16-31 July 2014 Cyber Attacks Timeline

July is gone and hence it’s time, as usual, to summarize the main cyber events happened in the second half of this month (Part I here).

For a strange coincidence this month has shown an unusual number of breaches dating back to several years ago (2010-2012) and reported only now: Catch of The Day, Think W3 Limited, Paddy Power and Lasko are the organizations affected.

Looking quickly at Cyber Crime, these two weeks have brought the breach to The Wall Street Journal (by W0rm the same author of the breach to CNET), the disclosure of a failed attempt to disrupt the Nasdaq in 2010, a breach to the website of the European Central Bank, an extensive attack aimed to compromise the Tor Infrastructure, and, last bunt not least, the DHS advisory related to Backokff, a PoS Malware already compromising 600 organizations throughout the U.S.

Moving to Cyber Espionage, this period will be remembered for the Canadian allegations against China, related to a cyber attack against The National Research Council and the possible compromising three Israeli defense contractors responsible for building the “Iron Dome” missile shield program.

Israel was even under the radar of the Hacktivists, who concentrated there their efforts in support of the #OpSaveGaza operation.

If you want to have an idea of how fragile our electronic identity is inside the cyberspace, have a look at the timelines of the main Cyber Attacks in 2011, 2012, 2013 and now 2014 (regularly updated). You may also want to have a look at the Cyber Attack Statistics, and follow @paulsparrows on Twitter for the latest updates.

Also, feel free to submit remarkable incidents that in your opinion deserve to be included in the timelines (and charts).

1. http://www.welivesecurity.com/2014/07/16/hacked-japanese-porn-sites/
2. http://www.businessweek.com/articles/2014-07-17/how-russian-hackers-stole-the-nasdaq
3. http://www.zdnet.com/au/catch-of-the-day-waits-3-years-to-reveal-data-breach-7000031759/
4. http://krebsonsecurity.com/2014/07/banks-card-breach-at-goodwill-industries/
5. http://hackread.com/msn-israel-hacked-by-turkish-hackers/
6. http://www.databreaches.net/dei-notifies-clients-after-third-party-web-host-notifies-them-of-two-breaches/
7. http://www.ehackingnews.com/2014/07/indexeusorg-website-hacked-by.html
8. http://www.bbc.com/news/world-africa-28398976
9. http://thehackernews.com/2014/07/cydia-repository-by-bigboss-hacked-all.html
10. http://www.scmagazine.com/vicecom-hacked-possibly-the-wall-street-journal-website-too/article/362087/
11. http://www.theregister.co.uk/2014/07/23/ruskie_vxers_change_dns_nuke_malware_in_swiss_bank_raids/
12. http://arstechnica.com/security/2014/07/wsj-website-hacked-data-offered-for-sale-for-1-bitcoin/
13. http://www.securityweek.com/metro-news-website-compromised-serve-malware-rig-exploit-kit
14. http://www.washingtonpost.com/blogs/the-switch/wp/2014/07/24/stubhub-wasnt-hacked-but-its-users-were/
15. http://blog.sucuri.net/2014/07/mailpoet-vulnerability-exploited-in-the-wild-breaking-thousands-of-wordpress-sites.html
16. http://www.bbc.com/news/business-28458323
17. http://datalossdb.org/incidents/13210-1-163-996-customer-names-credit-and-debit-card-numbers-addresses-phone-numbers-and-email-addresses-stolen-by-hacker-using-sql-injection
18. http://hackread.com/united-nation-hacked-against-gaza-attacks/
19. http://news.softpedia.com/news/Blackhat-SEO-Code-Injected-in-Philippine-Government-Site-452170.shtml
20. http://hackread.com/ukraine-ministry-of-defense-emails-hacked/
21. http://krebsonsecurity.com/2014/07/hackers-plundered-israeli-defense-firms-that-built-iron-dome-missile-defense-system/
22. http://www.scmagazine.com/malware-on-backcountry-gear-website-payment-cards-compromised/article/363888/
23. http://hackread.com/anonymous-hackers-mossad-website/
24. http://www.secureworks.com/cyber-threat-intelligence/threats/threat-group-3279-targets-the-video-game-industry/
25. http://www.nrc-cnrc.gc.ca/eng/cyber/statements/20140729_cyber.html
26. http://www.theregister.co.uk/2014/07/30/ddos_takes_down_cirrus_communications/
27. http://www.abc.net.au/news/2014-08-01/thousands-victim-credit-card-fraud-hacking-mycause-website/5642694
28. https://blog.torproject.org/blog/tor-security-advisory-relay-early-traffic-confirmation-attack
29. http://www.databreaches.net/laskos-system-may-have-been-hacked-back-in-2011/
30. http://www.us-cert.gov/ncas/alerts/TA14-212A
31. http://www.paddypowerplc.com/media/news/paddy-power-advises-customers-historical-data-breach
32. http://krebsonsecurity.com/2014/07/sandwich-chain-jimmy-johns-investigating-breach-claims/
33. http://hackread.com/connecticut-state-hacked-anonghost-opsavegaza/
34. http://www.bankinfosecurity.com/delaware-restaurants-breach-victims-a-7139
35. http://www.databreaches.net/data-breach-at-university-of-west-florida/
36. http://www.hackersnewsbulletin.com/2014/07/list-damage-opsavegaza-israel.html