http://www.gmanetwork.com/news/story/243236/scitech/technology/privatex-hacker-group-defaces-office-of-vice-president-site-again" target="_blank">http://www.gmanetwork.com/news/story/243236/scitech/technology/privatex-hacker-group-defaces-office-of-vice-president-site-again</a>
|
|
</div></td></tr> <tr><td><div class="googft-card-view" style="font-family:sans-serif;width:450px;padding:4px;border:1px solid #ccc;overflow:hidden">
|
|
<b>Entry Title:</b> WHID 2011-99: FTC settles data breach charges against two firms<br>
|
|
<b>WHID ID:</b> 2011-99<br>
|
|
<b>Date Occurred:</b> 10/1/2009<br>
|
|
<b>Attack Method:</b> Predictable Resource Location<br>
|
|
<b>Application Weakness:</b> Insufficient Authorization<br>
|
|
<b>Outcome:</b> Leakage of Information<br>
|
|
<b>Attacked Entity Field:</b> Information Services<br>
|
|
<b>Attacked Entity Geography:</b> Palo Alto, CA<br>
|
|
<b>Incident Description:</b> In October and December 2009, an employee of a Lookout customer was able to gain access to the product's database by typing a URL into a Web browser, the FTC said in its complaint. The intruder was able to gain access to personal information, including Social Security numbers, of about 37,000 consumers, the FTC said.<br>
|
|
<b>Reference:</b> <a href="http://news.idg.no/cw/art.cfm?id=2761F224-1A64-67EA-E41CDB96A756125A" target="_blank">http://news.idg.no/cw/art.cfm?id=2761F224-1A64-67EA-E41CDB96A756125A</a>
|
|
</div></td> <td><div class="googft-card-view" style="font-family:sans-serif;width:450px;padding:4px;border:1px solid #ccc;overflow:hidden">
|
|
<b>Entry Title:</b> WHID 2011-98: Sony Darkens Another Network As Breach Investigation Widens<br>
|
|
<b>WHID ID:</b> 2011-98<br>
|
|
<b>Date Occurred:</b> 5/2/2011<br>
|
|
<b>Attack Method:</b> Unknown<br>
|
|
<b>Application Weakness:</b> Unknown<br>
|
|
<b>Outcome:</b> Leakage of Information<br>
|
|
<b>Attacked Entity Field:</b> Entertainment<br>
|
|
<b>Attacked Entity Geography:</b> Tokyo, Japan<br>
|
|
<b>Incident Description:</b> Sony Corp. took further steps to contain a serious data breach: temporarily shuttering the Website of Sony Online Entertainment and station.com, another of the technology company's online gaming networks, even as it signaled the slow return of its PlayStation Network to operation.<br>
|
|
<b>Reference:</b> <a href="http://threatpost.com/en_us/blogs/sony-darkens-another-network-breach-investigation-widens-050211" target="_blank">http://threatpost.com/en_us/blogs/sony-darkens-another-network-breach-investigation-widens-050211</a>
|
|
</div></td></tr> <tr><td><div class="googft-card-view" style="font-family:sans-serif;width:450px;padding:4px;border:1px solid #ccc;overflow:hidden">
|
|
<b>Entry Title:</b> WHID 2011-97: Man who liveblogged Bin Laden raid was hacked<br>
|
|
<b>WHID ID:</b> 2011-97<br>
|
|
<b>Date Occurred:</b> 5/2/2011<br>
|
|
<b>Attack Method:</b> Unknown<br>
|
|
<b>Application Weakness:</b> Improper Output Handling<br>
|
|
<b>Outcome:</b> Planting of Malware<br>
|
|
<b>Attacked Entity Field:</b> Blogs<br>
|
|
<b>Attacked Entity Geography:</b> Berkeley, CA<br>
|
|
<b>Incident Description:</b> The Pakistani programmer who dubbed himself "the guy who liveblogged the Osama raid without knowing about it" is also the guy who got his website hacked without knowing about it.<br>
|
|
<b>Reference:</b> <a href="http://www.computerworld.com/s/article/9216341/Man_who_liveblogged_Bin_Laden_raid_was_hacked" target="_blank">http://www.computerworld.com/s/article/9216341/Man_who_liveblogged_Bin_Laden_raid_was_hacked</a>
|
|
</div></td> <td><div class="googft-card-view" style="font-family:sans-serif;width:450px;padding:4px;border:1px solid #ccc;overflow:hidden">
|
|
<b>Entry Title:</b> WHID 2011-96: Click-jacking on Facebook<br>
|
|
<b>WHID ID:</b> 2011-96<br>
|
|
<b>Date Occurred:</b> 5/2/2011<br>
|
|
<b>Attack Method:</b> Clickjacking<br>
|
|
<b>Application Weakness:</b> Application Misconfiguration<br>
|
|
<b>Outcome:</b> Link Spam<br>
|
|
<b>Attacked Entity Field:</b> Web 2.0<br>
|
|
<b>Attacked Entity Geography:</b> Palo Alto, CA<br>
|
|
<b>Incident Description:</b> WebSense analyzes a recent click-jacking attack against FaceBook users.<br>
|
|
<b>Reference:</b> <a href="http://community.websense.com/blogs/securitylabs/archive/2011/05/02/a-weekend-of-click-jacking-on-facebook.aspx" target="_blank">http://community.websense.com/blogs/securitylabs/archive/2011/05/02/a-weekend-of-click-jacking-on-facebook.aspx</a>
|
|
</div></td></tr> <tr><td><div class="googft-card-view" style="font-family:sans-serif;width:450px;padding:4px;border:1px solid #ccc;overflow:hidden">
|
|
<b>Entry Title:</b> WHID 2011-95: Researchers Catch Targeted Attack On Popular Soccer Website<br>
|
|
<b>WHID ID:</b> 2011-95<br>
|
|
<b>Date Occurred:</b> 5/2/2011<br>
|
|
<b>Attack Method:</b> Unknown<br>
|
|
<b>Application Weakness:</b> Improper Output Handling<br>
|
|
<b>Outcome:</b> Planting of Malware<br>
|
|
<b>Attacked Entity Field:</b> Sports<br>
|
|
<b>Attacked Entity Geography:</b> Luxembourg<br>
|
|
<b>Incident Description:</b> A popular sports website late last week was spotted serving up malware in what researchers say appears to be a targeted attack and not part of a mass SQL injection campaign.<br>
|
|
<b>Reference:</b> <a href="http://www.darkreading.com/advanced-threats/167901091/security/application-security/229402594/researchers-catch-targeted-attack-on-popular-soccer-website.html" target="_blank">http://www.darkreading.com/advanced-threats/167901091/security/application-security/229402594/researchers-catch-targeted-attack-on-popular-soccer-website.html</a>
|
|
</div></td> <td><div class="googft-card-view" style="font-family:sans-serif;width:450px;padding:4px;border:1px solid #ccc;overflow:hidden">
|
|
<b>Entry Title:</b> WHID 2011-94: High school hackers expose security gap in Seattle Public Schools<br>
|
|
<b>WHID ID:</b> 2011-94<br>
|
|
<b>Date Occurred:</b> 5/1/2011<br>
|
|
<b>Attack Method:</b> Stolen Credentials<br>
|
|
<b>Application Weakness:</b> Insufficient Authentication<br>
|
|
<b>Outcome:</b> Disinformation<br>
|
|
<b>Attacked Entity Field:</b> Education<br>
|
|
<b>Attacked Entity Geography:</b> Seattle, WA<br>
|
|
<b>Incident Description:</b> District officials suspect a student, or several, swiped teachers' passwords for online grade books, possibly using a key-logger device or keystroke-recording software that captures every keystroke, including IDs and passwords<br>
|
|
<b>Reference:</b> <a href="http://seattletimes.nwsource.com/html/editorials/2014914193_edit02grades.html" target="_blank">http://seattletimes.nwsource.com/html/editorials/2014914193_edit02grades.html</a>
|
|
</div></td></tr> <tr><td><div class="googft-card-view" style="font-family:sans-serif;width:450px;padding:4px;border:1px solid #ccc;overflow:hidden">
|
|
<b>Entry Title:</b> WHID 2011-93: Hacker posts screenshot of sex video on SPAD website<br>
|
|
<b>WHID ID:</b> 2011-93<br>
|
|
<b>Date Occurred:</b> 5/2/2011<br>
|
|
<b>Attack Method:</b> Unknown<br>
|
|
<b>Application Weakness:</b> Improper Output Handling<br>
|
|
<b>Outcome:</b> Defacement<br>
|
|
<b>Attacked Entity Field:</b> Government<br>
|
|
<b>Attacked Entity Geography:</b> Malaysia<br>
|
|
<b>Incident Description:</b> The Land Public Transport Commission (SPAD) website was hacked yesterday and a screenshot of the controversial sex video allegedly involving a top politician was posted on its main page.<br>
|
|
<b>Reference:</b> <a href="http://thestar.com.my/news/story.asp?file=/2011/5/2/nation/8591951&sec=nation" target="_blank">http://thestar.com.my/news/story.asp?file=/2011/5/2/nation/8591951&sec=nation</a>
|
|
</div></td> <td><div class="googft-card-view" style="font-family:sans-serif;width:450px;padding:4px;border:1px solid #ccc;overflow:hidden">
|
|
<b>Entry Title:</b> WHID 2011-92: Anonymous attacks Iranian state websites<br>
|
|
<b>WHID ID:</b> 2011-92<br>
|
|
<b>Date Occurred:</b> 5/2/2011<br>
|
|
<b>Attack Method:</b> Denial of Service<br>
|
|
<b>Application Weakness:</b> Insufficient Anti-automation<br>
|
|
<b>Outcome:</b> Downtime<br>
|
|
<b>Attacked Entity Field:</b> Government<br>
|
|
<b>Attacked Entity Geography:</b> Iran<br>
|
|
<b>Incident Description:</b> The infamous Anonymous hacking group has crippled a string of Iranian state websites including those of the Office of the Supreme Leader, state police and the Islamic Revolutionary Guards in attacks launched yesterday.<br>
|
|
<b>Reference:</b> <a href="http://www.securecomputing.net.au/News/256057,anonymous-attacks-iranian-state-websites.aspx" target="_blank">http://www.securecomputing.net.au/News/256057,anonymous-attacks-iranian-state-websites.aspx</a>
|
|
</div></td></tr> <tr><td><div class="googft-card-view" style="font-family:sans-serif;width:450px;padding:4px;border:1px solid #ccc;overflow:hidden">
|
|
<b>Entry Title:</b> WHID 2011-91: Rabobank network floored by cyber attack<br>
|
|
<b>WHID ID:</b> 2011-91<br>
|
|
<b>Date Occurred:</b> 5/2/2011<br>
|
|
<b>Attack Method:</b> Denial of Service<br>
|
|
<b>Application Weakness:</b> Insufficient Anti-automation<br>
|
|
<b>Outcome:</b> Downtime<br>
|
|
<b>Attacked Entity Field:</b> Finance<br>
|
|
<b>Attacked Entity Geography:</b> Netherlands<br>
|
|
<b>Incident Description:</b> Internet and mobile banking at the Rabobank has been badly hit by an attack on its computer network, the company reported on Monday. The denial of service attack, in which the target computer is saturated with external communications requests, has made the network unavailable to its customers.<br>
|
|
<b>Reference:</b> <a href="http://www.dutchnews.nl/news/archives/2011/05/rabobank_network_floored_by_cy.php" target="_blank">http://www.dutchnews.nl/news/archives/2011/05/rabobank_network_floored_by_cy.php</a>
|
|
</div></td> <td><div class="googft-card-view" style="font-family:sans-serif;width:450px;padding:4px;border:1px solid #ccc;overflow:hidden">
|
|
<b>Entry Title:</b> WHID 2011-91: Anonymous takes down El Salvadoran sites<br>
|
|
<b>WHID ID:</b> 2011-90<br>
|
|
<b>Date Occurred:</b> 4/28/2011<br>
|
|
<b>Attack Method:</b> SQL Injection<br>
|
|
<b>Application Weakness:</b> Improper Input Handling<br>
|
|
<b>Outcome:</b> Leakage of Information<br>
|
|
<b>Attacked Entity Field:</b> News<br>
|
|
<b>Attacked Entity Geography:</b> USA<br>
|
|
<b>Incident Description:</b> Subscribers to ISP news and review site DSLReports.com have been notified that their e-mail addresses and passwords may have been exposed during an attack on the Web site earlier this week.
|
|
The site was targeted in an SQL injection attack yesterday and about 8 percent of the subscribers' e-mail addresses and passwords were stolen, Justin Beech, founder of DSLReports.com, wrote in an e-mail to members. That would be about 8,000 random accounts of the 9,000 active and 90,000 old or inactive accounts created during the site's 10-year history, Beech said in an e-mail to CNET today.<br>
|
|
<b>Reference:</b> <a href="http://news.cnet.com/8301-27080_3-20058471-245.html" target="_blank">http://news.cnet.com/8301-27080_3-20058471-245.html</a>
|
|
</div></td></tr> <tr><td><div class="googft-card-view" style="font-family:sans-serif;width:450px;padding:4px;border:1px solid #ccc;overflow:hidden">
|
|
<b>Entry Title:</b> WHID 2011-9: Hacker Attacked Runes of Magic Database, Holding Users' Info as Hostages<br>
|
|
<b>WHID ID:</b> 2011-9<br>
|
|
<b>Date Occurred:</b> 1/18/2011<br>
|
|
<b>Attack Method:</b> SQL Injection<br>
|
|
<b>Application Weakness:</b> Improper Input Handling<br>
|
|
<b>Outcome:</b> Extortion<br>
|
|
<b>Attacked Entity Field:</b> Entertainment<br>
|
|
<b>Attacked Entity Geography:</b> Sacramento, CA<br>
|
|
<b>Incident Description:</b> It's reported that a Runes of Magic player called 'augustus87' has hacked Frogster's database and threatened to release the data that contain over 3.5 million players' info to public, and even shut down the game's servers unless Frogster meet his demands.<br>
|
|
<b>Reference:</b> <a href="http://news.mmosite.com/content/2011-01-18/hacker_attacked_runes_of_magic_database_holding_users_info_as_hostages.shtml" target="_blank">http://news.mmosite.com/content/2011-01-18/hacker_attacked_runes_of_magic_database_holding_users_info_as_hostages.shtml</a>
|
|
</div></td> <td><div class="googft-card-view" style="font-family:sans-serif;width:450px;padding:4px;border:1px solid #ccc;overflow:hidden">
|
|
<b>Entry Title:</b> WHID 2011-89: China Implicated In Hacking Of SMB Online Bank Accounts<br>
|
|
<b>WHID ID:</b> 2011-89<br>
|
|
<b>Date Occurred:</b> 4/26/2011<br>
|
|
<b>Attack Method:</b> Banking Trojan<br>
|
|
<b>Application Weakness:</b> Insufficient Authentication<br>
|
|
<b>Outcome:</b> Monetary Loss<br>
|
|
<b>Attacked Entity Field:</b> Finance<br>
|
|
<b>Attacked Entity Geography:</b> <br>
|
|
<b>Incident Description:</b> This time it wasn't an "advanced persistent threat" that China was associated with: a fraud alert issued by the FBI today implicates China in a cybercrime operation that bilked U.S.-based small- to midsize businesses of $11 million over the past year.<br>
|
|
<b>Reference:</b> <a href="http://www.informationweek.com/news/security/vulnerabilities/229402300" target="_blank">http://www.informationweek.com/news/security/vulnerabilities/229402300</a>
|
|
</div></td></tr> <tr><td><div class="googft-card-view" style="font-family:sans-serif;width:450px;padding:4px;border:1px solid #ccc;overflow:hidden">
|
|
<b>Entry Title:</b> WHID 2011-88: Yahoo! PH Purple Hunt 2.0 Ad Compromised<br>
|
|
<b>WHID ID:</b> 2011-88<br>
|
|
<b>Date Occurred:</b> 4/24/2011<br>
|
|
<b>Attack Method:</b> Malvertising<br>
|
|
<b>Application Weakness:</b> Improper Output Handling<br>
|
|
<b>Outcome:</b> Planting of Malware<br>
|
|
<b>Attacked Entity Field:</b> Search Engine<br>
|
|
<b>Attacked Entity Geography:</b> USA<br>
|
|
<b>Incident Description:</b> Earlier the other day, I was browsing through the Yahoo! PH site and the Yahoo! Purple Hunt 2.0 ad caught my attention. Curious, I clicked the ad and found my browser downloading a suspicious file named com.com.<br>
|
|
<b>Reference:</b> <a href="http://blog.trendmicro.com/yahoo-ph-purple-hunt-2-0-ad-compromised/" target="_blank">http://blog.trendmicro.com/yahoo-ph-purple-hunt-2-0-ad-compromised/</a>
|
|
</div></td> <td><div class="googft-card-view" style="font-family:sans-serif;width:450px;padding:4px;border:1px solid #ccc;overflow:hidden">
|
|
<b>Entry Title:</b> WHID 2011-87: PSN Admin Dev Accounts Got Hacked<br>
|
|
<b>WHID ID:</b> 2011-87<br>
|
|
<b>Date Occurred:</b> 4/24/2011<br>
|
|
<b>Attack Method:</b> Brute Force<br>
|
|
<b>Application Weakness:</b> Insufficient Anti-automation<br>
|
|
<b>Outcome:</b> Account Takeover<br>
|
|
<b>Attacked Entity Field:</b> Entertainment<br>
|
|
<b>Attacked Entity Geography:</b> Tokyo, Japan<br>
|
|
<b>Incident Description:</b> Sony???s PlayStation Network has been down since Wednesday and stayed kaput throughout the weekend. Sony has admitted that the outage was due to their network being hacked but has not given any further details. But now, a source closely connected with Sony Computer Entertainment Europe (SCEE) reports that the attack is much deeper than admitted by Sony. The source claims that the PSN sustained a LOIC attack (which created a denial-of-service attack) that damaged the server. Plus, it received concentrated attacks on the servers holding account information and breached the Admin Dev accounts.<br>
|
|
<b>Reference:</b> <a href="http://www.slashgear.com/psn-admin-dev-accounts-got-hacked-source-claims-service-to-return-by-tuesday-24148081/" target="_blank">http://www.slashgear.com/psn-admin-dev-accounts-got-hacked-source-claims-service-to-return-by-tuesday-24148081/</a>
|
|
</div></td></tr> <tr><td><div class="googft-card-view" style="font-family:sans-serif;width:450px;padding:4px;border:1px solid #ccc;overflow:hidden">
|
|
<b>Entry Title:</b> WHID 2011-86: Cybercrime Extracts $399,000 from Florida Dentist???s Account<br>
|
|
<b>WHID ID:</b> 2011-86<br>
|
|
<b>Date Occurred:</b> 4/25/2011<br>
|
|
<b>Attack Method:</b> Banking Trojan<br>
|
|
<b>Application Weakness:</b> Insufficient Authentication<br>
|
|
<b>Outcome:</b> Monetary Loss<br>
|
|
<b>Attacked Entity Field:</b> Online Trading<br>
|
|
<b>Attacked Entity Geography:</b> Omaha, NE<br>
|
|
<b>Incident Description:</b> ???Before the cybercriminals launched their TDoS attack, they found a way to obtain Dr. Thousand???s Ameritrade account information and password. Victims in these cases are often targeted through phishing attempts or by clicking an innocuous-looking email link that downloads malware to their system. In this manner, criminals are able to capture account details, passwords and other personal information. Once they have access to an account, they can then change the contact numbers and impersonate the victim when communicating with the bank or broker.???<br>
|
|
<b>Reference:</b> <a href="http://www.prweb.com/releases/2011/4/prweb8338409.htm" target="_blank">http://www.prweb.com/releases/2011/4/prweb8338409.htm</a>
|
|
</div></td> <td><div class="googft-card-view" style="font-family:sans-serif;width:450px;padding:4px;border:1px solid #ccc;overflow:hidden">
|
|
<b>Entry Title:</b> WHID 2011-85: IIM-B website hacked<br>
|
|
<b>WHID ID:</b> 2011-85<br>
|
|
<b>Date Occurred:</b> 4/25/2011<br>
|
|
<b>Attack Method:</b> Unknown<br>
|
|
<b>Application Weakness:</b> Improper Output Handling<br>
|
|
<b>Outcome:</b> Link Spam<br>
|
|
<b>Attacked Entity Field:</b> Education<br>
|
|
<b>Attacked Entity Geography:</b> <br>
|
|
<b>Incident Description:</b> NEW DELHI: The website of the Indian Institute of Management-Bangalore has been hijacked by hackers peddling erectile dysfunction products like Viagra. The website, www.iimb.ernet.in, has been out of service for at least ten days.<br>
|
|
<b>Reference:</b> <a href="http://timesofindia.indiatimes.com/tech/news/internet/IIM-B-website-hacked/articleshow/8080736.cms??prtpage=1" target="_blank">http://timesofindia.indiatimes.com/tech/news/internet/IIM-B-website-hacked/articleshow/8080736.cms??prtpage=1</a>
|
|
</div></td></tr> <tr><td><div class="googft-card-view" style="font-family:sans-serif;width:450px;padding:4px;border:1px solid #ccc;overflow:hidden">
|
|
<b>Entry Title:</b> WHID 2011-84:Hackers access personal info of Lancaster County students<br>
|
|
<b>WHID ID:</b> 2011-84<br>
|
|
<b>Date Occurred:</b> 4/19/2011<br>
|
|
<b>Attack Method:</b> SQL Injection<br>
|
|
<b>Application Weakness:</b> Improper Input Handling<br>
|
|
<b>Outcome:</b> Leakage of Information<br>
|
|
<b>Attacked Entity Field:</b> Education<br>
|
|
<b>Attacked Entity Geography:</b> South Carolina<br>
|
|
<b>Incident Description:</b> LANCASTER, S.C. -- The Lancaster County School District says hackers may have stolen the personal information of 25,000 students in the district's database.
|
|
|
|
|
|
|
|
Schools officials are now trying to contact everyone who might have been affected. Information stored in the database goes back 10 years.<br>
|
|
<b>Reference:</b> <a href="http://www.wcnc.com/news/local/Personal-Information-of-Thousands-exposed-to-Internet-Hackers-120316064.html" target="_blank">http://www.wcnc.com/news/local/Personal-Information-of-Thousands-exposed-to-Internet-Hackers-120316064.html</a>
|
|
</div></td> <td><div class="googft-card-view" style="font-family:sans-serif;width:450px;padding:4px;border:1px solid #ccc;overflow:hidden">
|
|
<b>Entry Title:</b> WHID 2011-83: Minn. man accused of hacking Facebook accounts<br>
|
|
<b>WHID ID:</b> 2011-83<br>
|
|
<b>Date Occurred:</b> 4/21/2011<br>
|
|
<b>Attack Method:</b> Social Engineering<br>
|
|
<b>Application Weakness:</b> Insufficient Password Recovery<br>
|
|
<b>Outcome:</b> Account Takeover<br>
|
|
<b>Attacked Entity Field:</b> Web 2.0<br>
|
|
<b>Attacked Entity Geography:</b> Palo Alto, CA<br>
|
|
<b>Incident Description:</b> Prosecutors have accused a Minnesota man of hacking into other people's Facebook and other computer accounts and stealing photos of women to post on adult websites.
|
|
|
|
Prosecutors charged Timothy Peter Noirjean, 26, of Woodbury, with 13 counts of identity theft, alleging that from February 2010 through March 2010 he contacted women online and duped them into providing him with personal information that allowed him to hack their Facebook and other accounts. After hacking a Facebook account, prosecutors say Noirjean would pose as the owner to make contact with that person's friends and try to gain access to more computer accounts.
|
|
|
|
|
|
|
|
|
|
|
|
Read more: http://www.foxnews.com/us/2011/04/20/minn-man-accused-hacking-facebook-accounts/#ixzz1KBSiqxBX<br>
|
|
<b>Reference:</b> <a href="http://www.foxnews.com/us/2011/04/20/minn-man-accused-hacking-facebook-accounts/" target="_blank">http://www.foxnews.com/us/2011/04/20/minn-man-accused-hacking-facebook-accounts/</a>
|
|
</div></td></tr> <tr><td><div class="googft-card-view" style="font-family:sans-serif;width:450px;padding:4px;border:1px solid #ccc;overflow:hidden">
|
|
<b>Entry Title:</b> WHID 2011-82: Sony fears Anonymous hack as PSN stays down<br>
|
|
<b>WHID ID:</b> 2011-82<br>
|
|
<b>Date Occurred:</b> 4/21/2011<br>
|
|
<b>Attack Method:</b> Denial of Service<br>
|
|
<b>Application Weakness:</b> Insufficient Anti-automation<br>
|
|
<b>Outcome:</b> Downtime<br>
|
|
<b>Attacked Entity Field:</b> Entertainment<br>
|
|
<b>Attacked Entity Geography:</b> Tokyo, Japan<br>
|
|
<b>Incident Description:</b> It's looking more likely that loose-knit 'hacktivist' collective Anonymous may have pulled off the "biggest ever" attack on Sony's PlayStation network (PSN), as company engineers are investigating the possibility that the online gaming service has been hacked.<br>
|
|
<b>Reference:</b> <a href="http://www.thinq.co.uk/2011/4/21/sony-fears-anonymous-hack-psn-stays-down/" target="_blank">http://www.thinq.co.uk/2011/4/21/sony-fears-anonymous-hack-psn-stays-down/</a>
|
|
</div></td> <td><div class="googft-card-view" style="font-family:sans-serif;width:450px;padding:4px;border:1px solid #ccc;overflow:hidden">
|
|
<b>Entry Title:</b> WHID 2011-81: AlArabiya.net Hacked??_Again<br>
|
|
<b>WHID ID:</b> 2011-81<br>
|
|
<b>Date Occurred:</b> 4/21/2011<br>
|
|
<b>Attack Method:</b> Unknown<br>
|
|
<b>Application Weakness:</b> Unknown<br>
|
|
<b>Outcome:</b> Defacement<br>
|
|
<b>Attacked Entity Field:</b> News<br>
|
|
<b>Attacked Entity Geography:</b> Saudi Arabia<br>
|
|
<b>Incident Description:</b> Being one of the region???s leading news agencies, Al-Arabiya which is part of MBC Group, the largest broadcasting company in the Middle East has been hacked by an unknown group signed only with ???Crack_Man??? stating it has been ???powered morocco???.
|
|
|
|
|
|
|
|
The hacked website comes in a long lasting tradition of security flaws in the website leading to the recurrent event of the portal being hacked during political instability hits the region usually as an expression of disagreeing with what many consider the news agency???s Western oriented liberal point of view.<br>
|
|
<b>Reference:</b> <a href="http://thenextweb.com/me/2011/04/21/alarabiya-net-hacked-again/" target="_blank">http://thenextweb.com/me/2011/04/21/alarabiya-net-hacked-again/</a>
|
|
</div></td></tr> <tr><td><div class="googft-card-view" style="font-family:sans-serif;width:450px;padding:4px;border:1px solid #ccc;overflow:hidden">
|
|
<b>Entry Title:</b> WHID 2011-80: Ashampoo server hacked, customer names and e-mail addresses stolen<br>
|
|
<b>WHID ID:</b> 2011-80<br>
|
|
<b>Date Occurred:</b> 4/21/2011<br>
|
|
<b>Attack Method:</b> SQL Injection<br>
|
|
<b>Application Weakness:</b> Improper Input Handling<br>
|
|
<b>Outcome:</b> Leakage of Information<br>
|
|
<b>Attacked Entity Field:</b> Retail<br>
|
|
<b>Attacked Entity Geography:</b> <br>
|
|
<b>Incident Description:</b> Rolf Hilchner, CEO of Ashampoo, has posted on the company???s website explaining exactly what has happened. Apparently hackers managed to break into one of Ashampoo???s servers that held customer data. There was a hole in their security and by using it Ashampoo customer names and e-mail addresses have been taken, but no payment and billing information was accessed.<br>
|
|
<b>Reference:</b> <a href="http://www.geek.com/articles/geek-pick/ashampoo-server-hacked-customer-names-and-e-mail-addresses-stolen-20110421/" target="_blank">http://www.geek.com/articles/geek-pick/ashampoo-server-hacked-customer-names-and-e-mail-addresses-stolen-20110421/</a>
|
|
</div></td> <td><div class="googft-card-view" style="font-family:sans-serif;width:450px;padding:4px;border:1px solid #ccc;overflow:hidden">
|
|
<b>Entry Title:</b> WHID 2011-8: Casino Gambler Databases Becoming A Key Tool For Hackers<br>
|
|
<b>WHID ID:</b> 2011-8<br>
|
|
<b>Date Occurred:</b> 1/19/2011<br>
|
|
<b>Attack Method:</b> SQL Injection<br>
|
|
<b>Application Weakness:</b> Improper Input Handling<br>
|
|
<b>Outcome:</b> Monetary Loss<br>
|
|
<b>Attacked Entity Field:</b> Entertainment<br>
|
|
<b>Attacked Entity Geography:</b> Nevada<br>
|
|
<b>Incident Description:</b> Players club points can be a valuable commodity when it comes to casinos, and hackers are now taking aim at player accounts. Several cases have been reported in Las Vegas of hackers getting into players club accounts and stealing the accumulated points.
|
|
|
|
|
|
|
|
When a gambler signs up for a player club card, they are usually rewarded with fifty or one hundred players points. As the gambler plays at the tables and on the slot machines, points are accumulated and used for such things as free hotel rooms and food. The points can sometimes be used as free play on the slot machines.
|
|
|
|
|
|
|
|
The Nevada Gaming Control Board is now investigating the cases of players having their points stolen. The Board is not only targeting the hackers, but also the casinos that have players information in their databases.<br>
|
|
<b>Reference:</b> <a href="http://www.casinogamblingweb.com/gambling-news/casino-gambling/casino_gambler_databases_becoming_a_key_tool_for_hackers_56344.html" target="_blank">http://www.casinogamblingweb.com/gambling-news/casino-gambling/casino_gambler_databases_becoming_a_key_tool_for_hackers_56344.html</a>
|
|
</div></td></tr> <tr><td><div class="googft-card-view" style="font-family:sans-serif;width:450px;padding:4px;border:1px solid #ccc;overflow:hidden">
|
|
<b>Entry Title:</b> WHID 2011-79: Change.org Victim of DDoS Attack From China<br>
|
|
<b>WHID ID:</b> 2011-79<br>
|
|
<b>Date Occurred:</b> 4/19/2011<br>
|
|
<b>Attack Method:</b> Denial of Service<br>
|
|
<b>Application Weakness:</b> Insufficient Anti-automation<br>
|
|
<b>Outcome:</b> Downtime<br>
|
|
<b>Attacked Entity Field:</b> Politics<br>
|
|
<b>Attacked Entity Geography:</b> <br>
|
|
<b>Incident Description:</b> Change.org, an online petitioning platform, has come under an ongoing distributed denial of service (DDoS) attack originating from China after the site hosted a call urging Chinese authorities to release artist Ai Weiwei from custody.<br>
|
|
<b>Reference:</b> <a href="http://www.pcworld.com/printable/article/id,225672/printable.html" target="_blank">http://www.pcworld.com/printable/article/id,225672/printable.html</a>
|
|
</div></td> <td><div class="googft-card-view" style="font-family:sans-serif;width:450px;padding:4px;border:1px solid #ccc;overflow:hidden">
|
|
<b>Entry Title:</b> WHID 2011-78: The Children's Place, popular kid's clothing retailer, hit with database breach<br>
|
|
<b>WHID ID:</b> 2011-78<br>
|
|
<b>Date Occurred:</b> 4/19/2011<br>
|
|
<b>Attack Method:</b> Unknown<br>
|
|
<b>Application Weakness:</b> Unknown<br>
|
|
<b>Outcome:</b> Phishing<br>
|
|
<b>Attacked Entity Field:</b> Retail<br>
|
|
<b>Attacked Entity Geography:</b> Cambridge, MA<br>
|
|
<b>Incident Description:</b> The Children's Place Retail Stores Inc. said Tuesday that its customer email address database was recently accessed by an unauthorized third party. The database is stored at an external email service provider, according to company officials. The external service provider confirmed that only email addresses were accessed and no other personal information was obtained.<br>
|
|
<b>Reference:</b> <a href="http://www.csoonline.com/article/679983/the-children-s-place-popular-kid-s-clothing-retailer-hit-with-database-breach" target="_blank">http://www.csoonline.com/article/679983/the-children-s-place-popular-kid-s-clothing-retailer-hit-with-database-breach</a>
|
|
</div></td></tr> <tr><td><div class="googft-card-view" style="font-family:sans-serif;width:450px;padding:4px;border:1px solid #ccc;overflow:hidden">
|
|
<b>Entry Title:</b> WHID 2011-77: Scottish news site hit by 'DDoS attack' in run-up to elections<br>
|
|
<b>WHID ID:</b> 2011-77<br>
|
|
<b>Date Occurred:</b> 4/19/2011<br>
|
|
<b>Attack Method:</b> Unknown<br>
|
|
<b>Application Weakness:</b> Application Misconfiguration<br>
|
|
<b>Outcome:</b> Downtime<br>
|
|
<b>Attacked Entity Field:</b> Government<br>
|
|
<b>Attacked Entity Geography:</b> Scotland<br>
|
|
<b>Incident Description:</b> Politically-motivated hackers are thought to be behind a DDoS attack on alternative news site Newsnet Scotland, launched on Monday days before Scotland is due to vote in fiercely contested local elections.
|
|
|
|
|
|
|
|
The attack, if that's what it is, left the site unavailable from Monday afternoon into the early hours of Tuesday morning.<br>
|
|
<b>Reference:</b> <a href="http://www.theregister.co.uk/2011/04/19/scottish_news_site_ddos/" target="_blank">http://www.theregister.co.uk/2011/04/19/scottish_news_site_ddos/</a>
|
|
</div></td> <td><div class="googft-card-view" style="font-family:sans-serif;width:450px;padding:4px;border:1px solid #ccc;overflow:hidden">
|
|
<b>Entry Title:</b> WHID 2011-76: Auto Trader website attacked<br>
|
|
<b>WHID ID:</b> 2011-76<br>
|
|
<b>Date Occurred:</b> 4/19/2011<br>
|
|
<b>Attack Method:</b> Denial of Service<br>
|
|
<b>Application Weakness:</b> Insufficient Anti-automation<br>
|
|
<b>Outcome:</b> Downtime<br>
|
|
<b>Attacked Entity Field:</b> Automotive<br>
|
|
<b>Attacked Entity Geography:</b> <br>
|
|
<b>Incident Description:</b> According to a story released on the Auto Trader blog page, the Auto Trader website was subject to an attack from midday on Apil 19th until the early hours of April 20th.
|
|
|
|
|
|
|
|
The attack disrupted access to the site, causing it to run slowly or not open at all. According to the blog the attack originated from abroad. Such attacks, called denial of service, or DDOS attacks, are designed to disrupt web traffic and not to access personal details.<br>
|
|
<b>Reference:</b> <a href="http://www.honestjohn.co.uk/news/buying-and-selling/2011-04/auto-trader-website-attacked/" target="_blank">http://www.honestjohn.co.uk/news/buying-and-selling/2011-04/auto-trader-website-attacked/</a>
|
|
</div></td></tr> <tr><td><div class="googft-card-view" style="font-family:sans-serif;width:450px;padding:4px;border:1px solid #ccc;overflow:hidden">
|
|
<b>Entry Title:</b> WHID 2011-75: Manila Water's website hacked<br>
|
|
<b>WHID ID:</b> 2011-75<br>
|
|
<b>Date Occurred:</b> 4/17/2011<br>
|
|
<b>Attack Method:</b> SQL Injection<br>
|
|
<b>Application Weakness:</b> Improper Input Handling<br>
|
|
<b>Outcome:</b> Defacement<br>
|
|
<b>Attacked Entity Field:</b> Energy<br>
|
|
<b>Attacked Entity Geography:</b> Manila, Philippines<br>
|
|
<b>Incident Description:</b> The website of water concessionaire Manila Water was hacked early Sunday, with visitors to the site seeing a small window indicating the breach.
|
|
|
|
|
|
|
|
WHID Analysis - looking at the html in the pages, it appears as though sql injection was the attack vector -
|
|
|
|
|
|
|
|
<br>
|
|
<b>Reference:</b> <a href="http://www.gmanews.tv/story/218014/nation/manila-waters-website-hacked" target="_blank">http://www.gmanews.tv/story/218014/nation/manila-waters-website-hacked</a>
|
|
</div></td> <td><div class="googft-card-view" style="font-family:sans-serif;width:450px;padding:4px;border:1px solid #ccc;overflow:hidden">
|
|
<b>Entry Title:</b> WHID 2011-74: Wind Power Company Hacked<br>
|
|
<b>WHID ID:</b> 2011-74<br>
|
|
<b>Date Occurred:</b> 4/18/2011<br>
|
|
<b>Attack Method:</b> Brute Force<br>
|
|
<b>Application Weakness:</b> Insufficient Authentication<br>
|
|
<b>Outcome:</b> Leakage of Information<br>
|
|
<b>Attacked Entity Field:</b> SCADA<br>
|
|
<b>Attacked Entity Geography:</b> New Mexico, USA<br>
|
|
<b>Incident Description:</b> In an email interview with the IDG News Service, Bigr R, said he was a former employee of NextEra's parent company, Florida Power & Light. He said he used a bug in the Cisco Security Device Manager software used by NextEra to break into the site. "They gave to it public IP, so it was easy to hack into it through the Web," he said. "They used default passwords, which I got from one of administrators. Then I obtained level 15 priv. (superuser), and understood the topology of SCADA networks. Then it was easily to detect SCADA and turn it off."<br>
|
|
<b>Reference:</b> <a href="http://www.computerworld.com/s/article/9215881/Wind_power_company_sees_no_evidence_of_reported_hack" target="_blank">http://www.computerworld.com/s/article/9215881/Wind_power_company_sees_no_evidence_of_reported_hack</a>
|
|
</div></td></tr> <tr><td><div class="googft-card-view" style="font-family:sans-serif;width:450px;padding:4px;border:1px solid #ccc;overflow:hidden">
|
|
<b>Entry Title:</b> WHID 2011-73: Royal Navy hacker claims to have broken into space agency site<br>
|
|
<b>WHID ID:</b> 2011-73<br>
|
|
<b>Date Occurred:</b> 4/18/2011<br>
|
|
<b>Attack Method:</b> SQL Injection<br>
|
|
<b>Application Weakness:</b> Improper Input Handling<br>
|
|
<b>Outcome:</b> Leakage of Information<br>
|
|
<b>Attacked Entity Field:</b> Government<br>
|
|
<b>Attacked Entity Geography:</b> San Jose, CA<br>
|
|
<b>Incident Description:</b> Login credentials for database, email and other key systems that a poster claims belong to the European Space Agency were posted on a full disclosure mailing list over the weekend.<br>
|
|
<b>Reference:</b> <a href="http://www.eweekeurope.co.uk/news/european-space-agency-confirms-ftp-server-hack-26976" target="_blank">http://www.eweekeurope.co.uk/news/european-space-agency-confirms-ftp-server-hack-26976</a>
|
|
</div></td> <td><div class="googft-card-view" style="font-family:sans-serif;width:450px;padding:4px;border:1px solid #ccc;overflow:hidden">
|
|
<b>Entry Title:</b> WHID 2011-72: WordPress Hack Could Put Premium Users at Risk<br>
|
|
<b>WHID ID:</b> 2011-72<br>
|
|
<b>Date Occurred:</b> 4/13/2011<br>
|
|
<b>Attack Method:</b> Unknown<br>
|
|
<b>Application Weakness:</b> Unknown<br>
|
|
<b>Outcome:</b> Leakage of Information<br>
|
|
<b>Attacked Entity Field:</b> Blogs<br>
|
|
<b>Attacked Entity Geography:</b> USA<br>
|
|
<b>Incident Description:</b> Malicious hackers have successfully breached WordPress.com servers and potentially made off with sensitive bits of the publishing platform's underlying code. The breach could impact premium customers using Wordpress for their websites, including Flickr, NASA, Yahoo, and The New York Times.<br>
|
|
<b>Reference:</b> <a href="http://www.pcworld.com/article/225158/wordpress_hack_could_put_premium_users_at_risk.html" target="_blank">http://www.pcworld.com/article/225158/wordpress_hack_could_put_premium_users_at_risk.html</a>
|
|
</div></td></tr> <tr><td><div class="googft-card-view" style="font-family:sans-serif;width:450px;padding:4px;border:1px solid #ccc;overflow:hidden">
|
|
<b>Entry Title:</b> WHID 2011-71: Malaysiakini under DDOS attack ahead of Sarawak election tomorrow<br>
|
|
<b>WHID ID:</b> 2011-71<br>
|
|
<b>Date Occurred:</b> 4/15/2011<br>
|
|
<b>Attack Method:</b> Denial of Service<br>
|
|
<b>Application Weakness:</b> Insufficient Anti-automation<br>
|
|
<b>Outcome:</b> Downtime<br>
|
|
<b>Attacked Entity Field:</b> Government<br>
|
|
<b>Attacked Entity Geography:</b> Malaysia<br>
|
|
<b>Incident Description:</b> Malaysian online news portal Malaysiakini has been inaccessible since late afternoon ahead of the Sarawak state election which will be held tomorrow.
|
|
|
|
|
|
|
|
Malaysiakini, together with Sarawak Report, another site critical of the Sarawakian government under long-serving Chief Minister Taib Mahmud, have been under relentless denial-of-service (DDOS) attacks which temporarily brought them down in last few days<br>
|
|
<b>Reference:</b> <a href="http://www.temasekreview.com/2011/04/15/malaysiakini-under-ddos-attack-ahead-of-sarawak-election-tomorrow/" target="_blank">http://www.temasekreview.com/2011/04/15/malaysiakini-under-ddos-attack-ahead-of-sarawak-election-tomorrow/</a>
|
|
</div></td> <td><div class="googft-card-view" style="font-family:sans-serif;width:450px;padding:4px;border:1px solid #ccc;overflow:hidden">
|
|
<b>Entry Title:</b> WHID 2011-70: US Postal Service Website Hit With 'Blackhole' Exploit<br>
|
|
<b>WHID ID:</b> 2011-70<br>
|
|
<b>Date Occurred:</b> 4/8/2011<br>
|
|
<b>Attack Method:</b> Unknown<br>
|
|
<b>Application Weakness:</b> Improper Output Handling<br>
|
|
<b>Outcome:</b> Planting of Malware<br>
|
|
<b>Attacked Entity Field:</b> Retail<br>
|
|
<b>Attacked Entity Geography:</b> Cambridge, MA<br>
|
|
<b>Incident Description:</b> The US Postal Service website received an unwelcome delivery this week of a new attack rapidly spreading among legitimate websites. USPS became the latest victim of the so-called "Blackhole" toolkit, a wildly popular website attack kit that's easy to use and provides obfuscation features that help it evade antivirus detection.<br>
|
|
<b>Reference:</b> <a href="http://www.darkreading.com/advanced-threats/167901091/security/attacks-breaches/229401258/us-postal-service-website-hit-with-blackhole-exploit.html" target="_blank">http://www.darkreading.com/advanced-threats/167901091/security/attacks-breaches/229401258/us-postal-service-website-hit-with-blackhole-exploit.html</a>
|
|
</div></td></tr> <tr><td><div class="googft-card-view" style="font-family:sans-serif;width:450px;padding:4px;border:1px solid #ccc;overflow:hidden">
|
|
<b>Entry Title:</b> WHID 2011-7: Hacker Breaks Into UConn Husky Store Website<br>
|
|
<b>WHID ID:</b> 2011-7<br>
|
|
<b>Date Occurred:</b> 1/12/2011<br>
|
|
<b>Attack Method:</b> SQL Injection<br>
|
|
<b>Application Weakness:</b> Improper Input Handling<br>
|
|
<b>Outcome:</b> Leakage of Information<br>
|
|
<b>Attacked Entity Field:</b> Education<br>
|
|
<b>Attacked Entity Geography:</b> Hartford, Connecticut<br>
|
|
<b>Incident Description:</b> A hacker gained access to a database with the credit card information of 18,000 customers of the UConn Co-op's HuskyDirect.com website, the UConn Co-op said.<br>
|
|
<b>Reference:</b> <a href="http://www.courant.com/business/hc-uconn-coop-data-breach-20110112,0,6878993.story" target="_blank">http://www.courant.com/business/hc-uconn-coop-data-breach-20110112,0,6878993.story</a>
|
|
</div></td> <td><div class="googft-card-view" style="font-family:sans-serif;width:450px;padding:4px;border:1px solid #ccc;overflow:hidden">
|
|
<b>Entry Title:</b> WHID 2011-69: Credit Information at Hyundai Capital Leaked to Hacker<br>
|
|
<b>WHID ID:</b> 2011-69<br>
|
|
<b>Date Occurred:</b> 4/11/2011<br>
|
|
<b>Attack Method:</b> SQL Injection<br>
|
|
<b>Application Weakness:</b> Improper Input Handling<br>
|
|
<b>Outcome:</b> Leakage of Information<br>
|
|
<b>Attacked Entity Field:</b> Automotive<br>
|
|
<b>Attacked Entity Geography:</b> <br>
|
|
<b>Incident Description:</b> Korea's major lending company and a financial unit of Hyundai Motor Group announced on Sunday that confidential credit information on its customers was leaked during a recent hacker attack which investigators say seems to have been carried out via servers in Brazil and the Philippines.<br>
|
|
<b>Reference:</b> <a href="http://www.arirang.co.kr/News/News_View.asp?nseq=114741&code=Ne4&category=3" target="_blank">http://www.arirang.co.kr/News/News_View.asp?nseq=114741&code=Ne4&category=3</a>
|
|
</div></td></tr> <tr><td><div class="googft-card-view" style="font-family:sans-serif;width:450px;padding:4px;border:1px solid #ccc;overflow:hidden">
|
|
<b>Entry Title:</b> WHID 2011-68: Hack attack spills web security firm's (Barracuda) confidential data<br>
|
|
<b>WHID ID:</b> 2011-68<br>
|
|
<b>Date Occurred:</b> 4/11/2011<br>
|
|
<b>Attack Method:</b> SQL Injection<br>
|
|
<b>Application Weakness:</b> Improper Input Handling<br>
|
|
<b>Outcome:</b> Leakage of Information<br>
|
|
<b>Attacked Entity Field:</b> Technology<br>
|
|
<b>Attacked Entity Geography:</b> <br>
|
|
<b>Incident Description:</b> Try this for irony: The website of web application security provider Barracuda Networks has sustained an attack that appears to have exposed sensitive data concerning the company's partners and employee login credentials, according to an anonymous post.
|
|
|
|
|
|
|
|
Barracuda representatives didn't respond to emails seeking confirmation of the post, which claims the data was exposed as the result of a SQL injection attack.<br>
|
|
<b>Reference:</b> <a href="http://www.theregister.co.uk/2011/04/11/barracuda_networks_attack/" target="_blank">http://www.theregister.co.uk/2011/04/11/barracuda_networks_attack/</a>
|
|
</div></td> <td><div class="googft-card-view" style="font-family:sans-serif;width:450px;padding:4px;border:1px solid #ccc;overflow:hidden">
|
|
<b>Entry Title:</b> WHID 2011-67: Hackers attack iTunes<br>
|
|
<b>WHID ID:</b> 2011-67<br>
|
|
<b>Date Occurred:</b> 4/4/2011<br>
|
|
<b>Attack Method:</b> Brute Force<br>
|
|
<b>Application Weakness:</b> Insufficient Anti-automation<br>
|
|
<b>Outcome:</b> Fraud<br>
|
|
<b>Attacked Entity Field:</b> Retail<br>
|
|
<b>Attacked Entity Geography:</b> <br>
|
|
<b>Incident Description:</b> Hackers have taken control of the iTunes accounts of many users, using them to make fraudulent purchases.
|
|
|
|
Cyber criminals are able to crack the accounts by using brute force attacks, where an automated system tries thousands of popular passwords with each account name.<br>
|
|
<b>Reference:</b> <a href="http://www.computing.co.uk/ctg/news/2039945/hackers-attack-itunes" target="_blank">http://www.computing.co.uk/ctg/news/2039945/hackers-attack-itunes</a>
|
|
</div></td></tr> <tr><td><div class="googft-card-view" style="font-family:sans-serif;width:450px;padding:4px;border:1px solid #ccc;overflow:hidden">
|
|
<b>Entry Title:</b> WHID 2011-66: Epsilon Data Breach<br>
|
|
<b>WHID ID:</b> 2011-66<br>
|
|
<b>Date Occurred:</b> 4/4/2011<br>
|
|
<b>Attack Method:</b> SQL Injection<br>
|
|
<b>Application Weakness:</b> Improper Input Handling<br>
|
|
<b>Outcome:</b> Leakage of Information<br>
|
|
<b>Attacked Entity Field:</b> Marketing<br>
|
|
<b>Attacked Entity Geography:</b> <br>
|
|
<b>Incident Description:</b> Epsilon--the largest distributor of permission-based email in the world--revealed that millions of individual email addresses were exposed in an attack on its servers. While no other information was apparently compromised, security experts are warning users to brace for a tidal wave of more precise spear phishing attacks.<br>
|
|
<b>Reference:</b> <a href="http://www.pcworld.com/businesscenter/article/224192/epsilon_data_breach_expect_a_surge_in_spear_phishing_attacks.html" target="_blank">http://www.pcworld.com/businesscenter/article/224192/epsilon_data_breach_expect_a_surge_in_spear_phishing_attacks.html</a>
|
|
</div></td> <td><div class="googft-card-view" style="font-family:sans-serif;width:450px;padding:4px;border:1px solid #ccc;overflow:hidden">
|
|
<b>Entry Title:</b> WHID 2011-65: Sony sites offline after Anonymous attack threats<br>
|
|
<b>WHID ID:</b> 2011-65<br>
|
|
<b>Date Occurred:</b> 4/6/2011<br>
|
|
<b>Attack Method:</b> Denial of Service<br>
|
|
<b>Application Weakness:</b> Insufficient Anti-automation<br>
|
|
<b>Outcome:</b> Downtime<br>
|
|
<b>Attacked Entity Field:</b> Entertainment<br>
|
|
<b>Attacked Entity Geography:</b> <br>
|
|
<b>Incident Description:</b> Several Sony Web sites were offline today only days after the Anonymous hacker group threatened to target the company over its lawsuit against PlayStation 3 hacker George Hotz.<br>
|
|
<b>Reference:</b> <a href="http://news.cnet.com/8301-27080_3-20051482-245.html" target="_blank">http://news.cnet.com/8301-27080_3-20051482-245.html</a>
|
|
</div></td></tr> <tr><td><div class="googft-card-view" style="font-family:sans-serif;width:450px;padding:4px;border:1px solid #ccc;overflow:hidden">
|
|
<b>Entry Title:</b> WHID 2011-64: Facebook Bully Video Actually a XSS Exploit<br>
|
|
<b>WHID ID:</b> 2011-64<br>
|
|
<b>Date Occurred:</b> 4/7/2011<br>
|
|
<b>Attack Method:</b> Cross Site Request Forgery (CSRF)<br>
|
|
<b>Application Weakness:</b> Insufficient Process Validation<br>
|
|
<b>Outcome:</b> Worm<br>
|
|
<b>Attacked Entity Field:</b> Web 2.0<br>
|
|
<b>Attacked Entity Geography:</b> USA<br>
|
|
<b>Incident Description:</b> A security researcher has identified a bully video as a malicious app exploiting yet another cross-site-scripting vulnerability on Facebook with a very sophisticated payload.<br>
|
|
<b>Reference:</b> <a href="http://www.eweek.com/c/a/Security/Facebook-Bully-Video-Actually-a-XSS-Exploit-121829/" target="_blank">http://www.eweek.com/c/a/Security/Facebook-Bully-Video-Actually-a-XSS-Exploit-121829/</a>
|
|
</div></td> <td><div class="googft-card-view" style="font-family:sans-serif;width:450px;padding:4px;border:1px solid #ccc;overflow:hidden">
|
|
<b>Entry Title:</b> WHID 2011-63: LiveJournal under DDoS attack right now<br>
|
|
<b>WHID ID:</b> 2011-63<br>
|
|
<b>Date Occurred:</b> 4/6/2011<br>
|
|
<b>Attack Method:</b> Denial of Service<br>
|
|
<b>Application Weakness:</b> Insufficient Anti-automation<br>
|
|
<b>Outcome:</b> Downtime<br>
|
|
<b>Attacked Entity Field:</b> Blogs<br>
|
|
<b>Attacked Entity Geography:</b> <br>
|
|
<b>Incident Description:</b> LiveJournal Russian blog platform again stopped working some 35-40 minutes ago. This is already the 3rd hack attack over the past two weeks.
|
|
|
|
|
|
|
|
Popular Russian blogger and SUP expert Roustem Adagamov tweeted that LiveJournal is under DDoS attack right now.<br>
|
|
<b>Reference:</b> <a href="http://www.panarmenian.net/eng/it_telecom/news/66359/LiveJournal_under_DDoS_attack_right_now" target="_blank">http://www.panarmenian.net/eng/it_telecom/news/66359/LiveJournal_under_DDoS_attack_right_now</a>
|
|
</div></td></tr> <tr><td><div class="googft-card-view" style="font-family:sans-serif;width:450px;padding:4px;border:1px solid #ccc;overflow:hidden">
|
|
<b>Entry Title:</b> WHID 2011-62: Another Xbox Live director hacked!<br>
|
|
<b>WHID ID:</b> 2011-62<br>
|
|
<b>Date Occurred:</b> 4/6/2011<br>
|
|
<b>Attack Method:</b> Social Engineering<br>
|
|
<b>Application Weakness:</b> Insufficient Process Validation<br>
|
|
<b>Outcome:</b> Account Takeover<br>
|
|
<b>Attacked Entity Field:</b> Entertainment<br>
|
|
<b>Attacked Entity Geography:</b> <br>
|
|
<b>Incident Description:</b> A hacker known as ???Predator??? has been able to phish information from Xbox Live???s Director of Policy and Enforcement, Stephen Toulouse (aka ???Stepto???), gaining email and address information via his personal website server and was then able to alter the Chief???s details online.<br>
|
|
<b>Reference:</b> <a href="http://blog.gadgethelpline.com/xbox-live-director-hacked/" target="_blank">http://blog.gadgethelpline.com/xbox-live-director-hacked/</a>
|
|
</div></td> <td><div class="googft-card-view" style="font-family:sans-serif;width:450px;padding:4px;border:1px solid #ccc;overflow:hidden">
|
|
<b>Entry Title:</b> WHID 2011-61: LizaMoon Mass SQL Injection Attack Points to Rogue AV Site<br>
|
|
<b>WHID ID:</b> 2011-61<br>
|
|
<b>Date Occurred:</b> 3/29/2011<br>
|
|
<b>Attack Method:</b> SQL Injection<br>
|
|
<b>Application Weakness:</b> Improper Input Handling<br>
|
|
<b>Outcome:</b> Planting of Malware<br>
|
|
<b>Attacked Entity Field:</b> Multiple<br>
|
|
<b>Attacked Entity Geography:</b> <br>
|
|
<b>Incident Description:</b> Attackers have launched a large-scale SQL injection attack that has compromised several thousand legitimate Websites, including a few catalog pages from Apple's iTunes music store.<br>
|
|
<b>Reference:</b> <a href="http://www.eweek.com/c/a/Security/LizaMoon-Mass-SQL-Injection-Attack-Points-to-Rogue-AV-Site-852537/" target="_blank">http://www.eweek.com/c/a/Security/LizaMoon-Mass-SQL-Injection-Attack-Points-to-Rogue-AV-Site-852537/</a>
|
|
</div></td></tr> <tr><td><div class="googft-card-view" style="font-family:sans-serif;width:450px;padding:4px;border:1px solid #ccc;overflow:hidden">
|
|
<b>Entry Title:</b> WHID 2011-60: Anonymous DDoS attack takes down Warner Bros Records: #OpPayBack<br>
|
|
<b>WHID ID:</b> 2011-60<br>
|
|
<b>Date Occurred:</b> 3/29/2011<br>
|
|
<b>Attack Method:</b> Denial of Service<br>
|
|
<b>Application Weakness:</b> Insufficient Anti-automation<br>
|
|
<b>Outcome:</b> Downtime<br>
|
|
<b>Attacked Entity Field:</b> Media<br>
|
|
<b>Attacked Entity Geography:</b> USA<br>
|
|
<b>Incident Description:</b> The Internet hacktivist collective known as "Anonymous" successfully conducted a DDoS attack on Warner Bros Records, temporarily taking down the company website Tuesday afternoon (12:21 p.m. PST). In addition, several reports also indicate that the company's website was temporarily taken down Monday as well.<br>
|
|
<b>Reference:</b> <a href="http://www.examiner.com/anonymous-in-national/anonymous-ddos-attack-takes-down-warner-bros-records-oppayback" target="_blank">http://www.examiner.com/anonymous-in-national/anonymous-ddos-attack-takes-down-warner-bros-records-oppayback</a>
|
|
</div></td> <td><div class="googft-card-view" style="font-family:sans-serif;width:450px;padding:4px;border:1px solid #ccc;overflow:hidden">
|
|
<b>Entry Title:</b> WHID 2011-6: Whirlpool ISP hit by DDoS attack<br>
|
|
<b>WHID ID:</b> 2011-6<br>
|
|
<b>Date Occurred:</b> 1/21/2011<br>
|
|
<b>Attack Method:</b> Denial of Service<br>
|
|
<b>Application Weakness:</b> Insufficient Anti-automation<br>
|
|
<b>Outcome:</b> Downtime<br>
|
|
<b>Attacked Entity Field:</b> Service Providers<br>
|
|
<b>Attacked Entity Geography:</b> Australia<br>
|
|
<b>Incident Description:</b> User forum Whirlpool was hit by a distributed denial-of-service (DDoS) attack last night, according to the site's hosting provider BulletProof Networks.
|
|
|
|
|
|
|
|
Although BulletProof Networks chief operating officer (COO) Lorenzo Modesto first said that Whirlpool was the only one of its customers to be affected by the attack, he said later that its public and private managed cloud customers were experiencing intermittent degraded network performance also.<br>
|
|
<b>Reference:</b> <a href="http://www.zdnet.com.au/whirlpool-hit-by-ddos-attack-339308730.htm" target="_blank">http://www.zdnet.com.au/whirlpool-hit-by-ddos-attack-339308730.htm</a>
|
|
</div></td></tr> <tr><td><div class="googft-card-view" style="font-family:sans-serif;width:450px;padding:4px;border:1px solid #ccc;overflow:hidden">
|
|
<b>Entry Title:</b> WHID 2011-59: Oracle's Sun.com Hit Along with MySQL.com in SQL Injection Attack<br>
|
|
<b>WHID ID:</b> 2011-59<br>
|
|
<b>Date Occurred:</b> 3/29/2011<br>
|
|
<b>Attack Method:</b> SQL Injection<br>
|
|
<b>Application Weakness:</b> Improper Input Handling<br>
|
|
<b>Outcome:</b> Leakage of Information<br>
|
|
<b>Attacked Entity Field:</b> Technology<br>
|
|
<b>Attacked Entity Geography:</b> USA<br>
|
|
<b>Incident Description:</b> The hackers who compromised MySQL.com also targeted Sun.com with a SQL injection attack, exposing database names and email addresses.<br>
|
|
<b>Reference:</b> <a href="http://www.eweek.com/c/a/Security/Oracles-Suncom-Hit-Along-with-MySQLCom-in-SQL-Injection-Attack-727118/" target="_blank">http://www.eweek.com/c/a/Security/Oracles-Suncom-Hit-Along-with-MySQLCom-in-SQL-Injection-Attack-727118/</a>
|
|
</div></td> <td><div class="googft-card-view" style="font-family:sans-serif;width:450px;padding:4px;border:1px solid #ccc;overflow:hidden">
|
|
<b>Entry Title:</b> WHID 2011-58: Facebook XSS flaw misused for automatic Wall posting<br>
|
|
<b>WHID ID:</b> 2011-58<br>
|
|
<b>Date Occurred:</b> 3/29/2011<br>
|
|
<b>Attack Method:</b> Cross Site Request Forgery (CSRF)<br>
|
|
<b>Application Weakness:</b> Insufficient Process Validation<br>
|
|
<b>Outcome:</b> Disinformation<br>
|
|
<b>Attacked Entity Field:</b> Web 2.0<br>
|
|
<b>Attacked Entity Geography:</b> USA<br>
|
|
<b>Incident Description:</b> A currently unpatched XSS vulnerability in the mobile API version of Facebook is currently being exploited to post messages to users' Walls, which serve as a gateway to the specially crafted website exploiting the flaw.
|
|
|
|
The flaw has been misused for a while now, but has only recently been used widely. Indonesian users are currently targeted by various groups using the vulnerability to their advantage.
|
|
|
|
"It allows any website to include, for example, a maliciously prepared iframe element that contains JavaScript or use the http-equiv attribute???s ???refresh??? value to redirect the browser to the prepared URL containing the JavaScript," explains Symantec. "Any user who is logged into Facebook and visits a site that contains such an element will automatically post an arbitrary message to his or her wall."<br>
|
|
<b>Reference:</b> <a href="http://www.net-security.org/secworld.php?id=10814" target="_blank">http://www.net-security.org/secworld.php?id=10814</a>
|
|
</div></td></tr> <tr><td><div class="googft-card-view" style="font-family:sans-serif;width:450px;padding:4px;border:1px solid #ccc;overflow:hidden">
|
|
<b>Entry Title:</b> WHID 2011-57: MySQL.com hacked via... SQL injection vuln<br>
|
|
<b>WHID ID:</b> 2011-57<br>
|
|
<b>Date Occurred:</b> 3/28/2011<br>
|
|
<b>Attack Method:</b> SQL Injection<br>
|
|
<b>Application Weakness:</b> Improper Input Handling<br>
|
|
<b>Outcome:</b> Leakage of Information<br>
|
|
<b>Attacked Entity Field:</b> Technology<br>
|
|
<b>Attacked Entity Geography:</b> USA<br>
|
|
<b>Incident Description:</b> MySQL.com was hacked over the weekend via an attack which used a blind SQL injection exploit to pull off the pawnage.
|
|
|
|
|
|
|
|
Hackers extracted usernames and password hashes from the site, which were subsequently posted to pastebin.com.<br>
|
|
<b>Reference:</b> <a href="http://www.theregister.co.uk/2011/03/28/mysql_hack/" target="_blank">http://www.theregister.co.uk/2011/03/28/mysql_hack/</a>
|
|
</div></td> <td><div class="googft-card-view" style="font-family:sans-serif;width:450px;padding:4px;border:1px solid #ccc;overflow:hidden">
|
|
<b>Entry Title:</b> WHID 2011-56: China accused of hacking Gmail to suppress dissent<br>
|
|
<b>WHID ID:</b> 2011-56<br>
|
|
<b>Date Occurred:</b> 3/24/2011<br>
|
|
<b>Attack Method:</b> Unknown<br>
|
|
<b>Application Weakness:</b> Insufficient Authentication<br>
|
|
<b>Outcome:</b> Session Hijacking<br>
|
|
<b>Attacked Entity Field:</b> Service Providers<br>
|
|
<b>Attacked Entity Geography:</b> USA<br>
|
|
<b>Incident Description:</b> A few days ago, Google accused the government of China for the second time to have hacked into Gmail accounts in order to quash protest. Numerous problems of Chinese customers have been signalled over the past month for both sending and flagging messages.<br>
|
|
<b>Reference:</b> <a href="http://www.htlounge.net/art/15053/china-accused-of-hacking-gmail-to-suppress-dissent.html" target="_blank">http://www.htlounge.net/art/15053/china-accused-of-hacking-gmail-to-suppress-dissent.html</a>
|
|
</div></td></tr> <tr><td><div class="googft-card-view" style="font-family:sans-serif;width:450px;padding:4px;border:1px solid #ccc;overflow:hidden">
|
|
<b>Entry Title:</b> WHID 2011-55: State website hacked - Officials say 1000 people affected have been notified<br>
|
|
<b>WHID ID:</b> 2011-55<br>
|
|
<b>Date Occurred:</b> 3/25/2011<br>
|
|
<b>Attack Method:</b> Unknown<br>
|
|
<b>Application Weakness:</b> Unknown<br>
|
|
<b>Outcome:</b> Leakage of Information<br>
|
|
<b>Attacked Entity Field:</b> Government<br>
|
|
<b>Attacked Entity Geography:</b> Maine, USA<br>
|
|
<b>Incident Description:</b> Credit card information may have been stolen for some people who bought state park passes on line. The Maine Bureau of Parks and Lands learned in February that their online system for the sale of state park passes, provided by a private vendor, was hacked by "malware."<br>
|
|
<b>Reference:</b> <a href="http://www.wabi.tv/news/18888/state-website-hacked-officials-say-1000-people-affected-have-been-notified" target="_blank">http://www.wabi.tv/news/18888/state-website-hacked-officials-say-1000-people-affected-have-been-notified</a>
|
|
</div></td> <td><div class="googft-card-view" style="font-family:sans-serif;width:450px;padding:4px;border:1px solid #ccc;overflow:hidden">
|
|
<b>Entry Title:</b> WHID 2011-54: Internal Affairs website back online after outage<br>
|
|
<b>WHID ID:</b> 2011-54<br>
|
|
<b>Date Occurred:</b> 3/25/2011<br>
|
|
<b>Attack Method:</b> Denial of Service<br>
|
|
<b>Application Weakness:</b> Insufficient Anti-automation<br>
|
|
<b>Outcome:</b> Downtime<br>
|
|
<b>Attacked Entity Field:</b> Government<br>
|
|
<b>Attacked Entity Geography:</b> New Zealand<br>
|
|
<b>Incident Description:</b> The Department of Internal Affairs website is now back up and running after it was shut down - only days before it was due to be hacked by international cyber activist group.<br>
|
|
<b>Reference:</b> <a href="http://m.nzherald.co.nz/technology/news/article.php?c_id=5&objectid=10714882" target="_blank">http://m.nzherald.co.nz/technology/news/article.php?c_id=5&objectid=10714882</a>
|
|
</div></td></tr> <tr><td><div class="googft-card-view" style="font-family:sans-serif;width:450px;padding:4px;border:1px solid #ccc;overflow:hidden">
|
|
<b>Entry Title:</b> WHID 2011-53: Expedia's TripAdvisor Member Data Stolen in Possible SQL Injection Attack<br>
|
|
<b>WHID ID:</b> 2011-53<br>
|
|
<b>Date Occurred:</b> 3/24/2011<br>
|
|
<b>Attack Method:</b> SQL Injection<br>
|
|
<b>Application Weakness:</b> Improper Input Handling<br>
|
|
<b>Outcome:</b> Leakage of Information<br>
|
|
<b>Attacked Entity Field:</b> Hospitality<br>
|
|
<b>Attacked Entity Geography:</b> USA<br>
|
|
<b>Incident Description:</b> TripAdvisor discovered a data breach in its systems that allowed attackers to grab a portion of the Website's membership list from its database.<br>
|
|
<b>Reference:</b> <a href="http://mobile.eweek.com/c/a/Security/Expedias-TripAdvisor-Member-Data-Stolen-in-Possible-SQL-Injection-Attack-522785/" target="_blank">http://mobile.eweek.com/c/a/Security/Expedias-TripAdvisor-Member-Data-Stolen-in-Possible-SQL-Injection-Attack-522785/</a>
|
|
</div></td> <td><div class="googft-card-view" style="font-family:sans-serif;width:450px;padding:4px;border:1px solid #ccc;overflow:hidden">
|
|
<b>Entry Title:</b> WHID 2011-53: Thousands of home computers infiltrated after hackers infect high-profile websites with booby-trapped ads<br>
|
|
<b>WHID ID:</b> 2011-53<br>
|
|
<b>Date Occurred:</b> 3/3/2011<br>
|
|
<b>Attack Method:</b> Malvertising<br>
|
|
<b>Application Weakness:</b> Improper Output Handling<br>
|
|
<b>Outcome:</b> Planting of Malware<br>
|
|
<b>Attacked Entity Field:</b> Finance<br>
|
|
<b>Attacked Entity Geography:</b> <br>
|
|
<b>Incident Description:</b> Tens of thousands of people are feared to have had their computers infected by booby-trapped adverts on websites including the London Stock Exchange as the full extent of a cyber-attack which began on Sunday becomes apparent.
|
|
The scam, which also involved ads on Autotrader, Vue and six other websites, began on Sunday after cyber-criminals hacked into an ad firm's IT system.
|
|
Malicious adverts were then released which caused fake virus warnings to pop-up on computers belonging to those surfing the affected sites.<br>
|
|
<b>Reference:</b> <a href="http://www.dailymail.co.uk/sciencetech/article-1362205/Thousands-home-computers-infiltrated-hackers-infect-high-profile-websites-booby-trapped-ads.html" target="_blank">http://www.dailymail.co.uk/sciencetech/article-1362205/Thousands-home-computers-infiltrated-hackers-infect-high-profile-websites-booby-trapped-ads.html</a>
|
|
</div></td></tr> <tr><td><div class="googft-card-view" style="font-family:sans-serif;width:450px;padding:4px;border:1px solid #ccc;overflow:hidden">
|
|
<b>Entry Title:</b> WHID 2011-52: S. Korea's major web sites hit by DDoS attacks<br>
|
|
<b>WHID ID:</b> 2011-52<br>
|
|
<b>Date Occurred:</b> 3/4/2011<br>
|
|
<b>Attack Method:</b> Denial of Service<br>
|
|
<b>Application Weakness:</b> Insufficient Anti-automation<br>
|
|
<b>Outcome:</b> Downtime<br>
|
|
<b>Attacked Entity Field:</b> Government<br>
|
|
<b>Attacked Entity Geography:</b> Seoul, South Korea<br>
|
|
<b>Incident Description:</b> SEOUL, March 4 (Xinhua) -- A fresh wave of cyber attacks hit major South Korean Web sites, including that of the presidential office Cheong Wa Dae, on Friday, local media reported, citing industrial sources.
|
|
|
|
|
|
|
|
Starting 10 a.m. Friday, 40 web sites, including the ones of presidential office Cheong Wa Dae, the Ministry of Foreign Affairs and Trade and top lender Kookmin Bank, came under distributed denial-of-service (DDoS) attacks, Yonhap News Agency reported, citing AhnLab, South Korea's top information security company.<br>
|
|
<b>Reference:</b> <a href="http://news.xinhuanet.com/english2010/world/2011-03/04/c_13760843.htm" target="_blank">http://news.xinhuanet.com/english2010/world/2011-03/04/c_13760843.htm</a>
|
|
</div></td> <td><div class="googft-card-view" style="font-family:sans-serif;width:450px;padding:4px;border:1px solid #ccc;overflow:hidden">
|
|
<b>Entry Title:</b> WHID 2011-51: WordPress Hit by Second Massive Attack in Two Days<br>
|
|
<b>WHID ID:</b> 2011-51<br>
|
|
<b>Date Occurred:</b> 3/4/2011<br>
|
|
<b>Attack Method:</b> Denial of Service<br>
|
|
<b>Application Weakness:</b> Insufficient Anti-automation<br>
|
|
<b>Outcome:</b> Downtime<br>
|
|
<b>Attacked Entity Field:</b> Blogs<br>
|
|
<b>Attacked Entity Geography:</b> USA<br>
|
|
<b>Incident Description:</b> The main WordPress.com site was the target of a major DDoS attack yesterday that knocked the popular blogging platform offline for a couple of hours, and another attack that hit the site again Friday morning. The service is back online now, but the attacks may be an indication that the service could be collateral damage in some politically motivated attacks against WordPress blogs.<br>
|
|
<b>Reference:</b> <a href="http://threatpost.com/en_us/blogs/wordpress-hit-second-massive-attack-two-days-030411" target="_blank">http://threatpost.com/en_us/blogs/wordpress-hit-second-massive-attack-two-days-030411</a>
|
|
</div></td></tr> <tr><td><div class="googft-card-view" style="font-family:sans-serif;width:450px;padding:4px;border:1px solid #ccc;overflow:hidden">
|
|
<b>Entry Title:</b> WHID 2011-50: Celebrity Ashton Kutcher Firesheep'd at TED Conference<br>
|
|
<b>WHID ID:</b> 2011-50<br>
|
|
<b>Date Occurred:</b> 3/3/2011<br>
|
|
<b>Attack Method:</b> Stolen Credentials<br>
|
|
<b>Application Weakness:</b> Insufficient Transport Layer Protection<br>
|
|
<b>Outcome:</b> Session Hijacking<br>
|
|
<b>Attacked Entity Field:</b> Web 2.0<br>
|
|
<b>Attacked Entity Geography:</b> USA<br>
|
|
<b>Incident Description:</b> High profile celebrity Ashton Kutcher had his Twitter account hijacked at the celebrity infested Technology, Entertainment, Design (TED) Conference, TED2011, in Long Beach, California, on Wednesday.
|
|
|
|
|
|
|
|
Kutcher, best known for his role on the sitcom That 70's Show and, later, as host of MTV's Punk'd prank show, found himself Punk'd Toorcon style, when an unknown attacker hijacked an insecure Web session to post a message to Kutcher's Twitter account, @aplusk.
|
|
|
|
|
|
|
|
"Ashton, you've been Punk'd. This account is not secure. Dude, where's my SSL?" read the first message, which was posted around 17:30 Pacific Time on Wednesday. A few moments later, another message went out to Kutcher's 6.4 million Twitter followers:<br>
|
|
<b>Reference:</b> <a href="https://threatpost.com/en_us/blogs/celebrity-ashton-kutcher-firesheepd-ted-conference-030311" target="_blank">https://threatpost.com/en_us/blogs/celebrity-ashton-kutcher-firesheepd-ted-conference-030311</a>
|
|
</div></td> <td><div class="googft-card-view" style="font-family:sans-serif;width:450px;padding:4px;border:1px solid #ccc;overflow:hidden">
|
|
<b>Entry Title:</b> WHID 2011-5: Dominos Pizza Hacked<br>
|
|
<b>WHID ID:</b> 2011-5<br>
|
|
<b>Date Occurred:</b> 1/23/2011<br>
|
|
<b>Attack Method:</b> SQL Injection<br>
|
|
<b>Application Weakness:</b> Improper Input Handling<br>
|
|
<b>Outcome:</b> Leakage of Information<br>
|
|
<b>Attacked Entity Field:</b> Retail<br>
|
|
<b>Attacked Entity Geography:</b> India<br>
|
|
<b>Incident Description:</b> Domimos Pizza's online ordering system in India was hacked.<br>
|
|
<b>Reference:</b> <a href="http://www.slipperybrick.com/2011/01/dominos-pizza-website-hacked-customer-data-leaked/" target="_blank">http://www.slipperybrick.com/2011/01/dominos-pizza-website-hacked-customer-data-leaked/</a>
|
|
</div></td></tr> <tr><td><div class="googft-card-view" style="font-family:sans-serif;width:450px;padding:4px;border:1px solid #ccc;overflow:hidden">
|
|
<b>Entry Title:</b> WHID 2011-49: WordPress hit by 'extremely large' DDoS attack<br>
|
|
<b>WHID ID:</b> 2011-49<br>
|
|
<b>Date Occurred:</b> 3/3/2011<br>
|
|
<b>Attack Method:</b> Denial of Service<br>
|
|
<b>Application Weakness:</b> Insufficient Anti-automation<br>
|
|
<b>Outcome:</b> Downtime<br>
|
|
<b>Attacked Entity Field:</b> Blogs<br>
|
|
<b>Attacked Entity Geography:</b> USA<br>
|
|
<b>Incident Description:</b> Blog host WordPress.com was the target of a distributed denial-of-service (DDoS) attack earlier today described by the company as the largest in its history.
|
|
|
|
As a result, a number of blogs--including those that are a part of WordPress' VIP service--suffered connectivity issues. That includes the Financial Post, the National Post, TechCrunch, along with the service's nearly 18 million hosted blogs.<br>
|
|
<b>Reference:</b> <a href="http://news.cnet.com/8301-1009_3-20038874-83.html" target="_blank">http://news.cnet.com/8301-1009_3-20038874-83.html</a>
|
|
</div></td> <td><div class="googft-card-view" style="font-family:sans-serif;width:450px;padding:4px;border:1px solid #ccc;overflow:hidden">
|
|
<b>Entry Title:</b> WHID 2011-48: Pro-Iranian Cyber Hackers Attack Voice of America<br>
|
|
<b>WHID ID:</b> 2011-48<br>
|
|
<b>Date Occurred:</b> 2/23/2011<br>
|
|
<b>Attack Method:</b> DNS Hijacking<br>
|
|
<b>Application Weakness:</b> Insufficient Authentication<br>
|
|
<b>Outcome:</b> Defacement<br>
|
|
<b>Attacked Entity Field:</b> Media<br>
|
|
<b>Attacked Entity Geography:</b> Washington, DC<br>
|
|
<b>Incident Description:</b> The board for VOA said cyber hackers hacked into Voice of America???s primary domain name (VOANews.com), and then redirected visitors to another web site claiming to be run by the "Iranian Cyber Army," Numerous related domains registered with Network Solutions were also hacked into, and web visitors were also redirected to the web site supposedly run by the ???Iranian Cyber Army.???<br>
|
|
<b>Reference:</b> <a href="http://www.foxbusiness.com/markets/2011/02/23/pro-iranian-cyber-hackers-attack-voice-america/" target="_blank">http://www.foxbusiness.com/markets/2011/02/23/pro-iranian-cyber-hackers-attack-voice-america/</a>
|
|
</div></td></tr> <tr><td><div class="googft-card-view" style="font-family:sans-serif;width:450px;padding:4px;border:1px solid #ccc;overflow:hidden">
|
|
<b>Entry Title:</b> WHID 2011-47: DDoS attack forces Dutch bank offline<br>
|
|
<b>WHID ID:</b> 2011-47<br>
|
|
<b>Date Occurred:</b> 2/19/2011<br>
|
|
<b>Attack Method:</b> Denial of Service<br>
|
|
<b>Application Weakness:</b> Insufficient Anti-automation<br>
|
|
<b>Outcome:</b> Downtime<br>
|
|
<b>Attacked Entity Field:</b> Finance<br>
|
|
<b>Attacked Entity Geography:</b> Denmark<br>
|
|
<b>Incident Description:</b> The outage of Dutch bank Rabobank last weekend was caused by a massive DDoS attack. The perpetrators are still unknown. The bank reports the attack to the police.<br>
|
|
<b>Reference:</b> <a href="http://news.idg.no/cw/art.cfm?id=3F6822FF-1A64-6A71-CE67724BB606D61C" target="_blank">http://news.idg.no/cw/art.cfm?id=3F6822FF-1A64-6A71-CE67724BB606D61C</a>
|
|
</div></td> <td><div class="googft-card-view" style="font-family:sans-serif;width:450px;padding:4px;border:1px solid #ccc;overflow:hidden">
|
|
<b>Entry Title:</b> WHID 2011-46: Kansas Car Dealership Bank Accounts Hacked<br>
|
|
<b>WHID ID:</b> 2011-46<br>
|
|
<b>Date Occurred:</b> 2/23/2011<br>
|
|
<b>Attack Method:</b> Banking Trojan<br>
|
|
<b>Application Weakness:</b> Insufficient Authentication<br>
|
|
<b>Outcome:</b> Monetary Loss<br>
|
|
<b>Attacked Entity Field:</b> Finance<br>
|
|
<b>Attacked Entity Geography:</b> Kansas<br>
|
|
<b>Incident Description:</b> An online bank robbery in which computer crooks stole $63,000 from a Kansas car dealership illustrates the deftness with which cyber thieves are flouting the meager security measures protecting commercial accounts at many banks.<br>
|
|
<b>Reference:</b> <a href="http://krebsonsecurity.com/2011/02/sold-a-lemon-in-internet-banking/" target="_blank">http://krebsonsecurity.com/2011/02/sold-a-lemon-in-internet-banking/</a>
|
|
</div></td></tr> <tr><td><div class="googft-card-view" style="font-family:sans-serif;width:450px;padding:4px;border:1px solid #ccc;overflow:hidden">
|
|
<b>Entry Title:</b> WHID 2011-45: Facebook users subjected to more clickjacking<br>
|
|
<b>WHID ID:</b> 2011-45<br>
|
|
<b>Date Occurred:</b> 2/22/2011<br>
|
|
<b>Attack Method:</b> Clickjacking<br>
|
|
<b>Application Weakness:</b> Application Misconfiguration<br>
|
|
<b>Outcome:</b> Fraud<br>
|
|
<b>Attacked Entity Field:</b> Web 2.0<br>
|
|
<b>Attacked Entity Geography:</b> USA<br>
|
|
<b>Incident Description:</b> Facebook users have been subjected to another round of clickjacking attacks that force them to authorize actions they had no intention of approving.
|
|
|
|
|
|
|
|
The latest episode in this continuing saga, according to Sophos researchers, is a set of campaigns aimed at Italian-speaking users of the social network. The come-ons promise shocking videos about such things as the real ingredients of Coca Cola. Instead, they are forced into registering their approval of the videos using Facebook's ???Like??? button<br>
|
|
<b>Reference:</b> <a href="http://www.theregister.co.uk/2011/02/22/facebook_clickjacking_attacks/" target="_blank">http://www.theregister.co.uk/2011/02/22/facebook_clickjacking_attacks/</a>
|
|
</div></td> <td><div class="googft-card-view" style="font-family:sans-serif;width:450px;padding:4px;border:1px solid #ccc;overflow:hidden">
|
|
<b>Entry Title:</b> WHID 2011-44: Credit cards compromised as hackers target beauty site<br>
|
|
<b>WHID ID:</b> 2011-44<br>
|
|
<b>Date Occurred:</b> 2/15/2011<br>
|
|
<b>Attack Method:</b> SQL Injection<br>
|
|
<b>Application Weakness:</b> Improper Input Handling<br>
|
|
<b>Outcome:</b> Leakage of Information<br>
|
|
<b>Attacked Entity Field:</b> Retail<br>
|
|
<b>Attacked Entity Geography:</b> New Zealand<br>
|
|
<b>Incident Description:</b> The Lush UK website was recently compromised and the company says while the New Zealand and Australian sites are not linked to the UK site, both have also been targeted by hackers.
|
|
|
|
It says personal data may have been obtained by the hackers and customers should contact their banks to discuss cancelling their credit cards.<br>
|
|
<b>Reference:</b> <a href="http://www.radionz.co.nz/news/national/68729/credit-cards-compromised-as-hackers-target-beauty-site" target="_blank">http://www.radionz.co.nz/news/national/68729/credit-cards-compromised-as-hackers-target-beauty-site</a>
|
|
</div></td></tr> <tr><td><div class="googft-card-view" style="font-family:sans-serif;width:450px;padding:4px;border:1px solid #ccc;overflow:hidden">
|
|
<b>Entry Title:</b> WHID 2011-43: BBC music websites get hacked<br>
|
|
<b>WHID ID:</b> 2011-43<br>
|
|
<b>Date Occurred:</b> 2/16/2011<br>
|
|
<b>Attack Method:</b> Unknown<br>
|
|
<b>Application Weakness:</b> Improper Output Handling<br>
|
|
<b>Outcome:</b> Planting of Malware<br>
|
|
<b>Attacked Entity Field:</b> Entertainment<br>
|
|
<b>Attacked Entity Geography:</b> UK<br>
|
|
<b>Incident Description:</b> THE BBC'S MUSIC WEBSITES have been hacked to stream malware using drive-by downloads for anyone browsing the infected webpages.
|
|
|
|
Hackers set the drive-by malware up at the BBC's 6 Music website and the BBC 1Xtra radio station website. Researchers at the insecurity outfit Websense found the exploits and put its report up on its security labs blog.
|
|
|
|
"The BBC - 6 Music Web site has been injected with a malicious iframe, as have areas of the BBC 1Xtra radio station Web site," an anonymous Websense insecurity researcher wrote.
|
|
|
|
Websense claims the injected iframe is at the bottom of the BBC 6 Music webpage and has been set up to automatically download some dodgy code from a .cc website. Apparently the hack is exactly the same on the BBC's 1Xtra website.<br>
|
|
<b>Reference:</b> <a href="http://www.theinquirer.net/inquirer/news/2026766/bbc-music-websites-hacked" target="_blank">http://www.theinquirer.net/inquirer/news/2026766/bbc-music-websites-hacked</a>
|
|
</div></td> <td><div class="googft-card-view" style="font-family:sans-serif;width:450px;padding:4px;border:1px solid #ccc;overflow:hidden">
|
|
<b>Entry Title:</b> WHID 2011-42: Irish recruitment website hacked<br>
|
|
<b>WHID ID:</b> 2011-42<br>
|
|
<b>Date Occurred:</b> 2/8/2011<br>
|
|
<b>Attack Method:</b> SQL Injection<br>
|
|
<b>Application Weakness:</b> Improper Input Handling<br>
|
|
<b>Outcome:</b> Leakage of Information<br>
|
|
<b>Attacked Entity Field:</b> Recruitment<br>
|
|
<b>Attacked Entity Geography:</b> Ireland<br>
|
|
<b>Incident Description:</b> The Irish job website RecruitIreland.com was hacked earlier this week, resulting in breached systems and the theft of the credentials of 400,000 users.
|
|
|
|
|
|
|
|
According to media reports, the website was temporarily taken offline after the breach was discovered on the 8th February. A statement on the website said that as per its security guidelines and structures, it has a process in place for eventualities such as this.
|
|
|
|
|
|
|
|
It said: ???The present indicators are that our database was breached to get email addresses and names for spamming<br>
|
|
<b>Reference:</b> <a href="http://www.scmagazineuk.com/irish-recruitment-website-hacked-leading-to-the-breach-of-around-400000-user-details/article/196142/" target="_blank">http://www.scmagazineuk.com/irish-recruitment-website-hacked-leading-to-the-breach-of-around-400000-user-details/article/196142/</a>
|
|
</div></td></tr> <tr><td><div class="googft-card-view" style="font-family:sans-serif;width:450px;padding:4px;border:1px solid #ccc;overflow:hidden">
|
|
<b>Entry Title:</b> WHID 2011-41: English Defence League site pulled offline after defacement<br>
|
|
<b>WHID ID:</b> 2011-41<br>
|
|
<b>Date Occurred:</b> 2/11/2011<br>
|
|
<b>Attack Method:</b> Unknown<br>
|
|
<b>Application Weakness:</b> Unknown<br>
|
|
<b>Outcome:</b> Defacement<br>
|
|
<b>Attacked Entity Field:</b> Government<br>
|
|
<b>Attacked Entity Geography:</b> England<br>
|
|
<b>Incident Description:</b> The website of the far right English Defence League remained unavailable on Friday following a hack attack on Wednesday.<br>
|
|
<b>Reference:</b> <a href="http://www.theregister.co.uk/2011/02/11/edl_defacement/" target="_blank">http://www.theregister.co.uk/2011/02/11/edl_defacement/</a>
|
|
</div></td> <td><div class="googft-card-view" style="font-family:sans-serif;width:450px;padding:4px;border:1px solid #ccc;overflow:hidden">
|
|
<b>Entry Title:</b> WHID 2011-40: eHarmony Hacked<br>
|
|
<b>WHID ID:</b> 2011-40<br>
|
|
<b>Date Occurred:</b> 2/10/2011<br>
|
|
<b>Attack Method:</b> SQL Injection<br>
|
|
<b>Application Weakness:</b> Improper Input Handling<br>
|
|
<b>Outcome:</b> Leakage of Information<br>
|
|
<b>Attacked Entity Field:</b> Entertainment<br>
|
|
<b>Attacked Entity Geography:</b> USA<br>
|
|
<b>Incident Description:</b> Joseph Essas, chief technology officer at eHarmony, said Russo found a SQL injection vulnerability in one of the third party libraries that eHarmony has been using for content management on the company???s advice site ??? advice.eharmony.com. Essas said there were no signs that accounts at its main user site ??? eharmony.com ??? were affected.
|
|
|
|
|
|
|
|
???The SQL dump contained screen names, email addresses, and hashed passwords for account login on the Advice site.<br>
|
|
<b>Reference:</b> <a href="http://krebsonsecurity.com/2011/02/eharmony-hacked/" target="_blank">http://krebsonsecurity.com/2011/02/eharmony-hacked/</a>
|
|
</div></td></tr> <tr><td><div class="googft-card-view" style="font-family:sans-serif;width:450px;padding:4px;border:1px solid #ccc;overflow:hidden">
|
|
<b>Entry Title:</b> WHID 2011-4: Trapster Hacked<br>
|
|
<b>WHID ID:</b> 2011-4<br>
|
|
<b>Date Occurred:</b> 1/20/2011<br>
|
|
<b>Attack Method:</b> Unknown<br>
|
|
<b>Application Weakness:</b> Unknown<br>
|
|
<b>Outcome:</b> Leakage of Information<br>
|
|
<b>Attacked Entity Field:</b> Web 2.0<br>
|
|
<b>Attacked Entity Geography:</b> <br>
|
|
<b>Incident Description:</b> A website that helps drivers avoid speeding tickets is warning its 10 million registered users that their email addresses and passwords may be in the hands of hackers who breached the site's security. The advisory was issued on Thursday by Trapster, which boasts more than 10 million users on its front page. The site uses crowd-sourcing techniques to compile locations of police who are using radar to catch speeding drivers. Trapster said the hack amounted to a ???single event,??? and that the company has since taken steps to ???prevent this type of attack from happening again, and continue to implement additional security measures to further protect your data.??? Trapster didn't say whether it planned to begin hashing passwords, which is considered a basic security precaution to prevent their disclosure.<br>
|
|
<b>Reference:</b> <a href="http://www.theregister.co.uk/2011/01/21/trapster_website_hack/" target="_blank">http://www.theregister.co.uk/2011/01/21/trapster_website_hack/</a>
|
|
</div></td> <td><div class="googft-card-view" style="font-family:sans-serif;width:450px;padding:4px;border:1px solid #ccc;overflow:hidden">
|
|
<b>Entry Title:</b> WHID 2011-39: Hackers Breach Tech Systems of Oil Companies<br>
|
|
<b>WHID ID:</b> 2011-39<br>
|
|
<b>Date Occurred:</b> 2/10/2011<br>
|
|
<b>Attack Method:</b> SQL Injection<br>
|
|
<b>Application Weakness:</b> Improper Input Handling<br>
|
|
<b>Outcome:</b> Leakage of Information<br>
|
|
<b>Attacked Entity Field:</b> Energy<br>
|
|
<b>Attacked Entity Geography:</b> <br>
|
|
<b>Incident Description:</b> At least five multinational oil and gas companies suffered computer network intrusions from a persistent group of computer hackers based in China, according to a report released Wednesday night by a Silicon Valley computer security firm.
|
|
|
|
|
|
|
|
According to the report, the intruders used widely available attack methods known as SQL injection and spear phishing to compromise their targets. Once they gained access to computers on internal company networks, they would install remote administration software that gave them complete control of those systems. That made it possible for the intruders to search for documents as well as stage attacks on other computers connected to corporate networks.<br>
|
|
<b>Reference:</b> <a href="http://www.nytimes.com/2011/02/10/business/global/10hack.html?_r=1" target="_blank">http://www.nytimes.com/2011/02/10/business/global/10hack.html?_r=1</a>
|
|
</div></td></tr> <tr><td><div class="googft-card-view" style="font-family:sans-serif;width:450px;padding:4px;border:1px solid #ccc;overflow:hidden">
|
|
<b>Entry Title:</b> WHID 2011-38: HBGary Federal Hacked by Anonymous<br>
|
|
<b>WHID ID:</b> 2011-38<br>
|
|
<b>Date Occurred:</b> 2/7/2011<br>
|
|
<b>Attack Method:</b> SQL Injection<br>
|
|
<b>Application Weakness:</b> Improper Input Handling<br>
|
|
<b>Outcome:</b> Leakage of Information<br>
|
|
<b>Attacked Entity Field:</b> IT Services<br>
|
|
<b>Attacked Entity Geography:</b> USA<br>
|
|
<b>Incident Description:</b> In a phone interview late Sunday evening, Hoglund said that unlike the more traditional Web-site attacking activities of Anonymous, the hackers who infiltrated HBGary???s system showed real skills, even social engineering a network administrator into giving them complete control over rootkit.com, a security research site Hoglund has long maintained.
|
|
|
|
|
|
|
|
???They broke into one of HBGary???s servers that was used for tech support, and they got emails through compromising an insecure Web server at HBGary Federal,??? Hoglund said. ???They used that to get the credentials for Aaron, who happened to be an administrator on our email system, which is how they got into everything else. So it???s a case where the hackers break in on a non-important system, which is very common in hacking situations, and leveraged lateral movement to get onto systems of interest over time.???<br>
|
|
<b>Reference:</b> <a href="http://krebsonsecurity.com/2011/02/hbgary-federal-hacked-by-anonymous/" target="_blank">http://krebsonsecurity.com/2011/02/hbgary-federal-hacked-by-anonymous/</a>
|
|
</div></td> <td><div class="googft-card-view" style="font-family:sans-serif;width:450px;padding:4px;border:1px solid #ccc;overflow:hidden">
|
|
<b>Entry Title:</b> WHID 2011-37: Nasdaq admits hackers planted malware on web portal<br>
|
|
<b>WHID ID:</b> 2011-37<br>
|
|
<b>Date Occurred:</b> 2/7/2011<br>
|
|
<b>Attack Method:</b> SQL Injection<br>
|
|
<b>Application Weakness:</b> Improper Input Handling<br>
|
|
<b>Outcome:</b> Planting of Malware<br>
|
|
<b>Attacked Entity Field:</b> Finance<br>
|
|
<b>Attacked Entity Geography:</b> USA<br>
|
|
<b>Incident Description:</b> Nasdaq admitted on Saturday that unidentified hackers had succeeded in planting malware on one of its portals.
|
|
|
|
|
|
|
|
The US stock exchange is keen to stress that trading systems were not affected by suspicious files found on Directors Desk, a web-based dashboard application used by an estimated 10,000 execs worldwide. In a statement, Nasdaq said that there was no evidence that customer information had been exposed by breach.
|
|
|
|
|
|
|
|
It adds that it is likely that the Directors Desk hack was designed to plant malware on the systems of users via drive-by-download attacks.<br>
|
|
<b>Reference:</b> <a href="http://www.theregister.co.uk/2011/02/07/nasdaq_malware_breach/" target="_blank">http://www.theregister.co.uk/2011/02/07/nasdaq_malware_breach/</a>
|
|
</div></td></tr> <tr><td><div class="googft-card-view" style="font-family:sans-serif;width:450px;padding:4px;border:1px solid #ccc;overflow:hidden">
|
|
<b>Entry Title:</b> WHID 2011-36: Credit report resellers settle with US FTC after data losses<br>
|
|
<b>WHID ID:</b> 2011-36<br>
|
|
<b>Date Occurred:</b> 2/3/2011<br>
|
|
<b>Attack Method:</b> Unknown<br>
|
|
<b>Application Weakness:</b> Insufficient Authorization<br>
|
|
<b>Outcome:</b> Leakage of Information<br>
|
|
<b>Attacked Entity Field:</b> Finance<br>
|
|
<b>Attacked Entity Geography:</b> <br>
|
|
<b>Incident Description:</b> As part of the Federal Trade Commission???s ongoing campaign to protect consumers??? personal information, three companies whose business is reselling consumers??? credit reports have agreed to settle FTC charges that they did not take reasonable steps to protect consumers??? personal information, failures that allowed computer hackers to access that data. The settlements require the companies to strengthen their data security procedures and submit to audits for 20 years. These are the FTC???s first cases against credit report resellers for their clients??? data security failures.
|
|
|
|
|
|
|
|
???These cases should send a strong message that companies giving their clients online access to sensitive consumer information must have reasonable procedures to secure it,??? said David Vladeck, Director of the FTC???s Bureau of Consumer Protection. ???Had these three companies taken adequate steps to ensure the use of basic computer security measures, they might have foiled the hackers who wound up gaining access to extensive personal information in the consumer reporting system.???
|
|
|
|
|
|
|
|
According to administrative complaints issued by the FTC, the three resellers buy credit reports from the three nationwide consumer reporting agencies (Equifax, Experian, and TransUnion) and combine them into special reports they sell to mortgage brokers and others to determine consumers??? eligibility for credit. Due to their lack of information security policies and procedures, the companies allegedly allowed clients without basic security measures, such as firewalls and updated antivirus software, to access their reports. As a result, hackers accessed more than 1,800 credit reports without authorization via the clients??? computer networks. In addition, even after becoming aware of the data breaches, the companies did not make reasonable efforts to protect against future breaches.<br>
|
|
<b>Reference:</b> <a href="http://www.ftc.gov/opa/2011/02/settlement.shtm" target="_blank">http://www.ftc.gov/opa/2011/02/settlement.shtm</a>
|
|
</div></td> <td><div class="googft-card-view" style="font-family:sans-serif;width:450px;padding:4px;border:1px solid #ccc;overflow:hidden">
|
|
<b>Entry Title:</b> WHID 2011-35: 'Dating site' takes pictures and names of 250,000 unsuspecting Facebook users<br>
|
|
<b>WHID ID:</b> 2011-35<br>
|
|
<b>Date Occurred:</b> 2/4/2011<br>
|
|
<b>Attack Method:</b> Process Automation<br>
|
|
<b>Application Weakness:</b> Insufficient Anti-automation<br>
|
|
<b>Outcome:</b> Disinformation<br>
|
|
<b>Attacked Entity Field:</b> Web 2.0<br>
|
|
<b>Attacked Entity Geography:</b> USA<br>
|
|
<b>Incident Description:</b> Creators of a fake dating site have taken personal information from 250,000 Facebook profiles - and reproduced it without the knowledge of the members of the popular social networking site.
|
|
|
|
|
|
|
|
However, bosses at Facebook have hit out at the misuse of the information held on their site and said they will 'take appropriate action'.
|
|
|
|
'Scraping people???s information violates our terms. We have taken, and will continue to take, aggressive legal action against organisations that violate these terms,' Facebook???s director of policy communications, Barry Schnitt, told Wired.com.<br>
|
|
<b>Reference:</b> <a href="http://www.dailymail.co.uk/news/article-1353643/Facebook-profiles-hacked-Dating-site-lifts-250-000-pictures-names.html" target="_blank">http://www.dailymail.co.uk/news/article-1353643/Facebook-profiles-hacked-Dating-site-lifts-250-000-pictures-names.html</a>
|
|
</div></td></tr> <tr><td><div class="googft-card-view" style="font-family:sans-serif;width:450px;padding:4px;border:1px solid #ccc;overflow:hidden">
|
|
<b>Entry Title:</b> WHID 2011-34: Al Jazeera site 'hacked by opponents of pro-democracy movement' in Egypt<br>
|
|
<b>WHID ID:</b> 2011-34<br>
|
|
<b>Date Occurred:</b> 2/4/2011<br>
|
|
<b>Attack Method:</b> Unknown<br>
|
|
<b>Application Weakness:</b> Improper Output Handling<br>
|
|
<b>Outcome:</b> Defacement<br>
|
|
<b>Attacked Entity Field:</b> Media<br>
|
|
<b>Attacked Entity Geography:</b> Dubai, Dubai<br>
|
|
<b>Incident Description:</b> Al Jazeera's Arabic news website was hacked into today following its coverage of anti-government protests in Egypt, according to the Qatar-based broadcaster.
|
|
|
|
|
|
|
|
In a release, Al Jazeera claimed that for two hours this morning ??? from 6.30am to 8.30am Doha time ??? a banner advertisement was replaced with a slogan saying 'Together for the collapse of Egypt', which linked to a page criticising the broadcaster.<br>
|
|
<b>Reference:</b> <a href="http://www.journalism.co.uk/news/al-jazeera-site-hacked-by-opponents-of-pro-democracy-movement-in-egypt/s2/a542649/" target="_blank">http://www.journalism.co.uk/news/al-jazeera-site-hacked-by-opponents-of-pro-democracy-movement-in-egypt/s2/a542649/</a>
|
|
</div></td> <td><div class="googft-card-view" style="font-family:sans-serif;width:450px;padding:4px;border:1px solid #ccc;overflow:hidden">
|
|
<b>Entry Title:</b> WHID 2011-33: Anonymous Hackers Attack Yemeni Government<br>
|
|
<b>WHID ID:</b> 2011-33<br>
|
|
<b>Date Occurred:</b> 2/2/2011<br>
|
|
<b>Attack Method:</b> Denial of Service<br>
|
|
<b>Application Weakness:</b> Insufficient Anti-automation<br>
|
|
<b>Outcome:</b> Downtime<br>
|
|
<b>Attacked Entity Field:</b> Government<br>
|
|
<b>Attacked Entity Geography:</b> Yemin<br>
|
|
<b>Incident Description:</b> Anonymous took down Egyptian government websites today to protest the country's Internet censorship. Old news. Now they've moved on to Yemen, where an Egypt-style "day of rage" is scheduled for tomorrow. Hackers have already taken down the Ministry of Information.<br>
|
|
<b>Reference:</b> <a href="http://gawker.com/5750513/anonymous-hackers-already-taking-down-yemeni-websites" target="_blank">http://gawker.com/5750513/anonymous-hackers-already-taking-down-yemeni-websites</a>
|
|
</div></td></tr> <tr><td><div class="googft-card-view" style="font-family:sans-serif;width:450px;padding:4px;border:1px solid #ccc;overflow:hidden">
|
|
<b>Entry Title:</b> WHID 2011-32: European Carbon Trading Systems Hacked<br>
|
|
<b>WHID ID:</b> 2011-32<br>
|
|
<b>Date Occurred:</b> 1/19/2011<br>
|
|
<b>Attack Method:</b> Unknown<br>
|
|
<b>Application Weakness:</b> Unknown<br>
|
|
<b>Outcome:</b> Monetary Loss<br>
|
|
<b>Attacked Entity Field:</b> Energy<br>
|
|
<b>Attacked Entity Geography:</b> <br>
|
|
<b>Incident Description:</b> Cyberattacks on national registries caused the closure of the ETS system last wednesday, right after from Czech Republic came the news that the firm Blackstone Global Ventures discovered to be missing something close to 9 million US dollars of carbon allowances.<br>
|
|
<b>Reference:</b> <a href="http://www.estonianfreepress.com/2011/01/ets-carbon-cyberattack/" target="_blank">http://www.estonianfreepress.com/2011/01/ets-carbon-cyberattack/</a>
|
|
</div></td> <td><div class="googft-card-view" style="font-family:sans-serif;width:450px;padding:4px;border:1px solid #ccc;overflow:hidden">
|
|
<b>Entry Title:</b> WHID 2011-31: Hacker admits stealing $12million worth of poker chips from US gaming company<br>
|
|
<b>WHID ID:</b> 2011-31<br>
|
|
<b>Date Occurred:</b> 2/2/2011<br>
|
|
<b>Attack Method:</b> Unknown<br>
|
|
<b>Application Weakness:</b> Unknown<br>
|
|
<b>Outcome:</b> Loss of Sales<br>
|
|
<b>Attacked Entity Field:</b> Entertainment<br>
|
|
<b>Attacked Entity Geography:</b> San Francisco, CA<br>
|
|
<b>Incident Description:</b> A COMPUTER hacker from Paignton has admitted stealing $12million worth of poker chips from an American gaming company.
|
|
|
|
|
|
|
|
Ashley Mitchell, 29, of Little Park Road, Paignton, admitted accessing the system belonging to the Zynga Corporation and stealing 400 billion chips.
|
|
|
|
|
|
|
|
He then sold some of the virtual chips on the black market for ??53,000.<br>
|
|
<b>Reference:</b> <a href="http://www.thisissouthdevon.co.uk/news/HACKER-ADMITS-STEALING-12m-POKER-CHIPS/article-3170994-detail/article.html" target="_blank">http://www.thisissouthdevon.co.uk/news/HACKER-ADMITS-STEALING-12m-POKER-CHIPS/article-3170994-detail/article.html</a>
|
|
</div></td></tr> <tr><td><div class="googft-card-view" style="font-family:sans-serif;width:450px;padding:4px;border:1px solid #ccc;overflow:hidden">
|
|
<b>Entry Title:</b> WHID 2011-30: Facebook plugs gnarly authentication flaw<br>
|
|
<b>WHID ID:</b> 2011-30<br>
|
|
<b>Date Occurred:</b> 2/2/2011<br>
|
|
<b>Attack Method:</b> Content Spoofing<br>
|
|
<b>Application Weakness:</b> Insufficient Authentication<br>
|
|
<b>Outcome:</b> Leakage of Information<br>
|
|
<b>Attacked Entity Field:</b> Web 2.0<br>
|
|
<b>Attacked Entity Geography:</b> Palo Alto, CA<br>
|
|
<b>Incident Description:</b> the vulnerability stems from a bug in one of Facebook???s authentication mechanisms, Rui explained.
|
|
|
|
|
|
|
|
The vulnerability enables the malicious website to impersonate any other websites to cheat Facebook, and obtain the same data access permissions on Facebook those websites receive. Bing.com by default has the permission to access any Facebook users' basic information such as name, gender, etc, so our malicious website is able to de-anonymize the users by impersonating Bing.com. In addition, due to business needs, there are many websites requesting more permissions, including accessing to a user's private data, and publishing content on Facebook on her behalf. Therefore, by impersonating those websites, our website can obtain the same permissions to steal the private data or post phishing messages on Facebook on the user's behalf.
|
|
|
|
The exploit is generic, so we do not need to write an exploit for each Facebook app/website. The only parameter we need is the app ID of a Facebook app/website.<br>
|
|
<b>Reference:</b> <a href="http://www.theregister.co.uk/2011/02/02/facebook_plugs_authentication_flaw/" target="_blank">http://www.theregister.co.uk/2011/02/02/facebook_plugs_authentication_flaw/</a>
|
|
</div></td> <td><div class="googft-card-view" style="font-family:sans-serif;width:450px;padding:4px;border:1px solid #ccc;overflow:hidden">
|
|
<b>Entry Title:</b> WHID 2011-3: Hacked Military and Government Sites Just Scratch the Surface<br>
|
|
<b>WHID ID:</b> 2011-3<br>
|
|
<b>Date Occurred:</b> 1/21/2011<br>
|
|
<b>Attack Method:</b> SQL Injection<br>
|
|
<b>Application Weakness:</b> Improper Input Handling<br>
|
|
<b>Outcome:</b> Leakage of Information<br>
|
|
<b>Attacked Entity Field:</b> Government<br>
|
|
<b>Attacked Entity Geography:</b> <br>
|
|
<b>Incident Description:</b> The Web has been abuzz with the revelation that hacked government and military Web sites, as well as databases of personal information are available for less than $500. As concerning as that may be, what should keep IT admins awake at night is the broader realization that these are only the hacked sites that were discovered on the hacker underground. There are more, and your site could be one of them.<br>
|
|
<b>Reference:</b> <a href="http://www.pcworld.com/businesscenter/article/217472/hacked_military_and_government_sites_just_scratch_the_surface.html" target="_blank">http://www.pcworld.com/businesscenter/article/217472/hacked_military_and_government_sites_just_scratch_the_surface.html</a>
|
|
</div></td></tr> <tr><td><div class="googft-card-view" style="font-family:sans-serif;width:450px;padding:4px;border:1px solid #ccc;overflow:hidden">
|
|
<b>Entry Title:</b> WHID 2011-29: PlentyofFish Site Hacked<br>
|
|
<b>WHID ID:</b> 2011-29<br>
|
|
<b>Date Occurred:</b> 1/31/2011<br>
|
|
<b>Attack Method:</b> SQL Injection<br>
|
|
<b>Application Weakness:</b> Improper Input Handling<br>
|
|
<b>Outcome:</b> Leakage of Information<br>
|
|
<b>Attacked Entity Field:</b> Entertainment<br>
|
|
<b>Attacked Entity Geography:</b> Yarmouth, Nova Scotia<br>
|
|
<b>Incident Description:</b> "The vulnerability was properly documented by our team, without exposing any confidential user information," he writes. "This was an error based MSSQL injection, that could allow any attacker to make a full backup of the databases used by the websever, and or gain direct access into the site."<br>
|
|
<b>Reference:</b> <a href="http://www.net-security.org/secworld.php?id=10514" target="_blank">http://www.net-security.org/secworld.php?id=10514</a>
|
|
</div></td> <td><div class="googft-card-view" style="font-family:sans-serif;width:450px;padding:4px;border:1px solid #ccc;overflow:hidden">
|
|
<b>Entry Title:</b> WHID 2011-289: Hacked! Environmental activism site Care2, users exposed<br>
|
|
<b>WHID ID:</b> 2011-289<br>
|
|
<b>Date Occurred:</b> 12/30/2011<br>
|
|
<b>Attack Method:</b> Unknown<br>
|
|
<b>Application Weakness:</b> Unknown<br>
|
|
<b>Outcome:</b> Leakage of Information<br>
|
|
<b>Attacked Entity Field:</b> Environmental Protection<br>
|
|
<b>Attacked Entity Geography:</b> Redwood, CA<br>
|
|
<b>Incident Description:</b> Care2.com, a site dedicated to environmental awareness, petitioning, and charitible donation with more than 17 million members has been hacked, according to a message from the company Friday morning.<br>
|
|
<b>Reference:</b> <a href="http://betanews.com/2011/12/30/hacked-environmental-activism-site-care2-users-exposed/" target="_blank">http://betanews.com/2011/12/30/hacked-environmental-activism-site-care2-users-exposed/</a>
|
|
</div></td></tr> <tr><td><div class="googft-card-view" style="font-family:sans-serif;width:450px;padding:4px;border:1px solid #ccc;overflow:hidden">
|
|
<b>Entry Title:</b> WHID 2011-288: Hacker group Anonymous steals sensitive info from Stratfor security firm<br>
|
|
<b>WHID ID:</b> 2011-288<br>
|
|
<b>Date Occurred:</b> 12/24/2011<br>
|
|
<b>Attack Method:</b> Unknown<br>
|
|
<b>Application Weakness:</b> Unknown<br>
|
|
<b>Outcome:</b> Defacement, Leakage of Information<br>
|
|
<b>Attacked Entity Field:</b> Research<br>
|
|
<b>Attacked Entity Geography:</b> Austin, TX<br>
|
|
<b>Incident Description:</b> Hacker collective Anonymous claims to have stolen credit card data and other sensitive details from U.S. security think tank Stratfor, with plans to donate $1 million in stolen cash to charity.<br>
|
|
<b>Reference:</b> <a href="http://venturebeat.com/2011/12/25/anonymous-hackers-steals-data-stratfor-security/" target="_blank">http://venturebeat.com/2011/12/25/anonymous-hackers-steals-data-stratfor-security/</a>
|
|
</div></td> <td><div class="googft-card-view" style="font-family:sans-serif;width:450px;padding:4px;border:1px solid #ccc;overflow:hidden">
|
|
<b>Entry Title:</b> WHID-2011-286: Chinese gaming sites hacked: Millions of users affected<br>
|
|
<b>WHID ID:</b> 2011-287<br>
|
|
<b>Date Occurred:</b> 12/22/2011<br>
|
|
<b>Attack Method:</b> Unknown<br>
|
|
<b>Application Weakness:</b> Unknown<br>
|
|
<b>Outcome:</b> Leakage of Information<br>
|
|
<b>Attacked Entity Field:</b> Gaming<br>
|
|
<b>Attacked Entity Geography:</b> China<br>
|
|
<b>Incident Description:</b> The accounts of millions of Chinese web users have been compromised in a series of hacking attacks on several gaming websites, with account information leaking online<br>
|
|
<b>Reference:</b> <a href="http://www.zdnet.com/blog/asia/chinese-gaming-sites-hacked-millions-of-users-affected/579" target="_blank">http://www.zdnet.com/blog/asia/chinese-gaming-sites-hacked-millions-of-users-affected/579</a>
|
|
</div></td></tr> <tr><td><div class="googft-card-view" style="font-family:sans-serif;width:450px;padding:4px;border:1px solid #ccc;overflow:hidden">
|
|
<b>Entry Title:</b> WHID-2011-287: Chinese gaming sites hacked: Millions of users affected<br>
|
|
<b>WHID ID:</b> 2011-286<br>
|
|
<b>Date Occurred:</b> 11/22/2011<br>
|
|
<b>Attack Method:</b> Phishing<br>
|
|
<b>Application Weakness:</b> Insufficient Authentication<br>
|
|
<b>Outcome:</b> Monetary Loss<br>
|
|
<b>Attacked Entity Field:</b> Entertainment<br>
|
|
<b>Attacked Entity Geography:</b> Tempe, AZ<br>
|
|
<b>Incident Description:</b> Thousands of accounts belonging to Xbox Live customers have been hacked into by online criminals who have stolen millions of pounds, it has been reported<br>
|
|
<b>Reference:</b> <a href="http://www.telegraph.co.uk/technology/video-games/Xbox/8906043/Xbox-Live-customers-hacked-in-fresh-cyber-fraud-case.html" target="_blank">http://www.telegraph.co.uk/technology/video-games/Xbox/8906043/Xbox-Live-customers-hacked-in-fresh-cyber-fraud-case.html</a>
|
|
</div></td> <td><div class="googft-card-view" style="font-family:sans-serif;width:450px;padding:4px;border:1px solid #ccc;overflow:hidden">
|
|
<b>Entry Title:</b> WHID 2011-285: Cong site hacked, Sonia???s profile page defaced<br>
|
|
<b>WHID ID:</b> 2011-285<br>
|
|
<b>Date Occurred:</b> 12/9/2011<br>
|
|
<b>Attack Method:</b> Unknown<br>
|
|
<b>Application Weakness:</b> Unknown<br>
|
|
<b>Outcome:</b> Defacement<br>
|
|
<b>Attacked Entity Field:</b> Government<br>
|
|
<b>Attacked Entity Geography:</b> India<br>
|
|
<b>Incident Description:</b> Amid the raging debate over the government???s proposal to crack down on ???unacceptable??? internet content, hackers broke into Congress websites on Friday and defaced party chief Sonia Gandhi's profile page with objectionable material.<br>
|
|
<b>Reference:</b> <a href="http://www.hindustantimes.com/News-Feed/newdelhi/Congress-website-hacked-Sonia-s-profile-page-defaced/Article1-780256.aspx" target="_blank">http://www.hindustantimes.com/News-Feed/newdelhi/Congress-website-hacked-Sonia-s-profile-page-defaced/Article1-780256.aspx</a>
|
|
</div></td></tr> <tr><td><div class="googft-card-view" style="font-family:sans-serif;width:450px;padding:4px;border:1px solid #ccc;overflow:hidden">
|
|
<b>Entry Title:</b> WHID 2011-284: Websites downed in Russia poll 'hack attack'<br>
|
|
<b>WHID ID:</b> 2011-284<br>
|
|
<b>Date Occurred:</b> 12/4/2011<br>
|
|
<b>Attack Method:</b> Denial of Service<br>
|
|
<b>Application Weakness:</b> Unknown<br>
|
|
<b>Outcome:</b> Downtime<br>
|
|
<b>Attacked Entity Field:</b> Radio station<br>
|
|
<b>Attacked Entity Geography:</b> Russia<br>
|
|
<b>Incident Description:</b> Websites which revealed violations in Russia's legislative polls were targeted in a mass hacking attack Sunday their operators said was aimed at preventing the exposure of mass election fraud.<br>
|
|
<b>Reference:</b> <a href="http://www.google.com/hostednews/afp/article/ALeqM5hAnXDOHgstjNt-eH4tBzon2B96Aw?docId=CNG.5b3137d37ca033f82d1946db0c21911c.151" target="_blank">http://www.google.com/hostednews/afp/article/ALeqM5hAnXDOHgstjNt-eH4tBzon2B96Aw?docId=CNG.5b3137d37ca033f82d1946db0c21911c.151</a>
|
|
</div></td> <td><div class="googft-card-view" style="font-family:sans-serif;width:450px;padding:4px;border:1px solid #ccc;overflow:hidden">
|
|
<b>Entry Title:</b> WHID 2011-283: United Nations Website Hacked<br>
|
|
<b>WHID ID:</b> 2011-283<br>
|
|
<b>Date Occurred:</b> 11/30/2011<br>
|
|
<b>Attack Method:</b> Unknown<br>
|
|
<b>Application Weakness:</b> Unknown<br>
|
|
<b>Outcome:</b> Leakage of Information<br>
|
|
<b>Attacked Entity Field:</b> United Nations<br>
|
|
<b>Attacked Entity Geography:</b> New York<br>
|
|
<b>Incident Description:</b> Hacking attacks continue to happen all over the world. This time, a hacker group, which calls itself "Teampoison", attacked the website of the United Nations and posted personal information belonging to UN members on Pastebin.<br>
|
|
<b>Reference:</b> <a href="http://www.shortnews.com/start.cfm?id=91152" target="_blank">http://www.shortnews.com/start.cfm?id=91152</a>
|
|
</div></td></tr> <tr><td><div class="googft-card-view" style="font-family:sans-serif;width:450px;padding:4px;border:1px solid #ccc;overflow:hidden">
|
|
<b>Entry Title:</b> WHID 2011-282: Mexican weekly goes offline after cyberattack<br>
|
|
<b>WHID ID:</b> 2011-282<br>
|
|
<b>Date Occurred:</b> 11/25/2011<br>
|
|
<b>Attack Method:</b> Denial of Service<br>
|
|
<b>Application Weakness:</b> Insufficient Anti-automation<br>
|
|
<b>Outcome:</b> Downtime<br>
|
|
<b>Attacked Entity Field:</b> Newspaper<br>
|
|
<b>Attacked Entity Geography:</b> Mexico<br>
|
|
<b>Incident Description:</b> The Committee to Protect Journalists is concerned by reports of a cyberattack on Mexican weekly R?_odoce that forced its website offline on Friday.<br>
|
|
<b>Reference:</b> <a href="http://www.cpj.org/2011/11/mexican-weekly-goes-offline-after-cyberattack.php" target="_blank">http://www.cpj.org/2011/11/mexican-weekly-goes-offline-after-cyberattack.php</a>
|
|
</div></td> <td><div class="googft-card-view" style="font-family:sans-serif;width:450px;padding:4px;border:1px solid #ccc;overflow:hidden">
|
|
<b>Entry Title:</b> WHID 2011-281: City's website hacked, no information compromised<br>
|
|
<b>WHID ID:</b> 2011-281<br>
|
|
<b>Date Occurred:</b> 11/27/2011<br>
|
|
<b>Attack Method:</b> Unknown<br>
|
|
<b>Application Weakness:</b> Unknown<br>
|
|
<b>Outcome:</b> Defacement<br>
|
|
<b>Attacked Entity Field:</b> Government<br>
|
|
<b>Attacked Entity Geography:</b> Kentucky<br>
|
|
<b>Incident Description:</b> The city of Bowling Green's website is back to normal after being broken into by hackers over the weekend.<br>
|
|
<b>Reference:</b> <a href="http://www.fox19.com/story/16137276/citys-website-hacked-no-information-compromised" target="_blank">http://www.fox19.com/story/16137276/citys-website-hacked-no-information-compromised</a>
|
|
</div></td></tr> <tr><td><div class="googft-card-view" style="font-family:sans-serif;width:450px;padding:4px;border:1px solid #ccc;overflow:hidden">
|
|
<b>Entry Title:</b> WHID 2011-280: State TV website hacked to protest clashes coverage<br>
|
|
<b>WHID ID:</b> 2011-280<br>
|
|
<b>Date Occurred:</b> 11/20/2011<br>
|
|
<b>Attack Method:</b> Unknown<br>
|
|
<b>Application Weakness:</b> Unknown<br>
|
|
<b>Outcome:</b> Downtime<br>
|
|
<b>Attacked Entity Field:</b> Television<br>
|
|
<b>Attacked Entity Geography:</b> Egypt<br>
|
|
<b>Incident Description:</b> Egypt???s official State Television Network website was attacked on Sunday by hackers who left a message on the site???s main page condemning state media coverage of Saturday ???s clashes in Tahrir Square between protesters and security forces.<br>
|
|
<b>Reference:</b> <a href="http://english.ahram.org.eg/NewsContent/1/64/27062/Egypt/Politics-/State-TV-website-hacked-to-protest-clashes-coverag.aspx" target="_blank">http://english.ahram.org.eg/NewsContent/1/64/27062/Egypt/Politics-/State-TV-website-hacked-to-protest-clashes-coverag.aspx</a>
|
|
</div></td> <td><div class="googft-card-view" style="font-family:sans-serif;width:450px;padding:4px;border:1px solid #ccc;overflow:hidden">
|
|
<b>Entry Title:</b> WHID 2011-28: Mysterious 'Roy Castillo' haunts Facebook<br>
|
|
<b>WHID ID:</b> 2011-28<br>
|
|
<b>Date Occurred:</b> 1/27/2011<br>
|
|
<b>Attack Method:</b> Cross Site Scripting (XSS)<br>
|
|
<b>Application Weakness:</b> Improper Output Handling<br>
|
|
<b>Outcome:</b> Spam<br>
|
|
<b>Attacked Entity Field:</b> Web 2.0<br>
|
|
<b>Attacked Entity Geography:</b> <br>
|
|
<b>Incident Description:</b> He arrived on Wednesday, around the same time Facebook CEO Mark Zuckerburg???s Facebook fan page was hacked. Roy Castillo ??? the ghost "friend"with a man???s name and a profile pic of a teenage girl wearing sunglasses ??? popped up in the Facebook newsfeeds with the curt status: "Off to Danao City."
|
|
|
|
|
|
|
|
Facebook did not respond to Technolog???s request for comment. But according to French security site Zazak, the bug that opened the door for Roy yesterday was reported, and slammed shut today.
|
|
|
|
Zazak reports that the hacker(s) behind Roy Castillo took advantage of a cross site scripting vulnerability (XSS) that allows outsiders to add script to Web pages.<br>
|
|
<b>Reference:</b> <a href="http://technolog.msnbc.msn.com/_news/2011/01/27/5935542-mysterious-roy-castillo-haunts-facebook" target="_blank">http://technolog.msnbc.msn.com/_news/2011/01/27/5935542-mysterious-roy-castillo-haunts-facebook</a>
|
|
</div></td></tr> <tr><td><div class="googft-card-view" style="font-family:sans-serif;width:450px;padding:4px;border:1px solid #ccc;overflow:hidden">
|
|
<b>Entry Title:</b> WHID 2011-279: Steam game service hacked, credit card theft investigated<br>
|
|
<b>WHID ID:</b> 2011-279<br>
|
|
<b>Date Occurred:</b> 11/11/2011<br>
|
|
<b>Attack Method:</b> SQL Injection<br>
|
|
<b>Application Weakness:</b> Improper Input Handling<br>
|
|
<b>Outcome:</b> Leakage of Information<br>
|
|
<b>Attacked Entity Field:</b> Entertainment<br>
|
|
<b>Attacked Entity Geography:</b> Maple Valley, WA<br>
|
|
<b>Incident Description:</b> Valve Corporation has become the latest game company to fall victim to a major hacking intrusion that has left gamers' personal information and potentially even credit card numbers exposed.<br>
|
|
<b>Reference:</b> <a href="http://ingame.msnbc.msn.com/_news/2011/11/10/8742607-steam-game-service-hacked-credit-card-theft-investigated" target="_blank">http://ingame.msnbc.msn.com/_news/2011/11/10/8742607-steam-game-service-hacked-credit-card-theft-investigated</a>
|
|
</div></td> <td><div class="googft-card-view" style="font-family:sans-serif;width:450px;padding:4px;border:1px solid #ccc;overflow:hidden">
|
|
<b>Entry Title:</b> WHID 2011-278: St. Louis mayor's website hacked by Occupy sympathizer<br>
|
|
<b>WHID ID:</b> 2011-278<br>
|
|
<b>Date Occurred:</b> 11/9/2011<br>
|
|
<b>Attack Method:</b> Unknown<br>
|
|
<b>Application Weakness:</b> Unknown<br>
|
|
<b>Outcome:</b> Defacement<br>
|
|
<b>Attacked Entity Field:</b> Government<br>
|
|
<b>Attacked Entity Geography:</b> St. Louis, MO<br>
|
|
<b>Incident Description:</b> A hacker claiming to be part of the network Anonymous broke into the mayor of St. Louis's website and left a message of support for anti-Wall Street protesters threatened with eviction from their campsite.<br>
|
|
<b>Reference:</b> <a href="http://www.wtvr.com/sns-rt-us-protests-hacking-stlouistre7a90c4-20111109,0,3618302.story" target="_blank">http://www.wtvr.com/sns-rt-us-protests-hacking-stlouistre7a90c4-20111109,0,3618302.story</a>
|
|
</div></td></tr> <tr><td><div class="googft-card-view" style="font-family:sans-serif;width:450px;padding:4px;border:1px solid #ccc;overflow:hidden">
|
|
<b>Entry Title:</b> WHID 2011-277: Cyber attacks hit Fujitsu local government system<br>
|
|
<b>WHID ID:</b> 2011-277<br>
|
|
<b>Date Occurred:</b> 11/10/2011<br>
|
|
<b>Attack Method:</b> Denial of Service<br>
|
|
<b>Application Weakness:</b> Insufficient Anti-automation<br>
|
|
<b>Outcome:</b> Downtime<br>
|
|
<b>Attacked Entity Field:</b> Government<br>
|
|
<b>Attacked Entity Geography:</b> Fukuoka, Japan<br>
|
|
<b>Incident Description:</b> A Fujitsu computer system run by about 200 Japanese local governments has been hit by a series of cyber attacks and is in a vulnerable condition, the company said Thursday.<br>
|
|
<b>Reference:</b> <a href="http://news.yahoo.com/cyber-attacks-hit-fujitsu-local-government-system-075757705.html" target="_blank">http://news.yahoo.com/cyber-attacks-hit-fujitsu-local-government-system-075757705.html</a>
|
|
</div></td> <td><div class="googft-card-view" style="font-family:sans-serif;width:450px;padding:4px;border:1px solid #ccc;overflow:hidden">
|
|
<b>Entry Title:</b> WHID 2011-276: Hackers poison Brazilian ISP DNS to infect users with banking Trojan<br>
|
|
<b>WHID ID:</b> 2011-276<br>
|
|
<b>Date Occurred:</b> 11/9/2011<br>
|
|
<b>Attack Method:</b> DNS Hijacking<br>
|
|
<b>Application Weakness:</b> Unknown<br>
|
|
<b>Outcome:</b> Planting of Malware<br>
|
|
<b>Attacked Entity Field:</b> Service Providers<br>
|
|
<b>Attacked Entity Geography:</b> Brazil<br>
|
|
<b>Incident Description:</b> DNS servers from multiple Brazilian ISPs were compromised to direct users to malicious websites<br>
|
|
<b>Reference:</b> <a href="http://news.techworld.com/security/3317148/hackers-poison-brazilian-isp-dns-to-infect-users-with-banking-trojan/" target="_blank">http://news.techworld.com/security/3317148/hackers-poison-brazilian-isp-dns-to-infect-users-with-banking-trojan/</a>
|
|
</div></td></tr> <tr><td><div class="googft-card-view" style="font-family:sans-serif;width:450px;padding:4px;border:1px solid #ccc;overflow:hidden">
|
|
<b>Entry Title:</b> WHID 2011-275: Certificate Authority Uncovers Old Breach<br>
|
|
<b>WHID ID:</b> 2011-275<br>
|
|
<b>Date Occurred:</b> 11/8/2011<br>
|
|
<b>Attack Method:</b> Unknown<br>
|
|
<b>Application Weakness:</b> Unknown<br>
|
|
<b>Outcome:</b> Monetary Loss<br>
|
|
<b>Attacked Entity Field:</b> Retail<br>
|
|
<b>Attacked Entity Geography:</b> Amersfoort, NE<br>
|
|
<b>Incident Description:</b> KPN announced this week that it has suspended issuing certificates after discovering the breach of a PKI-related Web server with a distributed denial-of-service tool that apparently had been sitting on the server for at least four years.<br>
|
|
<b>Reference:</b> <a href="http://www.informationweek.com/news/security/attacks/231902582" target="_blank">http://www.informationweek.com/news/security/attacks/231902582</a>
|
|
</div></td> <td><div class="googft-card-view" style="font-family:sans-serif;width:450px;padding:4px;border:1px solid #ccc;overflow:hidden">
|
|
<b>Entry Title:</b> WHID 2011-274: Turkish hacker shuts down French magazine website for Islamic prophet cartoon<br>
|
|
<b>WHID ID:</b> 2011-274<br>
|
|
<b>Date Occurred:</b> 11/7/2011<br>
|
|
<b>Attack Method:</b> Unknown<br>
|
|
<b>Application Weakness:</b> Unknown<br>
|
|
<b>Outcome:</b> Downtime<br>
|
|
<b>Attacked Entity Field:</b> Media<br>
|
|
<b>Attacked Entity Geography:</b> France<br>
|
|
<b>Incident Description:</b> A Turkish hacker has claimed credit for bringing down the website of a French satirical weekly that published an issue named ???Charia Hebdo,??? with a caricature of the Islamic prophet Muhammad on the cover.<br>
|
|
<b>Reference:</b> <a href="http://www.taiwannews.com.tw/etn/news_content.php?id=1751509" target="_blank">http://www.taiwannews.com.tw/etn/news_content.php?id=1751509</a>
|
|
</div></td></tr> <tr><td><div class="googft-card-view" style="font-family:sans-serif;width:450px;padding:4px;border:1px solid #ccc;overflow:hidden">
|
|
<b>Entry Title:</b> WHID 2011-273: DoS attack takes Palestinians offline<br>
|
|
<b>WHID ID:</b> 2011-273<br>
|
|
<b>Date Occurred:</b> 11/7/2011<br>
|
|
<b>Attack Method:</b> Denial of Service<br>
|
|
<b>Application Weakness:</b> Insufficient Anti-automation<br>
|
|
<b>Outcome:</b> Downtime<br>
|
|
<b>Attacked Entity Field:</b> Government<br>
|
|
<b>Attacked Entity Geography:</b> Nablus, PS<br>
|
|
<b>Incident Description:</b> Large denial of service attacks have rocked Palestinian, severing internet service to the West Bank and Gaza late last week.<br>
|
|
<b>Reference:</b> <a href="http://www.itnews.com.au/News/279230,dos-attack-takes-palestinians-offline.aspx" target="_blank">http://www.itnews.com.au/News/279230,dos-attack-takes-palestinians-offline.aspx</a>
|
|
</div></td> <td><div class="googft-card-view" style="font-family:sans-serif;width:450px;padding:4px;border:1px solid #ccc;overflow:hidden">
|
|
<b>Entry Title:</b> WHID 2011-272: Anonymous downs official sites in El Salvador<br>
|
|
<b>WHID ID:</b> 2011-272<br>
|
|
<b>Date Occurred:</b> 11/7/2011<br>
|
|
<b>Attack Method:</b> Denial of Service<br>
|
|
<b>Application Weakness:</b> Insufficient Anti-automation<br>
|
|
<b>Outcome:</b> Downtime<br>
|
|
<b>Attacked Entity Field:</b> Government<br>
|
|
<b>Attacked Entity Geography:</b> El Salvador<br>
|
|
<b>Incident Description:</b> Hacktivist group Anonymous has attacked the websites of El Salvador's presidency and government ministries, forcing several to be shut down. The group's "Operation Justice El Salvador" comes two weeks after Anonymous threatened several government websites, according to Australian reports. The website of the presidency was suspended at the weekend after it was bombarded with 30 million hits on Saturday in a denial-of-service (DoS) attack.<br>
|
|
<b>Reference:</b> <a href="http://www.computerweekly.com/Articles/2011/11/07/248383/Anonymous-downs-official-sites-in-El-Salvador.htm" target="_blank">http://www.computerweekly.com/Articles/2011/11/07/248383/Anonymous-downs-official-sites-in-El-Salvador.htm</a>
|
|
</div></td></tr> <tr><td><div class="googft-card-view" style="font-family:sans-serif;width:450px;padding:4px;border:1px solid #ccc;overflow:hidden">
|
|
<b>Entry Title:</b> WHID 2011-271: Hacked MIT server is blamed for brute force web site attacks<br>
|
|
<b>WHID ID:</b> 2011-271<br>
|
|
<b>Date Occurred:</b> 11/3/2011<br>
|
|
<b>Attack Method:</b> Unknown<br>
|
|
<b>Application Weakness:</b> Unknown<br>
|
|
<b>Outcome:</b> Planting of Malware<br>
|
|
<b>Attacked Entity Field:</b> Education<br>
|
|
<b>Attacked Entity Geography:</b> Cambridge, MA<br>
|
|
<b>Incident Description:</b> A report on the firm's security blog, called Malware City, claims that a hacking attack against the MIT.edu infrastructure started with a malicious script on one MIT server.<br>
|
|
<b>Reference:</b> <a href="http://www.theinquirer.net/inquirer/news/2122546/hacked-mit-server-blamed-brute-force-web-site-attacks" target="_blank">http://www.theinquirer.net/inquirer/news/2122546/hacked-mit-server-blamed-brute-force-web-site-attacks</a>
|
|
</div></td> <td><div class="googft-card-view" style="font-family:sans-serif;width:450px;padding:4px;border:1px solid #ccc;overflow:hidden">
|
|
<b>Entry Title:</b> WHID 2011-270: Attackers Trick Facebook Users Into Exposing Secret Security Codes<br>
|
|
<b>WHID ID:</b> 2011-270<br>
|
|
<b>Date Occurred:</b> 10/27/2011<br>
|
|
<b>Attack Method:</b> Social Engineering<br>
|
|
<b>Application Weakness:</b> Insufficient Process Validation<br>
|
|
<b>Outcome:</b> Account Takeover<br>
|
|
<b>Attacked Entity Field:</b> Web 2.0<br>
|
|
<b>Attacked Entity Geography:</b> Palo Alto, CA<br>
|
|
<b>Incident Description:</b> New social engineering attacks are tricking Facebook users into exposing anti-CSRF tokens associated with their sessions. These security codes allow attackers to make unauthorized requests through the victim's browser.<br>
|
|
<b>Reference:</b> <a href="http://www.pcworld.com/businesscenter/article/242711/attackers_trick_facebook_users_into_exposing_secret_security_codes.html" target="_blank">http://www.pcworld.com/businesscenter/article/242711/attackers_trick_facebook_users_into_exposing_secret_security_codes.html</a>
|
|
</div></td></tr> <tr><td><div class="googft-card-view" style="font-family:sans-serif;width:450px;padding:4px;border:1px solid #ccc;overflow:hidden">
|
|
<b>Entry Title:</b> WHID 2011-27: FarmVille possibly hacked<br>
|
|
<b>WHID ID:</b> 2011-27<br>
|
|
<b>Date Occurred:</b> 1/26/2011<br>
|
|
<b>Attack Method:</b> Unknown<br>
|
|
<b>Application Weakness:</b> Insufficient Authorization<br>
|
|
<b>Outcome:</b> Disinformation<br>
|
|
<b>Attacked Entity Field:</b> Web 2.0<br>
|
|
<b>Attacked Entity Geography:</b> <br>
|
|
<b>Incident Description:</b> For those who aren't normally lurking the FarmVille forums, they've been in an uproar over a FarmVille player known as Ek????n Man. According to several forum users, this player has been posting messages on their Walls via the FarmVille app, but none of them are actually friends with him.<br>
|
|
<b>Reference:</b> <a href="http://blog.games.com/2011/01/26/farmville-possibly-hacked/" target="_blank">http://blog.games.com/2011/01/26/farmville-possibly-hacked/</a>
|
|
</div></td> <td><div class="googft-card-view" style="font-family:sans-serif;width:450px;padding:4px;border:1px solid #ccc;overflow:hidden">
|
|
<b>Entry Title:</b> WHID 2011-269: Massive Swedish Hacks Leak 400,000 Account Details<br>
|
|
<b>WHID ID:</b> 2011-269<br>
|
|
<b>Date Occurred:</b> 10/27/2011<br>
|
|
<b>Attack Method:</b> SQL Injection<br>
|
|
<b>Application Weakness:</b> Improper Input Handling<br>
|
|
<b>Outcome:</b> Leakage of Information<br>
|
|
<b>Attacked Entity Field:</b> Blogs<br>
|
|
<b>Attacked Entity Geography:</b> Sweden<br>
|
|
<b>Incident Description:</b> The source of the passwords turned out to be blogging site Bloggtoppen.se, which was vulnerable to an SQL injection attack. Its user database, which included details for approximately 94,000 accounts, was published back in September on a site called Flashback, and then distributed via Twitter, as well.<br>
|
|
<b>Reference:</b> <a href="http://www.pcworld.com/businesscenter/article/242700/massive_swedish_hacks_leak_400000_account_details.html" target="_blank">http://www.pcworld.com/businesscenter/article/242700/massive_swedish_hacks_leak_400000_account_details.html</a>
|
|
</div></td></tr> <tr><td><div class="googft-card-view" style="font-family:sans-serif;width:450px;padding:4px;border:1px solid #ccc;overflow:hidden">
|
|
<b>Entry Title:</b> WHID 2011-268: Hackers hit Nigeria anti-fraud agency website<br>
|
|
<b>WHID ID:</b> 2011-268<br>
|
|
<b>Date Occurred:</b> 10/28/2011<br>
|
|
<b>Attack Method:</b> Unknown<br>
|
|
<b>Application Weakness:</b> Unknown<br>
|
|
<b>Outcome:</b> Defacement<br>
|
|
<b>Attacked Entity Field:</b> Government<br>
|
|
<b>Attacked Entity Geography:</b> Lagos, Nigeria<br>
|
|
<b>Incident Description:</b> Hackers have hit the website of Nigeria's top anti-corruption agency over a government official suggesting tighter Internet control in Africa's most populous nation.<br>
|
|
<b>Reference:</b> <a href="http://www.google.com/hostednews/ap/article/ALeqM5gM03EX-AyBLqhTSCq3aFLSG0KZ2Q?docId=9d74815d22d84a989110e038db9f9330" target="_blank">http://www.google.com/hostednews/ap/article/ALeqM5gM03EX-AyBLqhTSCq3aFLSG0KZ2Q?docId=9d74815d22d84a989110e038db9f9330</a>
|
|
</div></td> <td><div class="googft-card-view" style="font-family:sans-serif;width:450px;padding:4px;border:1px solid #ccc;overflow:hidden">
|
|
<b>Entry Title:</b> WHID 2011-267: Anonymous shuts down hidden child abuse hub<br>
|
|
<b>WHID ID:</b> 2011-267<br>
|
|
<b>Date Occurred:</b> 10/24/2011<br>
|
|
<b>Attack Method:</b> SQL Injection<br>
|
|
<b>Application Weakness:</b> Improper Input Handling<br>
|
|
<b>Outcome:</b> Leakage of Information<br>
|
|
<b>Attacked Entity Field:</b> File Sharing<br>
|
|
<b>Attacked Entity Geography:</b> <br>
|
|
<b>Incident Description:</b> Anonymous then began a series of denial-of-service attacks aimed at Freedom Hosting, and most particularly Lolita City. The user database of the site was extracted using a SQL injection attack, ars technica reports.<br>
|
|
<b>Reference:</b> <a href="http://www.theregister.co.uk/2011/10/24/anonymous_fight_child_abuse_network/" target="_blank">http://www.theregister.co.uk/2011/10/24/anonymous_fight_child_abuse_network/</a>
|
|
</div></td></tr> <tr><td><div class="googft-card-view" style="font-family:sans-serif;width:450px;padding:4px;border:1px solid #ccc;overflow:hidden">
|
|
<b>Entry Title:</b> WHID 2011-266: Air travel website Cheaptickets.nl hacked<br>
|
|
<b>WHID ID:</b> 2011-266<br>
|
|
<b>Date Occurred:</b> 10/24/2011<br>
|
|
<b>Attack Method:</b> SQL Injection<br>
|
|
<b>Application Weakness:</b> Improper Input Handling<br>
|
|
<b>Outcome:</b> Leakage of Information<br>
|
|
<b>Attacked Entity Field:</b> Travel<br>
|
|
<b>Attacked Entity Geography:</b> Weert, NL<br>
|
|
<b>Incident Description:</b> The personal details of 715,000 people who booked a flight through website CheapTickets.nl in 2008 and 2009 are in the hands of a hacker, website webwereld.nl reports on Monday.<br>
|
|
<b>Reference:</b> <a href="http://www.dutchnews.nl/news/archives/2011/10/air_travel_website_cheapticket.php" target="_blank">http://www.dutchnews.nl/news/archives/2011/10/air_travel_website_cheapticket.php</a>
|
|
</div></td> <td><div class="googft-card-view" style="font-family:sans-serif;width:450px;padding:4px;border:1px solid #ccc;overflow:hidden">
|
|
<b>Entry Title:</b> WHID 2011-265: 4Chan Hackers Attack Yakoozo.com<br>
|
|
<b>WHID ID:</b> 2011-265<br>
|
|
<b>Date Occurred:</b> 10/12/2011<br>
|
|
<b>Attack Method:</b> SQL Injection<br>
|
|
<b>Application Weakness:</b> Improper Input Handling<br>
|
|
<b>Outcome:</b> Defacement<br>
|
|
<b>Attacked Entity Field:</b> Search Engine<br>
|
|
<b>Attacked Entity Geography:</b> United Kingdom<br>
|
|
<b>Incident Description:</b> UK based hotel search engine Yakoozo.com ground to a halt recently after being subject to a major cyber-attack by users of the notorious image posting website 4chan. The attack took place on 12/10/2011 when internet users visiting Yakoozo where faced with explicit pornographic images, defaced pages and abusive text throughout the yakoozo website. 4Chan users coordinated the attack from the websites community posting real-time threads issuing instruction, orders and commands to users. This resulted in large traffic spikes, whilst up to 100 hackers breached website security. It is believed the attackers used SQL injection techniques to gain access, similar to the attacks on Nokia, world governments and countless other high profile attacks. Administrators have now removed the threads from their website.<br>
|
|
<b>Reference:</b> <a href="http://www.webwire.com/ViewPressRel.asp?aId=147869" target="_blank">http://www.webwire.com/ViewPressRel.asp?aId=147869</a>
|
|
</div></td></tr> <tr><td><div class="googft-card-view" style="font-family:sans-serif;width:450px;padding:4px;border:1px solid #ccc;overflow:hidden">
|
|
<b>Entry Title:</b> WHID 2011-264: Team Swastika group hacks 10,000 global Facebook account details<br>
|
|
<b>WHID ID:</b> 2011-264<br>
|
|
<b>Date Occurred:</b> 10/18/2011<br>
|
|
<b>Attack Method:</b> Unknown<br>
|
|
<b>Application Weakness:</b> Unknown<br>
|
|
<b>Outcome:</b> Leakage of Information<br>
|
|
<b>Attacked Entity Field:</b> Web 2.0<br>
|
|
<b>Attacked Entity Geography:</b> Palo Alto, CA<br>
|
|
<b>Incident Description:</b> Security experts are warning web users to ensure they use strong passwords and vary their credentials from site to site after a new hacking group published log-in details of what it claimed to be more than 10,000 Facebook users.<br>
|
|
<b>Reference:</b> <a href="http://www.v3.co.uk/v3-uk/news/2117965/team-swastika-hacks-global-facebook-accounts" target="_blank">http://www.v3.co.uk/v3-uk/news/2117965/team-swastika-hacks-global-facebook-accounts</a>
|
|
</div></td> <td><div class="googft-card-view" style="font-family:sans-serif;width:450px;padding:4px;border:1px solid #ccc;overflow:hidden">
|
|
<b>Entry Title:</b> WHID 2011-263: Adidas websites go offline after security breach<br>
|
|
<b>WHID ID:</b> 2011-263<br>
|
|
<b>Date Occurred:</b> 11/3/2011<br>
|
|
<b>Attack Method:</b> Unknown<br>
|
|
<b>Application Weakness:</b> Unknown<br>
|
|
<b>Outcome:</b> Downtime<br>
|
|
<b>Attacked Entity Field:</b> Retail<br>
|
|
<b>Attacked Entity Geography:</b> <br>
|
|
<b>Incident Description:</b> Adidas said it became aware of a "sophisticated, criminal cyber-attack" on its various web sites on 3 November but the firm claimed it found no evidence that customers' data had been stole<br>
|
|
<b>Reference:</b> <a href="http://www.theinquirer.net/inquirer/news/2123016/adidas-websites-offline-security-breach" target="_blank">http://www.theinquirer.net/inquirer/news/2123016/adidas-websites-offline-security-breach</a>
|
|
</div></td></tr> <tr><td><div class="googft-card-view" style="font-family:sans-serif;width:450px;padding:4px;border:1px solid #ccc;overflow:hidden">
|
|
<b>Entry Title:</b> WHID 2011-262: Hackers 'Timthumb' Their Noses At Vulnerability To Compromise 1.2 Million Sites<br>
|
|
<b>WHID ID:</b> 2011-262<br>
|
|
<b>Date Occurred:</b> 11/2/2011<br>
|
|
<b>Attack Method:</b> Remote File Inclusion<br>
|
|
<b>Application Weakness:</b> Improper Input Handling<br>
|
|
<b>Outcome:</b> Planting of Malware<br>
|
|
<b>Attacked Entity Field:</b> Multiple<br>
|
|
<b>Attacked Entity Geography:</b> Multiple<br>
|
|
<b>Incident Description:</b> A vulnerability in an obscure WordPress add-on script that was discovered in August is currently being used to compromise more than 1.2 million websites -- and could be easily used to siphon data out of databases hosted on servers also hosting the compromised websites, security experts warned today.<br>
|
|
<b>Reference:</b> <a href="http://www.darkreading.com/database-security/167901020/security/news/231902162/hackers-timthumb-their-noses-at-vulnerability-to-compromise-1-2-million-sites.html" target="_blank">http://www.darkreading.com/database-security/167901020/security/news/231902162/hackers-timthumb-their-noses-at-vulnerability-to-compromise-1-2-million-sites.html</a>
|
|
</div></td> <td><div class="googft-card-view" style="font-family:sans-serif;width:450px;padding:4px;border:1px solid #ccc;overflow:hidden">
|
|
<b>Entry Title:</b> WHID 2011-261: Hackers mistake French rugby site for German stock exchange<br>
|
|
<b>WHID ID:</b> 2011-261<br>
|
|
<b>Date Occurred:</b> 11/4/2011<br>
|
|
<b>Attack Method:</b> Denial of Service<br>
|
|
<b>Application Weakness:</b> Insufficient Anti-automation<br>
|
|
<b>Outcome:</b> Downtime<br>
|
|
<b>Attacked Entity Field:</b> Sports<br>
|
|
<b>Attacked Entity Geography:</b> France<br>
|
|
<b>Incident Description:</b> Hacktivists mistakenly attacked a French rugby fansite instead of their intended target, the German stock exchange.<br>
|
|
<b>Reference:</b> <a href="http://www.theregister.co.uk/2011/11/04/french_rugby_site_hacktivist_maul/" target="_blank">http://www.theregister.co.uk/2011/11/04/french_rugby_site_hacktivist_maul/</a>
|
|
</div></td></tr> <tr><td><div class="googft-card-view" style="font-family:sans-serif;width:450px;padding:4px;border:1px solid #ccc;overflow:hidden">
|
|
<b>Entry Title:</b> WHID 2011-260: Boston police website hacked, user info posted online<br>
|
|
<b>WHID ID:</b> 2011-260<br>
|
|
<b>Date Occurred:</b> 10/22/2011<br>
|
|
<b>Attack Method:</b> Unknown<br>
|
|
<b>Application Weakness:</b> Unknown<br>
|
|
<b>Outcome:</b> Leakage of Information<br>
|
|
<b>Attacked Entity Field:</b> Law Enforcement<br>
|
|
<b>Attacked Entity Geography:</b> Boston, Massachusettes<br>
|
|
<b>Incident Description:</b> A Boston Police Department website was hacked. At least 2,000 names and passwords have been posted online.<br>
|
|
<b>Reference:</b> <a href="http://www.msnbc.msn.com/id/45001308/ns/local_news-boston_ma/#.TqV6OXEzLdo" target="_blank">http://www.msnbc.msn.com/id/45001308/ns/local_news-boston_ma/#.TqV6OXEzLdo</a>
|
|
</div></td> <td><div class="googft-card-view" style="font-family:sans-serif;width:450px;padding:4px;border:1px solid #ccc;overflow:hidden">
|
|
<b>Entry Title:</b> WHID 2011-26: Tunisian government harvesting usernames and passwords<br>
|
|
<b>WHID ID:</b> 2011-26<br>
|
|
<b>Date Occurred:</b> 1/4/2011<br>
|
|
<b>Attack Method:</b> Content Injection<br>
|
|
<b>Application Weakness:</b> Insufficient Transport Layer Protection<br>
|
|
<b>Outcome:</b> Stolen Credentials<br>
|
|
<b>Attacked Entity Field:</b> Web 2.0<br>
|
|
<b>Attacked Entity Geography:</b> <br>
|
|
<b>Incident Description:</b> The Tunisian Internet Agency (Agence tunisienne d'Internet or ATI) is being blamed for the presence of injected JavaScript that captures usernames and passwords. The code has been discovered on login pages for Gmail, Yahoo, and Facebook, and said to be the reason for the recent rash of account hijackings reported by Tunisian protesters.<br>
|
|
<b>Reference:</b> <a href="http://www.thetechherald.com/article.php/201101/6651/Tunisian-government-harvesting-usernames-and-passwords" target="_blank">http://www.thetechherald.com/article.php/201101/6651/Tunisian-government-harvesting-usernames-and-passwords</a>
|
|
</div></td></tr> <tr><td><div class="googft-card-view" style="font-family:sans-serif;width:450px;padding:4px;border:1px solid #ccc;overflow:hidden">
|
|
<b>Entry Title:</b> WHID 2011-259: 4Chan Hackers Attack Yakoozo.com<br>
|
|
<b>WHID ID:</b> 2011-259<br>
|
|
<b>Date Occurred:</b> 12/10/2010<br>
|
|
<b>Attack Method:</b> SQL Injection<br>
|
|
<b>Application Weakness:</b> Improper Input Handling<br>
|
|
<b>Outcome:</b> Defacement<br>
|
|
<b>Attacked Entity Field:</b> Search Engine<br>
|
|
<b>Attacked Entity Geography:</b> England<br>
|
|
<b>Incident Description:</b> UK based hotel search engine Yakoozo.com ground to a halt recently after being subject to a major cyber-attack by users of the notorious image posting website 4chan.<br>
|
|
<b>Reference:</b> <a href="http://www.webwire.com/ViewPressRel.asp?aId=147869" target="_blank">http://www.webwire.com/ViewPressRel.asp?aId=147869</a>
|
|
</div></td> <td><div class="googft-card-view" style="font-family:sans-serif;width:450px;padding:4px;border:1px solid #ccc;overflow:hidden">
|
|
<b>Entry Title:</b> WHID 2011-258: Mass ASP.NET attack causes websites to turn on visitors<br>
|
|
<b>WHID ID:</b> 2011-258<br>
|
|
<b>Date Occurred:</b> 10/14/2011<br>
|
|
<b>Attack Method:</b> SQL Injection<br>
|
|
<b>Application Weakness:</b> Improper Input Handling<br>
|
|
<b>Outcome:</b> Planting of Malware<br>
|
|
<b>Attacked Entity Field:</b> <br>
|
|
<b>Attacked Entity Geography:</b> United Kingdom<br>
|
|
<b>Incident Description:</b> An infection that causes poorly configured websites to silently bombard visitors with malware attacks has hit almost 614,000 webpages, Google searches show.<br>
|
|
<b>Reference:</b> <a href="http://www.theregister.co.uk/2011/10/14/mass_website_inection_grows/" target="_blank">http://www.theregister.co.uk/2011/10/14/mass_website_inection_grows/</a>
|
|
</div></td></tr> <tr><td><div class="googft-card-view" style="font-family:sans-serif;width:450px;padding:4px;border:1px solid #ccc;overflow:hidden">
|
|
<b>Entry Title:</b> WHID 2011-257: WineHQ database hacked, passwords stolen<br>
|
|
<b>WHID ID:</b> 2011-257<br>
|
|
<b>Date Occurred:</b> 10/12/2011<br>
|
|
<b>Attack Method:</b> Unknown<br>
|
|
<b>Application Weakness:</b> Unknown<br>
|
|
<b>Outcome:</b> Leakage of Information<br>
|
|
<b>Attacked Entity Field:</b> Technology<br>
|
|
<b>Attacked Entity Geography:</b> Saint Paul, MN<br>
|
|
<b>Incident Description:</b> Malicious hackers exploit vulnerabilities in phpmyadmin to gain access to WineHQ???s database. Usernames and passwords were stolen.<br>
|
|
<b>Reference:</b> <a href="http://www.zdnet.com/blog/security/winehq-database-hacked-passwords-stolen/9604" target="_blank">http://www.zdnet.com/blog/security/winehq-database-hacked-passwords-stolen/9604</a>
|
|
</div></td> <td><div class="googft-card-view" style="font-family:sans-serif;width:450px;padding:4px;border:1px solid #ccc;overflow:hidden">
|
|
<b>Entry Title:</b> WHID 2011-256: Sony Detects Suspicious Behavior, Locks 93,000 Online Accounts<br>
|
|
<b>WHID ID:</b> 2011-256<br>
|
|
<b>Date Occurred:</b> 10/12/2011<br>
|
|
<b>Attack Method:</b> Brute Force<br>
|
|
<b>Application Weakness:</b> Insufficient Anti-automation<br>
|
|
<b>Outcome:</b> Account Takeover<br>
|
|
<b>Attacked Entity Field:</b> Entertainment<br>
|
|
<b>Attacked Entity Geography:</b> Tokyo, Japan<br>
|
|
<b>Incident Description:</b> Sony locked the accounts of some 93,000 individuals on the Playstation Network (PSN), the Sony Entertainment Network (SEN), and Sony Online Entertainment (SOE) services following a mass log-in attempt using username-password combinations obtained from an unnamed source.<br>
|
|
<b>Reference:</b> <a href="http://threatpost.com/en_us/blogs/sony-detects-suspicious-behavior-locks-93000-online-accounts-101211" target="_blank">http://threatpost.com/en_us/blogs/sony-detects-suspicious-behavior-locks-93000-online-accounts-101211</a>
|
|
</div></td></tr> <tr><td><div class="googft-card-view" style="font-family:sans-serif;width:450px;padding:4px;border:1px solid #ccc;overflow:hidden">
|
|
<b>Entry Title:</b> WHID 2011-255:Unijobs.com.au website hacked, more than 600 passwords exposed<br>
|
|
<b>WHID ID:</b> 2011-255<br>
|
|
<b>Date Occurred:</b> 10/7/2011<br>
|
|
<b>Attack Method:</b> SQL Injection<br>
|
|
<b>Application Weakness:</b> Improper Input Handling<br>
|
|
<b>Outcome:</b> Leakage of Information<br>
|
|
<b>Attacked Entity Field:</b> <br>
|
|
<b>Attacked Entity Geography:</b> Australia<br>
|
|
<b>Incident Description:</b> Citigroup acknowledged on Thursday that unidentified hackers had breached its security and gained access to the data of hundreds of thousands of its bank card customers.<br>
|
|
<b>Reference:</b> <a href="http://news.com.com/2100-1017-245372.html?legacy=cnet" target="_blank">http://news.com.com/2100-1017-245372.html?legacy=cnet</a>
|
|
</div></td> <td><div class="googft-card-view" style="font-family:sans-serif;width:450px;padding:4px;border:1px solid #ccc;overflow:hidden">
|
|
<b>Entry Title:</b> WHID 2011-254: Computer hackers stole ??44million by discovering bank Pins<br>
|
|
<b>WHID ID:</b> 2011-254<br>
|
|
<b>Date Occurred:</b> 10/3/2011<br>
|
|
<b>Attack Method:</b> Banking Trojan<br>
|
|
<b>Application Weakness:</b> Insufficient Authentication<br>
|
|
<b>Outcome:</b> Monetary Loss<br>
|
|
<b>Attacked Entity Field:</b> Finance<br>
|
|
<b>Attacked Entity Geography:</b> <br>
|
|
<b>Incident Description:</b> The international group used a virus called Zeus to access Pins for bank accounts in Europe and the US. The money was then transferred to other accounts and withdrawn from cash machines.<br>
|
|
<b>Reference:</b> <a href="http://www.metro.co.uk/news/877460-computer-hackers-stole-44million-by-discovering-bank-pins" target="_blank">http://www.metro.co.uk/news/877460-computer-hackers-stole-44million-by-discovering-bank-pins</a>
|
|
</div></td></tr> <tr><td><div class="googft-card-view" style="font-family:sans-serif;width:450px;padding:4px;border:1px solid #ccc;overflow:hidden">
|
|
<b>Entry Title:</b> WHID 2011-253: Thousands of sites compromised following hosting provider hack<br>
|
|
<b>WHID ID:</b> 2011-253<br>
|
|
<b>Date Occurred:</b> 9/28/2011<br>
|
|
<b>Attack Method:</b> Unknown<br>
|
|
<b>Application Weakness:</b> Improper Output Handling<br>
|
|
<b>Outcome:</b> Planting of Malware<br>
|
|
<b>Attacked Entity Field:</b> Hosting Providers<br>
|
|
<b>Attacked Entity Geography:</b> Santa Monica, CA<br>
|
|
<b>Incident Description:</b> California-based hosting provider InMotion has suffered a compromise that resulted in the defacement of thousands of home pages of websites hosted on their infrastructure, which were allegedly set to serve malware.<br>
|
|
<b>Reference:</b> <a href="http://www.net-security.org/secworld.php?id=11703" target="_blank">http://www.net-security.org/secworld.php?id=11703</a>
|
|
</div></td> <td><div class="googft-card-view" style="font-family:sans-serif;width:450px;padding:4px;border:1px solid #ccc;overflow:hidden">
|
|
<b>Entry Title:</b> WHID 2011-252: Hacker group briefly hits USA Today's Twitter page<br>
|
|
<b>WHID ID:</b> 2011-252<br>
|
|
<b>Date Occurred:</b> 9/27/2011<br>
|
|
<b>Attack Method:</b> Unknown<br>
|
|
<b>Application Weakness:</b> Unknown<br>
|
|
<b>Outcome:</b> Disinformation<br>
|
|
<b>Attacked Entity Field:</b> Web 2.0<br>
|
|
<b>Attacked Entity Geography:</b> <br>
|
|
<b>Incident Description:</b> Hacker group The Script Kiddies successfully hacked another news organization when it logged onto USA Today's Twitter page and posted false statements Sunday evening. USA Today promptly removed the messages and posted a statement about the hack.<br>
|
|
<b>Reference:</b> <a href="http://www.cnn.com/2011/09/26/us/usa-today-twitter-hack/" target="_blank">http://www.cnn.com/2011/09/26/us/usa-today-twitter-hack/</a>
|
|
</div></td></tr> <tr><td><div class="googft-card-view" style="font-family:sans-serif;width:450px;padding:4px;border:1px solid #ccc;overflow:hidden">
|
|
<b>Entry Title:</b> WHID 2011-251: MySQL.com Hacked to Serve Malware<br>
|
|
<b>WHID ID:</b> 2011-251<br>
|
|
<b>Date Occurred:</b> 9/26/2011<br>
|
|
<b>Attack Method:</b> Unknown<br>
|
|
<b>Application Weakness:</b> Improper Output Handling<br>
|
|
<b>Outcome:</b> Planting of Malware<br>
|
|
<b>Attacked Entity Field:</b> Technology<br>
|
|
<b>Attacked Entity Geography:</b> Sweden<br>
|
|
<b>Incident Description:</b> The website for the open-source MySQL database was hacked and used to serve malware to visitors Monday.<br>
|
|
<b>Reference:</b> <a href="http://www.pcworld.com/businesscenter/article/240609/mysqlcom_hacked_to_serve_malware.html" target="_blank">http://www.pcworld.com/businesscenter/article/240609/mysqlcom_hacked_to_serve_malware.html</a>
|
|
</div></td> <td><div class="googft-card-view" style="font-family:sans-serif;width:450px;padding:4px;border:1px solid #ccc;overflow:hidden">
|
|
<b>Entry Title:</b> WHID 2011-250: NetRegistry suffers DDoS attack<br>
|
|
<b>WHID ID:</b> 2011-250<br>
|
|
<b>Date Occurred:</b> 9/26/2011<br>
|
|
<b>Attack Method:</b> Denial of Service<br>
|
|
<b>Application Weakness:</b> Insufficient Anti-automation<br>
|
|
<b>Outcome:</b> Downtime<br>
|
|
<b>Attacked Entity Field:</b> Hosting Providers<br>
|
|
<b>Attacked Entity Geography:</b> Australia<br>
|
|
<b>Incident Description:</b> Australian web host NetRegistry has been hit with a continuing Distributed Denial of Service (DDoS) attack leaving many customers unable to access their websites or virtual private servers (VPS) over the course of the day.<br>
|
|
<b>Reference:</b> <a href="http://itechreport.com.au/2011/09/26/netregistry-suffers-ddos-attack/" target="_blank">http://itechreport.com.au/2011/09/26/netregistry-suffers-ddos-attack/</a>
|
|
</div></td></tr> <tr><td><div class="googft-card-view" style="font-family:sans-serif;width:450px;padding:4px;border:1px solid #ccc;overflow:hidden">
|
|
<b>Entry Title:</b> WHID 2011-25: Mail & Guardian website taken down after hacker attack<br>
|
|
<b>WHID ID:</b> 2011-25<br>
|
|
<b>Date Occurred:</b> 1/26/2011<br>
|
|
<b>Attack Method:</b> Unknown<br>
|
|
<b>Application Weakness:</b> Unknown<br>
|
|
<b>Outcome:</b> Downtime<br>
|
|
<b>Attacked Entity Field:</b> News<br>
|
|
<b>Attacked Entity Geography:</b> South Africa<br>
|
|
<b>Incident Description:</b> The Mail & Guardian Online, one of South Africa???s oldest news website, has been taken offline.
|
|
|
|
|
|
|
|
Mail & Guardian editor Nic Dawes said on Twitter that the website is ???under sustained attack by hackers??? and that it was taken offline to protect the security of their users. According to Dawes the attacks originate in Russia.<br>
|
|
<b>Reference:</b> <a href="http://mybroadband.co.za/news/security/17999-Mail-Guardian-website-taken-down-after-hacker-attack.html" target="_blank">http://mybroadband.co.za/news/security/17999-Mail-Guardian-website-taken-down-after-hacker-attack.html</a>
|
|
</div></td> <td><div class="googft-card-view" style="font-family:sans-serif;width:450px;padding:4px;border:1px solid #ccc;overflow:hidden">
|
|
<b>Entry Title:</b> WHID 2011-249: Jonesboro Police investigate hacking of library bank accounts<br>
|
|
<b>WHID ID:</b> 2011-249<br>
|
|
<b>Date Occurred:</b> 9/22/2011<br>
|
|
<b>Attack Method:</b> Banking Trojan<br>
|
|
<b>Application Weakness:</b> Insufficient Authentication<br>
|
|
<b>Outcome:</b> Monetary Loss<br>
|
|
<b>Attacked Entity Field:</b> Finance<br>
|
|
<b>Attacked Entity Geography:</b> Jonesboro, AR<br>
|
|
<b>Incident Description:</b> Computer hackers have left the Jonesboro Public Library high and dry after stealing over $37,000<br>
|
|
<b>Reference:</b> <a href="http://www.kait8.com/story/15513612/jonesboro-police-investigate-hacking-of-library-bank-accounts" target="_blank">http://www.kait8.com/story/15513612/jonesboro-police-investigate-hacking-of-library-bank-accounts</a>
|
|
</div></td></tr> <tr><td><div class="googft-card-view" style="font-family:sans-serif;width:450px;padding:4px;border:1px solid #ccc;overflow:hidden">
|
|
<b>Entry Title:</b> WHID 2011-248: uTorrent.com hacked, serving scareware<br>
|
|
<b>WHID ID:</b> 2011-248<br>
|
|
<b>Date Occurred:</b> 9/19/2011<br>
|
|
<b>Attack Method:</b> Unknown<br>
|
|
<b>Application Weakness:</b> Improper Output Handling<br>
|
|
<b>Outcome:</b> Planting of Malware<br>
|
|
<b>Attacked Entity Field:</b> File Sharing<br>
|
|
<b>Attacked Entity Geography:</b> Santa Ana, CA<br>
|
|
<b>Incident Description:</b> The popular file sharing web sites were compromised for a brief period of a few hours, with the links to the BitTorrent client replaced by a scareware (Security Shield) download.<br>
|
|
<b>Reference:</b> <a href="http://www.zdnet.com/blog/security/utorrentcom-hacked-serving-scareware/9413" target="_blank">http://www.zdnet.com/blog/security/utorrentcom-hacked-serving-scareware/9413</a>
|
|
</div></td> <td><div class="googft-card-view" style="font-family:sans-serif;width:450px;padding:4px;border:1px solid #ccc;overflow:hidden">
|
|
<b>Entry Title:</b> WHID 2011-247: Japan govt websites hit by cyberattacks<br>
|
|
<b>WHID ID:</b> 2011-247<br>
|
|
<b>Date Occurred:</b> 9/19/2011<br>
|
|
<b>Attack Method:</b> Denial of Service<br>
|
|
<b>Application Weakness:</b> Insufficient Anti-automation<br>
|
|
<b>Outcome:</b> Downtime<br>
|
|
<b>Attacked Entity Field:</b> Government<br>
|
|
<b>Attacked Entity Geography:</b> Japan<br>
|
|
<b>Incident Description:</b> Websites of some Japanese government agencies were hit by cyberattacks over the weekend, temporarily blocking access to them, Kyodo news agency reported Monday, citing national police.<br>
|
|
<b>Reference:</b> <a href="http://www.google.com/hostednews/afp/article/ALeqM5iR92sOHnpWdW86haDoaKWwijvpnA?docId=CNG.12aaa9e587061958aecf129b4e395403.21" target="_blank">http://www.google.com/hostednews/afp/article/ALeqM5iR92sOHnpWdW86haDoaKWwijvpnA?docId=CNG.12aaa9e587061958aecf129b4e395403.21</a>
|
|
</div></td></tr> <tr><td><div class="googft-card-view" style="font-family:sans-serif;width:450px;padding:4px;border:1px solid #ccc;overflow:hidden">
|
|
<b>Entry Title:</b> WHID 2011-246: Hundreds of Go Daddy sites hacked, redirected to malware<br>
|
|
<b>WHID ID:</b> 2011-246<br>
|
|
<b>Date Occurred:</b> 9/17/2011<br>
|
|
<b>Attack Method:</b> Malware<br>
|
|
<b>Application Weakness:</b> Insufficient Authentication<br>
|
|
<b>Outcome:</b> Planting of Malware<br>
|
|
<b>Attacked Entity Field:</b> Hosting Providers<br>
|
|
<b>Attacked Entity Geography:</b> <br>
|
|
<b>Incident Description:</b> It was reported today that hundreds of the company???s sites were compromised. Visitors coming to those sites from search engines were redirected to a page containing malware.<br>
|
|
<b>Reference:</b> <a href="http://www.myce.com/news/hundreds-of-go-daddy-sites-hacked-redirected-to-malware-51876/" target="_blank">http://www.myce.com/news/hundreds-of-go-daddy-sites-hacked-redirected-to-malware-51876/</a>
|
|
</div></td> <td><div class="googft-card-view" style="font-family:sans-serif;width:450px;padding:4px;border:1px solid #ccc;overflow:hidden">
|
|
<b>Entry Title:</b> WHID 2011-245: Hacker "soldier" steals $3.2 million from U.S. companies<br>
|
|
<b>WHID ID:</b> 2011-245<br>
|
|
<b>Date Occurred:</b> 9/15/2011<br>
|
|
<b>Attack Method:</b> Banking Trojan<br>
|
|
<b>Application Weakness:</b> Insufficient Authentication<br>
|
|
<b>Outcome:</b> Monetary Loss<br>
|
|
<b>Attacked Entity Field:</b> Finance<br>
|
|
<b>Attacked Entity Geography:</b> <br>
|
|
<b>Incident Description:</b> A hacker known in the cybercriminal underground as ???soldier??? has stolen $3.2 million from major U.S. corporations in the past six months, according to researchers at anti-virus firm Trend Micro. The attacker, believed to be in his early 20s and residing in Russia, used various toolkits, such as SpyEye and Zeus, to plunder millions of dollars from corporate bank accounts since January, Jamz Yaneza, threat research manager at Trend Micro, told SCMagazineUS.com on Thursday<br>
|
|
<b>Reference:</b> <a href="http://www.scmagazineus.com/hacker-soldier-steals-32-million-from-us-companies/article/212070/" target="_blank">http://www.scmagazineus.com/hacker-soldier-steals-32-million-from-us-companies/article/212070/</a>
|
|
</div></td></tr> <tr><td><div class="googft-card-view" style="font-family:sans-serif;width:450px;padding:4px;border:1px solid #ccc;overflow:hidden">
|
|
<b>Entry Title:</b> WHID 2011-244: Anonymous group hacks Mexican government websites under operation OpIndependencia<br>
|
|
<b>WHID ID:</b> 2011-244<br>
|
|
<b>Date Occurred:</b> 9/16/2011<br>
|
|
<b>Attack Method:</b> Denial of Service<br>
|
|
<b>Application Weakness:</b> Insufficient Anti-automation<br>
|
|
<b>Outcome:</b> Downtime<br>
|
|
<b>Attacked Entity Field:</b> Government<br>
|
|
<b>Attacked Entity Geography:</b> Mexico, MX<br>
|
|
<b>Incident Description:</b> Hacker group Anonymous after having created havoc throughout the cyber space in recent times, has once again got activated with the hacking of government sites in Mexico, reports Reuters.<br>
|
|
<b>Reference:</b> <a href="http://socialbarrel.com/anonymous-group-hacks-mexican-government-websites-under-operation-opindependencia/20602/" target="_blank">http://socialbarrel.com/anonymous-group-hacks-mexican-government-websites-under-operation-opindependencia/20602/</a>
|
|
</div></td> <td><div class="googft-card-view" style="font-family:sans-serif;width:450px;padding:4px;border:1px solid #ccc;overflow:hidden">
|
|
<b>Entry Title:</b> WHID 2011-243: Spanish feds mend website clobbered by Anonymous<br>
|
|
<b>WHID ID:</b> 2011-243<br>
|
|
<b>Date Occurred:</b> 9/16/2011<br>
|
|
<b>Attack Method:</b> Denial of Service<br>
|
|
<b>Application Weakness:</b> Insufficient Anti-automation<br>
|
|
<b>Outcome:</b> Downtime<br>
|
|
<b>Attacked Entity Field:</b> Law Enforcement<br>
|
|
<b>Attacked Entity Geography:</b> Spain<br>
|
|
<b>Incident Description:</b> Spanish national police have reactivated their website following attacks by hacking supergroup Anonymous. The assault on policia.es on Thursday coincided with the publication of the names of 30 bodyguards working for Spanish prime minister Jose Rodriguez Zapatero.<br>
|
|
<b>Reference:</b> <a href="http://www.theregister.co.uk/2011/09/16/spain_police_hacktivism_attack/" target="_blank">http://www.theregister.co.uk/2011/09/16/spain_police_hacktivism_attack/</a>
|
|
</div></td></tr> <tr><td><div class="googft-card-view" style="font-family:sans-serif;width:450px;padding:4px;border:1px solid #ccc;overflow:hidden">
|
|
<b>Entry Title:</b> WHID 2011-242: Armenians hack website of US-based Karabakh Foundation<br>
|
|
<b>WHID ID:</b> 2011-242<br>
|
|
<b>Date Occurred:</b> 9/16/2011<br>
|
|
<b>Attack Method:</b> Denial of Service<br>
|
|
<b>Application Weakness:</b> Insufficient Anti-automation<br>
|
|
<b>Outcome:</b> Downtime<br>
|
|
<b>Attacked Entity Field:</b> Politics<br>
|
|
<b>Attacked Entity Geography:</b> Absecon, US<br>
|
|
<b>Incident Description:</b> The website of the Foundation was fully destroyed as a result of DDOS attack. An initial investigation revealed that the hacker attack has been committed from Armenia. The website was restored in short.<br>
|
|
<b>Reference:</b> <a href="http://www.news.az/articles/tech/44625" target="_blank">http://www.news.az/articles/tech/44625</a>
|
|
</div></td> <td><div class="googft-card-view" style="font-family:sans-serif;width:450px;padding:4px;border:1px solid #ccc;overflow:hidden">
|
|
<b>Entry Title:</b> WHID 2011-241: BitCoin forum hacked by donor<br>
|
|
<b>WHID ID:</b> 2011-241<br>
|
|
<b>Date Occurred:</b> 9/12/2011<br>
|
|
<b>Attack Method:</b> SQL Injection<br>
|
|
<b>Application Weakness:</b> Improper Input Handling<br>
|
|
<b>Outcome:</b> Leakage of Information<br>
|
|
<b>Attacked Entity Field:</b> User Forum<br>
|
|
<b>Attacked Entity Geography:</b> Dallas, TX<br>
|
|
<b>Incident Description:</b> A hacker has used a zero day flaw to steal email addresses, hashed passwords and read personal messages from the bitcointalk.org forum.<br>
|
|
<b>Reference:</b> <a href="http://www.scmagazine.com.au/News/271688,bitcoin-forum-hacked-by-donor.aspx" target="_blank">http://www.scmagazine.com.au/News/271688,bitcoin-forum-hacked-by-donor.aspx</a>
|
|
</div></td></tr> <tr><td><div class="googft-card-view" style="font-family:sans-serif;width:450px;padding:4px;border:1px solid #ccc;overflow:hidden">
|
|
<b>Entry Title:</b> WHID 2011-240: Russia's embassy in UK says hackers hit website<br>
|
|
<b>WHID ID:</b> 2011-240<br>
|
|
<b>Date Occurred:</b> 9/11/2011<br>
|
|
<b>Attack Method:</b> Denial of Service<br>
|
|
<b>Application Weakness:</b> Insufficient Anti-automation<br>
|
|
<b>Outcome:</b> Downtime<br>
|
|
<b>Attacked Entity Field:</b> Government<br>
|
|
<b>Attacked Entity Geography:</b> Plano, TX<br>
|
|
<b>Incident Description:</b> Russia's embassy in London said on Sunday its website crashed in a suspected hacking attack just before Prime Minister David Cameron begins the first visit by a British leader to Moscow since the 2006 killing in London of a Kremlin critic.<br>
|
|
<b>Reference:</b> <a href="http://www.reuters.com/article/2011/09/11/us-russia-britain-website-idUSTRE78A1P620110911" target="_blank">http://www.reuters.com/article/2011/09/11/us-russia-britain-website-idUSTRE78A1P620110911</a>
|
|
</div></td> <td><div class="googft-card-view" style="font-family:sans-serif;width:450px;padding:4px;border:1px solid #ccc;overflow:hidden">
|
|
<b>Entry Title:</b> WHID 2011-24: Twitter worm hits goo.gl, redirects to fake anti-virus<br>
|
|
<b>WHID ID:</b> 2011-24<br>
|
|
<b>Date Occurred:</b> 1/20/2011<br>
|
|
<b>Attack Method:</b> Unknown<br>
|
|
<b>Application Weakness:</b> Unknown<br>
|
|
<b>Outcome:</b> Planting of Malware<br>
|
|
<b>Attacked Entity Field:</b> Web 2.0<br>
|
|
<b>Attacked Entity Geography:</b> <br>
|
|
<b>Incident Description:</b> A fast-moving Twitter worm is in circulation, using Google???s goo.gl redirection service to push unsuspecting users to a notorious scareware (fake anti-virus) malware campaign.<br>
|
|
<b>Reference:</b> <a href="http://www.zdnet.com/blog/security/twitter-worm-hits-googl-redirects-to-fake-anti-virus/7938" target="_blank">http://www.zdnet.com/blog/security/twitter-worm-hits-googl-redirects-to-fake-anti-virus/7938</a>
|
|
</div></td></tr> <tr><td><div class="googft-card-view" style="font-family:sans-serif;width:450px;padding:4px;border:1px solid #ccc;overflow:hidden">
|
|
<b>Entry Title:</b> WHID 2011-239: NBC Twitter account hacked, issued false reports<br>
|
|
<b>WHID ID:</b> 2011-239<br>
|
|
<b>Date Occurred:</b> 9/9/2011<br>
|
|
<b>Attack Method:</b> Unknown<br>
|
|
<b>Application Weakness:</b> Unknown<br>
|
|
<b>Outcome:</b> Disinformation<br>
|
|
<b>Attacked Entity Field:</b> Web 2.0<br>
|
|
<b>Attacked Entity Geography:</b> <br>
|
|
<b>Incident Description:</b> The NBC News Twitter account, @NBCNews, was hacked late Friday, resulting in false reports about an airplane attack at Ground Zero, the Manhattan site of the original 9/11 attacks. The Twitter account was quickly taken offline, and has since been restored, with the false tweets removed.<br>
|
|
<b>Reference:</b> <a href="http://technolog.msnbc.msn.com/_news/2011/09/09/7692776-nbc-twitter-account-hacked-issued-false-reports" target="_blank">http://technolog.msnbc.msn.com/_news/2011/09/09/7692776-nbc-twitter-account-hacked-issued-false-reports</a>
|
|
</div></td> <td><div class="googft-card-view" style="font-family:sans-serif;width:450px;padding:4px;border:1px solid #ccc;overflow:hidden">
|
|
<b>Entry Title:</b> WHID 2011-238: US uni warned, then hacked<br>
|
|
<b>WHID ID:</b> 2011-238<br>
|
|
<b>Date Occurred:</b> 9/8/2011<br>
|
|
<b>Attack Method:</b> SQL Injection<br>
|
|
<b>Application Weakness:</b> Improper Input Handling<br>
|
|
<b>Outcome:</b> Defacement<br>
|
|
<b>Attacked Entity Field:</b> Education<br>
|
|
<b>Attacked Entity Geography:</b> San Francisco, CA<br>
|
|
<b>Incident Description:</b> A frustrated hacker has defaced the web site of the University of Vermont after multiple cross site scripting (XSS) vulnerability disclosures allegedly went ignored. The hacker Codeine said the university was advised of XSS holes exactly one month ago but failed to patch the holes despite allegedly claiming to be doing so soon after the disclosure. The disclosure was posted on PacketStorm.org.<br>
|
|
<b>Reference:</b> <a href="http://www.scmagazine.com.au/News/271391,us-uni-warned-then-hacked.aspx" target="_blank">http://www.scmagazine.com.au/News/271391,us-uni-warned-then-hacked.aspx</a>
|
|
</div></td></tr> <tr><td><div class="googft-card-view" style="font-family:sans-serif;width:450px;padding:4px;border:1px solid #ccc;overflow:hidden">
|
|
<b>Entry Title:</b> WHID 2011-237: Turkish Hackers Strike Websites With DNS Hack<br>
|
|
<b>WHID ID:</b> 2011-237<br>
|
|
<b>Date Occurred:</b> 4/21/2011<br>
|
|
<b>Attack Method:</b> SQL Injection<br>
|
|
<b>Application Weakness:</b> Improper Input Handling<br>
|
|
<b>Outcome:</b> Defacement<br>
|
|
<b>Attacked Entity Field:</b> Retail<br>
|
|
<b>Attacked Entity Geography:</b> <br>
|
|
<b>Incident Description:</b> Turkguvenligi managed to hack NetName's DNS servers through a SQL injection attack, which involves putting commands into a web-based form to see if the back-end database responds. If those commands aren't scanned for malicious code, an attacker could gain access to the system. In the case of NetNames, Turkguvenligi put a redelegation order into the company's system and changed the address of the master DNS servers that served data for the websites, according to a statement from NetNames.<br>
|
|
<b>Reference:</b> <a href="http://www.pcworld.com/businesscenter/article/239501/turkish_hackers_strike_websites_with_dns_hack.html" target="_blank">http://www.pcworld.com/businesscenter/article/239501/turkish_hackers_strike_websites_with_dns_hack.html</a>
|
|
</div></td> <td><div class="googft-card-view" style="font-family:sans-serif;width:450px;padding:4px;border:1px solid #ccc;overflow:hidden">
|
|
<b>Entry Title:</b> WHID 2011-236: Hollywood is being hacked by Anonymous offshoot<br>
|
|
<b>WHID ID:</b> 2011-236<br>
|
|
<b>Date Occurred:</b> 9/1/2011<br>
|
|
<b>Attack Method:</b> Credential/Session Prediction<br>
|
|
<b>Application Weakness:</b> Insufficient Password Recovery<br>
|
|
<b>Outcome:</b> Leakage of Information<br>
|
|
<b>Attacked Entity Field:</b> Entertainment<br>
|
|
<b>Attacked Entity Geography:</b> <br>
|
|
<b>Incident Description:</b> Another hacking group hits the scene. This time they're not even attempting a message or purpose. A new faction that claims to be an offshoot of Anonymous named Hollywood Leaks has targeted celebrity emails and Twitter accounts. According Chen the group isn't particularly tech savvy, "they say they've broken into accounts mostly by guessing bad security questions."<br>
|
|
<b>Reference:</b> <a href="http://www.cbsnews.com/8301-501465_162-20100452-501465.html" target="_blank">http://www.cbsnews.com/8301-501465_162-20100452-501465.html</a>
|
|
</div></td></tr> <tr><td><div class="googft-card-view" style="font-family:sans-serif;width:450px;padding:4px;border:1px solid #ccc;overflow:hidden">
|
|
<b>Entry Title:</b> WHID 2011-235: Xbox 360 Accounts Being Hacked<br>
|
|
<b>WHID ID:</b> 2011-235<br>
|
|
<b>Date Occurred:</b> 8/31/2011<br>
|
|
<b>Attack Method:</b> Brute Force<br>
|
|
<b>Application Weakness:</b> Insufficient Anti-automation<br>
|
|
<b>Outcome:</b> Account Takeover<br>
|
|
<b>Attacked Entity Field:</b> Entertainment<br>
|
|
<b>Attacked Entity Geography:</b> Redmond, WA<br>
|
|
<b>Incident Description:</b> There have been a lot of reports over the past day of Xbox 360 accounts being hacked and user accounts being locked. The common ground is an Xbox account and Windows Live ID, with users reporting fraudulent charges on their accounts.<br>
|
|
<b>Reference:</b> <a href="http://www.evdoinfo.com/content/view/3711/64/" target="_blank">http://www.evdoinfo.com/content/view/3711/64/</a>
|
|
</div></td> <td><div class="googft-card-view" style="font-family:sans-serif;width:450px;padding:4px;border:1px solid #ccc;overflow:hidden">
|
|
<b>Entry Title:</b> WHID 2011-234: DDoS Attack Sends Wikileaks.org Website Down<br>
|
|
<b>WHID ID:</b> 2011-234<br>
|
|
<b>Date Occurred:</b> 8/31/2011<br>
|
|
<b>Attack Method:</b> Denial of Service<br>
|
|
<b>Application Weakness:</b> Insufficient Anti-automation<br>
|
|
<b>Outcome:</b> Downtime<br>
|
|
<b>Attacked Entity Field:</b> News<br>
|
|
<b>Attacked Entity Geography:</b> San Mateo, CA<br>
|
|
<b>Incident Description:</b> The famed whistle blowing organisation Wikileaks has admitted that its website, Wikileaks.org, had suffered at the hands of an organised Distributed Denial of Service (DDoS) attack.<br>
|
|
<b>Reference:</b> <a href="http://www.webhostdir.com/news/ShowItem.aspx?ID=90625" target="_blank">http://www.webhostdir.com/news/ShowItem.aspx?ID=90625</a>
|
|
</div></td></tr> <tr><td><div class="googft-card-view" style="font-family:sans-serif;width:450px;padding:4px;border:1px solid #ccc;overflow:hidden">
|
|
<b>Entry Title:</b> WHID 2011-233: Nokia developer forums hacked: 'Significant number' of records stolen<br>
|
|
<b>WHID ID:</b> 2011-233<br>
|
|
<b>Date Occurred:</b> 8/29/2011<br>
|
|
<b>Attack Method:</b> SQL Injection<br>
|
|
<b>Application Weakness:</b> Improper Input Handling<br>
|
|
<b>Outcome:</b> Leakage of Information<br>
|
|
<b>Attacked Entity Field:</b> Technology<br>
|
|
<b>Attacked Entity Geography:</b> Cambridge, MA<br>
|
|
<b>Incident Description:</b> In a statement on the Nokia community pages, which have since been closed amid the hack, the phone giant warns that members??? personal information, including dates of birth and email addresses, may have been stolen. The statement details how database tables containing the personal information were accessed by exploiting a vulnerability in the bulletin board software, through means of ???an SQL injection attack???.<br>
|
|
<b>Reference:</b> <a href="http://www.zdnet.com/blog/btl/nokia-developer-forums-hacked-significant-number-of-records-stolen/56456" target="_blank">http://www.zdnet.com/blog/btl/nokia-developer-forums-hacked-significant-number-of-records-stolen/56456</a>
|
|
</div></td> <td><div class="googft-card-view" style="font-family:sans-serif;width:450px;padding:4px;border:1px solid #ccc;overflow:hidden">
|
|
<b>Entry Title:</b> WHID 2011-232: Ron Paul's Fundraising Drive Disrupted by DDoS Attack<br>
|
|
<b>WHID ID:</b> 2011-232<br>
|
|
<b>Date Occurred:</b> 8/23/2011<br>
|
|
<b>Attack Method:</b> Denial of Service<br>
|
|
<b>Application Weakness:</b> Insufficient Anti-automation<br>
|
|
<b>Outcome:</b> Monetary Loss<br>
|
|
<b>Attacked Entity Field:</b> Politics<br>
|
|
<b>Attacked Entity Geography:</b> San Antonio, TX<br>
|
|
<b>Incident Description:</b> A fundraising drive organized by Texas Congressman Ron Paul was disrupted because his campaign website became the target of a distributed denial-of-service (DDoS) attack.<br>
|
|
<b>Reference:</b> <a href="http://news.softpedia.com/news/Ron-Paul-s-Fundraising-Drive-Disrupted-by-DDoS-Attack-218265.shtml" target="_blank">http://news.softpedia.com/news/Ron-Paul-s-Fundraising-Drive-Disrupted-by-DDoS-Attack-218265.shtml</a>
|
|
</div></td></tr> <tr><td><div class="googft-card-view" style="font-family:sans-serif;width:450px;padding:4px;border:1px solid #ccc;overflow:hidden">
|
|
<b>Entry Title:</b> WHID 2011-231: Firm at heart of biggest oil spill spews toxic web attack<br>
|
|
<b>WHID ID:</b> 2011-231<br>
|
|
<b>Date Occurred:</b> 8/25/2011<br>
|
|
<b>Attack Method:</b> Unknown<br>
|
|
<b>Application Weakness:</b> Improper Output Handling<br>
|
|
<b>Outcome:</b> Planting of Malware<br>
|
|
<b>Attacked Entity Field:</b> Energy<br>
|
|
<b>Attacked Entity Geography:</b> Jersey City, NJ<br>
|
|
<b>Incident Description:</b> Researchers at web security firm Websense said deepwater.com, Transocean's official website, has been hosting malicious exploit code that attempts to install malware on the machines of people who visit the site.<br>
|
|
<b>Reference:</b> <a href="http://www.theregister.co.uk/2011/08/25/transocean_website_compromise/" target="_blank">http://www.theregister.co.uk/2011/08/25/transocean_website_compromise/</a>
|
|
</div></td> <td><div class="googft-card-view" style="font-family:sans-serif;width:450px;padding:4px;border:1px solid #ccc;overflow:hidden">
|
|
<b>Entry Title:</b> WHID 2011-230: Botnet attacks pizza delivery service<br>
|
|
<b>WHID ID:</b> 2011-230<br>
|
|
<b>Date Occurred:</b> 8/25/2011<br>
|
|
<b>Attack Method:</b> Denial of Service<br>
|
|
<b>Application Weakness:</b> Insufficient Anti-automation<br>
|
|
<b>Outcome:</b> Downtime<br>
|
|
<b>Attacked Entity Field:</b> Retail<br>
|
|
<b>Attacked Entity Geography:</b> Germany<br>
|
|
<b>Incident Description:</b> One of the most prominent victims is pizza.de. During one attack, the company registered attacks from approximately 50,000 IP addresses generating 20,000 ??? 30,000 requests per second over the course of three hours.<br>
|
|
<b>Reference:</b> <a href="http://www.pcworld.com/businesscenter/article/239501/turkish_hackers_strike_websites_with_dns_hack.html" target="_blank">http://www.pcworld.com/businesscenter/article/239501/turkish_hackers_strike_websites_with_dns_hack.html</a>
|
|
</div></td></tr> <tr><td><div class="googft-card-view" style="font-family:sans-serif;width:450px;padding:4px;border:1px solid #ccc;overflow:hidden">
|
|
<b>Entry Title:</b> WHID 2011-23: Anonymous attacks websites in Egypt<br>
|
|
<b>WHID ID:</b> 2011-23<br>
|
|
<b>Date Occurred:</b> 1/26/2011<br>
|
|
<b>Attack Method:</b> Denial of Service<br>
|
|
<b>Application Weakness:</b> Insufficient Anti-automation<br>
|
|
<b>Outcome:</b> Downtime<br>
|
|
<b>Attacked Entity Field:</b> Government<br>
|
|
<b>Attacked Entity Geography:</b> Egypt<br>
|
|
<b>Incident Description:</b> Following the recent uprising in Tunisia, thousands of demonstrators took to the streets in Egypt yesterday to demand an end to President Hosni Mubarak's rule. The online collective known as Anonymous has joined in the protests by orchestrating distributed denial of service attacks against key Egyptian websites.<br>
|
|
<b>Reference:</b> <a href="http://news.netcraft.com/archives/2011/01/26/anonymous-attacks-websites-in-egypt.html" target="_blank">http://news.netcraft.com/archives/2011/01/26/anonymous-attacks-websites-in-egypt.html</a>
|
|
</div></td> <td><div class="googft-card-view" style="font-family:sans-serif;width:450px;padding:4px;border:1px solid #ccc;overflow:hidden">
|
|
<b>Entry Title:</b> WHID 2011-229: Yale Social Security Numbers Exposed In Latest Case Of 'Google Hacking'<br>
|
|
<b>WHID ID:</b> 2011-229<br>
|
|
<b>Date Occurred:</b> 8/24/2011<br>
|
|
<b>Attack Method:</b> Abuse of Functionality<br>
|
|
<b>Application Weakness:</b> Insecure Indexing<br>
|
|
<b>Outcome:</b> Leakage of Information<br>
|
|
<b>Attacked Entity Field:</b> Education<br>
|
|
<b>Attacked Entity Geography:</b> New Haven, CT<br>
|
|
<b>Incident Description:</b> A recent data breach at Yale University marks the latest example of a security flaw exposed by "Google hacking," which involves querying the popular search engine for website vulnerabilities.<br>
|
|
<b>Reference:</b> <a href="http://www.huffingtonpost.com/2011/08/24/yale-social-security-numbers-google-hacking_n_935400.html" target="_blank">http://www.huffingtonpost.com/2011/08/24/yale-social-security-numbers-google-hacking_n_935400.html</a>
|
|
</div></td></tr> <tr><td><div class="googft-card-view" style="font-family:sans-serif;width:450px;padding:4px;border:1px solid #ccc;overflow:hidden">
|
|
<b>Entry Title:</b> WHID 2011-228: Epson Korea Website Hacked<br>
|
|
<b>WHID ID:</b> 2011-228<br>
|
|
<b>Date Occurred:</b> 8/24/2011<br>
|
|
<b>Attack Method:</b> Unknown<br>
|
|
<b>Application Weakness:</b> Unknown<br>
|
|
<b>Outcome:</b> Leakage of Information<br>
|
|
<b>Attacked Entity Field:</b> Retail<br>
|
|
<b>Attacked Entity Geography:</b> Seoul, KR<br>
|
|
<b>Incident Description:</b> A report by ZDNet says the HSBC Korea website was also hacked, as was the Epson Korea website where 350,000 users information was leaked, prompting the company to urge customers to change their passwords.<br>
|
|
<b>Reference:</b> <a href="http://www.thewhir.com/web-hosting-news/082411_South_Korean_Domain_Registrar_Gabia_Epson_Korea_Websites_Hacked" target="_blank">http://www.thewhir.com/web-hosting-news/082411_South_Korean_Domain_Registrar_Gabia_Epson_Korea_Websites_Hacked</a>
|
|
</div></td> <td><div class="googft-card-view" style="font-family:sans-serif;width:450px;padding:4px;border:1px solid #ccc;overflow:hidden">
|
|
<b>Entry Title:</b> WHID 2011-227: South Korean Domain Registrar Gabia Hacked<br>
|
|
<b>WHID ID:</b> 2011-227<br>
|
|
<b>Date Occurred:</b> 8/24/2011<br>
|
|
<b>Attack Method:</b> Unknown<br>
|
|
<b>Application Weakness:</b> Unknown<br>
|
|
<b>Outcome:</b> Downtime<br>
|
|
<b>Attacked Entity Field:</b> Hosting Providers<br>
|
|
<b>Attacked Entity Geography:</b> South Korea<br>
|
|
<b>Incident Description:</b> Gabia (www.gabia.com), a South Korean domain registrar was hacked on Saturday, affecting the online connection with 100,000 registered domains, according to a report Monday by the Korea Herald.<br>
|
|
<b>Reference:</b> <a href="http://www.thewhir.com/web-hosting-news/082411_South_Korean_Domain_Registrar_Gabia_Epson_Korea_Websites_Hacked" target="_blank">http://www.thewhir.com/web-hosting-news/082411_South_Korean_Domain_Registrar_Gabia_Epson_Korea_Websites_Hacked</a>
|
|
</div></td></tr> <tr><td><div class="googft-card-view" style="font-family:sans-serif;width:450px;padding:4px;border:1px solid #ccc;overflow:hidden">
|
|
<b>Entry Title:</b> WHID 2011-226: Nokia Developer forum hacked<br>
|
|
<b>WHID ID:</b> 2011-226<br>
|
|
<b>Date Occurred:</b> 8/22/2011<br>
|
|
<b>Attack Method:</b> Unknown<br>
|
|
<b>Application Weakness:</b> Improper Output Handling<br>
|
|
<b>Outcome:</b> Defacement<br>
|
|
<b>Attacked Entity Field:</b> Technology<br>
|
|
<b>Attacked Entity Geography:</b> Cambridge, MA<br>
|
|
<b>Incident Description:</b> A hacker who goes by the name of mrNRG recently broke into the Nokia Developer forum, and defaced it by redirecting anyone who visited it to another page<br>
|
|
<b>Reference:</b> <a href="http://www.ubergizmo.com/2011/08/nokia-developer-forum-hacked/" target="_blank">http://www.ubergizmo.com/2011/08/nokia-developer-forum-hacked/</a>
|
|
</div></td> <td><div class="googft-card-view" style="font-family:sans-serif;width:450px;padding:4px;border:1px solid #ccc;overflow:hidden">
|
|
<b>Entry Title:</b> WHID 2011-225: Hackers deface Libya's top level domain registry with anti-Gadaffi message<br>
|
|
<b>WHID ID:</b> 2011-225<br>
|
|
<b>Date Occurred:</b> 8/22/2011<br>
|
|
<b>Attack Method:</b> Unknown<br>
|
|
<b>Application Weakness:</b> Unknown<br>
|
|
<b>Outcome:</b> Defacement<br>
|
|
<b>Attacked Entity Field:</b> Hosting Providers<br>
|
|
<b>Attacked Entity Geography:</b> Tripoli, LY<br>
|
|
<b>Incident Description:</b> Hackers calling themselves "Electr0n" have defaced the nic.ly website, the main registry which administers .ly domain names (the ".ly" stands for "Libya") and replaced it with a defiant message<br>
|
|
<b>Reference:</b> <a href="http://nakedsecurity.sophos.com/2011/08/22/hackers-deface-libya-anti-gadaffi/" target="_blank">http://nakedsecurity.sophos.com/2011/08/22/hackers-deface-libya-anti-gadaffi/</a>
|
|
</div></td></tr> <tr><td><div class="googft-card-view" style="font-family:sans-serif;width:450px;padding:4px;border:1px solid #ccc;overflow:hidden">
|
|
<b>Entry Title:</b> WHID 2011-224: Foreign bank???s net banking attacked by hacker<br>
|
|
<b>WHID ID:</b> 2011-224<br>
|
|
<b>Date Occurred:</b> 8/22/2011<br>
|
|
<b>Attack Method:</b> Unknown<br>
|
|
<b>Application Weakness:</b> Improper Output Handling<br>
|
|
<b>Outcome:</b> Defacement<br>
|
|
<b>Attacked Entity Field:</b> Finance<br>
|
|
<b>Attacked Entity Geography:</b> Central District, HK<br>
|
|
<b>Incident Description:</b> The internet banking service of HSBC Korea was temporarily shut down on Saturday after its official Web site was attacked by hackers, HSBC Korea said.<br>
|
|
<b>Reference:</b> <a href="http://joongangdaily.joins.com/article/view.asp?aid=2940509" target="_blank">http://joongangdaily.joins.com/article/view.asp?aid=2940509</a>
|
|
</div></td> <td><div class="googft-card-view" style="font-family:sans-serif;width:450px;padding:4px;border:1px solid #ccc;overflow:hidden">
|
|
<b>Entry Title:</b> WHID 2011-223: Anonymous AntiSec Breaches Defense Contractor Vanguard Network<br>
|
|
<b>WHID ID:</b> 2011-223<br>
|
|
<b>Date Occurred:</b> 8/18/2011<br>
|
|
<b>Attack Method:</b> Unknown<br>
|
|
<b>Application Weakness:</b> Unknown<br>
|
|
<b>Outcome:</b> Leakage of Information<br>
|
|
<b>Attacked Entity Field:</b> Technology<br>
|
|
<b>Attacked Entity Geography:</b> Houston, TX<br>
|
|
<b>Incident Description:</b> The attack seems to have exploited vulnerabilities in the popular WordPress blogging platform. VDI apparently had not upgraded two out-dated plug-ins, leaving security holes wide open for the cyber-attackers to waltz through.<br>
|
|
<b>Reference:</b> <a href="http://www.eweek.com/c/a/Security/Anonymous-AntiSec-Breaches-Defense-Contractor-Vanguard-Network-502551/" target="_blank">http://www.eweek.com/c/a/Security/Anonymous-AntiSec-Breaches-Defense-Contractor-Vanguard-Network-502551/</a>
|
|
</div></td></tr> <tr><td><div class="googft-card-view" style="font-family:sans-serif;width:450px;padding:4px;border:1px solid #ccc;overflow:hidden">
|
|
<b>Entry Title:</b> WHID 2011-222: MetService website hacked during busiest week<br>
|
|
<b>WHID ID:</b> 2011-222<br>
|
|
<b>Date Occurred:</b> 8/17/2011<br>
|
|
<b>Attack Method:</b> Malvertising<br>
|
|
<b>Application Weakness:</b> Insufficient Process Validation<br>
|
|
<b>Outcome:</b> Planting of Malware<br>
|
|
<b>Attacked Entity Field:</b> Media<br>
|
|
<b>Attacked Entity Geography:</b> New Zealand<br>
|
|
<b>Incident Description:</b> Visitors to the MetService website this week may have been exposed to a computer virus, after its ad server was hacked.<br>
|
|
<b>Reference:</b> <a href="http://www.nzherald.co.nz/nz/news/article.cfm?c_id=1&objectid=10745663" target="_blank">http://www.nzherald.co.nz/nz/news/article.cfm?c_id=1&objectid=10745663</a>
|
|
</div></td> <td><div class="googft-card-view" style="font-family:sans-serif;width:450px;padding:4px;border:1px solid #ccc;overflow:hidden">
|
|
<b>Entry Title:</b> WHID 2011-221: French newspaper Le Devoir hacked, posts fake story about Charest's death<br>
|
|
<b>WHID ID:</b> 2011-221<br>
|
|
<b>Date Occurred:</b> 8/16/2011<br>
|
|
<b>Attack Method:</b> Unknown<br>
|
|
<b>Application Weakness:</b> Insufficient Process Validation<br>
|
|
<b>Outcome:</b> Disinformation<br>
|
|
<b>Attacked Entity Field:</b> Media<br>
|
|
<b>Attacked Entity Geography:</b> Montreal, CA<br>
|
|
<b>Incident Description:</b> The website for the French-language newspaper Le Devoir was hacked early Tuesday morning. Whoever took over the newspaper site published an article stating that Premier Jean Charest had died of a heart attack -- something which is completely false.<br>
|
|
<b>Reference:</b> <a href="http://montreal.ctv.ca/servlet/an/local/CTVNews/20110816/mtl_ledevoir_110816/20110816/?hub=MontrealHome" target="_blank">http://montreal.ctv.ca/servlet/an/local/CTVNews/20110816/mtl_ledevoir_110816/20110816/?hub=MontrealHome</a>
|
|
</div></td></tr> <tr><td><div class="googft-card-view" style="font-family:sans-serif;width:450px;padding:4px;border:1px solid #ccc;overflow:hidden">
|
|
<b>Entry Title:</b> WHID 2011-220: Hacker used social media to steal from neighbours' accounts<br>
|
|
<b>WHID ID:</b> 2011-220<br>
|
|
<b>Date Occurred:</b> 8/15/2011<br>
|
|
<b>Attack Method:</b> Brute Force<br>
|
|
<b>Application Weakness:</b> Insufficient Password Recovery<br>
|
|
<b>Outcome:</b> Account Takeover<br>
|
|
<b>Attacked Entity Field:</b> Finance<br>
|
|
<b>Attacked Entity Geography:</b> <br>
|
|
<b>Incident Description:</b> A hacker used social networking sites Facebook and Friends Reunited to crack passwords used by his neighbours for online banking services, and stole ??35,000 over two years. Read more: http://www.computing.co.uk/ctg/news/2101779/hacker-social-media-steal-neighbours-accounts#ixzz1VyFC9D5A Computing - Insight for IT leaders Claim your free subscription today.<br>
|
|
<b>Reference:</b> <a href="http://www.computing.co.uk/ctg/news/2101779/hacker-social-media-steal-neighbours-accounts" target="_blank">http://www.computing.co.uk/ctg/news/2101779/hacker-social-media-steal-neighbours-accounts</a>
|
|
</div></td> <td><div class="googft-card-view" style="font-family:sans-serif;width:450px;padding:4px;border:1px solid #ccc;overflow:hidden">
|
|
<b>Entry Title:</b> WHID 2011-22: Zuckerberg's Facebook page hacked<br>
|
|
<b>WHID ID:</b> 2011-22<br>
|
|
<b>Date Occurred:</b> 1/26/2011<br>
|
|
<b>Attack Method:</b> Predictable Resource Location<br>
|
|
<b>Application Weakness:</b> Insufficient Authentication<br>
|
|
<b>Outcome:</b> Disinformation<br>
|
|
<b>Attacked Entity Field:</b> Web 2.0<br>
|
|
<b>Attacked Entity Geography:</b> <br>
|
|
<b>Incident Description:</b> Mark Zuckerberg's Facebook page was hacked on Tuesday to promote an alternative business plan for the social network site.
|
|
|
|
|
|
|
|
Unknown pranksters defaced the page with a message suggesting that Facebook ought to allow ordinary users to invest in the site in a "social way", rather than getting its financing from the banks.
|
|
|
|
|
|
|
|
It's unclear how the hack took place, but weak password security by the team of minions maintaining the page is the most likely explanation.<br>
|
|
<b>Reference:</b> <a href="http://news.cnet.com/8301-27080_3-20029630-245.html" target="_blank">http://news.cnet.com/8301-27080_3-20029630-245.html</a>
|
|
</div></td></tr> <tr><td><div class="googft-card-view" style="font-family:sans-serif;width:450px;padding:4px;border:1px solid #ccc;overflow:hidden">
|
|
<b>Entry Title:</b> WHID 2011-219: Anonymous hacks BART, creating even more innocent victims<br>
|
|
<b>WHID ID:</b> 2011-219<br>
|
|
<b>Date Occurred:</b> 8/14/2011<br>
|
|
<b>Attack Method:</b> SQL Injection<br>
|
|
<b>Application Weakness:</b> Improper Input Handling<br>
|
|
<b>Outcome:</b> Leakage of Information<br>
|
|
<b>Attacked Entity Field:</b> Government<br>
|
|
<b>Attacked Entity Geography:</b> Oakland, CA<br>
|
|
<b>Incident Description:</b> They performed a SQL injection (SQLi) attack against the site and were able to extract more than 2,000 records containing names, usernames, passwords (plain text), emails, phone numbers, addresses and zip codes.<br>
|
|
<b>Reference:</b> <a href="http://nakedsecurity.sophos.com/2011/08/15/anonymous-hacks-bart-creating-even-more-innocent-victims/" target="_blank">http://nakedsecurity.sophos.com/2011/08/15/anonymous-hacks-bart-creating-even-more-innocent-victims/</a>
|
|
</div></td> <td><div class="googft-card-view" style="font-family:sans-serif;width:450px;padding:4px;border:1px solid #ccc;overflow:hidden">
|
|
<b>Entry Title:</b> WHID 2011-218: Anonymous defaces BART site, leaks user data<br>
|
|
<b>WHID ID:</b> 2011-218<br>
|
|
<b>Date Occurred:</b> 8/14/2011<br>
|
|
<b>Attack Method:</b> Unknown<br>
|
|
<b>Application Weakness:</b> Improper Output Handling<br>
|
|
<b>Outcome:</b> Defacement<br>
|
|
<b>Attacked Entity Field:</b> Government<br>
|
|
<b>Attacked Entity Geography:</b> Oakland, CA<br>
|
|
<b>Incident Description:</b> Anonymous has apparently made good on a promise to wreak havoc on the Web site of the Bay Area Rapid Transit System today, although not exactly as planned. Read more: http://news.cnet.com/8301-1023_3-20092221-93/anonymous-defaces-bart-site-leaks-user-data/#ixzz1VyASpfWT<br>
|
|
<b>Reference:</b> <a href="http://news.cnet.com/8301-1023_3-20092221-93/anonymous-defaces-bart-site-leaks-user-data/" target="_blank">http://news.cnet.com/8301-1023_3-20092221-93/anonymous-defaces-bart-site-leaks-user-data/</a>
|
|
</div></td></tr> <tr><td><div class="googft-card-view" style="font-family:sans-serif;width:450px;padding:4px;border:1px solid #ccc;overflow:hidden">
|
|
<b>Entry Title:</b> WHID 2011-217: Hong Kong stock exchange website hacked<br>
|
|
<b>WHID ID:</b> 2011-217<br>
|
|
<b>Date Occurred:</b> 8/10/2011<br>
|
|
<b>Attack Method:</b> Denial of Service<br>
|
|
<b>Application Weakness:</b> Insufficient Anti-automation<br>
|
|
<b>Outcome:</b> Downtime<br>
|
|
<b>Attacked Entity Field:</b> Finance<br>
|
|
<b>Attacked Entity Geography:</b> Hong Kong<br>
|
|
<b>Incident Description:</b> The Hong Kong stock exchange was forced to suspend trading in stocks including HSBC Holdings after hackers broke into the exchange's website on Wednesday, preventing investors from accessing company announcements made during the midday break.<br>
|
|
<b>Reference:</b> <a href="http://www.ciol.com/Global-News/Global-News/News-Reports/Hong-Kong-stock-exchange-website-hacked/153268/0/" target="_blank">http://www.ciol.com/Global-News/Global-News/News-Reports/Hong-Kong-stock-exchange-website-hacked/153268/0/</a>
|
|
</div></td> <td><div class="googft-card-view" style="font-family:sans-serif;width:450px;padding:4px;border:1px solid #ccc;overflow:hidden">
|
|
<b>Entry Title:</b> WHID 2011-216: Potential account theft with XSS hole in eBay.de<br>
|
|
<b>WHID ID:</b> 2011-216<br>
|
|
<b>Date Occurred:</b> 8/10/2011<br>
|
|
<b>Attack Method:</b> Cross Site Scripting (XSS)<br>
|
|
<b>Application Weakness:</b> Improper Output Handling<br>
|
|
<b>Outcome:</b> Session Hijacking<br>
|
|
<b>Attacked Entity Field:</b> Web 2.0<br>
|
|
<b>Attacked Entity Geography:</b> Campbell, CA<br>
|
|
<b>Incident Description:</b> A serious security hole in eBay.de enabled attackers to steal other users' cookies and take control of their accounts. It is not believed that this particular flaw affected any other national eBay sites.<br>
|
|
<b>Reference:</b> <a href="http://www.h-online.com/security/news/item/Potential-account-theft-with-XSS-hole-in-eBay-de-1320908.html" target="_blank">http://www.h-online.com/security/news/item/Potential-account-theft-with-XSS-hole-in-eBay-de-1320908.html</a>
|
|
</div></td></tr> <tr><td><div class="googft-card-view" style="font-family:sans-serif;width:450px;padding:4px;border:1px solid #ccc;overflow:hidden">
|
|
<b>Entry Title:</b> WHID 2011-215: Hacker group hits NASA site<br>
|
|
<b>WHID ID:</b> 2011-215<br>
|
|
<b>Date Occurred:</b> 8/9/2011<br>
|
|
<b>Attack Method:</b> SQL Injection<br>
|
|
<b>Application Weakness:</b> Improper Input Handling<br>
|
|
<b>Outcome:</b> Leakage of Information<br>
|
|
<b>Attacked Entity Field:</b> Government<br>
|
|
<b>Attacked Entity Geography:</b> <br>
|
|
<b>Incident Description:</b> Meanwhile, TeaMp0isoN attacked the NASA discussion forum, saying it is vulnerable to SQL injection.<br>
|
|
<b>Reference:</b> <a href="http://www.thehackernews.com/2011/08/teamp0ison-nasa-forum-is-vulnerable-sql.html" target="_blank">http://www.thehackernews.com/2011/08/teamp0ison-nasa-forum-is-vulnerable-sql.html</a>
|
|
</div></td> <td><div class="googft-card-view" style="font-family:sans-serif;width:450px;padding:4px;border:1px solid #ccc;overflow:hidden">
|
|
<b>Entry Title:</b> WHID 2011-214: BlackBerry blog hacked with riot-related threats<br>
|
|
<b>WHID ID:</b> 2011-214<br>
|
|
<b>Date Occurred:</b> 8/9/2011<br>
|
|
<b>Attack Method:</b> Unknown<br>
|
|
<b>Application Weakness:</b> Improper Output Handling<br>
|
|
<b>Outcome:</b> Defacement<br>
|
|
<b>Attacked Entity Field:</b> Technology<br>
|
|
<b>Attacked Entity Geography:</b> Plano, TX<br>
|
|
<b>Incident Description:</b> RIM's corporate blog has been defaced with threats as part of a protest against the BlackBerry maker's plans to hand over information on London rioters to the police.<br>
|
|
<b>Reference:</b> <a href="http://www.theregister.co.uk/2011/08/09/blackberry_blog_riot_hack/" target="_blank">http://www.theregister.co.uk/2011/08/09/blackberry_blog_riot_hack/</a>
|
|
</div></td></tr> <tr><td><div class="googft-card-view" style="font-family:sans-serif;width:450px;padding:4px;border:1px solid #ccc;overflow:hidden">
|
|
<b>Entry Title:</b> WHID 2011-213: Malware Wave Infects Six Million e-Commerce Pages<br>
|
|
<b>WHID ID:</b> 2011-213<br>
|
|
<b>Date Occurred:</b> 8/8/2011<br>
|
|
<b>Attack Method:</b> Known Vulnerability<br>
|
|
<b>Application Weakness:</b> Application Misconfiguration<br>
|
|
<b>Outcome:</b> Planting of Malware<br>
|
|
<b>Attacked Entity Field:</b> Multiple<br>
|
|
<b>Attacked Entity Geography:</b> Multiple<br>
|
|
<b>Incident Description:</b> A malware infection, based on known flaws, has hit millions of e-commerce Web pages in the past two weeks<br>
|
|
<b>Reference:</b> <a href="http://www.eweekeurope.co.uk/news/malware-wave-infects-six-million-e-commerce-pages-36281" target="_blank">http://www.eweekeurope.co.uk/news/malware-wave-infects-six-million-e-commerce-pages-36281</a>
|
|
</div></td> <td><div class="googft-card-view" style="font-family:sans-serif;width:450px;padding:4px;border:1px solid #ccc;overflow:hidden">
|
|
<b>Entry Title:</b> WHID 2011-212: AntiSec hackers dump data after hacking police websites<br>
|
|
<b>WHID ID:</b> 2011-212<br>
|
|
<b>Date Occurred:</b> 8/7/2011<br>
|
|
<b>Attack Method:</b> Unknown<br>
|
|
<b>Application Weakness:</b> Unknown<br>
|
|
<b>Outcome:</b> Leakage of Information<br>
|
|
<b>Attacked Entity Field:</b> Law Enforcement<br>
|
|
<b>Attacked Entity Geography:</b> <br>
|
|
<b>Incident Description:</b> AntiSec said that it had compromised servers at Brooks-Jeffrey, a Mountain Home, Ark. company that runs a computer store and online marketing firm. Brooks-Jeffrey Marketing builds websites for sheriff's agencies throughout the southern United States. "It took less than 24 hours to root BJM's server and copy all their data to our private servers," AntiSec said in a statement posted Saturday.<br>
|
|
<b>Reference:</b> <a href="http://www.computerworld.com/s/article/9218961/AntiSec_hackers_dump_data_after_hacking_police_websites" target="_blank">http://www.computerworld.com/s/article/9218961/AntiSec_hackers_dump_data_after_hacking_police_websites</a>
|
|
</div></td></tr> <tr><td><div class="googft-card-view" style="font-family:sans-serif;width:450px;padding:4px;border:1px solid #ccc;overflow:hidden">
|
|
<b>Entry Title:</b> WHID 2011-211: North Korean Hackers Stealing Gaming Money for Government<br>
|
|
<b>WHID ID:</b> 2011-211<br>
|
|
<b>Date Occurred:</b> 8/5/2011<br>
|
|
<b>Attack Method:</b> Process Automation<br>
|
|
<b>Application Weakness:</b> Insufficient Anti-automation<br>
|
|
<b>Outcome:</b> Monetary Loss<br>
|
|
<b>Attacked Entity Field:</b> Entertainment<br>
|
|
<b>Attacked Entity Geography:</b> South Korea<br>
|
|
<b>Incident Description:</b> North Korea's cash-strapped government has begun deploying hackers who pilfer points at South Korean gaming sites which they then convert into cash, according to The New York Times.<br>
|
|
<b>Reference:</b> <a href="http://www.ibtimes.com/articles/193025/20110805/north-korean-hackers-north-korea-gaming-korea-gaming-hackers-south-korea-online-gaming-chinese-gold.htm" target="_blank">http://www.ibtimes.com/articles/193025/20110805/north-korean-hackers-north-korea-gaming-korea-gaming-hackers-south-korea-online-gaming-chinese-gold.htm</a>
|
|
</div></td> <td><div class="googft-card-view" style="font-family:sans-serif;width:450px;padding:4px;border:1px solid #ccc;overflow:hidden">
|
|
<b>Entry Title:</b> WHID 2011-210: Zimbabwe Stock Exchange website hacked<br>
|
|
<b>WHID ID:</b> 2011-210<br>
|
|
<b>Date Occurred:</b> 8/4/2011<br>
|
|
<b>Attack Method:</b> Unknown<br>
|
|
<b>Application Weakness:</b> Unknown<br>
|
|
<b>Outcome:</b> Downtime<br>
|
|
<b>Attacked Entity Field:</b> Finance<br>
|
|
<b>Attacked Entity Geography:</b> Harare, ZW<br>
|
|
<b>Incident Description:</b> The Zimbabwe Stock Exchange's website has been hacked, forcing the ZSE to temporarily close the website pending investigations and maintenance of the site.<br>
|
|
<b>Reference:</b> <a href="http://bulawayo24.com/index-id-news-sc-national-byo-6207-article-zimbabwe+stock+exchange+website+hacked.html" target="_blank">http://bulawayo24.com/index-id-news-sc-national-byo-6207-article-zimbabwe+stock+exchange+website+hacked.html</a>
|
|
</div></td></tr> <tr><td><div class="googft-card-view" style="font-family:sans-serif;width:450px;padding:4px;border:1px solid #ccc;overflow:hidden">
|
|
<b>Entry Title:</b> WHID 2011-21: Fedora servers breached after external compromise<br>
|
|
<b>WHID ID:</b> 2011-21<br>
|
|
<b>Date Occurred:</b> 1/22/2011<br>
|
|
<b>Attack Method:</b> Brute Force<br>
|
|
<b>Application Weakness:</b> Insufficient Authentication<br>
|
|
<b>Outcome:</b> Session Hijacking<br>
|
|
<b>Attacked Entity Field:</b> Technology<br>
|
|
<b>Attacked Entity Geography:</b> <br>
|
|
<b>Incident Description:</b> On January 22, 2011 a Fedora contributor received an email from the Fedora
|
|
|
|
Accounts System indicating that his account details had been changed. He
|
|
|
|
contacted the Fedora Infrastructure Team indicating that he had received
|
|
|
|
the email, but had not made changes to his FAS account. The Infrastructure
|
|
|
|
Team immediately began investigating, and confirmed that the account had
|
|
|
|
indeed been compromised.<br>
|
|
<b>Reference:</b> <a href="http://www.theregister.co.uk/2011/01/25/fedora_server_compromised/" target="_blank">http://www.theregister.co.uk/2011/01/25/fedora_server_compromised/</a>
|
|
</div></td> <td><div class="googft-card-view" style="font-family:sans-serif;width:450px;padding:4px;border:1px solid #ccc;overflow:hidden">
|
|
<b>Entry Title:</b> WHID 2011-209: Over 100 Indian Govt. Websites Defaced Since January<br>
|
|
<b>WHID ID:</b> 2011-209<br>
|
|
<b>Date Occurred:</b> 8/4/2011<br>
|
|
<b>Attack Method:</b> Unknown<br>
|
|
<b>Application Weakness:</b> Improper Output Handling<br>
|
|
<b>Outcome:</b> Defacement<br>
|
|
<b>Attacked Entity Field:</b> Government<br>
|
|
<b>Attacked Entity Geography:</b> India<br>
|
|
<b>Incident Description:</b> A total of 117 Indian government websites were defaced by hackers from January to June this year, prompting the government to take additional security measures, a federal minister told Parliament.<br>
|
|
<b>Reference:</b> <a href="http://www.pcworld.com/businesscenter/article/237286/over_100_indian_govt_websites_defaced_since_january.html" target="_blank">http://www.pcworld.com/businesscenter/article/237286/over_100_indian_govt_websites_defaced_since_january.html</a>
|
|
</div></td></tr> <tr><td><div class="googft-card-view" style="font-family:sans-serif;width:450px;padding:4px;border:1px solid #ccc;overflow:hidden">
|
|
<b>Entry Title:</b> WHID 2011-208: Morocco: Activist Website Sustains DDoS Attack<br>
|
|
<b>WHID ID:</b> 2011-208<br>
|
|
<b>Date Occurred:</b> 7/31/2011<br>
|
|
<b>Attack Method:</b> Denial of Service<br>
|
|
<b>Application Weakness:</b> Insufficient Anti-automation<br>
|
|
<b>Outcome:</b> Downtime<br>
|
|
<b>Attacked Entity Field:</b> Politics<br>
|
|
<b>Attacked Entity Geography:</b> San Francisco, CA<br>
|
|
<b>Incident Description:</b> The Moroccan activist website Mamfakinch! came under a distributed denial-of-service (DDoS) attack on Sunday 31 July, 2011, which blocked access to its main platform for several hours. The website is now back online.<br>
|
|
<b>Reference:</b> <a href="http://globalvoicesonline.org/2011/08/03/morocco-militant-website-sustains-ddos-attack/" target="_blank">http://globalvoicesonline.org/2011/08/03/morocco-militant-website-sustains-ddos-attack/</a>
|
|
</div></td> <td><div class="googft-card-view" style="font-family:sans-serif;width:450px;padding:4px;border:1px solid #ccc;overflow:hidden">
|
|
<b>Entry Title:</b> WHID 2011-207: Hershey's Website Hacked... To Change Recipe<br>
|
|
<b>WHID ID:</b> 2011-207<br>
|
|
<b>Date Occurred:</b> 8/3/2011<br>
|
|
<b>Attack Method:</b> Unknown<br>
|
|
<b>Application Weakness:</b> Unknown<br>
|
|
<b>Outcome:</b> Disinformation<br>
|
|
<b>Attacked Entity Field:</b> Retail<br>
|
|
<b>Attacked Entity Geography:</b> Cambridge. MA<br>
|
|
<b>Incident Description:</b> While a number of websites and mailing lists have fallen victim to attacks intent on stealing personal information or just proving that the hack was possible, whoever managed to penetrate the security of the Hershey's Chocolate website had a much more insidious goal: changing recipes.<br>
|
|
<b>Reference:</b> <a href="http://consumerist.com/2011/08/hersheys-website-hacked-to-change-recipe.html" target="_blank">http://consumerist.com/2011/08/hersheys-website-hacked-to-change-recipe.html</a>
|
|
</div></td></tr> <tr><td><div class="googft-card-view" style="font-family:sans-serif;width:450px;padding:4px;border:1px solid #ccc;overflow:hidden">
|
|
<b>Entry Title:</b> WHID 2011-206: Anonymous attacks PasteBin to test new DDoS attack tool<br>
|
|
<b>WHID ID:</b> 2011-206<br>
|
|
<b>Date Occurred:</b> 8/2/2011<br>
|
|
<b>Attack Method:</b> Denial of Service<br>
|
|
<b>Application Weakness:</b> Improper Input Handling<br>
|
|
<b>Outcome:</b> Downtime<br>
|
|
<b>Attacked Entity Field:</b> Technology<br>
|
|
<b>Attacked Entity Geography:</b> <br>
|
|
<b>Incident Description:</b> Anonymous is building a bigger, more vicious weapon to replace its current DDoS tool. The new attack program, called #RefRef, is being developed in time for the Blackhat conference in Las Vegas and was recently tested on the currently unhappy Pastebin website.<br>
|
|
<b>Reference:</b> <a href="http://www.digitaltrends.com/web/anonymous-attacks-pastebin-to-test-new-ddos-attack-tool/" target="_blank">http://www.digitaltrends.com/web/anonymous-attacks-pastebin-to-test-new-ddos-attack-tool/</a>
|
|
</div></td> <td><div class="googft-card-view" style="font-family:sans-serif;width:450px;padding:4px;border:1px solid #ccc;overflow:hidden">
|
|
<b>Entry Title:</b> WHID 2011-205: Sneaky Trojan exploits e-commerce flaws<br>
|
|
<b>WHID ID:</b> 2011-205<br>
|
|
<b>Date Occurred:</b> 8/1/2011<br>
|
|
<b>Attack Method:</b> Directory Traversal<br>
|
|
<b>Application Weakness:</b> Improper Input Handling<br>
|
|
<b>Outcome:</b> Planting of Malware<br>
|
|
<b>Attacked Entity Field:</b> Retail<br>
|
|
<b>Attacked Entity Geography:</b> <br>
|
|
<b>Incident Description:</b> More details have emerged of an e-commerce software flaw linked to the theft of credit card information from numerous websites. A security flaw in osCommerce, an open source e-commerce package, created a means for criminals to compromise 90,000 web pages with redirection scripts that ultimately directed surfers towards a site serving up an exploit toolkit designed to compromise visitors' PCs.<br>
|
|
<b>Reference:</b> <a href="http://www.theregister.co.uk/2011/08/01/banking_trojan_exploits_ecommerce_website_flaws/" target="_blank">http://www.theregister.co.uk/2011/08/01/banking_trojan_exploits_ecommerce_website_flaws/</a>
|
|
</div></td></tr> <tr><td><div class="googft-card-view" style="font-family:sans-serif;width:450px;padding:4px;border:1px solid #ccc;overflow:hidden">
|
|
<b>Entry Title:</b> WHID 2011-204: LiveJournal groans under 'immense' DDos attack<br>
|
|
<b>WHID ID:</b> 2011-204<br>
|
|
<b>Date Occurred:</b> 6/27/2011<br>
|
|
<b>Attack Method:</b> Denial of Service<br>
|
|
<b>Application Weakness:</b> Insufficient Anti-automation<br>
|
|
<b>Outcome:</b> Downtime<br>
|
|
<b>Attacked Entity Field:</b> Web 2.0<br>
|
|
<b>Attacked Entity Geography:</b> San Francisco, US<br>
|
|
<b>Incident Description:</b> LiveJournal is weathering a massive web attack that has meant service disruptions for people who read and write the more than 16 million journals hosted on the community and blogging service.<br>
|
|
<b>Reference:</b> <a href="http://www.theregister.co.uk/2011/07/27/livejournal_ddos_attack/" target="_blank">http://www.theregister.co.uk/2011/07/27/livejournal_ddos_attack/</a>
|
|
</div></td> <td><div class="googft-card-view" style="font-family:sans-serif;width:450px;padding:4px;border:1px solid #ccc;overflow:hidden">
|
|
<b>Entry Title:</b> WHID 2011-203: Anonymous hacks NATO servers<br>
|
|
<b>WHID ID:</b> 2011-203<br>
|
|
<b>Date Occurred:</b> 7/22/2011<br>
|
|
<b>Attack Method:</b> SQL Injection<br>
|
|
<b>Application Weakness:</b> Improper Input Handling<br>
|
|
<b>Outcome:</b> Leakage of Information<br>
|
|
<b>Attacked Entity Field:</b> Politics<br>
|
|
<b>Attacked Entity Geography:</b> Brussels, BE<br>
|
|
<b>Incident Description:</b> A simple SQL injection was apparently all it took to break into the server. Anonymous says that it will be putting more "interesting data" online over the next few days.<br>
|
|
<b>Reference:</b> <a href="http://www.h-online.com/security/news/item/Anonymous-hacks-NATO-servers-1284000.html" target="_blank">http://www.h-online.com/security/news/item/Anonymous-hacks-NATO-servers-1284000.html</a>
|
|
</div></td></tr> <tr><td><div class="googft-card-view" style="font-family:sans-serif;width:450px;padding:4px;border:1px solid #ccc;overflow:hidden">
|
|
<b>Entry Title:</b> WHID 2011-202: LulzSec Hacks The Times with Brutal Murdoch Death Notice<br>
|
|
<b>WHID ID:</b> 2011-202<br>
|
|
<b>Date Occurred:</b> 7/18/2011<br>
|
|
<b>Attack Method:</b> Local File Inclusion (LFI)<br>
|
|
<b>Application Weakness:</b> Improper Input Handling<br>
|
|
<b>Outcome:</b> Disinformation<br>
|
|
<b>Attacked Entity Field:</b> Media<br>
|
|
<b>Attacked Entity Geography:</b> USA<br>
|
|
<b>Incident Description:</b> Well, seems like LulzSec has returned, and moved beyond the DDOS attack! Not content to merely shut down one of Rupert Murdoch's paper's websites, the hacking group has instead planted a bizarro-Onionesque account of the mogul's death-by-palladium on a Times redesign page masquerading as The Sun.<br>
|
|
<b>Reference:</b> <a href="http://gizmodo.com/5822392/anonymous-hacks-the-sun-with-brutal-murdoch-death-notice" target="_blank">http://gizmodo.com/5822392/anonymous-hacks-the-sun-with-brutal-murdoch-death-notice</a>
|
|
</div></td> <td><div class="googft-card-view" style="font-family:sans-serif;width:450px;padding:4px;border:1px solid #ccc;overflow:hidden">
|
|
<b>Entry Title:</b> WHID 2011-201: Hacked SBS links to risky content<br>
|
|
<b>WHID ID:</b> 2011-201<br>
|
|
<b>Date Occurred:</b> 7/18/2011<br>
|
|
<b>Attack Method:</b> Unknown<br>
|
|
<b>Application Weakness:</b> Improper Output Handling<br>
|
|
<b>Outcome:</b> Planting of Malware<br>
|
|
<b>Attacked Entity Field:</b> Media<br>
|
|
<b>Attacked Entity Geography:</b> Findon, AU<br>
|
|
<b>Incident Description:</b> The website of the Special Broadcasting Service (SBS) has been victim of a hacking attack over the weekend, with users visiting the site exposed to malware.<br>
|
|
<b>Reference:</b> <a href="http://www.zdnet.com.au/hacked-sbs-links-to-risky-content-339318734.htm" target="_blank">http://www.zdnet.com.au/hacked-sbs-links-to-risky-content-339318734.htm</a>
|
|
</div></td></tr> <tr><td><div class="googft-card-view" style="font-family:sans-serif;width:450px;padding:4px;border:1px solid #ccc;overflow:hidden">
|
|
<b>Entry Title:</b> WHID 2011-200: Toshiba: US Unit's Server Has Been Hacked<br>
|
|
<b>WHID ID:</b> 2011-200<br>
|
|
<b>Date Occurred:</b> 7/16/2011<br>
|
|
<b>Attack Method:</b> Unknown<br>
|
|
<b>Application Weakness:</b> Unknown<br>
|
|
<b>Outcome:</b> Leakage of Information<br>
|
|
<b>Attacked Entity Field:</b> Technology<br>
|
|
<b>Attacked Entity Geography:</b> Irvine, CA<br>
|
|
<b>Incident Description:</b> TOKYO (Dow Jones)-Toshiba Corp. (6502.TO) said Saturday that its U.S. sales subsidiary's server has been hacked and e-mail addresses and passwords for 681 customers have been compromised. Read more: http://www.foxbusiness.com/industries/2011/07/16/toshiba-us-units-server-has-been-hacked/#ixzz1VmhuIq1l<br>
|
|
<b>Reference:</b> <a href="http://www.foxbusiness.com/industries/2011/07/16/toshiba-us-units-server-has-been-hacked/" target="_blank">http://www.foxbusiness.com/industries/2011/07/16/toshiba-us-units-server-has-been-hacked/</a>
|
|
</div></td> <td><div class="googft-card-view" style="font-family:sans-serif;width:450px;padding:4px;border:1px solid #ccc;overflow:hidden">
|
|
<b>Entry Title:</b> WHID 2011-20: Hackers Get Access to New Jersey School Data System<br>
|
|
<b>WHID ID:</b> 2011-20<br>
|
|
<b>Date Occurred:</b> 1/24/2011<br>
|
|
<b>Attack Method:</b> Brute Force<br>
|
|
<b>Application Weakness:</b> Insufficient Anti-automation<br>
|
|
<b>Outcome:</b> Session Hijacking<br>
|
|
<b>Attacked Entity Field:</b> Education<br>
|
|
<b>Attacked Entity Geography:</b> New Jersey<br>
|
|
<b>Incident Description:</b> Users of the 4chan online message board managed to get access to the online student information system used by a New Jersey school district after the school's administrative password was posted to 4chan last week.<br>
|
|
<b>Reference:</b> <a href="http://www.pcworld.com/businesscenter/article/217601/hackers_get_access_to_new_jersey_school_data_system.html" target="_blank">http://www.pcworld.com/businesscenter/article/217601/hackers_get_access_to_new_jersey_school_data_system.html</a>
|
|
</div></td></tr> <tr><td><div class="googft-card-view" style="font-family:sans-serif;width:450px;padding:4px;border:1px solid #ccc;overflow:hidden">
|
|
<b>Entry Title:</b> WHID 2011-2: Attacks on Lush website expose credit-card details<br>
|
|
<b>WHID ID:</b> 2011-2<br>
|
|
<b>Date Occurred:</b> 1/20/2011<br>
|
|
<b>Attack Method:</b> SQL Injection<br>
|
|
<b>Application Weakness:</b> Improper Input Handling<br>
|
|
<b>Outcome:</b> Credit Card Leakage<br>
|
|
<b>Attacked Entity Field:</b> Retail<br>
|
|
<b>Attacked Entity Geography:</b> United Kingdom<br>
|
|
<b>Incident Description:</b> Cosmetics company Lush has warned customers that its UK website has been hacked repeatedly over the past three months, exposing credit-card details to fraudulent use. The website of cosmetics retailer Lush has been hacked repeatedly over the last three months. Lush did not release technical details of the attack, nor specify the number of customers compromised or the security techniques used to handle the data involved, but anecdotal evidence indicates that some customers have been the victims of fraud. The company sent an email statement to customers on Thursday outlining the incident and urging them to contact their banks.<br>
|
|
<b>Reference:</b> <a href="http://www.zdnet.co.uk/news/security/2011/01/21/attacks-on-lush-website-expose-credit-card-details-40091520/" target="_blank">http://www.zdnet.co.uk/news/security/2011/01/21/attacks-on-lush-website-expose-credit-card-details-40091520/</a>
|
|
</div></td> <td><div class="googft-card-view" style="font-family:sans-serif;width:450px;padding:4px;border:1px solid #ccc;overflow:hidden">
|
|
<b>Entry Title:</b> WHID 2011-199: Lady Gaga website hacked and fans' details stolen<br>
|
|
<b>WHID ID:</b> 2011-199<br>
|
|
<b>Date Occurred:</b> 7/16/2011<br>
|
|
<b>Attack Method:</b> SQL Injection<br>
|
|
<b>Application Weakness:</b> Improper Input Handling<br>
|
|
<b>Outcome:</b> Leakage of Information<br>
|
|
<b>Attacked Entity Field:</b> Entertainment<br>
|
|
<b>Attacked Entity Geography:</b> United Kingdom<br>
|
|
<b>Incident Description:</b> LADY Gaga has called in police after thousands of her fans??? personal details were stolen from her website. Her record label Univeral acted after the site was hacked into by US cyber attackers SwagSec. Read more: http://www.mirror.co.uk/celebs/news/2011/07/16/lady-gaga-website-hacked-and-fans-details-stolen-115875-23274356/#ixzz1VmgaY2wp Go Camping for 95p! Vouchers collectable in the Daily and Sunday Mirror until 11th August . Click here for more information<br>
|
|
<b>Reference:</b> <a href="http://www.mirror.co.uk/celebs/news/2011/07/16/lady-gaga-website-hacked-and-fans-details-stolen-115875-23274356/" target="_blank">http://www.mirror.co.uk/celebs/news/2011/07/16/lady-gaga-website-hacked-and-fans-details-stolen-115875-23274356/</a>
|
|
</div></td></tr> <tr><td><div class="googft-card-view" style="font-family:sans-serif;width:450px;padding:4px;border:1px solid #ccc;overflow:hidden">
|
|
<b>Entry Title:</b> WHID 2011-198: AntiSec leaks secret IRC Federal security data<br>
|
|
<b>WHID ID:</b> 2011-198<br>
|
|
<b>Date Occurred:</b> 7/10/2011<br>
|
|
<b>Attack Method:</b> SQL Injection<br>
|
|
<b>Application Weakness:</b> Improper Input Handling<br>
|
|
<b>Outcome:</b> Leakage of Information<br>
|
|
<b>Attacked Entity Field:</b> Government<br>
|
|
<b>Attacked Entity Geography:</b> Washington, DC<br>
|
|
<b>Incident Description:</b> According to the Pastebin post, the members of Anonymous who are involved in the AntiSec hacking campaign were able to gain initial access to IRC Federal by using a SQL injection attack.<br>
|
|
<b>Reference:</b> <a href="http://blogs.computerworld.com/18593/anonymous_hacks_fbi_contractor_antisec_leaks_secret_irc_federal_security_data?source=rss_blogs" target="_blank">http://blogs.computerworld.com/18593/anonymous_hacks_fbi_contractor_antisec_leaks_secret_irc_federal_security_data?source=rss_blogs</a>
|
|
</div></td> <td><div class="googft-card-view" style="font-family:sans-serif;width:450px;padding:4px;border:1px solid #ccc;overflow:hidden">
|
|
<b>Entry Title:</b> 2011-197: Anonymous Hackers Attack Government-Contracted Company IRC Federal<br>
|
|
<b>WHID ID:</b> 2011-197<br>
|
|
<b>Date Occurred:</b> 7/9/2011<br>
|
|
<b>Attack Method:</b> Denial of Service<br>
|
|
<b>Application Weakness:</b> Insufficient Anti-automation<br>
|
|
<b>Outcome:</b> Downtime<br>
|
|
<b>Attacked Entity Field:</b> Government<br>
|
|
<b>Attacked Entity Geography:</b> Scottsdale, AZ<br>
|
|
<b>Incident Description:</b> The group incapacitated IRC Federal???s website with a Denial of Service (DoS) attack early on July 8, and simultaneously breached the website???s networks. They also posted information stolen in the cyber-attack on PasteBin, a text posting website.<br>
|
|
<b>Reference:</b> <a href="http://www.theepochtimes.com/n2/technology/anonymous-hackers-attack-government-affiliated-company-irc-federal-58864.html" target="_blank">http://www.theepochtimes.com/n2/technology/anonymous-hackers-attack-government-affiliated-company-irc-federal-58864.html</a>
|
|
</div></td></tr> <tr><td><div class="googft-card-view" style="font-family:sans-serif;width:450px;padding:4px;border:1px solid #ccc;overflow:hidden">
|
|
<b>Entry Title:</b> WHID 2011-196: Kiplinger Warns Customers Hackers Got Account, Credit Card Information<br>
|
|
<b>WHID ID:</b> 2011-196<br>
|
|
<b>Date Occurred:</b> 7/9/2011<br>
|
|
<b>Attack Method:</b> Unknown<br>
|
|
<b>Application Weakness:</b> Unknown<br>
|
|
<b>Outcome:</b> Leakage of Information<br>
|
|
<b>Attacked Entity Field:</b> Finance<br>
|
|
<b>Attacked Entity Geography:</b> Washington, DC<br>
|
|
<b>Incident Description:</b> Kiplinger Washington Editors Inc., the publisher of Kiplinger???s Personal Finance, warned customers that hackers breached its computer network at least as early as June 25 and stole account data, including credit card numbers.<br>
|
|
<b>Reference:</b> <a href="http://www.bloomberg.com/news/2011-07-08/kiplinger-warns-customers-hackers-got-account-information-1-.html" target="_blank">http://www.bloomberg.com/news/2011-07-08/kiplinger-warns-customers-hackers-got-account-information-1-.html</a>
|
|
</div></td> <td><div class="googft-card-view" style="font-family:sans-serif;width:450px;padding:4px;border:1px solid #ccc;overflow:hidden">
|
|
<b>Entry Title:</b> WHID 2011-195: Florida Election Servers Hacked Again<br>
|
|
<b>WHID ID:</b> 2011-195<br>
|
|
<b>Date Occurred:</b> 7/8/2011<br>
|
|
<b>Attack Method:</b> SQL Injection<br>
|
|
<b>Application Weakness:</b> Improper Input Handling<br>
|
|
<b>Outcome:</b> Leakage of Information<br>
|
|
<b>Attacked Entity Field:</b> Government<br>
|
|
<b>Attacked Entity Geography:</b> Florida<br>
|
|
<b>Incident Description:</b> For the second time in a week, a hacker has broken into systems connected with voting in Florida, stolen data, and released it to the public.<br>
|
|
<b>Reference:</b> <a href="http://www.informationweek.com/news/security/attacks/231001248" target="_blank">http://www.informationweek.com/news/security/attacks/231001248</a>
|
|
</div></td></tr> <tr><td><div class="googft-card-view" style="font-family:sans-serif;width:450px;padding:4px;border:1px solid #ccc;overflow:hidden">
|
|
<b>Entry Title:</b> WHID 2011-194: Hacker tries to steal $83,000 from Atascadero city bank account<br>
|
|
<b>WHID ID:</b> 2011-194<br>
|
|
<b>Date Occurred:</b> 7/8/2011<br>
|
|
<b>Attack Method:</b> Banking Trojan<br>
|
|
<b>Application Weakness:</b> Insufficient Anti-automation<br>
|
|
<b>Outcome:</b> Monetary Loss<br>
|
|
<b>Attacked Entity Field:</b> Finance<br>
|
|
<b>Attacked Entity Geography:</b> Atascadero, CA<br>
|
|
<b>Incident Description:</b> ???We???re still trying to uncover all the details,??? said McKinney, ???but it looks like we got a virus in one of the computers, then when we connected with Rabobank for a wire transfer, it got mirrored and sent out other transfers. We???re looking into how it got around all of the security measures.??? Read more: http://www.sanluisobispo.com/2011/07/07/1674252/atascadero-bank-account-hacked.html#ixzz1VmEgzLAp<br>
|
|
<b>Reference:</b> <a href="http://www.sanluisobispo.com/2011/07/07/1674252/atascadero-bank-account-hacked.html" target="_blank">http://www.sanluisobispo.com/2011/07/07/1674252/atascadero-bank-account-hacked.html</a>
|
|
</div></td> <td><div class="googft-card-view" style="font-family:sans-serif;width:450px;padding:4px;border:1px solid #ccc;overflow:hidden">
|
|
<b>Entry Title:</b> WHID 2011-193: Washington Post Jobs website hacked<br>
|
|
<b>WHID ID:</b> 2011-193<br>
|
|
<b>Date Occurred:</b> 7/7/2011<br>
|
|
<b>Attack Method:</b> Unknown<br>
|
|
<b>Application Weakness:</b> Unknown<br>
|
|
<b>Outcome:</b> Leakage of Information<br>
|
|
<b>Attacked Entity Field:</b> Media<br>
|
|
<b>Attacked Entity Geography:</b> USA<br>
|
|
<b>Incident Description:</b> The Post says the hackers obtained user IDs and e-mail addresses, but ???no passwords or other personal information was affected.??? The paper is pursuing the matter with law enforcement. A letter to customers about the hack is after the jump.<br>
|
|
<b>Reference:</b> <a href="http://www.poynter.org/latest-news/romenesko/138263/washington-post-jobs-website-hacked/" target="_blank">http://www.poynter.org/latest-news/romenesko/138263/washington-post-jobs-website-hacked/</a>
|
|
</div></td></tr> <tr><td><div class="googft-card-view" style="font-family:sans-serif;width:450px;padding:4px;border:1px solid #ccc;overflow:hidden">
|
|
<b>Entry Title:</b> WHID 2011-192: PayPal UK Twitter account hacked<br>
|
|
<b>WHID ID:</b> 2011-192<br>
|
|
<b>Date Occurred:</b> 7/5/2011<br>
|
|
<b>Attack Method:</b> Unknown<br>
|
|
<b>Application Weakness:</b> Unknown<br>
|
|
<b>Outcome:</b> Account Takeover<br>
|
|
<b>Attacked Entity Field:</b> Retail<br>
|
|
<b>Attacked Entity Geography:</b> San Francisco, CA<br>
|
|
<b>Incident Description:</b> A disgruntled customer appears to have taken control of PayPal UK's Twitter account and has used it to complain about the service in a series of angry tweets on the service.<br>
|
|
<b>Reference:</b> <a href="http://www.guardian.co.uk/technology/blog/2011/jul/05/paypal-uk-twitter-hack-customer" target="_blank">http://www.guardian.co.uk/technology/blog/2011/jul/05/paypal-uk-twitter-hack-customer</a>
|
|
</div></td> <td><div class="googft-card-view" style="font-family:sans-serif;width:450px;padding:4px;border:1px solid #ccc;overflow:hidden">
|
|
<b>Entry Title:</b> WHID 2011-191: Sony Music Ireland website hacked<br>
|
|
<b>WHID ID:</b> 2011-191<br>
|
|
<b>Date Occurred:</b> 7/5/2011<br>
|
|
<b>Attack Method:</b> Unknown<br>
|
|
<b>Application Weakness:</b> Unknown<br>
|
|
<b>Outcome:</b> Disinformation<br>
|
|
<b>Attacked Entity Field:</b> Entertainment<br>
|
|
<b>Attacked Entity Geography:</b> McLean, VA<br>
|
|
<b>Incident Description:</b> Sony Music Ireland has said it is looking into an incident on its website after three fake news stories appeared on its homepage this morning. The website has been removed and the www.sonymusic.ie domain is re-directing to the company's Facebook page.<br>
|
|
<b>Reference:</b> <a href="http://www.rte.ie/news/2011/0705/sony.html" target="_blank">http://www.rte.ie/news/2011/0705/sony.html</a>
|
|
</div></td></tr> <tr><td><div class="googft-card-view" style="font-family:sans-serif;width:450px;padding:4px;border:1px solid #ccc;overflow:hidden">
|
|
<b>Entry Title:</b> WHID 2011-190: Hacker group ???hijacks??? news site???s Twitter account, claims Obama is dead<br>
|
|
<b>WHID ID:</b> 2011-190<br>
|
|
<b>Date Occurred:</b> 7/4/2011<br>
|
|
<b>Attack Method:</b> Unknown<br>
|
|
<b>Application Weakness:</b> Unknown<br>
|
|
<b>Outcome:</b> Disinformation<br>
|
|
<b>Attacked Entity Field:</b> Web 2.0<br>
|
|
<b>Attacked Entity Geography:</b> San Francisco, US<br>
|
|
<b>Incident Description:</b> For some hours Monday, a hacker group "hijacked" the Twitter account of US-based news outfit Fox News, using its Twitter account to post fake messages, including those that claimed US President Barack Obama II was shot dead.<br>
|
|
<b>Reference:</b> <a href="http://www.gmanews.tv/story/225234/technology/hacker-group-hijacks-news-sites-twitter-account-claims-obama-is-dead" target="_blank">http://www.gmanews.tv/story/225234/technology/hacker-group-hijacks-news-sites-twitter-account-claims-obama-is-dead</a>
|
|
</div></td> <td><div class="googft-card-view" style="font-family:sans-serif;width:450px;padding:4px;border:1px solid #ccc;overflow:hidden">
|
|
<b>Entry Title:</b> WHID 2011-19: Living Social Hacked (Update)<br>
|
|
<b>WHID ID:</b> 2011-19<br>
|
|
<b>Date Occurred:</b> 1/19/2011<br>
|
|
<b>Attack Method:</b> Hidden Parameter Manipulation<br>
|
|
<b>Application Weakness:</b> Improper Input Handling<br>
|
|
<b>Outcome:</b> Monetary Loss<br>
|
|
<b>Attacked Entity Field:</b> Retail<br>
|
|
<b>Attacked Entity Geography:</b> <br>
|
|
<b>Incident Description:</b> Living Social doesn't do server side quantity validation (at least they didn't yesterday). Who cares you say? Well Amazon.com for one. Their latest offer of a $20 gift certificate for $10 has the explicit restriction of ONE per customer and no gifts. You see, Amazon actually only wants to discount their product for new customers or existing customers only on $20 of merchandise. If Amazon knew there was a way to buy say 100 vouchers and receive $2000 of Amazon merchandise for $1000, they would probably blow a gasket.<br>
|
|
<b>Reference:</b> <a href="http://www.deepgreencrystals.com/archives/2011/01/living-social-h.html" target="_blank">http://www.deepgreencrystals.com/archives/2011/01/living-social-h.html</a>
|
|
</div></td></tr> <tr><td><div class="googft-card-view" style="font-family:sans-serif;width:450px;padding:4px;border:1px solid #ccc;overflow:hidden">
|
|
<b>Entry Title:</b> WHID 2011-189: Anonymous Teases SQL-Based Apple Hack With 27 Stolen Account Names<br>
|
|
<b>WHID ID:</b> 2011-189<br>
|
|
<b>Date Occurred:</b> 7/3/2011<br>
|
|
<b>Attack Method:</b> SQL Injection<br>
|
|
<b>Application Weakness:</b> Improper Input Handling<br>
|
|
<b>Outcome:</b> Leakage of Information<br>
|
|
<b>Attacked Entity Field:</b> Technology<br>
|
|
<b>Attacked Entity Geography:</b> Cupertino, US<br>
|
|
<b>Incident Description:</b> Three hours ago Anonymous tweeted that they managed to steal 27 usernames and passwords from Apple.com (from this link here) when attacked with a basic SQL injection. Now, at this time only 27 accounts have been compromised and they aren???t usernames pertaining to the public. Nonetheless, it???s alarming given Apple???s claims about security ??? to be hacked using a simple SQL based method ??? as well as the fact that Anonymous claims Apple could be their next target.<br>
|
|
<b>Reference:</b> <a href="http://gadgetsteria.com/2011/07/03/anonymous-teases-sql-based-apple-hack-with-27-stolen-account-names-says-they-could-be-next-target/" target="_blank">http://gadgetsteria.com/2011/07/03/anonymous-teases-sql-based-apple-hack-with-27-stolen-account-names-says-they-could-be-next-target/</a>
|
|
</div></td> <td><div class="googft-card-view" style="font-family:sans-serif;width:450px;padding:4px;border:1px solid #ccc;overflow:hidden">
|
|
<b>Entry Title:</b> WHID 2011-188: WWF site attacked again; hacker leaves 'tips'<br>
|
|
<b>WHID ID:</b> 2011-188<br>
|
|
<b>Date Occurred:</b> 7/1/2011<br>
|
|
<b>Attack Method:</b> SQL Injection<br>
|
|
<b>Application Weakness:</b> Improper Input Handling<br>
|
|
<b>Outcome:</b> Leakage of Information<br>
|
|
<b>Attacked Entity Field:</b> Politics<br>
|
|
<b>Attacked Entity Geography:</b> Provo, US<br>
|
|
<b>Incident Description:</b> Two days after a hacker defaced its site, the World Wildlife Fund Philippine chapter suffered another attack Friday, with the hacker leaving behind tips to improve its security.<br>
|
|
<b>Reference:</b> <a href="http://www.gmanews.tv/story/224956/technologoy/wwf-site-attacked-again-hacker-leaves-tips" target="_blank">http://www.gmanews.tv/story/224956/technologoy/wwf-site-attacked-again-hacker-leaves-tips</a>
|
|
</div></td></tr> <tr><td><div class="googft-card-view" style="font-family:sans-serif;width:450px;padding:4px;border:1px solid #ccc;overflow:hidden">
|
|
<b>Entry Title:</b> WHID 2011-187: Hackers hit church's collection plate<br>
|
|
<b>WHID ID:</b> 2011-187<br>
|
|
<b>Date Occurred:</b> 6/30/2011<br>
|
|
<b>Attack Method:</b> Banking Trojan<br>
|
|
<b>Application Weakness:</b> Insufficient Authentication<br>
|
|
<b>Outcome:</b> Monetary Loss<br>
|
|
<b>Attacked Entity Field:</b> Finance<br>
|
|
<b>Attacked Entity Geography:</b> Des Moines, IA<br>
|
|
<b>Incident Description:</b> The Iowa heist is part of latest wave of cyber-crime: account takeover fraud. In it, crime gangs, many located in Eastern Europe, target small towns, community banks and civic organizations which often lack high-tech defenses.<br>
|
|
<b>Reference:</b> <a href="http://www.cbsnews.com/stories/2011/06/30/eveningnews/main20075926.shtml" target="_blank">http://www.cbsnews.com/stories/2011/06/30/eveningnews/main20075926.shtml</a>
|
|
</div></td> <td><div class="googft-card-view" style="font-family:sans-serif;width:450px;padding:4px;border:1px solid #ccc;overflow:hidden">
|
|
<b>Entry Title:</b> WHID 2011-186: First Weibo Attack is CSRF Worm<br>
|
|
<b>WHID ID:</b> 2011-186<br>
|
|
<b>Date Occurred:</b> 6/30/2011<br>
|
|
<b>Attack Method:</b> Cross Site Request Forgery (CSRF)<br>
|
|
<b>Application Weakness:</b> Improper Output Handling<br>
|
|
<b>Outcome:</b> Worm<br>
|
|
<b>Attacked Entity Field:</b> Web 2.0<br>
|
|
<b>Attacked Entity Geography:</b> Beijing, CN<br>
|
|
<b>Incident Description:</b> ZDNet China revealed that the attacker exploited a cross-site scripting (XSS) vulnerability to run a malware program in Weibo's Web pages, causing the number of affected users to increase multiple fold. While no personal information was breached, users were reminded to clear their cache for security purposes.<br>
|
|
<b>Reference:</b> <a href="http://www.zdnetasia.com/no-data-breach-in-first-weibo-attack-62301014.htm" target="_blank">http://www.zdnetasia.com/no-data-breach-in-first-weibo-attack-62301014.htm</a>
|
|
</div></td></tr> <tr><td><div class="googft-card-view" style="font-family:sans-serif;width:450px;padding:4px;border:1px solid #ccc;overflow:hidden">
|
|
<b>Entry Title:</b> WHID 2011-185: Hacking group targets Zimbabwe government website<br>
|
|
<b>WHID ID:</b> 2011-185<br>
|
|
<b>Date Occurred:</b> 6/29/2011<br>
|
|
<b>Attack Method:</b> Unknown<br>
|
|
<b>Application Weakness:</b> Unknown<br>
|
|
<b>Outcome:</b> Leakage of Information<br>
|
|
<b>Attacked Entity Field:</b> Government<br>
|
|
<b>Attacked Entity Geography:</b> Harare, ZW<br>
|
|
<b>Incident Description:</b> A group known as Lulz Security (LulzSec) has announced that it has hacked into the Zimbabwe government website (http://www.gta.gov.zw) and taken material on ???everything??? there is to know about the government???s internet database.<br>
|
|
<b>Reference:</b> <a href="http://www.swradioafrica.com/news290611/hacking290611.htm" target="_blank">http://www.swradioafrica.com/news290611/hacking290611.htm</a>
|
|
</div></td> <td><div class="googft-card-view" style="font-family:sans-serif;width:450px;padding:4px;border:1px solid #ccc;overflow:hidden">
|
|
<b>Entry Title:</b> WHID 2011-184: Magazine's database of US military personnel is hacked<br>
|
|
<b>WHID ID:</b> 2011-184<br>
|
|
<b>Date Occurred:</b> 6/29/2011<br>
|
|
<b>Attack Method:</b> SQL Injection<br>
|
|
<b>Application Weakness:</b> Improper Input Handling<br>
|
|
<b>Outcome:</b> Leakage of Information<br>
|
|
<b>Attacked Entity Field:</b> Media<br>
|
|
<b>Attacked Entity Geography:</b> McLean, VA<br>
|
|
<b>Incident Description:</b> A magazine subscriptions database which held personal information of members of the US armed forces has been hacked into, according to an American media company.<br>
|
|
<b>Reference:</b> <a href="http://www.guardian.co.uk/technology/2011/jun/29/hackers-us-military-magazine-defense-news" target="_blank">http://www.guardian.co.uk/technology/2011/jun/29/hackers-us-military-magazine-defense-news</a>
|
|
</div></td></tr> <tr><td><div class="googft-card-view" style="font-family:sans-serif;width:450px;padding:4px;border:1px solid #ccc;overflow:hidden">
|
|
<b>Entry Title:</b> WHID 2011-183: Mastercard blitzed again in further DDoS attack<br>
|
|
<b>WHID ID:</b> 2011-183<br>
|
|
<b>Date Occurred:</b> 6/28/2011<br>
|
|
<b>Attack Method:</b> Denial of Service<br>
|
|
<b>Application Weakness:</b> Insufficient Anti-automation<br>
|
|
<b>Outcome:</b> Downtime<br>
|
|
<b>Attacked Entity Field:</b> Finance<br>
|
|
<b>Attacked Entity Geography:</b> Cambridge, MA<br>
|
|
<b>Incident Description:</b> Updated MasterCard's website became difficult to reach on Tuesday following the launch of an apparent denial of service attack. Twitter user @ibomhacktivist claimed responsibility for the reported assault, which it said had been motivated by Mastercard's decision to suspend an account maintained by WikiLeaks in the wake of the whistle-blowing site's decision to start releasing leaked US diplomatic cables last November. Or something like that.<br>
|
|
<b>Reference:</b> <a href="http://www.theregister.co.uk/2011/06/28/mastercard_ddos_again/" target="_blank">http://www.theregister.co.uk/2011/06/28/mastercard_ddos_again/</a>
|
|
</div></td> <td><div class="googft-card-view" style="font-family:sans-serif;width:450px;padding:4px;border:1px solid #ccc;overflow:hidden">
|
|
<b>Entry Title:</b> WHID 2011-182: Groupon India (SoSasta.com) Suffers Security Issue, User Account Information Possibly Compromised<br>
|
|
<b>WHID ID:</b> 2011-182<br>
|
|
<b>Date Occurred:</b> 6/27/2011<br>
|
|
<b>Attack Method:</b> Unknown<br>
|
|
<b>Application Weakness:</b> Unknown<br>
|
|
<b>Outcome:</b> Leakage of Information<br>
|
|
<b>Attacked Entity Field:</b> Web 2.0<br>
|
|
<b>Attacked Entity Geography:</b> India<br>
|
|
<b>Incident Description:</b> Groupon, a leading daily deals store which entered into the Indian markets via acquisition of Kolkata based local deals shop SoSasta.com, suffered a ???security issue??? on their systems. The break-in happened over the weekend and it is highly likely that all usernames and passwords were stolen.<br>
|
|
<b>Reference:</b> <a href="http://techie-buzz.com/tech-news/groupon-india-sosasta-com-suffers-security-issue-user-account-information-possibly-compromised.html" target="_blank">http://techie-buzz.com/tech-news/groupon-india-sosasta-com-suffers-security-issue-user-account-information-possibly-compromised.html</a>
|
|
</div></td></tr> <tr><td><div class="googft-card-view" style="font-family:sans-serif;width:450px;padding:4px;border:1px solid #ccc;overflow:hidden">
|
|
<b>Entry Title:</b> WHID 2011-181: Anonymous hacktivists assault Turkish government websites<br>
|
|
<b>WHID ID:</b> 2011-181<br>
|
|
<b>Date Occurred:</b> 6/10/2011<br>
|
|
<b>Attack Method:</b> Denial of Service<br>
|
|
<b>Application Weakness:</b> Insufficient Anti-automation<br>
|
|
<b>Outcome:</b> Downtime<br>
|
|
<b>Attacked Entity Field:</b> Government<br>
|
|
<b>Attacked Entity Geography:</b> Ankara, TR<br>
|
|
<b>Incident Description:</b> Hacker group Anonymous said on Thursday it has launched DDoS (distributed denial of service) attacks on some Turkish government websites, in protest against government plans to introduce Internet filtering. The move comes a few days before Turkey holds parliamentary elections on Sunday.<br>
|
|
<b>Reference:</b> <a href="http://news.techworld.com/security/3285182/anonymous-hacktivists-assault-turkish-government-websites/" target="_blank">http://news.techworld.com/security/3285182/anonymous-hacktivists-assault-turkish-government-websites/</a>
|
|
</div></td> <td><div class="googft-card-view" style="font-family:sans-serif;width:450px;padding:4px;border:1px solid #ccc;overflow:hidden">
|
|
<b>Entry Title:</b> WHID 2011-180: Hackers break into Tony Blair's webmail server, disclose former PM's address book<br>
|
|
<b>WHID ID:</b> 2011-180<br>
|
|
<b>Date Occurred:</b> 6/25/2011<br>
|
|
<b>Attack Method:</b> SQL Injection<br>
|
|
<b>Application Weakness:</b> Improper Input Handling<br>
|
|
<b>Outcome:</b> Leakage of Information<br>
|
|
<b>Attacked Entity Field:</b> Hosting Providers<br>
|
|
<b>Attacked Entity Geography:</b> United Kingdom<br>
|
|
<b>Incident Description:</b> We don't know what specific flaws were exploited in this attack, but seeing that it is a webmail server the most likely method was SQL injection. It is extremely important to keep web servers patched and up to date, especially if they are running Linux using commonly exploited CMSs, webmail solutions and blogging software.<br>
|
|
<b>Reference:</b> <a href="http://nakedsecurity.sophos.com/2011/06/25/hackers-break-into-tony-blairs-webmail-server-disclose-former-pms-address-book/" target="_blank">http://nakedsecurity.sophos.com/2011/06/25/hackers-break-into-tony-blairs-webmail-server-disclose-former-pms-address-book/</a>
|
|
</div></td></tr> <tr><td><div class="googft-card-view" style="font-family:sans-serif;width:450px;padding:4px;border:1px solid #ccc;overflow:hidden">
|
|
<b>Entry Title:</b> WHID 2011-18: French president recovers from Facebook hack<br>
|
|
<b>WHID ID:</b> 2011-18<br>
|
|
<b>Date Occurred:</b> 1/24/2011<br>
|
|
<b>Attack Method:</b> Stolen Credentials<br>
|
|
<b>Application Weakness:</b> Insufficient Authentication<br>
|
|
<b>Outcome:</b> Disinformation<br>
|
|
<b>Attacked Entity Field:</b> Web 2.0<br>
|
|
<b>Attacked Entity Geography:</b> Palo Alto, CA<br>
|
|
<b>Incident Description:</b> The Facebook account of Nicolas Sarkozy was hacked over the weekend to post the false rumour that the French president would not seek re-election next year.<br>
|
|
<b>Reference:</b> <a href="http://www.theregister.co.uk/2011/01/24/french_pres_facebook_hack/" target="_blank">http://www.theregister.co.uk/2011/01/24/french_pres_facebook_hack/</a>
|
|
</div></td> <td><div class="googft-card-view" style="font-family:sans-serif;width:450px;padding:4px;border:1px solid #ccc;overflow:hidden">
|
|
<b>Entry Title:</b> WHID 2011-179: T & T Supermarket website hacked<br>
|
|
<b>WHID ID:</b> 2011-179<br>
|
|
<b>Date Occurred:</b> 6/24/2011<br>
|
|
<b>Attack Method:</b> Unknown<br>
|
|
<b>Application Weakness:</b> Unknown<br>
|
|
<b>Outcome:</b> Leakage of Information<br>
|
|
<b>Attacked Entity Field:</b> Retail<br>
|
|
<b>Attacked Entity Geography:</b> Brampton, CA<br>
|
|
<b>Incident Description:</b> Hackers may now have access to the personal information for 60-thousand T&T Supermarket customers.The company is warning people who used T&T's website this month.<br>
|
|
<b>Reference:</b> <a href="http://www.news1130.com/news/local/article/245594--t-t-supermarket-website-hacked" target="_blank">http://www.news1130.com/news/local/article/245594--t-t-supermarket-website-hacked</a>
|
|
</div></td></tr> <tr><td><div class="googft-card-view" style="font-family:sans-serif;width:450px;padding:4px;border:1px solid #ccc;overflow:hidden">
|
|
<b>Entry Title:</b> WHID 2011-178: Part II: PBS Hacked Again. Entire Database Exposed With Simple SQL Injection<br>
|
|
<b>WHID ID:</b> 2011-178<br>
|
|
<b>Date Occurred:</b> 6/24/2011<br>
|
|
<b>Attack Method:</b> SQL Injection<br>
|
|
<b>Application Weakness:</b> Improper Input Handling<br>
|
|
<b>Outcome:</b> Leakage of Information<br>
|
|
<b>Attacked Entity Field:</b> Media<br>
|
|
<b>Attacked Entity Geography:</b> Arlington, VA<br>
|
|
<b>Incident Description:</b> After being hacked by LulzSec several weeks ago, PBS appears to have learned nothing. A new hack by ???Warv0x??? (AKA Kaihoe) uses the same basic SQL injection technique LulzSec has been using on their many victims, and once again has exposed PBS.org???s entire database.<br>
|
|
<b>Reference:</b> <a href="http://gadgetsteria.com/2011/06/24/part-ii-pbs-hacked-again-entire-database-exposed-with-simple-sql-injection/" target="_blank">http://gadgetsteria.com/2011/06/24/part-ii-pbs-hacked-again-entire-database-exposed-with-simple-sql-injection/</a>
|
|
</div></td> <td><div class="googft-card-view" style="font-family:sans-serif;width:450px;padding:4px;border:1px solid #ccc;overflow:hidden">
|
|
<b>Entry Title:</b> WHID 2011-177: NATO website 'hacked'<br>
|
|
<b>WHID ID:</b> 2011-177<br>
|
|
<b>Date Occurred:</b> 6/24/2011<br>
|
|
<b>Attack Method:</b> Unknown<br>
|
|
<b>Application Weakness:</b> Unknown<br>
|
|
<b>Outcome:</b> Leakage of Information<br>
|
|
<b>Attacked Entity Field:</b> Government<br>
|
|
<b>Attacked Entity Geography:</b> Brussels, BE<br>
|
|
<b>Incident Description:</b> NATO said that one of its websites was the subject of a probable data breach, but it did not contain any classified data.<br>
|
|
<b>Reference:</b> <a href="http://timesofindia.indiatimes.com/tech/news/internet/NATO-website-hacked/articleshow/8973297.cms" target="_blank">http://timesofindia.indiatimes.com/tech/news/internet/NATO-website-hacked/articleshow/8973297.cms</a>
|
|
</div></td></tr> <tr><td><div class="googft-card-view" style="font-family:sans-serif;width:450px;padding:4px;border:1px solid #ccc;overflow:hidden">
|
|
<b>Entry Title:</b> WHID 2011-176: Brazil government latest victim of hacker attack<br>
|
|
<b>WHID ID:</b> 2011-176<br>
|
|
<b>Date Occurred:</b> 6/22/2011<br>
|
|
<b>Attack Method:</b> Denial of Service<br>
|
|
<b>Application Weakness:</b> Insufficient Anti-automation<br>
|
|
<b>Outcome:</b> Downtime<br>
|
|
<b>Attacked Entity Field:</b> Government<br>
|
|
<b>Attacked Entity Geography:</b> Brazil<br>
|
|
<b>Incident Description:</b> Hackers briefly disabled three websites belonging to the Brazilian government early on Wednesday in the latest of an international wave of cyber attacks on companies and organizations.<br>
|
|
<b>Reference:</b> <a href="http://www.reuters.com/article/2011/06/22/us-cybersecurity-brazil-hackers-idUSTRE75L31K20110622" target="_blank">http://www.reuters.com/article/2011/06/22/us-cybersecurity-brazil-hackers-idUSTRE75L31K20110622</a>
|
|
</div></td> <td><div class="googft-card-view" style="font-family:sans-serif;width:450px;padding:4px;border:1px solid #ccc;overflow:hidden">
|
|
<b>Entry Title:</b> WHID 2011-175: LulzSec rogue suspected of Bitcoin hack<br>
|
|
<b>WHID ID:</b> 2011-175<br>
|
|
<b>Date Occurred:</b> 6/22/2011<br>
|
|
<b>Attack Method:</b> SQL Injection<br>
|
|
<b>Application Weakness:</b> Improper Input Handling<br>
|
|
<b>Outcome:</b> Monetary Loss<br>
|
|
<b>Attacked Entity Field:</b> Finance<br>
|
|
<b>Attacked Entity Geography:</b> Mountain View, CA<br>
|
|
<b>Incident Description:</b> Due to the recent events at MtGox.com, we at Britcoin have decided to move our servers to a new location," read a Britcoin statement. "MtGox suffered an SQL injection [a form of hacking attack that creates direct access to databases and files] which means access to the site's funds were in the hands of the malicious hacker.<br>
|
|
<b>Reference:</b> <a href="http://www.guardian.co.uk/technology/2011/jun/22/lulzsec-rogue-suspected-of-bitcoin-hack" target="_blank">http://www.guardian.co.uk/technology/2011/jun/22/lulzsec-rogue-suspected-of-bitcoin-hack</a>
|
|
</div></td></tr> <tr><td><div class="googft-card-view" style="font-family:sans-serif;width:450px;padding:4px;border:1px solid #ccc;overflow:hidden">
|
|
<b>Entry Title:</b> WHID 2011-174: Network Solutions suffers two DDoS attacks<br>
|
|
<b>WHID ID:</b> 2011-174<br>
|
|
<b>Date Occurred:</b> 6/21/2011<br>
|
|
<b>Attack Method:</b> Denial of Service<br>
|
|
<b>Application Weakness:</b> Insufficient Anti-automation<br>
|
|
<b>Outcome:</b> Downtime<br>
|
|
<b>Attacked Entity Field:</b> Service Providers<br>
|
|
<b>Attacked Entity Geography:</b> Herndon, VA<br>
|
|
<b>Incident Description:</b> Two attacks on consecutive days left Web host and domain name registry Network Solutions' customers unable to access their Web sites and servers. A distributed denial-of-service (DDoS) attack was carried out against Network Solutions on yesterday afternoon, and again this morning, according to a post on the company's official blog by spokesman Shashi Bellamkonda. Read more: http://news.cnet.com/8301-31021_3-20073054-260/network-solutions-suffers-two-ddos-attacks/#ixzz1Q7eXdQJd<br>
|
|
<b>Reference:</b> <a href="http://news.cnet.com/8301-31021_3-20073054-260/network-solutions-suffers-two-ddos-attacks/" target="_blank">http://news.cnet.com/8301-31021_3-20073054-260/network-solutions-suffers-two-ddos-attacks/</a>
|
|
</div></td> <td><div class="googft-card-view" style="font-family:sans-serif;width:450px;padding:4px;border:1px solid #ccc;overflow:hidden">
|
|
<b>Entry Title:</b> WHID 2011-173: LulzSec takes out Serious Organised Crime Agency<br>
|
|
<b>WHID ID:</b> 2011-173<br>
|
|
<b>Date Occurred:</b> 6/20/2011<br>
|
|
<b>Attack Method:</b> Denial of Service<br>
|
|
<b>Application Weakness:</b> Insufficient Anti-automation<br>
|
|
<b>Outcome:</b> Downtime<br>
|
|
<b>Attacked Entity Field:</b> Government<br>
|
|
<b>Attacked Entity Geography:</b> United Kingdom<br>
|
|
<b>Incident Description:</b> Mischief makers LulzSec say they have downed the website of the UK's Serious Organised Crime Agency (Soca). The site www.soca.gov.uk disappeared completely from the web this afternoon and is now timing out regularly although is occasionally accessible. The site appears to be the victim of a DDoS attack. Read more: http://www.thinq.co.uk/2011/6/20/lulzsec-takes-out-serious-organised-crime-agency/#ixzz1Q7c7o8M0<br>
|
|
<b>Reference:</b> <a href="http://www.thinq.co.uk/2011/6/20/lulzsec-takes-out-serious-organised-crime-agency/" target="_blank">http://www.thinq.co.uk/2011/6/20/lulzsec-takes-out-serious-organised-crime-agency/</a>
|
|
</div></td></tr> <tr><td><div class="googft-card-view" style="font-family:sans-serif;width:450px;padding:4px;border:1px solid #ccc;overflow:hidden">
|
|
<b>Entry Title:</b> WHID 2011-172: Sony Pictures French Website Hacked... Again!<br>
|
|
<b>WHID ID:</b> 2011-172<br>
|
|
<b>Date Occurred:</b> 6/20/2011<br>
|
|
<b>Attack Method:</b> SQL Injection<br>
|
|
<b>Application Weakness:</b> Improper Input Handling<br>
|
|
<b>Outcome:</b> Leakage of Information<br>
|
|
<b>Attacked Entity Field:</b> Entertainment<br>
|
|
<b>Attacked Entity Geography:</b> France<br>
|
|
<b>Incident Description:</b> According to a plain text post on Pastebin, Idahc claims that they found a SQL injection on sonypictures.fr but they will not publish the entire database and that they didn't upload a shell. They said that this was a POC while claiming not to be black hats. They said data retrieved from the site includes personal user information and there are a total of 177172 email addresses.<br>
|
|
<b>Reference:</b> <a href="http://tech2.in.com/news/general/sony-pictures-french-website-hacked-again/226062" target="_blank">http://tech2.in.com/news/general/sony-pictures-french-website-hacked-again/226062</a>
|
|
</div></td> <td><div class="googft-card-view" style="font-family:sans-serif;width:450px;padding:4px;border:1px solid #ccc;overflow:hidden">
|
|
<b>Entry Title:</b> WHID 2011-171: CIA website taken down by DDoS attack<br>
|
|
<b>WHID ID:</b> 2011-171<br>
|
|
<b>Date Occurred:</b> 6/16/2011<br>
|
|
<b>Attack Method:</b> Denial of Service<br>
|
|
<b>Application Weakness:</b> Insufficient Anti-automation<br>
|
|
<b>Outcome:</b> Downtime<br>
|
|
<b>Attacked Entity Field:</b> Government<br>
|
|
<b>Attacked Entity Geography:</b> Vienna, VA<br>
|
|
<b>Incident Description:</b> The hacking group LulzSec has hit the US government for the second time in a week, taking down the website of the CIA. A spokesperson told Reuters that its website was taken down, but that the group were prevented from accessing any sensitive data. According to the news agency, this attack was similar to the attack on the Senate in that hackers broke into the public site and downloaded information.<br>
|
|
<b>Reference:</b> <a href="http://www.scmagazineuk.com/cia-website-taken-down-by-ddos-attack/article/205403/" target="_blank">http://www.scmagazineuk.com/cia-website-taken-down-by-ddos-attack/article/205403/</a>
|
|
</div></td></tr> <tr><td><div class="googft-card-view" style="font-family:sans-serif;width:450px;padding:4px;border:1px solid #ccc;overflow:hidden">
|
|
<b>Entry Title:</b> WHID 2011-170: Internet hackers take down major online spa management system<br>
|
|
<b>WHID ID:</b> 2011-170<br>
|
|
<b>Date Occurred:</b> 6/17/2011<br>
|
|
<b>Attack Method:</b> Denial of Service<br>
|
|
<b>Application Weakness:</b> Insufficient Anti-automation<br>
|
|
<b>Outcome:</b> Downtime<br>
|
|
<b>Attacked Entity Field:</b> Retail<br>
|
|
<b>Attacked Entity Geography:</b> Sunnyvale, CA<br>
|
|
<b>Incident Description:</b> Over the last two days MindBodyOnline.com has joined the ranks of those attacked by Internet hackers. Using a Denial of Service Attack hackers have successfully shutdown the online software program which provide services to thousands of day spas, massage facilities, yoga and pilates studios and similar clients in over 50 countries.<br>
|
|
<b>Reference:</b> <a href="http://www.examiner.com/massage-therapy-in-national/internet-hackers-take-down-major-online-spa-management-system" target="_blank">http://www.examiner.com/massage-therapy-in-national/internet-hackers-take-down-major-online-spa-management-system</a>
|
|
</div></td> <td><div class="googft-card-view" style="font-family:sans-serif;width:450px;padding:4px;border:1px solid #ccc;overflow:hidden">
|
|
<b>Entry Title:</b> WHID 2011-17: DNS Hack Brings Down Google Bangladesh For Many<br>
|
|
<b>WHID ID:</b> 2011-17<br>
|
|
<b>Date Occurred:</b> 1/10/2011<br>
|
|
<b>Attack Method:</b> DNS Hijacking<br>
|
|
<b>Application Weakness:</b> Application Misconfiguration<br>
|
|
<b>Outcome:</b> Defacement<br>
|
|
<b>Attacked Entity Field:</b> Search Engine<br>
|
|
<b>Attacked Entity Geography:</b> Bangladesh<br>
|
|
<b>Incident Description:</b> On Saturday, Google Bangladesh appeared to have been hacked. When some users went to the Google site, they saw a message from the TiGER-M@TE hacker group that the site was taken over.
|
|
|
|
Reports came in at the Google Webmaster Help forum where we learned the issue was around DNS servers being taken over and some users who replied on those DNS servers were being taken from Google.com.bd to this hacked version.<br>
|
|
<b>Reference:</b> <a href="http://www.seroundtable.com/google-bangladesh-dns-hack-12773.html" target="_blank">http://www.seroundtable.com/google-bangladesh-dns-hack-12773.html</a>
|
|
</div></td></tr> <tr><td><div class="googft-card-view" style="font-family:sans-serif;width:450px;padding:4px;border:1px solid #ccc;overflow:hidden">
|
|
<b>Entry Title:</b> WHID 2011-169: Sega Pass Database Hacked, Account Information Compromised<br>
|
|
<b>WHID ID:</b> 2011-169<br>
|
|
<b>Date Occurred:</b> 6/17/2011<br>
|
|
<b>Attack Method:</b> SQL Injection<br>
|
|
<b>Application Weakness:</b> Improper Input Handling<br>
|
|
<b>Outcome:</b> Leakage of Information<br>
|
|
<b>Attacked Entity Field:</b> Entertainment<br>
|
|
<b>Attacked Entity Geography:</b> United Kingdom<br>
|
|
<b>Incident Description:</b> Over the past few months, a slew of hacks, DDoS attacks and data breaches have rocked the gaming world. After the infamous hack of the PlayStation Network, many thought that it would be the end of the attacks, but publishers like Nintendo, Bethesda, Codemasters and Epic have all suffered from various breaches in security. The hackers have struck again, this time infiltrating Sega???s database. Only moments ago, Sega sent out an email to their Sega Pass users informing them of the hack<br>
|
|
<b>Reference:</b> <a href="http://playstationlifestyle.net/2011/06/17/sega-pass-database-hacked/" target="_blank">http://playstationlifestyle.net/2011/06/17/sega-pass-database-hacked/</a>
|
|
</div></td> <td><div class="googft-card-view" style="font-family:sans-serif;width:450px;padding:4px;border:1px solid #ccc;overflow:hidden">
|
|
<b>Entry Title:</b> WHID 2011-168: Hacker Group Lulz Security attacks CIA's website<br>
|
|
<b>WHID ID:</b> 2011-168<br>
|
|
<b>Date Occurred:</b> 6/16/2011<br>
|
|
<b>Attack Method:</b> Denial of Service<br>
|
|
<b>Application Weakness:</b> Insufficient Anti-automation<br>
|
|
<b>Outcome:</b> Downtime<br>
|
|
<b>Attacked Entity Field:</b> Government<br>
|
|
<b>Attacked Entity Geography:</b> Vienna, VA<br>
|
|
<b>Incident Description:</b> Lulz Security continues grabbing the lime light with its hacking activities and this time its latest target is the public website of the U.S. Central Intelligence Agency (CIA). There recent attack brought the CIA website down for couple of hours and remained inaccessible for all that time, however,the hack claim could not immediately be verified. It was not clear if the distortion was due to LulzSec's efforts or due to the large number of internet users trying to check the site. The group claimed the attack to be carried out by them on its Twitter feed where they displayed a message saying "Tango down - cia.gov - for the lulz,"<br>
|
|
<b>Reference:</b> <a href="http://www.siliconindia.com/shownews/Hacker-Group-Lulz-Security-attacks-CIAs-website-nid-84765.html?utm_source=clicktrack&utm_medium=banner&utm_campaign=DontMiss" target="_blank">http://www.siliconindia.com/shownews/Hacker-Group-Lulz-Security-attacks-CIAs-website-nid-84765.html?utm_source=clicktrack&utm_medium=banner&utm_campaign=DontMiss</a>
|
|
</div></td></tr> <tr><td><div class="googft-card-view" style="font-family:sans-serif;width:450px;padding:4px;border:1px solid #ccc;overflow:hidden">
|
|
<b>Entry Title:</b> WHID 2011-167: Report: U.S. Senate site hacked again<br>
|
|
<b>WHID ID:</b> 2011-167<br>
|
|
<b>Date Occurred:</b> 6/16/2011<br>
|
|
<b>Attack Method:</b> Unknown<br>
|
|
<b>Application Weakness:</b> Unknown<br>
|
|
<b>Outcome:</b> Leakage of Information<br>
|
|
<b>Attacked Entity Field:</b> Government<br>
|
|
<b>Attacked Entity Geography:</b> Washington, DC<br>
|
|
<b>Incident Description:</b> The U.S. Senate site was hacked again yesterday, Reuters reports. According to the news service, hackers breached the site and stole information, though the type of data taken was not divulged. Martina Bradford, the U.S. Senate's deputy sergeant at arms, confirmed the breach to Reuters yesterday. However, she said, the hackers are "getting nothing" of value and the Senate so far has "been able to stay ahead of the hackers and keep them out of the main separate network." Read more: http://news.cnet.com/8301-13506_3-20071538-17/report-u.s-senate-site-hacked-again/#ixzz1PY70GqZ8<br>
|
|
<b>Reference:</b> <a href="http://news.cnet.com/8301-13506_3-20071538-17/report-u.s-senate-site-hacked-again/" target="_blank">http://news.cnet.com/8301-13506_3-20071538-17/report-u.s-senate-site-hacked-again/</a>
|
|
</div></td> <td><div class="googft-card-view" style="font-family:sans-serif;width:450px;padding:4px;border:1px solid #ccc;overflow:hidden">
|
|
<b>Entry Title:</b> WHID 2011-166: Lulzsec gets hacking downunder<br>
|
|
<b>WHID ID:</b> 2011-166<br>
|
|
<b>Date Occurred:</b> 6/11/2011<br>
|
|
<b>Attack Method:</b> Unknown<br>
|
|
<b>Application Weakness:</b> Unknown<br>
|
|
<b>Outcome:</b> Leakage of Information<br>
|
|
<b>Attacked Entity Field:</b> Hosting Providers<br>
|
|
<b>Attacked Entity Geography:</b> Australia<br>
|
|
<b>Incident Description:</b> Notorious hackivist group Lulzsec has brought down Australian domain registrar and web hosts Distribute.IT and publicly published a list of 62,000 international email addresses and passwords.<br>
|
|
<b>Reference:</b> <a href="http://www.theregister.co.uk/2011/06/17/lulzsec_release_aus_data/" target="_blank">http://www.theregister.co.uk/2011/06/17/lulzsec_release_aus_data/</a>
|
|
</div></td></tr> <tr><td><div class="googft-card-view" style="font-family:sans-serif;width:450px;padding:4px;border:1px solid #ccc;overflow:hidden">
|
|
<b>Entry Title:</b> WHID 2011-165: Alberta gaming company hit by hackers<br>
|
|
<b>WHID ID:</b> 2011-165<br>
|
|
<b>Date Occurred:</b> 6/17/2011<br>
|
|
<b>Attack Method:</b> Unknown<br>
|
|
<b>Application Weakness:</b> Unknown<br>
|
|
<b>Outcome:</b> Leakage of Information<br>
|
|
<b>Attacked Entity Field:</b> Entertainment<br>
|
|
<b>Attacked Entity Geography:</b> Alberta, CA<br>
|
|
<b>Incident Description:</b> A local gaming company is the latest to fall victim to online hackers. In a statement posted on its website Tuesday, BioWare said a hacker gained unauthorized access to the decade-old BioWare community server system associated with the Neverwinter Nights forums.<br>
|
|
<b>Reference:</b> <a href="http://www.torontosun.com/2011/06/17/alberta-gaming-company-hit-by-hackers" target="_blank">http://www.torontosun.com/2011/06/17/alberta-gaming-company-hit-by-hackers</a>
|
|
</div></td> <td><div class="googft-card-view" style="font-family:sans-serif;width:450px;padding:4px;border:1px solid #ccc;overflow:hidden">
|
|
<b>Entry Title:</b> WHID 2011-164: Hackers strike Malaysian websites for a 2nd day<br>
|
|
<b>WHID ID:</b> 2011-164<br>
|
|
<b>Date Occurred:</b> 6/17/2011<br>
|
|
<b>Attack Method:</b> Denial of Service<br>
|
|
<b>Application Weakness:</b> Insufficient Anti-automation<br>
|
|
<b>Outcome:</b> Downtime<br>
|
|
<b>Attacked Entity Field:</b> Government<br>
|
|
<b>Attacked Entity Geography:</b> Malaysia<br>
|
|
<b>Incident Description:</b> Hackers struck Malaysian websites for a second day on Friday, an Internet regulator said, as the country scrambled to bring its government portal back online after the latest outbreak in a cyberwar waged by online activists.<br>
|
|
<b>Reference:</b> <a href="http://www.reuters.com/article/2011/06/17/malaysia-hackers-idUSL3E7HH1D220110617" target="_blank">http://www.reuters.com/article/2011/06/17/malaysia-hackers-idUSL3E7HH1D220110617</a>
|
|
</div></td></tr> <tr><td><div class="googft-card-view" style="font-family:sans-serif;width:450px;padding:4px;border:1px solid #ccc;overflow:hidden">
|
|
<b>Entry Title:</b> WHID 2011-163: LulzSec Targets Gaming Websites in its Titanic Takeover Tuesday<br>
|
|
<b>WHID ID:</b> 2011-163<br>
|
|
<b>Date Occurred:</b> 6/15/2011<br>
|
|
<b>Attack Method:</b> Denial of Service<br>
|
|
<b>Application Weakness:</b> Insufficient Anti-automation<br>
|
|
<b>Outcome:</b> Downtime<br>
|
|
<b>Attacked Entity Field:</b> Entertainment<br>
|
|
<b>Attacked Entity Geography:</b> <br>
|
|
<b>Incident Description:</b> The number of websites targeted by LulzSec is steadily increasing. After targeting Bethesda, Sony and a whole lot of websites, they have now launched a series of distributed denial of service (DDoS) attacks on Escapist magazine, as well as other gaming websites. They have termed the day ??? Titanic Takeover Tuesday.<br>
|
|
<b>Reference:</b> <a href="http://tech2.in.com/news/general/lulzsec-targets-gaming-websites-in-its-titanic-takeover-tuesday/225312" target="_blank">http://tech2.in.com/news/general/lulzsec-targets-gaming-websites-in-its-titanic-takeover-tuesday/225312</a>
|
|
</div></td> <td><div class="googft-card-view" style="font-family:sans-serif;width:450px;padding:4px;border:1px solid #ccc;overflow:hidden">
|
|
<b>Entry Title:</b> WHID 2011-162: Games co Epic resets passwords after hack attack<br>
|
|
<b>WHID ID:</b> 2011-162<br>
|
|
<b>Date Occurred:</b> 6/13/2011<br>
|
|
<b>Attack Method:</b> Unknown<br>
|
|
<b>Application Weakness:</b> Unknown<br>
|
|
<b>Outcome:</b> Leakage of Information<br>
|
|
<b>Attacked Entity Field:</b> Entertainment<br>
|
|
<b>Attacked Entity Geography:</b> Cary, NC<br>
|
|
<b>Incident Description:</b> Games developer Epic Games has reset user passwords following the discovery of a hack attack against its websites. Criminal miscreants made off with email addresses and encrypted passwords of forum users after breaking into Epic's forum site. Epic's main web site was also hit, according to an email sent by the firm over the weekend and forwarded by readers to El Reg.<br>
|
|
<b>Reference:</b> <a href="http://www.theregister.co.uk/2011/06/13/games_firm_epic_breach/" target="_blank">http://www.theregister.co.uk/2011/06/13/games_firm_epic_breach/</a>
|
|
</div></td></tr> <tr><td><div class="googft-card-view" style="font-family:sans-serif;width:450px;padding:4px;border:1px solid #ccc;overflow:hidden">
|
|
<b>Entry Title:</b> WHID 2011-161: Price watch portal hacked<br>
|
|
<b>WHID ID:</b> 2011-161<br>
|
|
<b>Date Occurred:</b> 6/11/2011<br>
|
|
<b>Attack Method:</b> SQL Injection<br>
|
|
<b>Application Weakness:</b> Improper Input Handling<br>
|
|
<b>Outcome:</b> Leakage of Information<br>
|
|
<b>Attacked Entity Field:</b> Retail<br>
|
|
<b>Attacked Entity Geography:</b> Ipoh, MY<br>
|
|
<b>Incident Description:</b> Lowyat.net founder and chief executive officer Vijandren Ramadass said an SQL injection (a code injection technique that exploits a security vulnerability in the database) could be used on the price watch portal to retrieve the entire database remotely.<br>
|
|
<b>Reference:</b> <a href="http://thestar.com.my/news/story.asp?file=/2011/6/11/nation/8883275&sec=nation" target="_blank">http://thestar.com.my/news/story.asp?file=/2011/6/11/nation/8883275&sec=nation</a>
|
|
</div></td> <td><div class="googft-card-view" style="font-family:sans-serif;width:450px;padding:4px;border:1px solid #ccc;overflow:hidden">
|
|
<b>Entry Title:</b> WHID 2011-160: Hackers Hit UK Game Publisher Codemasters<br>
|
|
<b>WHID ID:</b> 2011-160<br>
|
|
<b>Date Occurred:</b> 6/3/2011<br>
|
|
<b>Attack Method:</b> Unknown<br>
|
|
<b>Application Weakness:</b> Unknown<br>
|
|
<b>Outcome:</b> Leakage of Information<br>
|
|
<b>Attacked Entity Field:</b> Entertainment<br>
|
|
<b>Attacked Entity Geography:</b> United Kingdom<br>
|
|
<b>Incident Description:</b> Another day, another hack. This time, the Web site for UK game developer Codemasters has been compromised. In a Thursday note posted on the company's forums, Codemasters said that hackers gained unauthorized entry to Codemasters.com on Friday, June 3. "As soon as the intrusion was detected, we immediately took codemasters.com and associated web services offline in order to prevent any further intrusion," a spokeswoman said.<br>
|
|
<b>Reference:</b> <a href="http://www.pcmag.com/article2/0,2817,2386727,00.asp" target="_blank">http://www.pcmag.com/article2/0,2817,2386727,00.asp</a>
|
|
</div></td></tr> <tr><td><div class="googft-card-view" style="font-family:sans-serif;width:450px;padding:4px;border:1px solid #ccc;overflow:hidden">
|
|
<b>Entry Title:</b> WHID 2011-16: North Korea: South Korea Cyber Attack Accusation After Website Hacked<br>
|
|
<b>WHID ID:</b> 2011-16<br>
|
|
<b>Date Occurred:</b> 1/11/2011<br>
|
|
<b>Attack Method:</b> Unknown<br>
|
|
<b>Application Weakness:</b> Unknown<br>
|
|
<b>Outcome:</b> Defacement<br>
|
|
<b>Attacked Entity Field:</b> Government<br>
|
|
<b>Attacked Entity Geography:</b> North Korea<br>
|
|
<b>Incident Description:</b> Political Hacktivism. North Korea is accusing South Korean Internet users of hacking into one of its websites, calling the behavior a provocation aimed at undermining its national dignity. The North's government-run Uriminzokkiri website said Tuesday that South Korean Internet users recently deleted articles on the site and posted messages slandering the North's dignity.<br>
|
|
<b>Reference:</b> <a href="http://www.huffingtonpost.com/2011/01/11/north-korea-accuses-south_1_n_807436.html" target="_blank">http://www.huffingtonpost.com/2011/01/11/north-korea-accuses-south_1_n_807436.html</a>
|
|
</div></td> <td><div class="googft-card-view" style="font-family:sans-serif;width:450px;padding:4px;border:1px solid #ccc;overflow:hidden">
|
|
<b>Entry Title:</b> WHID 2011-159: Sony Portugal latest to fall to hackers<br>
|
|
<b>WHID ID:</b> 2011-159<br>
|
|
<b>Date Occurred:</b> 6/9/2011<br>
|
|
<b>Attack Method:</b> SQL Injection<br>
|
|
<b>Application Weakness:</b> Improper Input Handling<br>
|
|
<b>Outcome:</b> Leakage of Information<br>
|
|
<b>Attacked Entity Field:</b> Entertainment<br>
|
|
<b>Attacked Entity Geography:</b> Muenchen, DE<br>
|
|
<b>Incident Description:</b> The same Lebanese hacker who targeted Sony Europe on Friday has now dumped a database from Sony Portugal. The hacker claims to be a grey hat, not a black hat, according to his post to pastebin.com. "I am not a black hat to dump all the database I am Grey hat" Instead of dumping the entire database like many previous Sony attackers, idahc only dumped the email addresses from one table in Sony's database. He claims to have discovered three different flaws on SonyMusic.pt, including SQL injection, XSS (cross-site scripting) and iFrame injection.<br>
|
|
<b>Reference:</b> <a href="http://nakedsecurity.sophos.com/2011/06/09/sony-portugal-latest-to-fall-to-hackers/" target="_blank">http://nakedsecurity.sophos.com/2011/06/09/sony-portugal-latest-to-fall-to-hackers/</a>
|
|
</div></td></tr> <tr><td><div class="googft-card-view" style="font-family:sans-serif;width:450px;padding:4px;border:1px solid #ccc;overflow:hidden">
|
|
<b>Entry Title:</b> WHID 2011-158: Citigroup Card Customers??? Data Hacked<br>
|
|
<b>WHID ID:</b> 2011-158<br>
|
|
<b>Date Occurred:</b> 6/9/2011<br>
|
|
<b>Attack Method:</b> Predictable Resource Location<br>
|
|
<b>Application Weakness:</b> Insufficient Authorization<br>
|
|
<b>Outcome:</b> Leakage of Information<br>
|
|
<b>Attacked Entity Field:</b> Finance<br>
|
|
<b>Attacked Entity Geography:</b> New York, NY<br>
|
|
<b>Incident Description:</b> Citigroup acknowledged on Thursday that unidentified hackers had breached its security and gained access to the data of hundreds of thousands of its bank card customers.<br>
|
|
<b>Reference:</b> <a href="http://dealbook.nytimes.com/2011/06/09/citigroup-card-customers-data-hacked/" target="_blank">http://dealbook.nytimes.com/2011/06/09/citigroup-card-customers-data-hacked/</a>
|
|
</div></td> <td><div class="googft-card-view" style="font-family:sans-serif;width:450px;padding:4px;border:1px solid #ccc;overflow:hidden">
|
|
<b>Entry Title:</b> WHID 2011-157: MI6 replace al-Qaeda bomb-making instructions with cupcake recipes<br>
|
|
<b>WHID ID:</b> 2011-157<br>
|
|
<b>Date Occurred:</b> 6/6/2011<br>
|
|
<b>Attack Method:</b> Unknown<br>
|
|
<b>Application Weakness:</b> Unknown<br>
|
|
<b>Outcome:</b> Disinformation<br>
|
|
<b>Attacked Entity Field:</b> Information Services<br>
|
|
<b>Attacked Entity Geography:</b> Yemen<br>
|
|
<b>Incident Description:</b> The British goverment???s Secrect Intelligence Service department called MI6 has carried out a rather amusing, but also very important website hack. The terrorist organization al-Qaeda has a number of ways to get new recruits, or teach existing members how to make bombs, and generally cause upset and violence in whatever area of the world they operate. One such information point is a new English-language online magazine that had information on how to make bombs using common househols items in your kitchen.<br>
|
|
<b>Reference:</b> <a href="http://www.geek.com/articles/geek-cetera/mi6-replace-al-qaeda-bomb-making-instructions-with-cupcake-recipes-2011066/" target="_blank">http://www.geek.com/articles/geek-cetera/mi6-replace-al-qaeda-bomb-making-instructions-with-cupcake-recipes-2011066/</a>
|
|
</div></td></tr> <tr><td><div class="googft-card-view" style="font-family:sans-serif;width:450px;padding:4px;border:1px solid #ccc;overflow:hidden">
|
|
<b>Entry Title:</b> WHID 2011-156: Conservative Party website hacked<br>
|
|
<b>WHID ID:</b> 2011-156<br>
|
|
<b>Date Occurred:</b> 6/7/2011<br>
|
|
<b>Attack Method:</b> Unknown<br>
|
|
<b>Application Weakness:</b> Unknown<br>
|
|
<b>Outcome:</b> Disinformation<br>
|
|
<b>Attacked Entity Field:</b> Government<br>
|
|
<b>Attacked Entity Geography:</b> Ottawa, CA<br>
|
|
<b>Incident Description:</b> A local MP's Twitter account fell victim to part of a hoax about Prime Minister Stephen Harper Tuesday. False information on the hacked Conservative Party website said the prime minister was rushed to Toronto General Hospital by helicopter after his wife called 911.<br>
|
|
<b>Reference:</b> <a href="http://www.newsdurhamregion.com/news/article/178825" target="_blank">http://www.newsdurhamregion.com/news/article/178825</a>
|
|
</div></td> <td><div class="googft-card-view" style="font-family:sans-serif;width:450px;padding:4px;border:1px solid #ccc;overflow:hidden">
|
|
<b>Entry Title:</b> WHID 2011-155: Hacker breaks into MIT website<br>
|
|
<b>WHID ID:</b> 2011-155<br>
|
|
<b>Date Occurred:</b> 6/8/2011<br>
|
|
<b>Attack Method:</b> SQL Injection<br>
|
|
<b>Application Weakness:</b> Improper Input Handling<br>
|
|
<b>Outcome:</b> Leakage of Information<br>
|
|
<b>Attacked Entity Field:</b> Education<br>
|
|
<b>Attacked Entity Geography:</b> Cambridge, MA<br>
|
|
<b>Incident Description:</b> Despite its vaunted technological knowhow, even the Massachussetts Institute of Technology (MIT) was not spared from hackers who broke into its website and posted the stolen data online. The hacker named Cyber_Owner broke into MIT's International Liaison Program site (ilp.mit.edu), The Hacker News reported Wednesday.<br>
|
|
<b>Reference:</b> <a href="http://www.gmanews.tv/story/222877/technology/hacker-breaks-into-mit-website" target="_blank">http://www.gmanews.tv/story/222877/technology/hacker-breaks-into-mit-website</a>
|
|
</div></td></tr> <tr><td><div class="googft-card-view" style="font-family:sans-serif;width:450px;padding:4px;border:1px solid #ccc;overflow:hidden">
|
|
<b>Entry Title:</b> 2011-154: Hundreds of websites in Vietnam hacked<br>
|
|
<b>WHID ID:</b> 2011-154<br>
|
|
<b>Date Occurred:</b> 6/6/2011<br>
|
|
<b>Attack Method:</b> Unknown<br>
|
|
<b>Application Weakness:</b> Improper Output Handling<br>
|
|
<b>Outcome:</b> Defacement<br>
|
|
<b>Attacked Entity Field:</b> Government<br>
|
|
<b>Attacked Entity Geography:</b> Hanoi, VN<br>
|
|
<b>Incident Description:</b> VietNamNet Bridge ??? Just within several days of early June, technology and security forums have reckoned hundreds of ???.vn??? websites which have been hacked, including the websites of government agencies and ministries.<br>
|
|
<b>Reference:</b> <a href="http://english.vietnamnet.vn/en/science-technology/9213/hundreds-of-websites-in-vietnam-hacked.html" target="_blank">http://english.vietnamnet.vn/en/science-technology/9213/hundreds-of-websites-in-vietnam-hacked.html</a>
|
|
</div></td> <td><div class="googft-card-view" style="font-family:sans-serif;width:450px;padding:4px;border:1px solid #ccc;overflow:hidden">
|
|
<b>Entry Title:</b> WHID 2011-153: FBI Partner Organization Website Hacked<br>
|
|
<b>WHID ID:</b> 2011-153<br>
|
|
<b>Date Occurred:</b> 6/6/2011<br>
|
|
<b>Attack Method:</b> SQL Injection<br>
|
|
<b>Application Weakness:</b> Improper Input Handling<br>
|
|
<b>Outcome:</b> Leakage of Information<br>
|
|
<b>Attacked Entity Field:</b> Government<br>
|
|
<b>Attacked Entity Geography:</b> Atlanta, GA<br>
|
|
<b>Incident Description:</b> nfraGard Atlanta Members Alliance said Sunday that about 180 passwords belonging to members of the FBI partner organization have been stolen and leaked to the Internet. Paul Farley, president of the organization, told The Associated Press (AP) that the logins belonged to members of the local chapter of InfraGard, a public-private partnership devoted to sharing information about threats to U.S. physical and Internet infrastructure. "Someone did compromise the website," Farley told AP. "We do not at this time know how the attack occurred or the method used to reveal the passwords."<br>
|
|
<b>Reference:</b> <a href="http://www.redorbit.com/news/technology/2059174/fbi_partner_organization_website_hacked/" target="_blank">http://www.redorbit.com/news/technology/2059174/fbi_partner_organization_website_hacked/</a>
|
|
</div></td></tr> <tr><td><div class="googft-card-view" style="font-family:sans-serif;width:450px;padding:4px;border:1px solid #ccc;overflow:hidden">
|
|
<b>Entry Title:</b> WHID 2011-152: DDoS attack takes down Atlassian's SaaS platform<br>
|
|
<b>WHID ID:</b> 2011-152<br>
|
|
<b>Date Occurred:</b> 6/6/2011<br>
|
|
<b>Attack Method:</b> Denial of Service<br>
|
|
<b>Application Weakness:</b> Insufficient Anti-automation<br>
|
|
<b>Outcome:</b> Downtime<br>
|
|
<b>Attacked Entity Field:</b> Technology<br>
|
|
<b>Attacked Entity Geography:</b> Saint Louis, MO<br>
|
|
<b>Incident Description:</b> A distributed denial-of-service (DDoS) attack against Atlassian's hosting provider took the company's Software-as-a-Service (SaaS) platform down for a few hours this morning, with services returning this afternoon.<br>
|
|
<b>Reference:</b> <a href="http://www.zdnet.com.au/atlassian-downed-by-ddos-attack-339316263.htm" target="_blank">http://www.zdnet.com.au/atlassian-downed-by-ddos-attack-339316263.htm</a>
|
|
</div></td> <td><div class="googft-card-view" style="font-family:sans-serif;width:450px;padding:4px;border:1px solid #ccc;overflow:hidden">
|
|
<b>Entry Title:</b> WHID 2011-151: Hacker Arrested for Stealing Nude Photos<br>
|
|
<b>WHID ID:</b> 2011-151<br>
|
|
<b>Date Occurred:</b> 6/6/2011<br>
|
|
<b>Attack Method:</b> Phishing<br>
|
|
<b>Application Weakness:</b> Insufficient Authentication<br>
|
|
<b>Outcome:</b> Leakage of Information<br>
|
|
<b>Attacked Entity Field:</b> Hosting Providers<br>
|
|
<b>Attacked Entity Geography:</b> <br>
|
|
<b>Incident Description:</b> According to police, Joseph B. Campbell used phishing to trick his victims -- some of whom he knew from high-school -- into divulging their passwords. He'd get email addresses from their Facebook pages, and then send his victims phoney electronic greeting cards that would ask them for login information for Web mail accounts, said Thomas Edwards, chief of police with the Belleair Police Department.<br>
|
|
<b>Reference:</b> <a href="http://www.computerworld.com/s/article/9217319/Police_Man_stole_nude_photos_from_hacked_e_mail_accounts" target="_blank">http://www.computerworld.com/s/article/9217319/Police_Man_stole_nude_photos_from_hacked_e_mail_accounts</a>
|
|
</div></td></tr> <tr><td><div class="googft-card-view" style="font-family:sans-serif;width:450px;padding:4px;border:1px solid #ccc;overflow:hidden">
|
|
<b>Entry Title:</b> WHID 2011-150: Yahoo!, Hotmail accounts targeted by hackers<br>
|
|
<b>WHID ID:</b> 2011-150<br>
|
|
<b>Date Occurred:</b> 6/6/2011<br>
|
|
<b>Attack Method:</b> Cross Site Scripting (XSS)<br>
|
|
<b>Application Weakness:</b> Improper Output Handling<br>
|
|
<b>Outcome:</b> Session Hijacking<br>
|
|
<b>Attacked Entity Field:</b> Hosting Providers<br>
|
|
<b>Attacked Entity Geography:</b> Redmond, WA<br>
|
|
<b>Incident Description:</b> Trend???s researchers in Taiwan also identified attacks that exploit a vulnerability in the Microsoft Hotmail web email service. ???Rather than clicking a malicious link, even the simple act of previewing the malicious email message can compromise a user???s account???, noted Villeneuve. ???This phishing email pretended to be from the Facebook security team.???<br>
|
|
<b>Reference:</b> <a href="http://www.infosecurity-us.com/view/18446/yahoo-hotmail-accounts-targeted-by-hackers/" target="_blank">http://www.infosecurity-us.com/view/18446/yahoo-hotmail-accounts-targeted-by-hackers/</a>
|
|
</div></td> <td><div class="googft-card-view" style="font-family:sans-serif;width:450px;padding:4px;border:1px solid #ccc;overflow:hidden">
|
|
<b>Entry Title:</b> WHID 2011-15: Hacker Code Lingered on Home Depot Website<br>
|
|
<b>WHID ID:</b> 2011-15<br>
|
|
<b>Date Occurred:</b> 1/11/2011<br>
|
|
<b>Attack Method:</b> Unknown<br>
|
|
<b>Application Weakness:</b> Improper Output Handling<br>
|
|
<b>Outcome:</b> Planting of Malware<br>
|
|
<b>Attacked Entity Field:</b> Retail<br>
|
|
<b>Attacked Entity Geography:</b> <br>
|
|
<b>Incident Description:</b> An IT analyst has uncovered the lingering remnants of a 2009 breach of security on the website of the major retailer: secret code hidden on the website that redirected the user's browser to a site that served up malware.
|
|
|
|
"Somebody managed to deface the site and inject that code, so that anyone visiting the site would have loaded the malicious code from this other site," explained Mike Menefee, founder of security website Infosec Island, which discovered the hack.<br>
|
|
<b>Reference:</b> <a href="http://www.foxnews.com/scitech/2011/01/11/home-depot-website-compromised/" target="_blank">http://www.foxnews.com/scitech/2011/01/11/home-depot-website-compromised/</a>
|
|
</div></td></tr> <tr><td><div class="googft-card-view" style="font-family:sans-serif;width:450px;padding:4px;border:1px solid #ccc;overflow:hidden">
|
|
<b>Entry Title:</b> WHID 2011-149: Sony Investigating Two Possible Hacker Attacks, Suspends Brazil Music Site<br>
|
|
<b>WHID ID:</b> 2011-149<br>
|
|
<b>Date Occurred:</b> 6/7/2011<br>
|
|
<b>Attack Method:</b> Unknown<br>
|
|
<b>Application Weakness:</b> Unknown<br>
|
|
<b>Outcome:</b> Downtime<br>
|
|
<b>Attacked Entity Field:</b> Entertainment<br>
|
|
<b>Attacked Entity Geography:</b> Brazil<br>
|
|
<b>Incident Description:</b> The company suspended its Brazilian music entertainment website while it looks into a possible breach, it said today. Sony also is investigating a hacker group???s claim that it stole data related to the company???s game operation.<br>
|
|
<b>Reference:</b> <a href="http://www.bloomberg.com/news/2011-06-07/sony-says-brazil-music-website-suspended-after-suspected-attack-by-hackers.html" target="_blank">http://www.bloomberg.com/news/2011-06-07/sony-says-brazil-music-website-suspended-after-suspected-attack-by-hackers.html</a>
|
|
</div></td> <td><div class="googft-card-view" style="font-family:sans-serif;width:450px;padding:4px;border:1px solid #ccc;overflow:hidden">
|
|
<b>Entry Title:</b> WHID 2011-148: India???s fight against corruption mounts, govt website hacked<br>
|
|
<b>WHID ID:</b> 2011-148<br>
|
|
<b>Date Occurred:</b> 6/7/2011<br>
|
|
<b>Attack Method:</b> Unknown<br>
|
|
<b>Application Weakness:</b> Improper Output Handling<br>
|
|
<b>Outcome:</b> Defacement<br>
|
|
<b>Attacked Entity Field:</b> Government<br>
|
|
<b>Attacked Entity Geography:</b> New Delhi, India<br>
|
|
<b>Incident Description:</b> Well, well, well, what do we have here? The fight against corruption in India spawned a twitter app to spread the word the other day. The Twitterverse went on a mission of findingmanmohan yesterday, and today, an anonymous group has hacked a particular government website with a message to Mr. Prime Minister and others (Kapil Sibal probably).<br>
|
|
<b>Reference:</b> <a href="http://asiancorrespondent.com/56835/hacked-india%E2%80%99s-fight-against-corruption-goes-berserk-govt-website-hacked/" target="_blank">http://asiancorrespondent.com/56835/hacked-india%E2%80%99s-fight-against-corruption-goes-berserk-govt-website-hacked/</a>
|
|
</div></td></tr> <tr><td><div class="googft-card-view" style="font-family:sans-serif;width:450px;padding:4px;border:1px solid #ccc;overflow:hidden">
|
|
<b>Entry Title:</b> WHID 2011-147: Now Nintendo Admits It Was Hacked, Says No Customer Data Stolen<br>
|
|
<b>WHID ID:</b> 2011-147<br>
|
|
<b>Date Occurred:</b> 6/6/2011<br>
|
|
<b>Attack Method:</b> Unknown<br>
|
|
<b>Application Weakness:</b> Unknown<br>
|
|
<b>Outcome:</b> Leakage of Information<br>
|
|
<b>Attacked Entity Field:</b> Entertainment<br>
|
|
<b>Attacked Entity Geography:</b> Redmond, WA<br>
|
|
<b>Incident Description:</b> Nintendo acknowledged a security breach in a statement yesterday, explaining that its U.S. servers came under cyber-fire a few weeks ago, but stressed that no personal user data was in breach.<br>
|
|
<b>Reference:</b> <a href="http://techland.time.com/2011/06/06/now-nintendo-admits-it-was-hacked-says-no-customer-data-stolen/#ixzz1OWrKxZOC" target="_blank">http://techland.time.com/2011/06/06/now-nintendo-admits-it-was-hacked-says-no-customer-data-stolen/#ixzz1OWrKxZOC</a>
|
|
</div></td> <td><div class="googft-card-view" style="font-family:sans-serif;width:450px;padding:4px;border:1px solid #ccc;overflow:hidden">
|
|
<b>Entry Title:</b> WHID 2011-146: LulzSec has compromised SonyPictures.RU<br>
|
|
<b>WHID ID:</b> 2011-146<br>
|
|
<b>Date Occurred:</b> 6/5/2011<br>
|
|
<b>Attack Method:</b> SQL Injection<br>
|
|
<b>Application Weakness:</b> Improper Input Handling<br>
|
|
<b>Outcome:</b> Leakage of Information<br>
|
|
<b>Attacked Entity Field:</b> Entertainment<br>
|
|
<b>Attacked Entity Geography:</b> Russian Federation<br>
|
|
<b>Incident Description:</b> In addition to the attack detailed above, the hacking group known as LulzSec has compromised SonyPictures.RU through another SQL injection flaw. No personal information was disclosed in the attack; it appears to have been designed just to continue to point out security flaws in Sony's infrastructure to create PR problems for the media giant. In the note, LulzSec left a message: "In Soviet Russia, SQL injects you..."<br>
|
|
<b>Reference:</b> <a href="http://nakedsecurity.sophos.com/2011/06/04/sony-europe-hacked-by-lebanese-hacker-again/" target="_blank">http://nakedsecurity.sophos.com/2011/06/04/sony-europe-hacked-by-lebanese-hacker-again/</a>
|
|
</div></td></tr> <tr><td><div class="googft-card-view" style="font-family:sans-serif;width:450px;padding:4px;border:1px solid #ccc;overflow:hidden">
|
|
<b>Entry Title:</b> WHID 2011-145: Sony Europe hacked by Lebanese hacker... Again<br>
|
|
<b>WHID ID:</b> 2011-145<br>
|
|
<b>Date Occurred:</b> 6/4/2011<br>
|
|
<b>Attack Method:</b> SQL Injection<br>
|
|
<b>Application Weakness:</b> Improper Output Handling<br>
|
|
<b>Outcome:</b> Leakage of Information<br>
|
|
<b>Attacked Entity Field:</b> Entertainment<br>
|
|
<b>Attacked Entity Geography:</b> Belgium<br>
|
|
<b>Incident Description:</b> By my count this is unlucky hack number 13 for Sony. A Lebanese hacker known as Idahc dumped another user database at Sony Europe containing approximately 120 usernames, passwords (plain text), mobile phone numbers, work emails and website addresses.<br>
|
|
<b>Reference:</b> <a href="http://nakedsecurity.sophos.com/2011/06/04/sony-europe-hacked-by-lebanese-hacker-again/" target="_blank">http://nakedsecurity.sophos.com/2011/06/04/sony-europe-hacked-by-lebanese-hacker-again/</a>
|
|
</div></td> <td><div class="googft-card-view" style="font-family:sans-serif;width:450px;padding:4px;border:1px solid #ccc;overflow:hidden">
|
|
<b>Entry Title:</b> WHID 2011-144: IC3 Cautions of Osama-Related XSS Assaults<br>
|
|
<b>WHID ID:</b> 2011-144<br>
|
|
<b>Date Occurred:</b> 6/6/2011<br>
|
|
<b>Attack Method:</b> Cross Site Request Forgery (CSRF)<br>
|
|
<b>Application Weakness:</b> Insufficient Process Validation<br>
|
|
<b>Outcome:</b> Link Spam<br>
|
|
<b>Attacked Entity Field:</b> Web 2.0<br>
|
|
<b>Attacked Entity Geography:</b> Apple Valley, CA<br>
|
|
<b>Incident Description:</b> Reportedly, a related online scam has been detected as XSS (cross-site scripting). It (the scam) lets cyber-criminals to run a malware program on the attacked site via an end-user's Web-browser through values created within the attacked website's URL, forms of the web, alternatively during instances wherein websites invite visitors to post content straight away.<br>
|
|
<b>Reference:</b> <a href="http://www.spamfighter.com/News-16247-IC3-Cautions-of-Osama-Related-XSS-Assaults.htm" target="_blank">http://www.spamfighter.com/News-16247-IC3-Cautions-of-Osama-Related-XSS-Assaults.htm</a>
|
|
</div></td></tr> <tr><td><div class="googft-card-view" style="font-family:sans-serif;width:450px;padding:4px;border:1px solid #ccc;overflow:hidden">
|
|
<b>Entry Title:</b> WHID 2011-143: Anonymous steals 10,000 Iranian government emails, plans DDoS attack<br>
|
|
<b>WHID ID:</b> 2011-143<br>
|
|
<b>Date Occurred:</b> 6/3/2011<br>
|
|
<b>Attack Method:</b> Unknown<br>
|
|
<b>Application Weakness:</b> Unknown<br>
|
|
<b>Outcome:</b> Downtime<br>
|
|
<b>Attacked Entity Field:</b> Government<br>
|
|
<b>Attacked Entity Geography:</b> Iran<br>
|
|
<b>Incident Description:</b> Anonymous has hacked into Iranian government servers and procured over 10,000 email messages from the Ministry of Foreign Affairs. The Ministry???s website is still down as of this writing, and the servers are under Anonymous control. One of the Iranian members of Anonymous involved with the operation sent me a message from the compromised email servers as evidence that they were still under Anonymous control.<br>
|
|
<b>Reference:</b> <a href="http://thenextweb.com/industry/2011/06/03/anonymous-steals-10000-iranian-government-emails-plans-ddos-attack/" target="_blank">http://thenextweb.com/industry/2011/06/03/anonymous-steals-10000-iranian-government-emails-plans-ddos-attack/</a>
|
|
</div></td> <td><div class="googft-card-view" style="font-family:sans-serif;width:450px;padding:4px;border:1px solid #ccc;overflow:hidden">
|
|
<b>Entry Title:</b> WHID 2011-142: New Sony Hack Claims Over a Million User Passwords<br>
|
|
<b>WHID ID:</b> 2011-142<br>
|
|
<b>Date Occurred:</b> 6/2/2011<br>
|
|
<b>Attack Method:</b> SQL Injection<br>
|
|
<b>Application Weakness:</b> Improper Input Handling<br>
|
|
<b>Outcome:</b> Leakage of Information<br>
|
|
<b>Attacked Entity Field:</b> Entertainment<br>
|
|
<b>Attacked Entity Geography:</b> Tokyo, Japan<br>
|
|
<b>Incident Description:</b> "SonyPictures.com was owned by a very simple SQL injection, one of the most primitive and common vulnerabilities, as we should all know by now. From a single injection, we accessed EVERYTHING. Why do you put such faith in a company that allows itself to become open to these simple attacks? What's worse is that every bit of data we took wasn't encrypted. Sony stored over 1,000,000 passwords of its customers in plaintext, which means it's just a matter of taking it. This is disgraceful and insecure: they were asking for it."<br>
|
|
<b>Reference:</b> <a href="http://techland.time.com/2011/06/02/new-sony-hack-claims-one-million-user-passwords/" target="_blank">http://techland.time.com/2011/06/02/new-sony-hack-claims-one-million-user-passwords/</a>
|
|
</div></td></tr> <tr><td><div class="googft-card-view" style="font-family:sans-serif;width:450px;padding:4px;border:1px solid #ccc;overflow:hidden">
|
|
<b>Entry Title:</b> WHID 2011-141: Google says Chinese hackers broke into Gmail<br>
|
|
<b>WHID ID:</b> 2011-141<br>
|
|
<b>Date Occurred:</b> 6/1/2011<br>
|
|
<b>Attack Method:</b> Cross Site Request Forgery (CSRF)<br>
|
|
<b>Application Weakness:</b> Insufficient Process Validation<br>
|
|
<b>Outcome:</b> Account Takeover<br>
|
|
<b>Attacked Entity Field:</b> Hosting Providers<br>
|
|
<b>Attacked Entity Geography:</b> Mountain View, CA<br>
|
|
<b>Incident Description:</b> Computer hackers in China broke into the Gmail accounts of several hundred people, including senior U.S. government officials, military personnel and political activists, Google Inc. said Wednesday.<br>
|
|
<b>Reference:</b> <a href="http://www.huffingtonpost.com/huff-wires/20110601/us-tec-google-hacking-attack/" target="_blank">http://www.huffingtonpost.com/huff-wires/20110601/us-tec-google-hacking-attack/</a>
|
|
</div></td> <td><div class="googft-card-view" style="font-family:sans-serif;width:450px;padding:4px;border:1px solid #ccc;overflow:hidden">
|
|
<b>Entry Title:</b> WHID 2011-140: Scammers targeting dealers??? Auto Trader accounts and ripping off buyers<br>
|
|
<b>WHID ID:</b> 2011-140<br>
|
|
<b>Date Occurred:</b> 6/2/2011<br>
|
|
<b>Attack Method:</b> Unknown<br>
|
|
<b>Application Weakness:</b> Unknown<br>
|
|
<b>Outcome:</b> Disinformation<br>
|
|
<b>Attacked Entity Field:</b> Automotive<br>
|
|
<b>Attacked Entity Geography:</b> Overland Park, KS<br>
|
|
<b>Incident Description:</b> Several dealers have been in touch with Car Dealer with tales of woe after their accounts with the online classified website were compromised.<br>
|
|
<b>Reference:</b> <a href="http://www.cardealermagazine.co.uk/publish/scammers-targeting-dealers-auto-trader-accounts-and-ripping-off-buyers/52641" target="_blank">http://www.cardealermagazine.co.uk/publish/scammers-targeting-dealers-auto-trader-accounts-and-ripping-off-buyers/52641</a>
|
|
</div></td></tr> <tr><td><div class="googft-card-view" style="font-family:sans-serif;width:450px;padding:4px;border:1px solid #ccc;overflow:hidden">
|
|
<b>Entry Title:</b> WHID 2011-14: Hacker Hits FOX23 School Closings<br>
|
|
<b>WHID ID:</b> 2011-14<br>
|
|
<b>Date Occurred:</b> 1/11/2011<br>
|
|
<b>Attack Method:</b> Unknown<br>
|
|
<b>Application Weakness:</b> Unknown<br>
|
|
<b>Outcome:</b> Disinformation<br>
|
|
<b>Attacked Entity Field:</b> Media<br>
|
|
<b>Attacked Entity Geography:</b> Oklahoma, USA<br>
|
|
<b>Incident Description:</b> FOX23 distributes top secret information to school districts so they can post school closings to our website. Tuesday morning, that information fell into the wrong hands, and for five minutes students in Broken Arrow thought they had a day off school.
|
|
|
|
This morning at 7:33 Broken Arrow mom Becki Santucci heard a ding in her purse.
|
|
|
|
|
|
|
|
???I got a text message saying Broken Arrow schools are closed.???
|
|
|
|
|
|
|
|
The sender, ???FOX23. (It was) my email alert about school closings.???
|
|
|
|
|
|
|
|
But school was not closed. Someone logged on to FOX23.com and posted the closing without anyone's permission.<br>
|
|
<b>Reference:</b> <a href="http://www.fox23.com/news/local/story/Hacker-Hits-FOX23-School-Closings/nJlTwic8fEqLIhxpEs2Vow.cspx" target="_blank">http://www.fox23.com/news/local/story/Hacker-Hits-FOX23-School-Closings/nJlTwic8fEqLIhxpEs2Vow.cspx</a>
|
|
</div></td> <td><div class="googft-card-view" style="font-family:sans-serif;width:450px;padding:4px;border:1px solid #ccc;overflow:hidden">
|
|
<b>Entry Title:</b> WHID 2011-139: DILG website still down<br>
|
|
<b>WHID ID:</b> 2011-139<br>
|
|
<b>Date Occurred:</b> 6/1/2011<br>
|
|
<b>Attack Method:</b> Unknown<br>
|
|
<b>Application Weakness:</b> Improper Output Handling<br>
|
|
<b>Outcome:</b> Defacement<br>
|
|
<b>Attacked Entity Field:</b> Government<br>
|
|
<b>Attacked Entity Geography:</b> Makati, PH<br>
|
|
<b>Incident Description:</b> The Department of Interior and Local Government's (DILG's) website is still down as of Wednesday morning, following a hack on Tuesday that led the site to display the logo of a porn site as one of its "news items".<br>
|
|
<b>Reference:</b> <a href="http://www.gmanews.tv/story/222221/technology/dilg-website-hacked" target="_blank">http://www.gmanews.tv/story/222221/technology/dilg-website-hacked</a>
|
|
</div></td></tr> <tr><td><div class="googft-card-view" style="font-family:sans-serif;width:450px;padding:4px;border:1px solid #ccc;overflow:hidden">
|
|
<b>Entry Title:</b> WHID 2011-138: 'Dark forces' attack Chinese leftist website in resurgent culture war<br>
|
|
<b>WHID ID:</b> 2011-138<br>
|
|
<b>Date Occurred:</b> 6/1/2011<br>
|
|
<b>Attack Method:</b> Denial of Service<br>
|
|
<b>Application Weakness:</b> Insufficient Anti-automation<br>
|
|
<b>Outcome:</b> Downtime<br>
|
|
<b>Attacked Entity Field:</b> Politics<br>
|
|
<b>Attacked Entity Geography:</b> Beijing, China<br>
|
|
<b>Incident Description:</b> The flagship website of China's resurgent New Left movement was brought down by hackers yesterday, interrupting its ferocious campaign against critics of Chairman Mao Zedong. Read more: http://www.smh.com.au/technology/security/dark-forces-attack-chinese-leftist-website-in-resurgent-culture-war-20110531-1fere.html#ixzz1O3stL6am<br>
|
|
<b>Reference:</b> <a href="http://www.smh.com.au/technology/security/dark-forces-attack-chinese-leftist-website-in-resurgent-culture-war-20110531-1fere.html" target="_blank">http://www.smh.com.au/technology/security/dark-forces-attack-chinese-leftist-website-in-resurgent-culture-war-20110531-1fere.html</a>
|
|
</div></td> <td><div class="googft-card-view" style="font-family:sans-serif;width:450px;padding:4px;border:1px solid #ccc;overflow:hidden">
|
|
<b>Entry Title:</b> WHID 2011-137: Hacked PBS reports Tupac, Biggie alive<br>
|
|
<b>WHID ID:</b> 2011-137<br>
|
|
<b>Date Occurred:</b> 5/30/2011<br>
|
|
<b>Attack Method:</b> SQL Injection<br>
|
|
<b>Application Weakness:</b> Improper Input Handling<br>
|
|
<b>Outcome:</b> Leakage of Information<br>
|
|
<b>Attacked Entity Field:</b> News<br>
|
|
<b>Attacked Entity Geography:</b> Arlington, VA<br>
|
|
<b>Incident Description:</b> Hacking group LulzSec broke into the site after it cracked the security on the media stalwart website, and obtained access credentials held in databases.<br>
|
|
<b>Reference:</b> <a href="http://www.scmagazine.com.au/News/258976,hacked-pbs-reports-tupac-biggie-alive.aspx" target="_blank">http://www.scmagazine.com.au/News/258976,hacked-pbs-reports-tupac-biggie-alive.aspx</a>
|
|
</div></td></tr> <tr><td><div class="googft-card-view" style="font-family:sans-serif;width:450px;padding:4px;border:1px solid #ccc;overflow:hidden">
|
|
<b>Entry Title:</b> WHID 2011-136: Apple under fire as hacked iTunes complaints swell<br>
|
|
<b>WHID ID:</b> 2011-136<br>
|
|
<b>Date Occurred:</b> 6/7/2011<br>
|
|
<b>Attack Method:</b> Unknown<br>
|
|
<b>Application Weakness:</b> Unknown<br>
|
|
<b>Outcome:</b> Monetary Loss<br>
|
|
<b>Attacked Entity Field:</b> Technology<br>
|
|
<b>Attacked Entity Geography:</b> Cambridge, MA<br>
|
|
<b>Incident Description:</b> Apple is facing mounting criticism as a possible iTunes hack attack has seen customers' gift certificate accounts drained.
|
|
Several pages on Apple's forums highlight the security flaw, with dozens of users blaming a Sega app called Kingdom Conquest for removing funds ??? even if they have never downloaded the game. Various other apps have also been blamed for draining accounts using a similar technique.<br>
|
|
<b>Reference:</b> <a href="http://www.pcpro.co.uk/news/security/367855/apple-under-fire-as-hacked-itunes-complaints-swell" target="_blank">http://www.pcpro.co.uk/news/security/367855/apple-under-fire-as-hacked-itunes-complaints-swell</a>
|
|
</div></td> <td><div class="googft-card-view" style="font-family:sans-serif;width:450px;padding:4px;border:1px solid #ccc;overflow:hidden">
|
|
<b>Entry Title:</b> WHID 2011-135: Hackers steal owner data from Honda<br>
|
|
<b>WHID ID:</b> 2011-135<br>
|
|
<b>Date Occurred:</b> 5/27/2011<br>
|
|
<b>Attack Method:</b> SQL Injection<br>
|
|
<b>Application Weakness:</b> Improper Input Handling<br>
|
|
<b>Outcome:</b> Leakage of Information<br>
|
|
<b>Attacked Entity Field:</b> Automotive<br>
|
|
<b>Attacked Entity Geography:</b> Toronto, Canada<br>
|
|
<b>Incident Description:</b> Honda Canada has informed thousands of its Honda and Acura customers that some of their personal information was stolen when its systems were hacked.<br>
|
|
<b>Reference:</b> <a href="http://www.cbc.ca/news/technology/story/2011/05/27/honda-hackers-data.html" target="_blank">http://www.cbc.ca/news/technology/story/2011/05/27/honda-hackers-data.html</a>
|
|
</div></td></tr> <tr><td><div class="googft-card-view" style="font-family:sans-serif;width:450px;padding:4px;border:1px solid #ccc;overflow:hidden">
|
|
<b>Entry Title:</b> WHID 2011-134: Codemasters Admits Weekend Hack Attack<br>
|
|
<b>WHID ID:</b> 2011-134<br>
|
|
<b>Date Occurred:</b> 5/20/2011<br>
|
|
<b>Attack Method:</b> SQL Injection<br>
|
|
<b>Application Weakness:</b> Improper Input Handling<br>
|
|
<b>Outcome:</b> Leakage of Information<br>
|
|
<b>Attacked Entity Field:</b> Entertainment<br>
|
|
<b>Attacked Entity Geography:</b> United Kingdom<br>
|
|
<b>Incident Description:</b> Codemasters, best known as the publisher of the Operation Flashpoint and Grid games, acknowledged to GamesIndustry that hackers were able to breach its security on May 20 and gain access to user data, which was then posted online.<br>
|
|
<b>Reference:</b> <a href="http://www.escapistmagazine.com/news/view/110400-Codemasters-Admits-Weekend-Hack-Attack" target="_blank">http://www.escapistmagazine.com/news/view/110400-Codemasters-Admits-Weekend-Hack-Attack</a>
|
|
</div></td> <td><div class="googft-card-view" style="font-family:sans-serif;width:450px;padding:4px;border:1px solid #ccc;overflow:hidden">
|
|
<b>Entry Title:</b> WHID 2011-133: Nigerian government agency website hacked by ???Cyberhacktivists???<br>
|
|
<b>WHID ID:</b> 2011-133<br>
|
|
<b>Date Occurred:</b> 5/26/2011<br>
|
|
<b>Attack Method:</b> Unknown<br>
|
|
<b>Application Weakness:</b> Improper Output Handling<br>
|
|
<b>Outcome:</b> Defacement<br>
|
|
<b>Attacked Entity Field:</b> Government<br>
|
|
<b>Attacked Entity Geography:</b> Nigeria<br>
|
|
<b>Incident Description:</b> A group of Nigerian hackers who call themselves ???Naija Cyber Hacktivists??? broke into the Niger Delta Development Committee???s website, a Nigerian agency set up to develop the region, yesterday.<br>
|
|
<b>Reference:</b> <a href="http://thenextweb.com/africa/2011/05/26/nigerian-government-agency-website-hacked-by-cyberhacktivists/" target="_blank">http://thenextweb.com/africa/2011/05/26/nigerian-government-agency-website-hacked-by-cyberhacktivists/</a>
|
|
</div></td></tr> <tr><td><div class="googft-card-view" style="font-family:sans-serif;width:450px;padding:4px;border:1px solid #ccc;overflow:hidden">
|
|
<b>Entry Title:</b> WHID 2011-132: Turkish Online News Sites Face Cyber-attack<br>
|
|
<b>WHID ID:</b> 2011-132<br>
|
|
<b>Date Occurred:</b> 5/25/2011<br>
|
|
<b>Attack Method:</b> Denial of Service<br>
|
|
<b>Application Weakness:</b> Insufficient Anti-automation<br>
|
|
<b>Outcome:</b> Downtime<br>
|
|
<b>Attacked Entity Field:</b> News<br>
|
|
<b>Attacked Entity Geography:</b> Turkey<br>
|
|
<b>Incident Description:</b> Recently, several Turkish online news portals suffered cyber-attack. The website of Birgun, a left-wing daily newspaper operated from Istanbul was the first news portal to suffer cyber-attack.<br>
|
|
<b>Reference:</b> <a href="http://www.release-news.com/index.php/technology/112749-turkish-online-news-sites-face-cyber-attack.html" target="_blank">http://www.release-news.com/index.php/technology/112749-turkish-online-news-sites-face-cyber-attack.html</a>
|
|
</div></td> <td><div class="googft-card-view" style="font-family:sans-serif;width:450px;padding:4px;border:1px solid #ccc;overflow:hidden">
|
|
<b>Entry Title:</b> WHID 2011-131: Hackers Compromise Sony Music Japan<br>
|
|
<b>WHID ID:</b> 2011-131<br>
|
|
<b>Date Occurred:</b> 5/25/2011<br>
|
|
<b>Attack Method:</b> SQL Injection<br>
|
|
<b>Application Weakness:</b> Improper Input Handling<br>
|
|
<b>Outcome:</b> Leakage of Information<br>
|
|
<b>Attacked Entity Field:</b> Entertainment<br>
|
|
<b>Attacked Entity Geography:</b> Tokyo, Japan<br>
|
|
<b>Incident Description:</b> On the weekend, it was Sony BMG Greece that was compromised and today, it was Sony Music Japan. Unfortunately, Sony didn???t learn from the BMG Greece issue as the same exploit, an SQL injection flaw was used to compromise Sony Music Japan. At this time, there is no indication of any data being compromised or stolen. The folks that were able to perform this exploit was Lulz Security, a group of hackers whose self proclaimed mission is to identify and highlight security flaws in networks.<br>
|
|
<b>Reference:</b> <a href="http://www.coated.com/hackers-compromise-sony-music-japan/" target="_blank">http://www.coated.com/hackers-compromise-sony-music-japan/</a>
|
|
</div></td></tr> <tr><td><div class="googft-card-view" style="font-family:sans-serif;width:450px;padding:4px;border:1px solid #ccc;overflow:hidden">
|
|
<b>Entry Title:</b> WHID 2011-130: NIIT Technologies GIS subsidiary???s server hacked<br>
|
|
<b>WHID ID:</b> 2011-130<br>
|
|
<b>Date Occurred:</b> 5/25/2011<br>
|
|
<b>Attack Method:</b> SQL Injection<br>
|
|
<b>Application Weakness:</b> Improper Input Handling<br>
|
|
<b>Outcome:</b> Leakage of Information<br>
|
|
<b>Attacked Entity Field:</b> Technology<br>
|
|
<b>Attacked Entity Geography:</b> USA<br>
|
|
<b>Incident Description:</b> A server belonging to NIIT GIS Limited, an NIIT Technologies subsidiary, was compromised last week using a SQL injection attack by a hacking group calling itself the ???Tigers of Indian Cyber??? (TIC). TIC posted the disclosure in an open security forum giving proof of concept, and a complete list of account credentials. It has since come to light that NIIT GIS??? server was compromised ??? not the servers at NIIT Technologies.<br>
|
|
<b>Reference:</b> <a href="http://searchsecurity.techtarget.in/news/2240036131/NIIT-Technologies-GIS-subsidiarys-server-hacked" target="_blank">http://searchsecurity.techtarget.in/news/2240036131/NIIT-Technologies-GIS-subsidiarys-server-hacked</a>
|
|
</div></td> <td><div class="googft-card-view" style="font-family:sans-serif;width:450px;padding:4px;border:1px solid #ccc;overflow:hidden">
|
|
<b>Entry Title:</b> WHID 2011-13: Hackers deface IBM DeveloperWorks website<br>
|
|
<b>WHID ID:</b> 2011-13<br>
|
|
<b>Date Occurred:</b> 1/11/2011<br>
|
|
<b>Attack Method:</b> Unknown<br>
|
|
<b>Application Weakness:</b> Unknown<br>
|
|
<b>Outcome:</b> Defacement<br>
|
|
<b>Attacked Entity Field:</b> Technology<br>
|
|
<b>Attacked Entity Geography:</b> USA<br>
|
|
<b>Incident Description:</b> An IBM site for developers was defaced over the weekend, with attackers replacing some of the web pages on the site with ones containing their own messages, IBM confirmed Monday.<br>
|
|
<b>Reference:</b> <a href="http://www.cio.co.uk/news/3256323/hackers-deface-ibm-developerworks-website/" target="_blank">http://www.cio.co.uk/news/3256323/hackers-deface-ibm-developerworks-website/</a>
|
|
</div></td></tr> <tr><td><div class="googft-card-view" style="font-family:sans-serif;width:450px;padding:4px;border:1px solid #ccc;overflow:hidden">
|
|
<b>Entry Title:</b> WHID 2011-129: Anonymous Targets US Chamber of Commerce<br>
|
|
<b>WHID ID:</b> 2011-129<br>
|
|
<b>Date Occurred:</b> 5/24/2011<br>
|
|
<b>Attack Method:</b> Denial of Service<br>
|
|
<b>Application Weakness:</b> Insufficient Anti-automation<br>
|
|
<b>Outcome:</b> Downtime<br>
|
|
<b>Attacked Entity Field:</b> Government<br>
|
|
<b>Attacked Entity Geography:</b> Richmond, Canada<br>
|
|
<b>Incident Description:</b> Hactivist collective launches DDoS attack against the business lobbying group over it???s support for the legislation to fight online infringement that many fear will great expand the govt???s ability to filter the Internet.<br>
|
|
<b>Reference:</b> <a href="http://www.zeropaid.com/news/93531/anonymous-targets-us-chamber-of-commerce-for-protect-ip-act/" target="_blank">http://www.zeropaid.com/news/93531/anonymous-targets-us-chamber-of-commerce-for-protect-ip-act/</a>
|
|
</div></td> <td><div class="googft-card-view" style="font-family:sans-serif;width:450px;padding:4px;border:1px solid #ccc;overflow:hidden">
|
|
<b>Entry Title:</b> WHID 2011-128: Hackers Steal Hotmail Messages Thanks to Web Flaw<br>
|
|
<b>WHID ID:</b> 2011-128<br>
|
|
<b>Date Occurred:</b> 5/24/2011<br>
|
|
<b>Attack Method:</b> Cross Site Request Forgery (CSRF)<br>
|
|
<b>Application Weakness:</b> Insufficient Process Validation<br>
|
|
<b>Outcome:</b> Leakage of Information<br>
|
|
<b>Attacked Entity Field:</b> Hosting Providers<br>
|
|
<b>Attacked Entity Geography:</b> Redmond, WA<br>
|
|
<b>Incident Description:</b> Criminals recently spent more than a week siphoning e-mail messages from Hotmail users' accounts, thanks to a programming bug in Microsoft's website.<br>
|
|
<b>Reference:</b> <a href="http://www.pcworld.com/businesscenter/article/228609/hackers_steal_hotmail_messages_thanks_to_web_flaw.html" target="_blank">http://www.pcworld.com/businesscenter/article/228609/hackers_steal_hotmail_messages_thanks_to_web_flaw.html</a>
|
|
</div></td></tr> <tr><td><div class="googft-card-view" style="font-family:sans-serif;width:450px;padding:4px;border:1px solid #ccc;overflow:hidden">
|
|
<b>Entry Title:</b> WHID 2011-127: Sony says hacker stole 2,000 records from Canadian site<br>
|
|
<b>WHID ID:</b> 2011-127<br>
|
|
<b>Date Occurred:</b> 5/24/2011<br>
|
|
<b>Attack Method:</b> SQL Injection<br>
|
|
<b>Application Weakness:</b> Improper Input Handling<br>
|
|
<b>Outcome:</b> Leakage of Information<br>
|
|
<b>Attacked Entity Field:</b> Entertainment<br>
|
|
<b>Attacked Entity Geography:</b> Canada<br>
|
|
<b>Incident Description:</b> The problems keep coming for Sony. On Tuesday the company confirmed that someone had hacked into its website and stolen about 2,000 customer names and e-mail addresses. Close to 1,000 of the records have already been posted online by a hacker calling himself Idahc, who says he's a "Lebanese grey-hat hacker." Idahc found a common Web programming error, called an SQL injection flaw, that allowed him to dig up the records on the Canadian version of the Official Sony Ericsson eShop, an online store for mobile phones and accessories.<br>
|
|
<b>Reference:</b> <a href="http://www.computerworld.com/s/article/9217028/Sony_says_hacker_stole_2_000_records_from_Canadian_site?taxonomyId=140" target="_blank">http://www.computerworld.com/s/article/9217028/Sony_says_hacker_stole_2_000_records_from_Canadian_site?taxonomyId=140</a>
|
|
</div></td> <td><div class="googft-card-view" style="font-family:sans-serif;width:450px;padding:4px;border:1px solid #ccc;overflow:hidden">
|
|
<b>Entry Title:</b> WHID 2011-126: New hack on Comodo reseller exposes private data<br>
|
|
<b>WHID ID:</b> 2011-126<br>
|
|
<b>Date Occurred:</b> 5/24/2011<br>
|
|
<b>Attack Method:</b> SQL Injection<br>
|
|
<b>Application Weakness:</b> Improper Input Handling<br>
|
|
<b>Outcome:</b> Leakage of Information<br>
|
|
<b>Attacked Entity Field:</b> Technology<br>
|
|
<b>Attacked Entity Geography:</b> Lansing, MI<br>
|
|
<b>Incident Description:</b> Yet another official reseller of SSL certificate authority Comodo has suffered a security breach that allowed attackers to gain unauthorized access to data. Brazil-based ComodoBR is at least the fourth Comodo partner to be compromised this year.<br>
|
|
<b>Reference:</b> <a href="http://www.theregister.co.uk/2011/05/24/comodo_reseller_hacked/" target="_blank">http://www.theregister.co.uk/2011/05/24/comodo_reseller_hacked/</a>
|
|
</div></td></tr> <tr><td><div class="googft-card-view" style="font-family:sans-serif;width:450px;padding:4px;border:1px solid #ccc;overflow:hidden">
|
|
<b>Entry Title:</b> WHID 2011-125: TrafficShop.com Experiencing DDoS Attack<br>
|
|
<b>WHID ID:</b> 2011-125<br>
|
|
<b>Date Occurred:</b> 5/23/2011<br>
|
|
<b>Attack Method:</b> Denial of Service<br>
|
|
<b>Application Weakness:</b> Insufficient Anti-automation<br>
|
|
<b>Outcome:</b> Downtime<br>
|
|
<b>Attacked Entity Field:</b> Retail<br>
|
|
<b>Attacked Entity Geography:</b> Netherlands<br>
|
|
<b>Incident Description:</b> TrafficShop.com is currently experiencing a denial-of-service attack, according to the site???s sales manager, Chris 2.0. The perpetrators of the attack are unknown at this time but attempts to access the site result in a white screen.<br>
|
|
<b>Reference:</b> <a href="http://news.avn.com/articles/TrafficShop-com-Experiencing-DDoS-Attack-436445.html" target="_blank">http://news.avn.com/articles/TrafficShop-com-Experiencing-DDoS-Attack-436445.html</a>
|
|
</div></td> <td><div class="googft-card-view" style="font-family:sans-serif;width:450px;padding:4px;border:1px solid #ccc;overflow:hidden">
|
|
<b>Entry Title:</b> WHID 2011-124: Hackers target student group websites<br>
|
|
<b>WHID ID:</b> 2011-124<br>
|
|
<b>Date Occurred:</b> 5/23/2011<br>
|
|
<b>Attack Method:</b> Unknown<br>
|
|
<b>Application Weakness:</b> Improper Output Handling<br>
|
|
<b>Outcome:</b> Link Spam<br>
|
|
<b>Attacked Entity Field:</b> Education<br>
|
|
<b>Attacked Entity Geography:</b> Stanford, WA<br>
|
|
<b>Incident Description:</b> everal Stanford websites were taken offline May 9 after being targeted by hackers looking to sell cheap software. The affected sites, currently offline and inaccessible, are those for the Stanford Concert Network, the Green Alliance for Innovative Action and the ASSU.<br>
|
|
<b>Reference:</b> <a href="http://www.stanforddaily.com/2011/05/23/hackers-target-student-group-websites/" target="_blank">http://www.stanforddaily.com/2011/05/23/hackers-target-student-group-websites/</a>
|
|
</div></td></tr> <tr><td><div class="googft-card-view" style="font-family:sans-serif;width:450px;padding:4px;border:1px solid #ccc;overflow:hidden">
|
|
<b>Entry Title:</b> WHID 2011-123: Thai Democrat website hacked<br>
|
|
<b>WHID ID:</b> 2011-123<br>
|
|
<b>Date Occurred:</b> 5/23/2011<br>
|
|
<b>Attack Method:</b> Unknown<br>
|
|
<b>Application Weakness:</b> Improper Output Handling<br>
|
|
<b>Outcome:</b> Defacement<br>
|
|
<b>Attacked Entity Field:</b> Government<br>
|
|
<b>Attacked Entity Geography:</b> Bangkok, Thailand<br>
|
|
<b>Incident Description:</b> A website of the Democrat Party, set up to attract young people, was hacked on Sunday ni<br>
|
|
<b>Reference:</b> <a href="http://www.bangkokpost.com/news/politics/238438/democrat-website-hacked" target="_blank">http://www.bangkokpost.com/news/politics/238438/democrat-website-hacked</a>
|
|
</div></td> <td><div class="googft-card-view" style="font-family:sans-serif;width:450px;padding:4px;border:1px solid #ccc;overflow:hidden">
|
|
<b>Entry Title:</b> WHID 2011-122: Sony BMG Greece the latest hacked Sony site<br>
|
|
<b>WHID ID:</b> 2011-122<br>
|
|
<b>Date Occurred:</b> 5/22/2011<br>
|
|
<b>Attack Method:</b> SQL Injection<br>
|
|
<b>Application Weakness:</b> Improper Input Handling<br>
|
|
<b>Outcome:</b> Leakage of Information<br>
|
|
<b>Attacked Entity Field:</b> Entertainment<br>
|
|
<b>Attacked Entity Geography:</b> Greece<br>
|
|
<b>Incident Description:</b> In what seems to be a neverending nightmare it appears that the website of Sony BMG in Greece has been hacked and information dumped. An anonymous poster has uploaded a user database to pastebin.com, including the usernames, real names and email addresses of users registered on SonyMusic.gr.<br>
|
|
<b>Reference:</b> <a href="http://nakedsecurity.sophos.com/2011/05/22/sony-bmg-greece-the-latest-hacked-sony-site/" target="_blank">http://nakedsecurity.sophos.com/2011/05/22/sony-bmg-greece-the-latest-hacked-sony-site/</a>
|
|
</div></td></tr> <tr><td><div class="googft-card-view" style="font-family:sans-serif;width:450px;padding:4px;border:1px solid #ccc;overflow:hidden">
|
|
<b>Entry Title:</b> WHID 2011-121: State highway police website hacked<br>
|
|
<b>WHID ID:</b> 2011-121<br>
|
|
<b>Date Occurred:</b> 5/23/2011<br>
|
|
<b>Attack Method:</b> Unknown<br>
|
|
<b>Application Weakness:</b> Unknown<br>
|
|
<b>Outcome:</b> Disinformation<br>
|
|
<b>Attacked Entity Field:</b> Government<br>
|
|
<b>Attacked Entity Geography:</b> New Delhi, India<br>
|
|
<b>Incident Description:</b> The state highway police's website was allegedly hacked by an unknown person, who changed the accident figures to show a steep decline in the number of deaths for the year 2010.<br>
|
|
<b>Reference:</b> <a href="http://www.hindustantimes.com/State-highway-police-website-hacked/Article1-700790.aspx" target="_blank">http://www.hindustantimes.com/State-highway-police-website-hacked/Article1-700790.aspx</a>
|
|
</div></td> <td><div class="googft-card-view" style="font-family:sans-serif;width:450px;padding:4px;border:1px solid #ccc;overflow:hidden">
|
|
<b>Entry Title:</b> WHID 2011-120: Nepal Government???s official Website Hacked<br>
|
|
<b>WHID ID:</b> 2011-120<br>
|
|
<b>Date Occurred:</b> 5/22/2011<br>
|
|
<b>Attack Method:</b> Denial of Service<br>
|
|
<b>Application Weakness:</b> Insufficient Anti-automation<br>
|
|
<b>Outcome:</b> Downtime<br>
|
|
<b>Attacked Entity Field:</b> Government<br>
|
|
<b>Attacked Entity Geography:</b> Nepal<br>
|
|
<b>Incident Description:</b> It has been reported that the official website of Nepal Government (http://www.nepalgov.gov.np/) has been hacked by anonymous group #OpEverest using the Denial of Service attack.<br>
|
|
<b>Reference:</b> <a href="http://www.groundreport.com/Media_and_Tech/Nepal-Government-s-official-Website-Hacked/2939137" target="_blank">http://www.groundreport.com/Media_and_Tech/Nepal-Government-s-official-Website-Hacked/2939137</a>
|
|
</div></td></tr> <tr><td><div class="googft-card-view" style="font-family:sans-serif;width:450px;padding:4px;border:1px solid #ccc;overflow:hidden">
|
|
<b>Entry Title:</b> WHID 2011-12: Cyber Criminals Attack A Hundred Online Casino Sites<br>
|
|
<b>WHID ID:</b> 2011-12<br>
|
|
<b>Date Occurred:</b> 1/13/2011<br>
|
|
<b>Attack Method:</b> Denial of Service<br>
|
|
<b>Application Weakness:</b> Insufficient Anti-automation<br>
|
|
<b>Outcome:</b> Monetary Loss<br>
|
|
<b>Attacked Entity Field:</b> Entertainment<br>
|
|
<b>Attacked Entity Geography:</b> South Korea<br>
|
|
<b>Incident Description:</b> A South Korean web hosting company that allegedly hosted an illegal gambling site is in trouble with authorities for organising a series of ???cyber attacks??? on competing illegal online casinos in order to grab gambling business from rival gangsters.
|
|
|
|
Between November 21st and December 15th, 2010, Lee, 32, head of the computer server company along with Park, 37, a hacker working for an Incheon based crime gang which owned the gambling site, organised distributed denial-of-service attacks (DDoS<br>
|
|
<b>Reference:</b> <a href="http://www.onlinepoker.net/poker-news/general-poker-news/cyber-criminals-attack-online-casino-sites/9141" target="_blank">http://www.onlinepoker.net/poker-news/general-poker-news/cyber-criminals-attack-online-casino-sites/9141</a>
|
|
</div></td> <td><div class="googft-card-view" style="font-family:sans-serif;width:450px;padding:4px;border:1px solid #ccc;overflow:hidden">
|
|
<b>Entry Title:</b> WHID 2011-119: Sony site used for phishing<br>
|
|
<b>WHID ID:</b> 2011-119<br>
|
|
<b>Date Occurred:</b> 5/20/2011<br>
|
|
<b>Attack Method:</b> Unknown<br>
|
|
<b>Application Weakness:</b> Improper Output Handling<br>
|
|
<b>Outcome:</b> Phishing<br>
|
|
<b>Attacked Entity Field:</b> Entertainment<br>
|
|
<b>Attacked Entity Geography:</b> Tokyo, Japan<br>
|
|
<b>Incident Description:</b> Sony has been hacked, and one of its servers used to host a phishing site, according to Finnish company F-Secure.<br>
|
|
<b>Reference:</b> <a href="http://www.zdnet.co.uk/blogs/security-bullet-in-10000166/sony-site-used-for-phishing-10022513/" target="_blank">http://www.zdnet.co.uk/blogs/security-bullet-in-10000166/sony-site-used-for-phishing-10022513/</a>
|
|
</div></td></tr> <tr><td><div class="googft-card-view" style="font-family:sans-serif;width:450px;padding:4px;border:1px solid #ccc;overflow:hidden">
|
|
<b>Entry Title:</b> WHID 2011-118: Online Intruder Broke Into Sony Internet Subsidiary's User Accounts<br>
|
|
<b>WHID ID:</b> 2011-118<br>
|
|
<b>Date Occurred:</b> 5/20/2011<br>
|
|
<b>Attack Method:</b> Brute Force<br>
|
|
<b>Application Weakness:</b> Insufficient Anti-automation<br>
|
|
<b>Outcome:</b> Monetary Loss<br>
|
|
<b>Attacked Entity Field:</b> Entertainment<br>
|
|
<b>Attacked Entity Geography:</b> Tokyo, Japan<br>
|
|
<b>Incident Description:</b> So-net Entertainment Corp., an Internet service provider subsidiary of Sony Corp. (6758.TO, SNE), said an online intruder accessed its customer rewards site earlier this week and stole customers' redeemable gift points worth about 100,000 yen ($1,225). Read more: http://www.foxbusiness.com/industries/2011/05/20/online-intruder-broke-sony-internet-subsidiarys-user-accounts/#ixzz1O2GNDqzB<br>
|
|
<b>Reference:</b> <a href="http://www.foxbusiness.com/industries/2011/05/20/online-intruder-broke-sony-internet-subsidiarys-user-accounts/" target="_blank">http://www.foxbusiness.com/industries/2011/05/20/online-intruder-broke-sony-internet-subsidiarys-user-accounts/</a>
|
|
</div></td> <td><div class="googft-card-view" style="font-family:sans-serif;width:450px;padding:4px;border:1px solid #ccc;overflow:hidden">
|
|
<b>Entry Title:</b> WHID 2011-117: Colombia's Senate website hacked<br>
|
|
<b>WHID ID:</b> 2011-117<br>
|
|
<b>Date Occurred:</b> 5/20/2011<br>
|
|
<b>Attack Method:</b> Unknown<br>
|
|
<b>Application Weakness:</b> Improper Output Handling<br>
|
|
<b>Outcome:</b> Defacement<br>
|
|
<b>Attacked Entity Field:</b> Government<br>
|
|
<b>Attacked Entity Geography:</b> Columbia<br>
|
|
<b>Incident Description:</b> Colombian hacker collective "Anonymous" hacked the website of the country's Senate Friday, replacing the page with an alternative website protesting a new law regarding internet copyright.<br>
|
|
<b>Reference:</b> <a href="http://colombiareports.com/colombia-news/news/16402-colombias-senate-website-hacked.html" target="_blank">http://colombiareports.com/colombia-news/news/16402-colombias-senate-website-hacked.html</a>
|
|
</div></td></tr> <tr><td><div class="googft-card-view" style="font-family:sans-serif;width:450px;padding:4px;border:1px solid #ccc;overflow:hidden">
|
|
<b>Entry Title:</b> WHID 2011-116: New attack vector in DDoS observed<br>
|
|
<b>WHID ID:</b> 2011-116<br>
|
|
<b>Date Occurred:</b> 5/19/2011<br>
|
|
<b>Attack Method:</b> Denial of Service<br>
|
|
<b>Application Weakness:</b> Insufficient Anti-automation<br>
|
|
<b>Outcome:</b> Downtime<br>
|
|
<b>Attacked Entity Field:</b> Multiple<br>
|
|
<b>Attacked Entity Geography:</b> USA<br>
|
|
<b>Incident Description:</b> We described above a new way of the Denial of Ser?_vice attack. We do believe this method of the attack poses an increased risk to all the DNS servers as there are no pro?_tec?_tive coun?_ter?_mea?_sures avail?_able. The seri?_ous?_ness of the sit?_u?_a?_tion is under?_lined with the fact that this kind of attack was observed on the Inter?_net as fully working.<br>
|
|
<b>Reference:</b> <a href="http://www.zone-h.org/news/id/4739" target="_blank">http://www.zone-h.org/news/id/4739</a>
|
|
</div></td> <td><div class="googft-card-view" style="font-family:sans-serif;width:450px;padding:4px;border:1px solid #ccc;overflow:hidden">
|
|
<b>Entry Title:</b> WHID 2011-115: Facebook privacy vulnerability<br>
|
|
<b>WHID ID:</b> 2011-115<br>
|
|
<b>Date Occurred:</b> 5/17/2011<br>
|
|
<b>Attack Method:</b> Predictable Resource Location<br>
|
|
<b>Application Weakness:</b> Insufficient Authorization<br>
|
|
<b>Outcome:</b> Leakage of Information<br>
|
|
<b>Attacked Entity Field:</b> Web 2.0<br>
|
|
<b>Attacked Entity Geography:</b> USA<br>
|
|
<b>Incident Description:</b> The privacy vulnerability, which can affect all Facebook users if a hacker has enough time, allows for privacy-protected photos to be accessed without being the user's "friend". Read more: http://www.smh.com.au/technology/security/security-experts-go-to-war-wife-targeted-20110517-1eqsm.html#ixzz1O2AO9MCX<br>
|
|
<b>Reference:</b> <a href="http://www.smh.com.au/technology/security/security-experts-go-to-war-wife-targeted-20110517-1eqsm.html" target="_blank">http://www.smh.com.au/technology/security/security-experts-go-to-war-wife-targeted-20110517-1eqsm.html</a>
|
|
</div></td></tr> <tr><td><div class="googft-card-view" style="font-family:sans-serif;width:450px;padding:4px;border:1px solid #ccc;overflow:hidden">
|
|
<b>Entry Title:</b> WHID 2011-114: Civil-service union hit by invisible DDoS is back up<br>
|
|
<b>WHID ID:</b> 2011-114<br>
|
|
<b>Date Occurred:</b> 5/18/2011<br>
|
|
<b>Attack Method:</b> Denial of Service<br>
|
|
<b>Application Weakness:</b> Insufficient Anti-automation<br>
|
|
<b>Outcome:</b> Downtime<br>
|
|
<b>Attacked Entity Field:</b> Politics<br>
|
|
<b>Attacked Entity Geography:</b> United Kingdom<br>
|
|
<b>Incident Description:</b> The attack started on Wednesday 11 May and left the website "struggling to cope with average hourly traffic 1,000 times greater than normal," according to the union. Curiously, the attack failed to hit the radar screens of Arbor Networks, the firm that supplies traffic management and DDoS mitigation tools to the vast majority of the world's biggest telcos<br>
|
|
<b>Reference:</b> <a href="http://www.theregister.co.uk/2011/05/18/pcs_ddos_folow_up/" target="_blank">http://www.theregister.co.uk/2011/05/18/pcs_ddos_folow_up/</a>
|
|
</div></td> <td><div class="googft-card-view" style="font-family:sans-serif;width:450px;padding:4px;border:1px solid #ccc;overflow:hidden">
|
|
<b>Entry Title:</b> WHID 2011-113: French Anti-piracy Agency Hit By A Simple Hack<br>
|
|
<b>WHID ID:</b> 2011-113<br>
|
|
<b>Date Occurred:</b> 5/18/2011<br>
|
|
<b>Attack Method:</b> Predictable Resource Location<br>
|
|
<b>Application Weakness:</b> Insufficient Authorization<br>
|
|
<b>Outcome:</b> Leakage of Information<br>
|
|
<b>Attacked Entity Field:</b> Government<br>
|
|
<b>Attacked Entity Geography:</b> France<br>
|
|
<b>Incident Description:</b> The French battle against illegal file sharers suffers a setback as its surveillance agency TMG is hacked<br>
|
|
<b>Reference:</b> <a href="http://www.eweekeurope.co.uk/news/french-anti-piracy-agency-hit-by-a-simple-hack-29557" target="_blank">http://www.eweekeurope.co.uk/news/french-anti-piracy-agency-hit-by-a-simple-hack-29557</a>
|
|
</div></td></tr> <tr><td><div class="googft-card-view" style="font-family:sans-serif;width:450px;padding:4px;border:1px solid #ccc;overflow:hidden">
|
|
<b>Entry Title:</b> WHID 2011-112: Hackers breach Sony's password reset system<br>
|
|
<b>WHID ID:</b> 2011-112<br>
|
|
<b>Date Occurred:</b> 5/19/2011<br>
|
|
<b>Attack Method:</b> Stolen Credentials<br>
|
|
<b>Application Weakness:</b> Insufficient Password Recovery<br>
|
|
<b>Outcome:</b> Account Takeover<br>
|
|
<b>Attacked Entity Field:</b> Entertainment<br>
|
|
<b>Attacked Entity Geography:</b> Japan<br>
|
|
<b>Incident Description:</b> Sony's PlayStation Network is under fire again, with a new security breach hitting the beleaguered company. Just days after the network was resurrected following a massive data breach, there is mounting evidence that hackers have circumvented protections put in place via a password reset page. According to the Nyleveia gaming website, hackers have discovered an exploit that allows them to change user passwords using only a PlayStation Network account email and date of birth - information which could have been harvested during the recent attack.<br>
|
|
<b>Reference:</b> <a href="http://www.pcauthority.com.au/News/257912,hackers-breach-sonys-password-reset-system.aspx" target="_blank">http://www.pcauthority.com.au/News/257912,hackers-breach-sonys-password-reset-system.aspx</a>
|
|
</div></td> <td><div class="googft-card-view" style="font-family:sans-serif;width:450px;padding:4px;border:1px solid #ccc;overflow:hidden">
|
|
<b>Entry Title:</b> WHID 2011-111: Hacker steals customer data from small brokerage<br>
|
|
<b>WHID ID:</b> 2011-111<br>
|
|
<b>Date Occurred:</b> 5/19/2011<br>
|
|
<b>Attack Method:</b> SQL Injection<br>
|
|
<b>Application Weakness:</b> Improper Input Handling<br>
|
|
<b>Outcome:</b> Leakage of Information<br>
|
|
<b>Attacked Entity Field:</b> Finance<br>
|
|
<b>Attacked Entity Geography:</b> Seoul, South Korea<br>
|
|
<b>Incident Description:</b> An unidentified hacker has broken into the computer system of a small South Korean brokerage house to steal the firm's customer data, the financial regulator said Thursday, adding concerns over financial firms' computer security maintenance. The Financial Supervisory Service (FSS) said the hacker infiltrated the computer server of Leading Investment & Securities Co. and stole 12,000 customers' personal data last week. The stolen data includes their names, social security numbers, addresses and phone numbers, it said.<br>
|
|
<b>Reference:</b> <a href="http://english.yonhapnews.co.kr/business/2011/05/19/85/0503000000AEN20110519004500320F.HTML" target="_blank">http://english.yonhapnews.co.kr/business/2011/05/19/85/0503000000AEN20110519004500320F.HTML</a>
|
|
</div></td></tr> <tr><td><div class="googft-card-view" style="font-family:sans-serif;width:450px;padding:4px;border:1px solid #ccc;overflow:hidden">
|
|
<b>Entry Title:</b> WHID 2011-110: Facebook Fails to Stop Spammers... Again<br>
|
|
<b>WHID ID:</b> 2011-110<br>
|
|
<b>Date Occurred:</b> 5/17/2011<br>
|
|
<b>Attack Method:</b> Clickjacking<br>
|
|
<b>Application Weakness:</b> Application Misconfiguration<br>
|
|
<b>Outcome:</b> Link Spam<br>
|
|
<b>Attacked Entity Field:</b> Web 2.0<br>
|
|
<b>Attacked Entity Geography:</b> <br>
|
|
<b>Incident Description:</b> Facebook has recently launched new security features to block spam, but merely after its inception, tons of new ones have emerged, bypassing these security implementations.<br>
|
|
<b>Reference:</b> <a href="http://tech2.in.com/news/social-networking/facebook-spammers-bypassing-new-security-features/219322" target="_blank">http://tech2.in.com/news/social-networking/facebook-spammers-bypassing-new-security-features/219322</a>
|
|
</div></td> <td><div class="googft-card-view" style="font-family:sans-serif;width:450px;padding:4px;border:1px solid #ccc;overflow:hidden">
|
|
<b>Entry Title:</b> WHID 2011-11: Educational, government and military sites hit by hackers<br>
|
|
<b>WHID ID:</b> 2011-11<br>
|
|
<b>Date Occurred:</b> 1/17/2011<br>
|
|
<b>Attack Method:</b> Known Vulnerability<br>
|
|
<b>Application Weakness:</b> Application Misconfiguration<br>
|
|
<b>Outcome:</b> Link Spam<br>
|
|
<b>Attacked Entity Field:</b> Hosting Providers<br>
|
|
<b>Attacked Entity Geography:</b> Utah<br>
|
|
<b>Incident Description:</b> A software security issue with a popular US-based web hosting provider is reportedly allowing hackers to secretly add dozens of web pages to military, educational, financial and government sites in a bid to promote so-called pharma retailing sites.<br>
|
|
<b>Reference:</b> <a href="http://www.infosecurity-magazine.com/view/15209/educational-government-and-military-sites-hit-by-hackers/" target="_blank">http://www.infosecurity-magazine.com/view/15209/educational-government-and-military-sites-hit-by-hackers/</a>
|
|
</div></td></tr> <tr><td><div class="googft-card-view" style="font-family:sans-serif;width:450px;padding:4px;border:1px solid #ccc;overflow:hidden">
|
|
<b>Entry Title:</b> WHID 2011-109: PCS Union website downed by ideological DDoS<br>
|
|
<b>WHID ID:</b> 2011-109<br>
|
|
<b>Date Occurred:</b> 5/17/2011<br>
|
|
<b>Attack Method:</b> Denial of Service<br>
|
|
<b>Application Weakness:</b> Insufficient Anti-automation<br>
|
|
<b>Outcome:</b> Downtime<br>
|
|
<b>Attacked Entity Field:</b> Politics<br>
|
|
<b>Attacked Entity Geography:</b> United Kingdom<br>
|
|
<b>Incident Description:</b> The prominent Public and Commercial and Services union (PCS) is struggling to get its website back online after being hit by a huge DDoS attack nearly a week ago. Government aside, sustained attacks against websites with a political theme are extremely rare in UK, and what has befallen the PCS ??? whose members include large numbers of public sector and government workers - could rank as the first time the country has seen a large-scale ideological attack of this kind. Starting on 11 May, the union???s website was hit by traffic 1,000 times its normal level, taking the site down. As of 16 May, the site is still unavailable beyond a static homepage that announces the problem, with a fix unlikely for at least a day or two.<br>
|
|
<b>Reference:</b> <a href="http://www.computerworlduk.com/news/public-sector/3280224/pcs-union-website-downed-by-ideological-ddos/" target="_blank">http://www.computerworlduk.com/news/public-sector/3280224/pcs-union-website-downed-by-ideological-ddos/</a>
|
|
</div></td> <td><div class="googft-card-view" style="font-family:sans-serif;width:450px;padding:4px;border:1px solid #ccc;overflow:hidden">
|
|
<b>Entry Title:</b> WHID 2011-108: Teenagers prosecuted for hacking and bringing down web hosting company<br>
|
|
<b>WHID ID:</b> 2011-108<br>
|
|
<b>Date Occurred:</b> 4/1/2009<br>
|
|
<b>Attack Method:</b> Unknown<br>
|
|
<b>Application Weakness:</b> Unknown<br>
|
|
<b>Outcome:</b> Downtime<br>
|
|
<b>Attacked Entity Field:</b> Hosting Providers<br>
|
|
<b>Attacked Entity Geography:</b> <br>
|
|
<b>Incident Description:</b> According to the Met, using the alias 'Colonel Root', Woodham hacked into web hosting company ???Punkyhosting' in April 2009. It detected the attack and made attempts to prevent it. In response, Woodham repeatedly attacked the company over a number of weeks, causing it to cease trading. He then sent a taunting email gloating about his actions.<br>
|
|
<b>Reference:</b> <a href="http://www.scmagazineuk.com/teenagers-prosecuted-for-hacking-and-bringing-down-web-hosting-company/article/202997/" target="_blank">http://www.scmagazineuk.com/teenagers-prosecuted-for-hacking-and-bringing-down-web-hosting-company/article/202997/</a>
|
|
</div></td></tr> <tr><td><div class="googft-card-view" style="font-family:sans-serif;width:450px;padding:4px;border:1px solid #ccc;overflow:hidden">
|
|
<b>Entry Title:</b> WHID 2011-107: Geek.com Site Hacked Via Exploit Kit<br>
|
|
<b>WHID ID:</b> 2011-107<br>
|
|
<b>Date Occurred:</b> 5/17/2011<br>
|
|
<b>Attack Method:</b> Unknown<br>
|
|
<b>Application Weakness:</b> Improper Output Handling<br>
|
|
<b>Outcome:</b> Planting of Malware<br>
|
|
<b>Attacked Entity Field:</b> Technology<br>
|
|
<b>Attacked Entity Geography:</b> USA<br>
|
|
<b>Incident Description:</b> Hackers inserted malicious code on the first article on the Geek.com homepage, among others, the researchers say. "As this is first article is highlighted --and 'Call of Duty' is a very popular game -- one can assume that many people have fallen victim to this attack," the blog says. The article was published on May 13th. and the malicious Iframe is injected at the bottom of the page, the researchers say.<br>
|
|
<b>Reference:</b> <a href="http://www.darkreading.com/security/attacks-breaches/229500721/geek-com-site-hacked-via-exploit-kit.html" target="_blank">http://www.darkreading.com/security/attacks-breaches/229500721/geek-com-site-hacked-via-exploit-kit.html</a>
|
|
</div></td> <td><div class="googft-card-view" style="font-family:sans-serif;width:450px;padding:4px;border:1px solid #ccc;overflow:hidden">
|
|
<b>Entry Title:</b> WHID 2011-106: Final Fantasy maker Square Enix hacked<br>
|
|
<b>WHID ID:</b> 2011-106<br>
|
|
<b>Date Occurred:</b> 5/13/2011<br>
|
|
<b>Attack Method:</b> SQL Injection<br>
|
|
<b>Application Weakness:</b> Improper Input Handling<br>
|
|
<b>Outcome:</b> Leakage of Information<br>
|
|
<b>Attacked Entity Field:</b> Entertainment<br>
|
|
<b>Attacked Entity Geography:</b> <br>
|
|
<b>Incident Description:</b> Hackers have broken into two websites belonging to Japanese video games maker Square Enix. The company confirmed that the e-mail addresses of up to 25,000 customers who had registered for product updates may have been stolen as a result.<br>
|
|
<b>Reference:</b> <a href="http://www.bbc.co.uk/news/technology-13394968" target="_blank">http://www.bbc.co.uk/news/technology-13394968</a>
|
|
</div></td></tr> <tr><td><div class="googft-card-view" style="font-family:sans-serif;width:450px;padding:4px;border:1px solid #ccc;overflow:hidden">
|
|
<b>Entry Title:</b> WHID 2011-105: Hackers Take Over Twitter Accounts of Fox-Affiliates<br>
|
|
<b>WHID ID:</b> 2011-105<br>
|
|
<b>Date Occurred:</b> 5/10/2011<br>
|
|
<b>Attack Method:</b> Stolen Credentials<br>
|
|
<b>Application Weakness:</b> Insufficient Authentication<br>
|
|
<b>Outcome:</b> Account Takeover<br>
|
|
<b>Attacked Entity Field:</b> Web 2.0<br>
|
|
<b>Attacked Entity Geography:</b> USA<br>
|
|
<b>Incident Description:</b> A group of hackers has gained access to a database of fox.com email accounts and last night took over the Twitter accounts of two Fox-affiliates: WFQX in Michigan???s Upper Peninsulas and KADN in Lafayette, LA. Calling itself Lulz Security, the group posted defamatory tweets under the accounts of WFQX and KADN and, using its own Twitter account (@LulzSec), has today been teasing future attacks. ???Lots of Facebook logins,??? the group tweeted this morning.<br>
|
|
<b>Reference:</b> <a href="http://www.mediabistro.com/tvspy/hackers-take-over-twitter-accounts-of-fox-affiliates_b9977" target="_blank">http://www.mediabistro.com/tvspy/hackers-take-over-twitter-accounts-of-fox-affiliates_b9977</a>
|
|
</div></td> <td><div class="googft-card-view" style="font-family:sans-serif;width:450px;padding:4px;border:1px solid #ccc;overflow:hidden">
|
|
<b>Entry Title:</b> WHID 2011-104: NASA website hacked<br>
|
|
<b>WHID ID:</b> 2011-104<br>
|
|
<b>Date Occurred:</b> 5/11/2011<br>
|
|
<b>Attack Method:</b> Unknown<br>
|
|
<b>Application Weakness:</b> Improper Output Handling<br>
|
|
<b>Outcome:</b> Link Spam<br>
|
|
<b>Attacked Entity Field:</b> Government<br>
|
|
<b>Attacked Entity Geography:</b> USA<br>
|
|
<b>Incident Description:</b> Software scammers offering cheap Adobe software have hacked into numerous web pages of NASA, just days before its final launch of the shuttle Endeavor, and Stanford University.<br>
|
|
<b>Reference:</b> <a href="http://articles.timesofindia.indiatimes.com/2011-05-11/internet/29531808_1_nasa-website-shuttle" target="_blank">http://articles.timesofindia.indiatimes.com/2011-05-11/internet/29531808_1_nasa-website-shuttle</a>
|
|
</div></td></tr> <tr><td><div class="googft-card-view" style="font-family:sans-serif;width:450px;padding:4px;border:1px solid #ccc;overflow:hidden">
|
|
<b>Entry Title:</b> WHID 2011-103: bianet. org Hit by Massive Cyber Attack<br>
|
|
<b>WHID ID:</b> 2011-103<br>
|
|
<b>Date Occurred:</b> 5/18/2011<br>
|
|
<b>Attack Method:</b> Denial of Service<br>
|
|
<b>Application Weakness:</b> Insufficient Anti-automation<br>
|
|
<b>Outcome:</b> Downtime<br>
|
|
<b>Attacked Entity Field:</b> News<br>
|
|
<b>Attacked Entity Geography:</b> Istanbul, Turkey<br>
|
|
<b>Incident Description:</b> bianet.org became the target of a heavy cyber attack that started at 3.30 pm on Tuesday (18 May). Broadcasting was resumed at 11.20 pm after the attack has been continuing non-stop. This cyber attack was not related to a hacking attempt. Access to the bianet.org site was prevented due to a Distributed Denial-of-Service (DDoS) caused by a very large number of computers that were connected to the server at the same time. Our information suggests that this was an organized attack and that tens of thousands of computers were controlled for the attack via Trojans.<br>
|
|
<b>Reference:</b> <a href="http://www.bianet.org/english/freedom-of-expression/130062-bianet-org-hit-by-massive-cyber-attack" target="_blank">http://www.bianet.org/english/freedom-of-expression/130062-bianet-org-hit-by-massive-cyber-attack</a>
|
|
</div></td> <td><div class="googft-card-view" style="font-family:sans-serif;width:450px;padding:4px;border:1px solid #ccc;overflow:hidden">
|
|
<b>Entry Title:</b> WHID 2011-102: Group says its website calling for democracy protests in China was hacked<br>
|
|
<b>WHID ID:</b> 2011-102<br>
|
|
<b>Date Occurred:</b> 5/12/2011<br>
|
|
<b>Attack Method:</b> Unknown<br>
|
|
<b>Application Weakness:</b> Unknown<br>
|
|
<b>Outcome:</b> Data Loss<br>
|
|
<b>Attacked Entity Field:</b> Hosting Providers<br>
|
|
<b>Attacked Entity Geography:</b> Beijing, China<br>
|
|
<b>Incident Description:</b> A group that has issued calls for pro-democracy protests in China said its Google-hosted site was hacked Thursday, amid a far-reaching government crackdown on activists.<br>
|
|
<b>Reference:</b> <a href="http://www.washingtonpost.com/world/group-says-its-website-calling-for-democracy-protests-in-china-was-hacked/2011/05/12/AFBAEtxG_story.html" target="_blank">http://www.washingtonpost.com/world/group-says-its-website-calling-for-democracy-protests-in-china-was-hacked/2011/05/12/AFBAEtxG_story.html</a>
|
|
</div></td></tr> <tr><td><div class="googft-card-view" style="font-family:sans-serif;width:450px;padding:4px;border:1px solid #ccc;overflow:hidden">
|
|
<b>Entry Title:</b> WHID 2011-101: Fox.com hacked<br>
|
|
<b>WHID ID:</b> 2011-101<br>
|
|
<b>Date Occurred:</b> 4/29/2011<br>
|
|
<b>Attack Method:</b> Unknown<br>
|
|
<b>Application Weakness:</b> Unknown<br>
|
|
<b>Outcome:</b> Leakage of Information<br>
|
|
<b>Attacked Entity Field:</b> News<br>
|
|
<b>Attacked Entity Geography:</b> USA<br>
|
|
<b>Incident Description:</b> Hackers have broken into a Fox.com extranet site, designed as a repository of research statistics, programming details and ratings for clients and affiliates, and stolen the emails and passwords for hundreds of Fox Broadcasting employees.<br>
|
|
<b>Reference:</b> <a href="http://www.politico.com/blogs/onmedia/0511/Foxcom_hacked.html" target="_blank">http://www.politico.com/blogs/onmedia/0511/Foxcom_hacked.html</a>
|
|
</div></td> <td><div class="googft-card-view" style="font-family:sans-serif;width:450px;padding:4px;border:1px solid #ccc;overflow:hidden">
|
|
<b>Entry Title:</b> WHID 2011-100: Banking Trojan gang busted by Finnish police<br>
|
|
<b>WHID ID:</b> 2011-100<br>
|
|
<b>Date Occurred:</b> 5/10/2011<br>
|
|
<b>Attack Method:</b> Banking Trojan<br>
|
|
<b>Application Weakness:</b> Insufficient Authentication<br>
|
|
<b>Outcome:</b> Monetary Loss<br>
|
|
<b>Attacked Entity Field:</b> Finance<br>
|
|
<b>Attacked Entity Geography:</b> Sweden<br>
|
|
<b>Incident Description:</b> Updated Finnish police closed on investigation on Tuesday after arresting 17 people suspected of involvement in a banking Trojan scam used to siphon off hundreds of thousands of euros held in accounts with Nordea Bank.<br>
|
|
<b>Reference:</b> <a href="http://www.theregister.co.uk/2011/05/10/finnish_banking_trojan_investigation/" target="_blank">http://www.theregister.co.uk/2011/05/10/finnish_banking_trojan_investigation/</a>
|
|
</div></td></tr> <tr><td><div class="googft-card-view" style="font-family:sans-serif;width:450px;padding:4px;border:1px solid #ccc;overflow:hidden">
|
|
<b>Entry Title:</b> WHID 2011-10: US Hospital Server Hacked by ???Call of Duty: Black Op???s??? Fans<br>
|
|
<b>WHID ID:</b> 2011-10<br>
|
|
<b>Date Occurred:</b> 1/17/2011<br>
|
|
<b>Attack Method:</b> Unknown<br>
|
|
<b>Application Weakness:</b> Unknown<br>
|
|
<b>Outcome:</b> Leakage of Information<br>
|
|
<b>Attacked Entity Field:</b> Health<br>
|
|
<b>Attacked Entity Geography:</b> Rochester, New Hampshire<br>
|
|
<b>Incident Description:</b> Seacoast Radiology in Rochester, New Hampshire, announced last week it had informed over 231,000 patients that their details were accessed after their server was hacked back in November.
|
|
|
|
|
|
|
|
Although the names, dates of birth, addresses, Social Security numbers and medical procedure codes could have been accessed by the hackers, Don Wood, Seacoast Radiology???s business manager, has said that there has been no report of identity theft as a result of the hack.<br>
|
|
<b>Reference:</b> <a href="http://www.dedicatedserverdir.com/news/ShowItem.aspx?ID=74516" target="_blank">http://www.dedicatedserverdir.com/news/ShowItem.aspx?ID=74516</a>
|
|
</div></td> <td><div class="googft-card-view" style="font-family:sans-serif;width:450px;padding:4px;border:1px solid #ccc;overflow:hidden">
|
|
<b>Entry Title:</b> WHID 2011-1: Hackers hit Tunisian websites<br>
|
|
<b>WHID ID:</b> 2011-1<br>
|
|
<b>Date Occurred:</b> 1/2/2011<br>
|
|
<b>Attack Method:</b> Denial of Service<br>
|
|
<b>Application Weakness:</b> Insufficient Anti-automation<br>
|
|
<b>Outcome:</b> Downtime<br>
|
|
<b>Attacked Entity Field:</b> Government<br>
|
|
<b>Attacked Entity Geography:</b> Tunisia<br>
|
|
<b>Incident Description:</b> Online activists have attacked and at least momentarily disabled several Tunisian government websites in the latest act of protest against the country's embattled leadership.
|
|
|
|
|
|
|
|
As of Monday afternoon, local time, at least eight websites had been affected, including those for the president, prime minister, ministry of industry, ministry of foreign affairs, and the stock exchange.
|
|
|
|
|
|
|
|
The attack, which began on Sunday night, coincided with a national strike, planned to take place on Monday, that organisers said would be the biggest popular event of its size since Zine El Abidine Ben Ali assumed the presidency.
|
|
|
|
|
|
|
|
The strike comes on the day that school students return from their holiday.
|
|
|
|
|
|
|
|
Ben Ali's administration has tightly restricted the flow of information out of Tunisia since widespread protests began on December 17, following 26-year-old Mohamed Bouazizi's suicide attempt. But reports of civil disobedience and police action filtered out on Twitter on Monday, with some users reporting the use of tear gas by security forces.
|
|
|
|
|
|
|
|
The loosely organised hacker group Anonymous claimed responsibility for the cyber attack, which it called "Operation Tunisia", an apparent arm of the group's broader effort - termed "Operation Payback" - aimed at taking retribution against governments and businesses viewed as hostile to the similarly amorphous document-leaking group WikiLeaks.<br>
|
|
<b>Reference:</b> <a href="http://english.aljazeera.net/news/africa/2011/01/201113111059792596.html" target="_blank">http://english.aljazeera.net/news/africa/2011/01/201113111059792596.html</a>
|
|
</div></td></tr> <tr><td><div class="googft-card-view" style="font-family:sans-serif;width:450px;padding:4px;border:1px solid #ccc;overflow:hidden">
|
|
<b>Entry Title:</b> WHID 2010-99: Got an iTunes account? That's music to a cyber fraudster's ears<br>
|
|
<b>WHID ID:</b> 2010-99<br>
|
|
<b>Date Occurred:</b> 5/22/2010<br>
|
|
<b>Attack Method:</b> Brute Force<br>
|
|
<b>Application Weakness:</b> Insufficient Password Recovery<br>
|
|
<b>Outcome:</b> Session Hijacking<br>
|
|
<b>Attacked Entity Field:</b> Web 2.0<br>
|
|
<b>Attacked Entity Geography:</b> USA<br>
|
|
<b>Incident Description:</b> Up to 125million people worldwide have accounts set up on the site.
|
|
But computer security experts say hackers are easily hijacking accounts by pretending they are a customer who has forgotten their password.
|
|
As with many websites, iTunes tells users to select a socalled 'security question' from a list of options when they first set up their account.
|
|
These are fairly basic and include 'what is your mother's maiden name?' and 'where did you spend your honeymoon?'.
|
|
Customers who have forgotten their passwords are prompted with the question they first selected when they set up their profile - as long as they give the correct answer, they can access the account.
|
|
Security analysts claim this is leaving the website wide open to fraud.
|
|
Hackers simply pretend they are a customer who has forgotten their password and can easily work out the answer to the personal question using information that users have posted on social-networking websites such as Facebook and Twitter.<br>
|
|
<b>Reference:</b> <a href="http://www.dailymail.co.uk/news/article-1280354/Got-iTunes-account-Thats-music-cyber-fraudsters-ears.html" target="_blank">http://www.dailymail.co.uk/news/article-1280354/Got-iTunes-account-Thats-music-cyber-fraudsters-ears.html</a>
|
|
</div></td> <td><div class="googft-card-view" style="font-family:sans-serif;width:450px;padding:4px;border:1px solid #ccc;overflow:hidden">
|
|
<b>Entry Title:</b> WHID 2010-98: Man charged with attacking O'Reilly, Coulter websites<br>
|
|
<b>WHID ID:</b> 2010-98<br>
|
|
<b>Date Occurred:</b> 5/19/2010<br>
|
|
<b>Attack Method:</b> Denial of Service<br>
|
|
<b>Application Weakness:</b> Insufficient Anti-automation<br>
|
|
<b>Outcome:</b> Downtime<br>
|
|
<b>Attacked Entity Field:</b> Media<br>
|
|
<b>Attacked Entity Geography:</b> USA<br>
|
|
<b>Incident Description:</b> A former college student has been charged with using the school's computer network to control a botnet and launch distributed denial-of-service (DDoS) attacks against conservative websites belonging to Bill O'Reilly, Ann Coulter and Rudy Giuliani.<br>
|
|
<b>Reference:</b> <a href="http://www.scmagazineus.com/man-charged-with-attacking-oreilly-coulter-websites/article/170524/" target="_blank">http://www.scmagazineus.com/man-charged-with-attacking-oreilly-coulter-websites/article/170524/</a>
|
|
</div></td></tr> <tr><td><div class="googft-card-view" style="font-family:sans-serif;width:450px;padding:4px;border:1px solid #ccc;overflow:hidden">
|
|
<b>Entry Title:</b> WHID 2010-97: Microsoft files two lawsuits for "click laundering"<br>
|
|
<b>WHID ID:</b> 2010-97<br>
|
|
<b>Date Occurred:</b> 5/20/2010<br>
|
|
<b>Attack Method:</b> Cross Site Request Forgery (CSRF)<br>
|
|
<b>Application Weakness:</b> Abuse of Functionality<br>
|
|
<b>Outcome:</b> Fraud<br>
|
|
<b>Attacked Entity Field:</b> Technology<br>
|
|
<b>Attacked Entity Geography:</b> USA<br>
|
|
<b>Incident Description:</b> Microsoft this week filed two lawsuits in federal court in Seattle against alleged perpetrators of a new, technologically advanced form of online advertising click fraud being dubbed "click laundering."
|
|
|
|
|
|
|
|
According to Microsoft, click fraud is an online advertising scam that occurs when a person or computer program imitates a legitimate user and clicks on an online ad for the purpose of generating a fraudulent ???charge-per-click,??? without having any interest in the ad.
|
|
|
|
|
|
|
|
Click laundering, meanwhile, is a more advanced form of click fraud designed to outwit fraud detection systems by hiding the origin of fake clicks.<br>
|
|
<b>Reference:</b> <a href="http://www.scmagazineus.com/microsoft-files-two-lawsuits-for-click-laundering/article/170621/" target="_blank">http://www.scmagazineus.com/microsoft-files-two-lawsuits-for-click-laundering/article/170621/</a>
|
|
</div></td> <td><div class="googft-card-view" style="font-family:sans-serif;width:450px;padding:4px;border:1px solid #ccc;overflow:hidden">
|
|
<b>Entry Title:</b> WHID 2010-96: Facebook scrambles to close CSRF hole exposing private data<br>
|
|
<b>WHID ID:</b> 2010-96<br>
|
|
<b>Date Occurred:</b> 5/19/2010<br>
|
|
<b>Attack Method:</b> Cross Site Request Forgery (CSRF)<br>
|
|
<b>Application Weakness:</b> Insufficient Process Validation<br>
|
|
<b>Outcome:</b> Leakage of Information<br>
|
|
<b>Attacked Entity Field:</b> Web 2.0<br>
|
|
<b>Attacked Entity Geography:</b> USA<br>
|
|
<b>Incident Description:</b> Facebook engineers are finishing a patch for a critical vulnerability that exposed user birthdays and other sensitive data even when they were designated as private, a security researcher said Wednesday.
|
|
|
|
|
|
|
|
At time of writing, much of the CSRF (cross-site request forgery) bug appeared to have been patched, Keith said. However, as noted earlier by IDG News, attackers still could exploit the flaw to control a user's "like" functions, which are used to endorse ads and other types of content.
|
|
|
|
|
|
|
|
The flaw involved a piece of code Facebook engineers dubbed "post_form_id," which is used to ensure that commands can be issued only by browsers that have previously logged into the website. Keith discovered a simple way to bypass the security token: by omitting it altogether, Facebook servers no longer attempted to validate browsers.<br>
|
|
<b>Reference:</b> <a href="http://www.theregister.co.uk/2010/05/19/facebook_private_data_leak/" target="_blank">http://www.theregister.co.uk/2010/05/19/facebook_private_data_leak/</a>
|
|
</div></td></tr> <tr><td><div class="googft-card-view" style="font-family:sans-serif;width:450px;padding:4px;border:1px solid #ccc;overflow:hidden">
|
|
<b>Entry Title:</b> WHID 2010-95: Fraud Bazaar Carders.cc Hacked<br>
|
|
<b>WHID ID:</b> 2010-95<br>
|
|
<b>Date Occurred:</b> 5/18/2010<br>
|
|
<b>Attack Method:</b> Misconfiguration<br>
|
|
<b>Application Weakness:</b> Improper Filesystem Permissions<br>
|
|
<b>Outcome:</b> Leakage of Information<br>
|
|
<b>Attacked Entity Field:</b> Hacking<br>
|
|
<b>Attacked Entity Geography:</b> Germany<br>
|
|
<b>Incident Description:</b> Carders.cc, a German online forum dedicated to helping criminals trade and sell financial data stolen through hacking, has itself been hacked. The once-guarded contents of its servers are now being traded on public file-sharing networks, leading to the exposure of potentially identifying information on the forum???s users as well as countless passwords and credit card accounts swiped from unsuspecting victims.<br>
|
|
<b>Reference:</b> <a href="http://krebsonsecurity.com/2010/05/fraud-bazaar-carders-cc-hacked/" target="_blank">http://krebsonsecurity.com/2010/05/fraud-bazaar-carders-cc-hacked/</a>
|
|
</div></td> <td><div class="googft-card-view" style="font-family:sans-serif;width:450px;padding:4px;border:1px solid #ccc;overflow:hidden">
|
|
<b>Entry Title:</b> WHID 2010-94: Hacker steals 22,000 e-mail address, demands Astley tune<br>
|
|
<b>WHID ID:</b> 2010-94<br>
|
|
<b>Date Occurred:</b> 5/19/2010<br>
|
|
<b>Attack Method:</b> SQL Injection<br>
|
|
<b>Application Weakness:</b> Improper Input Handling<br>
|
|
<b>Outcome:</b> Leakage of Information<br>
|
|
<b>Attacked Entity Field:</b> Media<br>
|
|
<b>Attacked Entity Geography:</b> Netherlands<br>
|
|
<b>Incident Description:</b> Dutch hacker Darkc0ke hijacked a radio station database containing 22,000 e-mail addresses and threatened to publish them unless the station play Rick Astley's "Never Gonna Give You Up," a variation of an Internet meme known as "rickrolling."
|
|
|
|
|
|
|
|
"It was a joke," Darkc0ke said via e-mail. "They didn't play the song. Why can't they do someone a favor, just for once?" Darkc0ke said he cracked the database using a basic SQL injection to exploit a security vulnerability. The hacker is known for breaking into databases. Last year, he stole a database containing 46,000 e-mail addresses from the Dutch magazine Autoweek.<br>
|
|
<b>Reference:</b> <a href="http://news.idg.no/cw/art.cfm?id=B143BFED-1A64-6A71-CE6E57CCCFC37786" target="_blank">http://news.idg.no/cw/art.cfm?id=B143BFED-1A64-6A71-CE6E57CCCFC37786</a>
|
|
</div></td></tr> <tr><td><div class="googft-card-view" style="font-family:sans-serif;width:450px;padding:4px;border:1px solid #ccc;overflow:hidden">
|
|
<b>Entry Title:</b> WHID 2010-93: Huge 'sexiest video ever' attack hits Facebook<br>
|
|
<b>WHID ID:</b> 2010-93<br>
|
|
<b>Date Occurred:</b> 5/18/2010<br>
|
|
<b>Attack Method:</b> Rogue 3rd Party App<br>
|
|
<b>Application Weakness:</b> Insufficient Process Validation<br>
|
|
<b>Outcome:</b> Planting of Malware<br>
|
|
<b>Attacked Entity Field:</b> Web 2.0<br>
|
|
<b>Attacked Entity Geography:</b> USA<br>
|
|
<b>Incident Description:</b> A huge attack by a rogue Facebook application last weekend infected users' PCs with popup-spewing adware, a security researcher said Monday.
|
|
|
|
|
|
|
|
On Saturday, AVG Technologies received more than 300,000 reports of the malicious Facebook app, said Roger Thompson, AVG's chief research officer. AVG came up with its tally by counting the number of reports from its LinkScanner software, a free browser add-on that detects potentially poisoned pages.
|
|
|
|
|
|
|
|
"It was stunning, really, the number," said Thompson in an interview via instant message late Monday. "And stunning that it was not viral or wormy [but that] Facebook did it all by itself."
|
|
|
|
|
|
|
|
The volume of reports on Saturday's rogue Facebook software was highest during the nine-hour period between midnight and 9 a.m. Eastern, with spikes of approximately 40,000 per hour coming at 7 a.m. and noon. For the day, AVG received more than 300,000 reports, triple that of AVG's second-most-reported piece of spyware.
|
|
|
|
|
|
|
|
According to Thompson, Facebook eradicated the rogue application about 15 hours after the attack started. Facebook's only acknowledgment of the attack came on its security page, where a "Tip of the Week" Monday morning read: "Don't click on suspicious-looking links, even if they've been sent or posted by friends."<br>
|
|
<b>Reference:</b> <a href="http://www.computerworld.com/s/article/9176905/Huge_sexiest_video_ever_attack_hits_Facebook" target="_blank">http://www.computerworld.com/s/article/9176905/Huge_sexiest_video_ever_attack_hits_Facebook</a>
|
|
</div></td> <td><div class="googft-card-view" style="font-family:sans-serif;width:450px;padding:4px;border:1px solid #ccc;overflow:hidden">
|
|
<b>Entry Title:</b> WHID 2010-92: SQL Injection attack used in breach of 168,000 Netherlands travelers<br>
|
|
<b>WHID ID:</b> 2010-92<br>
|
|
<b>Date Occurred:</b> 5/18/2010<br>
|
|
<b>Attack Method:</b> SQL Injection<br>
|
|
<b>Application Weakness:</b> Improper Input Handling<br>
|
|
<b>Outcome:</b> Leakage of Information<br>
|
|
<b>Attacked Entity Field:</b> Government<br>
|
|
<b>Attacked Entity Geography:</b> Netherlands<br>
|
|
<b>Incident Description:</b> An attacker has discovered a serious flaw in a website set up to encourage the use of smart cards for public transportation in the Netherlands, resulting in the leakage of personal information of more than 168,000 travelers.
|
|
|
|
|
|
|
|
The website offered a coupon for a free trip using the OV smart card system and was set up to promote the new system which is being slowly rolled out throughout the region. According to Webwerld, a tech publication based in the Netherlands, the names, addresses and telephone numbers of individuals who signed up were publicly available as a result of the flaw.
|
|
|
|
|
|
|
|
Information about the flaw was exposed by an anonymous hacker who gave the magazine a video demonstrating the error using a SQL injection attack. The hacker told the magazine that he made the flaw publicly available because there is no excuse for simple website mistakes. The website has since been taken offline.<br>
|
|
<b>Reference:</b> <a href="http://itknowledgeexchange.techtarget.com/security-bytes/sql-injection-attack-used-in-breach-of-168000-netherlands-travelers/" target="_blank">http://itknowledgeexchange.techtarget.com/security-bytes/sql-injection-attack-used-in-breach-of-168000-netherlands-travelers/</a>
|
|
</div></td></tr> <tr><td><div class="googft-card-view" style="font-family:sans-serif;width:450px;padding:4px;border:1px solid #ccc;overflow:hidden">
|
|
<b>Entry Title:</b> WHID 2010-91: Twitter software bug forces followers<br>
|
|
<b>WHID ID:</b> 2010-91<br>
|
|
<b>Date Occurred:</b> 5/10/2010<br>
|
|
<b>Attack Method:</b> Misconfiguration<br>
|
|
<b>Application Weakness:</b> Insufficient Process Validation<br>
|
|
<b>Outcome:</b> Disinformation<br>
|
|
<b>Attacked Entity Field:</b> Web 2.0<br>
|
|
<b>Attacked Entity Geography:</b> USA<br>
|
|
<b>Incident Description:</b> Twitter users had a big shock on Monday when they checked into the micro-blogging service. Their follower and following numbers were at 0, meaning they were suddenly very unpopular or something was seriously wrong with the site.
|
|
|
|
|
|
|
|
It was the latter, of course. To kill a bug that allowed a user to force other users to follow him or her, Twitter temporarily reset all follower/following counts to zero, according to the Twitter Status blog. Everything was back to normal by 11 a.m. Pacific.<br>
|
|
<b>Reference:</b> <a href="http://www.pcworld.com/article/195962/" target="_blank">http://www.pcworld.com/article/195962/</a>
|
|
</div></td> <td><div class="googft-card-view" style="font-family:sans-serif;width:450px;padding:4px;border:1px solid #ccc;overflow:hidden">
|
|
<b>Entry Title:</b> WHID 2010-90: Facebook Board Member's Account Compromised<br>
|
|
<b>WHID ID:</b> 2010-90<br>
|
|
<b>Date Occurred:</b> 5/10/2010<br>
|
|
<b>Attack Method:</b> Unknown<br>
|
|
<b>Application Weakness:</b> Insufficient Authentication<br>
|
|
<b>Outcome:</b> Phishing<br>
|
|
<b>Attacked Entity Field:</b> Web 2.0<br>
|
|
<b>Attacked Entity Geography:</b> USA<br>
|
|
<b>Incident Description:</b> A Facebook message sent out on Saturday from the account of company board member Jim Breyer to over 2,300 "friends" turns out to have been too good to be true.
|
|
|
|
The message, an invitation to an event at which attendees would be given a "Facebook phone number," was a phishing attack, designed to capture information from recipients.
|
|
|
|
|
|
|
|
The incident underscores the risk of supplying Facebook with data that might be better kept private.
|
|
|
|
|
|
|
|
Facebook's appeal to cybercriminals arises from the high level of trust that users extend to Facebook messages, which are generally presumed to come from friends.
|
|
|
|
|
|
|
|
Compromising someone's Facebook account also provides immediate access to a pool of new potential victims: the friends of the person whose account has been hacked.<br>
|
|
<b>Reference:</b> <a href="http://www.informationweek.com/news/software/showArticle.jhtml?articleID=224701441" target="_blank">http://www.informationweek.com/news/software/showArticle.jhtml?articleID=224701441</a>
|
|
</div></td></tr> <tr><td><div class="googft-card-view" style="font-family:sans-serif;width:450px;padding:4px;border:1px solid #ccc;overflow:hidden">
|
|
<b>Entry Title:</b> WHID 2010-9: Pakistani cyber crime website hit by hacker who is able to access database<br>
|
|
<b>WHID ID:</b> 2010-9<br>
|
|
<b>Date Occurred:</b> 1/11/2010<br>
|
|
<b>Attack Method:</b> SQL Injection<br>
|
|
<b>Application Weakness:</b> Improper Input Handling<br>
|
|
<b>Outcome:</b> Defacement<br>
|
|
<b>Attacked Entity Field:</b> Government<br>
|
|
<b>Attacked Entity Geography:</b> Pakistan<br>
|
|
<b>Incident Description:</b> Details of a political website, the Pakistani National Response Center for Cyber Crimes, part of the Federal Investigation Authority, being hacked has been reported when a sensitive site was hit by a hacker who managed to gain access to the email database.<br>
|
|
<b>Reference:</b> <a href="http://www.scmagazineuk.com/pakistani-cyber-crime-website-hit-by-hacker-who-is-able-to-access-database/article/160969/" target="_blank">http://www.scmagazineuk.com/pakistani-cyber-crime-website-hit-by-hacker-who-is-able-to-access-database/article/160969/</a>
|
|
</div></td> <td><div class="googft-card-view" style="font-family:sans-serif;width:450px;padding:4px;border:1px solid #ccc;overflow:hidden">
|
|
<b>Entry Title:</b> WHID 2010-89: Breaking News: WordPress Hacked with Zettapetta on DreamHost<br>
|
|
<b>WHID ID:</b> 2010-89<br>
|
|
<b>Date Occurred:</b> 5/6/2010<br>
|
|
<b>Attack Method:</b> Unknown<br>
|
|
<b>Application Weakness:</b> Improper Output Handling<br>
|
|
<b>Outcome:</b> Planting of Malware<br>
|
|
<b>Attacked Entity Field:</b> Service Providers<br>
|
|
<b>Attacked Entity Geography:</b> USA<br>
|
|
<b>Incident Description:</b> Early this morning, we received reports that WordPress blogs were hacked on Linux shared-hosting at DreamHost, as well as other hosting companies. This is dangerous scareware which tries to install a virus on your visitor's computer.
|
|
|
|
WordPress, Zencart and other php-based platforms were hit. Our earliest hacked site report is of 5/6/2010 @ 9:17am.
|
|
|
|
This malware was just detected and is not showing up on website malware scanners yet. We have notified sucuri.net of this latest infection so that they can immediately update their malware detections systems.<br>
|
|
<b>Reference:</b> <a href="http://www.wpsecuritylock.com/breaking-news-wordpress-hacked-with-zettapetta-on-dreamhost/" target="_blank">http://www.wpsecuritylock.com/breaking-news-wordpress-hacked-with-zettapetta-on-dreamhost/</a>
|
|
</div></td></tr> <tr><td><div class="googft-card-view" style="font-family:sans-serif;width:450px;padding:4px;border:1px solid #ccc;overflow:hidden">
|
|
<b>Entry Title:</b> WHID 2010-88: phpnuke.org has been compromised<br>
|
|
<b>WHID ID:</b> 2010-88<br>
|
|
<b>Date Occurred:</b> 5/7/2010<br>
|
|
<b>Attack Method:</b> Unknown<br>
|
|
<b>Application Weakness:</b> Improper Output Handling<br>
|
|
<b>Outcome:</b> Planting of Malware<br>
|
|
<b>Attacked Entity Field:</b> Technology<br>
|
|
<b>Attacked Entity Geography:</b> USA<br>
|
|
<b>Incident Description:</b> Websense?? Security Labs??? ThreatSeeker??? Network has discovered that the popular Web site, phpnuke.org, has been compromised.
|
|
|
|
|
|
|
|
PHP-Nuke is a popular Web content management system (CMS), based on PHP and a database such as MySQL, PostgreSQL, Sybase, or Adabas. Earlier versions were open source and free software protected by GNU Public License, but since then it has become commercial software. As it is still very popular in the Internet community, it is not surprising that it has become a target of blackhat attacks.
|
|
|
|
|
|
|
|
The injected iframe hijacks the browser to a malicious site, where through several steps of iframe redirections the user finally ends up on a highly obfuscated malicious page.<br>
|
|
<b>Reference:</b> <a href="http://community.websense.com/blogs/securitylabs/archive/2010/05/07/phpnuke-org-has-been-compromised.aspx" target="_blank">http://community.websense.com/blogs/securitylabs/archive/2010/05/07/phpnuke-org-has-been-compromised.aspx</a>
|
|
</div></td> <td><div class="googft-card-view" style="font-family:sans-serif;width:450px;padding:4px;border:1px solid #ccc;overflow:hidden">
|
|
<b>Entry Title:</b> WHID 2010-87: Facebook hacker jailed after falsely accusing boyfriend of rape<br>
|
|
<b>WHID ID:</b> 2010-87<br>
|
|
<b>Date Occurred:</b> 5/6/2010<br>
|
|
<b>Attack Method:</b> Brute Force<br>
|
|
<b>Application Weakness:</b> Insufficient Authentication<br>
|
|
<b>Outcome:</b> Disinformation<br>
|
|
<b>Attacked Entity Field:</b> Web 2.0<br>
|
|
<b>Attacked Entity Geography:</b> USA<br>
|
|
<b>Incident Description:</b> A young mother who had accused her ex-boyfriend of rape hacked into his Facebook site to post a threat to herself to bolster her fakery.
|
|
|
|
|
|
|
|
Zoe Williams was described as "really wicked" by the judge, who jailed her for four months.
|
|
|
|
A court heard she tried to set up her ex-boyfriend partner after accused him of raping her several times after the end of their five-year relationship in 2007.<br>
|
|
<b>Reference:</b> <a href="http://www.telegraph.co.uk/technology/facebook/7685381/Facebook-hacker-jailed-after-falsely-accusing-boyfriend-of-rape.html" target="_blank">http://www.telegraph.co.uk/technology/facebook/7685381/Facebook-hacker-jailed-after-falsely-accusing-boyfriend-of-rape.html</a>
|
|
</div></td></tr></table></body></html> |