Sign Up To Receive Daily Watch Desk Updates!

Bat Blue Security Watch Desk

iCloud Hack Exposes Nude Pics Of Stars

September 2, 2014 – Hackers have been posting nude images of several female movie and television stars, which they apparently stole by hacking Apple's iCloud online data storage. Apple has not issued a comment about the incident. Some of the celebrities are saying that the pictures are fakes, while others have expressed their anger and disappointment about the breach and are threatening legal action. An agent for Jennifer Lawrence issued a statement saying, “The authorities have been contacted and will prosecute anyone who posts the stolen photos.” A lawyer for Kate Upton said, “We intend to pursue anyone disseminating or duplicating these images to the fullest extent possible.” Some believe the hack was accomplished by exploiting a vulnerability in Apple's Find my iPhone service. Apple has since patched the flaw.

Syrian Malware Team Using BlackWorm RAT

September 2, 2014 – Researchers have discovered that the hacking group known as Syrian Malware Team, has been using versions of the remote access Trojan BlackWorm in their attacks. The BlackWorm malware allows attackers to kill Windows system processes, shutdown and restart systems and collect system information. It is also able to copy itself to USB drives and create autorun entries. The newest version of BlackWorm also can bypass UAC, disable host firewalls and spread over network shares. Malware attacks involving Syria have been increasing in both sophistications and organization. The most recent attacks have been targeting Turkey, Saudi Arabia, Lebanon and Palestine. Syrian Malware Team is believed to be involved with the Syrian government and may be part of the Syrian Electronic Army.

JP Morgan Chase Had Been Compromised For Two Months

September 2, 2014 – Recent investigation into the hacking of JP Morgan Chase revealed that the bank had been compromised for two months. Hackers had been stealing data from the financial institution since June. The hackers first accessed JP Morgan's systems through the exploitation of a zero-day vulnerability in the company's website. With the knowledge of the company's architecture gained through that breach, the hackers built custom malware that allowed them to further access customer banking transactions. During the two month time period the hackers sent information to different servers located throughout the world. Investigators have ultimately traced many of the transaction to servers in a large Russian city.

Bugzilla User Information Exposed

September 2, 2014 – Bugzilla, the bug and issue tracking system has announced that over 97,000 users have had their email addresses and encrypted passwords exposed on a publicly available server for about three months. The company says the incident occurred during the migration of the Landfill testing server, which mistakenly published personal information on a public server. Assistant Project Lead at Bugzilla, Mark Cote, said, “As soon as we became aware, the database dump files were removed from the server immediately, and we've modified the testing process to not require database dumps.”

Edward Snowden Reveals the NSA's Data Collection Search Engine

August 29, 2014 – ICReach, a “Google-like search engine” is the latest disclosure made by Edward Snowden. Reportedly used by 1,000 analysts in 23 US agencies, ICReach is the tool analysts use when searching a database of over 850 billion user records. Record information includes metadata on phone calls, cell phone calls and texts, emails, online chats, user location and more. ICReach is reported to have been developed back in 2007.

Backoff Point-of-Sale Malware Continues to Impact US Businesses

August 29, 2014 – Backoff malware continues to make rounds attacking point-of-sale (PoS) devices. Compromising remote access lines that are directly connected to the PoS device, the Backoff malware then takes advantage of weak passwords to gain access into these systems and start collecting customer credit card data. To date, reports of at least 1,000 different US businesses have been hacked by this malware.

UPS Stores Compromised in 24 States

August 29, 2014 – United Parcel Service's (UPS) subsidiary, UPS Stores, reported that point-of-sale devices (PoS) at 51 of their stores were compromised by malware. While UPS Stores did not confirm the Backoff malware as the source, they have confirmed that the attack “was not detected by current Antivirus software.” The company is offering to pay for credit card monitoring and identity protection services to customers impacted by the compromise.

Dangerous Third Party Apps for Android Users Discovered

August 29, 2014 – Disguised as a mobile banking application, researchers have discovered the Android/Spy.Krysanec malware making its rounds in Russia. Spy.Krysanec is a modified version of the Unrecom RAT trojan which has the ability to harvest data from an Android user's device. Collected information ranges from stored passwords, contacts, SMS messages, photos, videos, and even audio recordings. Officials warn that any apps for the Android platform should be downloaded from the Google Play store only.

JP Morgan Chase Hit By Zero-Day Vulnerability

August 28, 2014 – JP Morgan Chase has confirmed that in mid-August it was hit by a zero-day virus. While investigators have not yet confirmed the name of the vulnerability, reports state that the “zero-day vulnerability leveraged to gain unauthorized access to the information in the case of JP Morgan Chase has been used to infiltrate the systems of financial organizations in Europe.” Yesterday, the WatchDesk reported on the Kronos Trojan that is being sold in the underground market with the sole purpose of infiltrating banks. Kronos is a sophisticated malware that can defend itself against other malware, communicate outbound via encrypted session and more. Due to the sophistication of the attack, government security experts are working to confirm if this has been a state-sponsored hack. Russia is a leading suspected candidate due to current sanctions in place over Ukraine. However, other industry experts note that state-sponsored attacks would likely be focused on disruption of public services rather than data mining—which is all that has been reported to date in this breach.

NetFlix “Gives Back” to Open Source Community with DDoS Detection Toolkit

August 28, 2014 – In a cooperative initiative that started back in 2010, NetFlix has been working with the open source community via its Open Source Software initiative. The NetFlix security team plans to release a DDoS toolkit that will include “Scrumblr”, “Sketchy” and “Workflowable” on the GitHub website. All three tools work together to collect, correlate and present administrators with a view of Internet traffic. Workflowable takes feeds from the Scrumblr and Sketchy tools to correlate trends that may present conditions for a DDoS attack. The toolkit offers open APIs that will allow administrators to customize their own plug-ins.

Hackforums is Hacked by Egyptian Hacker

August 28, 2014 – A resource for both White Hat and Black Hat hackers, Hackforums promotes research and learning into different types of malware and threats and provides their membership with information on how to remove malware off systems and more. Serving both ends of the hacker community, Hackforums is believed to make over $7,000.00 USD daily. This Tuesday, the website went dark after it was defaced by Egyptian hacker Eg-R1z. The reason for the defacement is still unclear but this is not the first time that Hackforums has been compromised.

TMZ, Photobucket, deviantART and Other Sites Hit by Malvertisers

August 28, 2014 – Taking advantage of outdated versions of JAVA, Adobe Flash Player or Microsoft Silverlight, malvertisers used the Angler exploit kit to deliver the Rerdom Trojan to user systems when they visited popular websites last week. Between August 19th and 22nd,,,,,, and other websites were exposed to the exploit kit. Industry vendors have posted advisories and fixes. Additionally, keeping browser plug-ins up to date and enabling the click-to-play feature in browsers block third party plug-ins from running automatically without the users knowledge.

New “Kronos” Trojan Designed to Compromise Banks Has A Market

August 27, 2014 – Security researchers have learned that a new trojan, “Kronos” is being made available for sale in the hacker underground forum. For $1,000 a prospective buyer can trial the trojan for a week. If satisfied, Kronos then sells for $7,000 and comes with the use of a Command & Control architecture which is made available to the buyer at the close of the purchase. What makes Kronos effective: it can defend itself against other malware, it has been designed to evade Anti-Virus software and Sandbox technologies, it works in both 32-bit and 64-bit platforms and it uses encryption to communicate back to the C&C architecture.

Australian Police Arrest Two Hackers Linked to Anonymous

August 27, 2014 – For DDoS and other activities that date back to 2012, Australian Police have arrested an 18 year-old man in Perth and a 40 year-old man in western Australia. The younger of the two has been charged with hacking into the ISP, Netspeed, while the other for hacking into Indonesian Government web servers and the Melbourne IT Ltd's network. The arrests came after a lengthy investigation where various hard drives and other computer equipment was seized by authorities at both residences. The names of the men have not yet been released.

Montana Health System Suffers Data Breach

August 27, 2014 – As new details continue to emerge in the wake of the Community Health System (CHS) data breach, the Montana Department of Public Health and Human Services has confirmed that up to 1.3 million records in their systems have also been compromised. While there is not a conclusive link between the CHS and Montana PHHS, the activity is believed to be sourced from China using Advanced Persistent Threat (APT) code. Authorities have voiced concerns that the healthcare vertical may now be an active target by hackers because security controls vary significantly from health system to health system.

European Auto Industry Hit with “Carbon Grabber” Malware

August 27, 2014 – Using an email with a malicious attachment, Carbon Grabber has targeted the European auto industry in a data grab. Once the attachment is opened, Carbon Grabber installs malware on the host that then injects code into the web browsers and Microsoft Outlook servers. The malware acts as a man-in-the-middle within the browsers and captures information. The most impacted European nations include Germany (38%), Netherlands (31%) and Italy (24%). Carbon Grabber has been available for sale since the beginning of 2014, and while the auto industry has the highest report of infection, other verticals—including a leading Anti-Virus software vendor—have also reported infections in their organizations.

220 Million User Records Compromised via Online Gaming Sites

August 26, 2014 – 16 individuals were arrested in South Korea for what is being called “an incomprehensible breach” by authorities. User records of South Korean citizens containing names, account logins, passwords and resident registration numbers were collected from users ranging in age between 15 and 65 years-old. Netting over $2 million in the resell of the information, buyers included Chinese hacker groups, mortgage fraudsters and illegal gamblers.

Russian Nationals Duped Into Installing Trojan to Attack US Government Websites

August 26, 2014 – Using US sanctions against Russia as the backdrop, ordinary Russian citizens have been tricked into installing the Kelihos Trojan on their computers believing that the malware would target US government websites. Also known as Hlux, the Kelihos Botnet can be used to send SPAM/phishing emails, mine Bitcoins from targeted systems and launch DDoS attacks. The combination of malware, social engineering for the distribution of the trojan and the confirmation that the Command & Control infrastructure is hosted within Russia and Ukraine has caught the attention of security experts.

2015 Global Cybersecurity Spend Estimated To Exceed $76 Billion

August 26, 2014 – Research analyst firm, Gartner, has estimated the global spend to combat cybersecurity threats will reach $76.9 billion dollars in 2015. The current 2014 spend is on-target to hit $71.1 billion this year alone, a 7.9% increase over 2013. Drivers include the increasing sophistication of threats, continued growth in the adoption of cloud-based services and the continued expand of mobile device use. "While cloud-based services' competitive pricing puts pressure on the market, the cloud is also providing new growth opportunities, as some organizations switch from deploying on-premises products to cloud-based services or cloud-managed products. More than 30% of security controls deployed to the small or midsize business (SMB) segment will be cloud-based by 2015," Gartner said.

Fake Adobe Flash Player Update Is A Virus

August 26, 2014 – Mimicking an Adobe Flash Player software update, security experts are reporting that hackers are pushing out notifications for users to update to “Flash Player Pro”. This malware is believed to be used for the collection of personal data, including banking information and other data that may contain information about the user on the local drive. Users are being warned to only source their updates from Adobe's website directly.

Gov't Issues Software Hacking Warning to Retailers

August 25, 2014 – Homeland security has warned over a thousand US retailers that there is a strong potential for malware to be present in Point of Sale (PoS) software. Initially identified in October of 2013, “Backoff” was responsible for the recent breach in 51 UPS stores throughout the country. While detailed information was supplied to retailers last year that identified Backoff's behavior and how to remove the malicious software, the recent compromise highlights the gap between industry notification of threat and resulting proactive mitigation.

Background Check Company for US Government Agencies Compromised

August 25, 2014 – US Investigations, a background check company for the government, has been reported to have had over 25,000 personal records of Homeland Security employees compromised. Reuters has reported that some of the compromised records included employees who operate as undercover agents for the department. The source and method of compromise are still under investigation and internal compromise has not been ruled out.

FBI Disrupts Ransomware Botnets Cryptolocker & GameOver Zeus

August 25, 2014 – With over $100 million made using the GameOver Zeus Botnet, the DOJ has charged 30-year old Russian Evgeniy Mikhailovich Bogachev as the alleged admin for the Botnet. GameOver Zeus was first detected in September 2011. Tools do exist to remove that removes GameOver Zeus. The FBI has also disrupted the Cryptolocker Botnet which has been responsible for over $27 million in ransom since September 2013. DOJ reports that Cryptolocker is believed to still infect 200,000 systems as of April of this year.

Lizard Squad Lauches DDoS Against Sony Online Entertainment & Tweets Bomb Threat

August 25, 2014 – On Sunday, Sony Online Entertainment came under a DDoS attack that impacted online services, including the Playstation Network (PSN). John Smedley, President of the SOE division Tweeted that Sony worked with various ISPs to address the attack. Hacking group, Lizard Squad claimed responsibility for the attack and cited frustration with how Sony spends its money: “Sony, yet another large company, but they aren't spending the waves of cash they obtain on their customers' PSN service. End the greed” (Tweeted @LizardSquad). During the time of the attack, Mr. Smedley was in mid-flight from Dallas to San Diego—Lizard Squad tweeted a bomb scare to American Airlines—who diverted the flight to Phoenix. The FBI now investigating this threat as a matter of national security.

Investigators Of Malaysian Flight MH370 Hacked

August 22, 2014 – A malware-based hacking attack has been discovered targeting approximately 30 PCs belonging to officials from Malaysia Airlines, the Civil Aviation Department and the National Security Council. The hack has led to the theft of classified material. The malware was delivered via a PDF attachment that was supposed to be a news article. The stolen data was sent via email to an IP address in China. The emails contained confidential data including minutes of meetings and classified documents. Interpol is currently investigating the breach.

Majority Of European Cyber Attacks Come From Russia

August 22, 2014 – A recent study has revealed that the majority of cyber attacks against northern Europe come from Russia (40%). The study also showed that the majority of attacks against the United States originate in China (32%). Western Europe saw the greatest number of their attacks coming from China and North and South America, while APAC countries were targeted most by the United States (63%). The study does point out that it does not take into consideration attribution, so the attacks may in reality be located in different countries to where the attacks were observed coming from. To get this data, researchers set up low-interaction honeypots in public cloud infrastructure around the world to imitate vulnerable operating systems, leaving common ports open to attract hackers.

AnonGhost Publishes YouTube Hacking Tutorial

August 22, 2014 – The hacking group known as AnonGhost has published a YouTube video instructing others on how to hack WordPress. The simple tutorial gives would-be hackers a few steps that will lead to a successful hack of a WordPress website. AnonGhost is a very active hacking group that typically attacks Israeli websites. Most recently AnonGhost was involved in the hacking and defacement of the Malaysian Institute of Karisma Education website.

Hacker Posts List Of Vulnerable Israeli Websitesl

August 22, 2014 – The hacker known as TrojanFM has posted a list of websites that are vulnerable to SQLi injection attacks. According to the hacker all of the websites are Israeli. A successful SQL injection attack allows a hacker to control a website and the database which is used to run the website. The list contains 65 websites that all appear to be privately owned.

UPS Stores Hacked

August 21, 2014 – The UPS Store has announced that the computer systems at several of its franchised locations have been infected with malware, and customer credit and debit card data may be at risk. Fifty-one locations in twenty-four states have been infected with malware, although UPS did not identify the specific malware. Customer information that may have been exposed includes names, postal addresses, email addresses and payment card information. UPS said, “The limited malware intrusion was discovered at only 51 The UPS Store franchised center locations and was not present on the computing systems of any other UPS business entities.”

Hacker Selling Counterfeit US Currency

August 21, 2014 – A hacker using the name Mr. Mouse, is selling counterfeit US currency on the Internet. Mr. Mouse calls the counterfeit bills, “Disney Dollars”, and has started advertising on Reddit. He is selling $20, $50 and $100 bills, although the $100 bills are a copy of the 1996 version. The hacker claims that the notes will pass many anti-counterfeiting tests. In the advertisement, Mr. Mouse says he is, “the spokesmen for my Father's company, The Walt Disney Corporation.” If caught, Mr. Mouse would face up to 20 years in prison.

Cyber Espionage Campaign Found Targeting Spanish-Speaking Countries

August 21, 2014 – Researchers have discovered a cyber espionage campaign, called Machete, that is targeting several spanish-speaking countries. Most of the targets are located in Ecuador, Colombia, Peru, Venezuela, Cuba, Spain and Russia. In Russia, the targets appear to be embassies from one of the other countries. The malware is able to log keystrokes, capture audio and screenshots, take photos from the victim's webcam and capture geo-location data. According to the researchers, the malware is spread through social engineering techniques, which include spear-phishing emails and infections via fake blog websites.

Stanford University Webpage Defaced

August 21, 2014 – The hacker known as SaHoo has hacked and defaced the Stanford University portal. The hacker says the hack was meant to bring attention to the poor security in parts of the website. The defaced message said, “Hacked by ~SaHoo~ Stanford University g0t 0wned!!! Shocked???” No files were damaged during the hack. Earlier this week, SaHoo defaced a webpage at MIT.

Facebook Server Leveraged For DDoS Attack

August 20, 2014 – In June Facebook added a new feature for refreshing attachment content, which researchers discovered can be leveraged to launch distributed denial-of-service attacks. This new way in which images attached to Facebook posts are refreshed can be exploited to launch distributed denial-of-service attacks using Facebook's high-bandwidth servers. Facebook issued a fix which appears to have protected larger organizations, however smaller companies with limited bandwidth resources are still susceptible to these attacks. The fix makes the unique identifier temporary, which permits a smaller number of refreshes. However, the exact number of refreshes allowed is still not known.

Heartbleed Bug Exploited In Community Health Systems Breach

August 20, 2014 – Earlier this week it was reported that hospital operator, Community Health Systems, suffered a breach and had 4.5 million patient records stolen. It is now being reported by unofficial sources that investigators believe that the initial attack was through the Heartbleed vulnerability in OpenSSL. The hackers were able to get user credentials from the memory on a Juniper device via the Heartbleed vulnerability and use them to login through a VPN. Community Health Systems has not provided an official comment.

Syrian Electronic Army's Social Engineering Methods

August 20, 2014 – Security researchers have been studying a past Syrian Electronic Army (SEA) attack that installed spyware on computers. The focus of the study was to learn how SEA is able to infiltrate companies. The researchers discovered that SEA uses social engineering tricks to get their malware delivered, by tricking and tempting victims into opening and exploring malicious files. The methods commonly used include exploiting victims' trust in social networking forums, their interest in following news related to the political conflict in Syria, their fear of attacks from foreign governments and their lack of technology awareness.

New ZeroLocker Ransomware Discovered

August 20, 2014 – A new variant of the CryptoLocker ransomware, called ZeroLocker, has been discovered. ZeroLocker is different from other ransomware, in that it indiscriminately encrypts files. ZeroLocker adds a .encrypt extension to all files it encrypts. Unlike other variants, ZeroLocker encrypts virtually all files on a system, rather than using a set of pre-defined filetypes to encrypt. The criminals behind this malware offer an “early bird” discount for the decryption key. If victims pay within five days the price is $300, but raises to $600 after that.

US Nuclear Regulator Suffers Two Foreign Cyberattacks

August 19, 2014 – It has been reported that the Nuclear Regulatory Commission (NRC) has had its systems breached by foreign hacking groups twice in the last three years. Investigators have not been able to determine the source of the attacks, but it is suspected that they were government-backed. The NRC did not reveal the extent of the damage or if they've taken any steps to improve their security.

Delaware's Treasury Division Hacked And Defaced

August 19, 2014 – The hacker known as SaLeM has hacked and defaced the website of Delaware's Treasury Division. The defacement message reads, “Hacking sites will not STOP!!! Unless Gaza is Free. We want the freedom for Palastain (sic) USA said that Israil (sic) will stop attacking gaza However we Don't believe on that And hacking is On.” Chief of Security for Delaware's Department of Technology and Information, Elaine Starkey, said that the website is managed by a third-party and not through the government's services. Starkey said the hackers leveraged security flaws in the site, but that no information was stolen. At the time of this writing the site has been fully restored.

Chinese Hackers Blamed For Data Leak Of 4.5 Million Hospital Patients

August 19, 2014 – The US-based hospital operator, Community Health Systems (CHS) has announced that their systems have been breached and personal information belonging to 4.5 million patients has been stolen. CHS says that based on information gathered during their investigation, they believe that the hackers are a group from China. They said that the hackers used highly sophisticated malware and technology to bypass it's security systems. The stolen data includes patients' names, addresses, birthdates, phone numbers and social security numbers. No medical information or payment card data was taken.

State Bank Of Pakistan Hacked

August 19, 2014 – The hacker known as Bl@ckDr@GoN is claiming to have breached the systems of the State Bank of Pakistan. There has been no official announcement from the bank. The hacker published 24 tables of information supposedly stolen from the bank. There does not appear to be any sensitive customer data in the tables, however the hacker says this is just to prove that they have access to the bank's systems.

Iranian Cyber Attacks Against Israel Unsuccessful

August 18, 2014 – A senior commander in the Israeli Defense Force's Computer Service Directorate said that Israel faced a “significant Iranian effort” in cyberspace, while Israeli forces were battling with Hamas. According to the IDF, Iranian hackers attempted a large scale cyber-attack on Israel's civilian communications infrastructure. The attacks were not successful, but the commander said, “This is not something we have seen before, both in terms of scope and the type of targets.” The IDF cyber-defenses were able to withstand the attacks, including attempts to bring down the websites of the IDF's Homefront Command and the IDF Spokesperson's Unit.

TCP Stealth Tool Designed To Block Spying

August 18, 2014 – Last week it was reported that the UK has a spying program called HACIENDA, which the GCHQ uses to port-scan entire countries. This is just the latest in a long list of government spying programs. In response security experts are designing a new tool, called TCP Stealth, to help thwart these programs. TCP Stealth is a modification to the TCP three-way handshake that would allow TCP servers to hide from port scanners while granting a standard TCP handshake to authorized clients. The technique takes into account offensive techniques, such as the ones used by GCHQ, that may involve compromised infrastructure. TCP Stealth would only be useful for services with user groups small enough to share a passphrase with all members.

Australian Foreign Minister's Phone Hacked

August 18, 2014 – Australia's Foreign Minister Julie Bishop is the latest government official to have their phone hacked by a foreign government. The phone was hacked during a two-week international trip to Ukraine, the United States and Holland. During the trip she was working to obtain access for Australian police to the Ukrainian crash site of Malaysian Airlines flight MH17. Australian authorities say they know that country responsible for the hack, but have not announced it. Prime Minister Tony Abbott said, “I can assure the Australian people that the very significant discussions that Julie Bishop was a part of with me and with other members of the National Security Committee in recent times were all done over secure lines.”

Cyber Attacks Targeting Syria Intensify

August 18, 2014 – Researchers are reporting an intensification of cyber attacks in Syria, as the number of remote access Trojans (RAT) being delivered through activist websites and social networking pages are increasing. The attacks are increasing not only in number but also in complexity, as the attackers have leveraged social engineering techniques impacting over 10,000 victims. According to the researchers, malicious files allowing complete compromise of computers were received by victims through download links offered through Skype, Facebook posts and YouTube videos. In many cases, victims are lured with documents claiming to disclose wanted activists, victims of recent bombings or leaked documents from Syrian government officials. The researchers have identified a group of hackers called the Resistant Syrian Electronic Army, which is broken into three teams each responsible for different parts of the operation.

Grocery Chains' PoS Systems Hacked

August 15, 2014 – The grocery store chains Supervalu and Albertsons have announced that their point-of-sale systems have been breached by hackers. The stores have alerted their customers that payment card information may have been stolen. Supervalu, a Minnesota-based chain said that 180 Supervalu stores and stand-alone liquor stores operating under different names have been impacted. Albertson's, which saw 29 stores affected, is part of a group of stores operated by AB Acquisition, which Supervalu sold to an investor group. As part of the sale agreement Supervalu still operates IT services for the stores. The hackers gained access to account numbers, expiration dates and cardholder names from payment cards used at the stores.

Anonymous Identifies Wrong Man As Shooter In Ferguson, Mo.

August 15, 2014 – Members of the Anonymous collective have stopped their efforts to name the police officer who shot an unarmed teen in Ferguson, Missouri, after the group identified a person whom never worked as a Ferguson police officer. The person that was initially identified has never been a serving police officer, rather he works as a police dispatcher. The St. Louis County Police Department issued a statement saying that the person identified by Anonymous “is not even an officer with Ferguson or St. Louis County PD. Do not release more info on this random citizen.” The hackers then issued a statement saying that “all doxing will stop for the moment.”

Polish Sites Attacked By Ukrainian Hackers

August 15, 2014 – The Ukrainian hacking group known as Cyber Berkut is claiming to have taken down the websites of Poland's president and the Warsaw Stock Exchange. The hackers said they launched the attacks as a response to Poland's actions as “sponsors of fascism in Ukraine.” In a statement Cyber Berkut said, “Our western neighbor on orders from Washington renders political, diplomatic and military assistance to nationalists and oligarchs who destabilize and wreck Ukraine.”

US Heavily Targeted By New Gameover Zeus Botnet

August 15, 2014 – Researchers have identified new variants of the Gameover Zeus malware that have been successful in building a botnet. There appears to be a significant growth in the number of infection in the United States. The new variants are no longer reliant on the peer-to-peer command and control architecture used by the original malware, instead they are using the domain generation algorithm technique to connect with the control server. Over a three week period the researchers observed 44% of infections in the United States followed by India with 22% and the United Kingdom with 10%. The cybercriminals behind this new variant do not seem to be attempting to steal anything, rather they are just focused on buidling the botnet at this time.

Russian Prime Minister's Twitter Hacked, Fake Resignation Posted

August 14, 2014 – Russian Prime Minister Dmitry Medvedev's Twitter account was hacked by unknown hackers. A fake message announcing his resignation and criticizing President Vladimir Putin was posted. The fake post said, “I'm resigning. Im ashamed of the government's actions. Forgive me.” A government spokesperson issued a statement saying, “(Medvedev's) Twitter account has been hacked, the messages are not genuine. We're working on the problem.” Following the fake post, Medvedev's followers rose from 10,000 to over 2.5 million. Several other fake messages were posted, all criticizing various Russian government policies.

Hackers Behind SynoLocker Ransomware Holding “Going Out Of Business” Sale

August 14, 2014 – The hackers responsible for the SynoLocker ransomware, which targets the network attached storage devices manufactured by Synology, are looking to sell off all of the decryption keys that they have. SynoLocker encrypts users' files and then demands a payment for the private keys needed to unlock them. The hackers have posted on their website a notice saying, “This website is closing soon . . . There is still over 5500 unclaimed private keys. The database is available for sale at 200 bitcoins (about $103,000).” Those infected with SynoLocker have been given seven days to pay the ransom.

Another WordPress Plugin Vulnerability

August 14, 2014 – Researchers have discovered three vulnerabilities in the Disqus WordPress plugin. Disqus is a comment hosting service for websites and online communities. The most serious vulnerability is a cross-site request forgery affecting the Manage.php file, which is used for plugin settings. The plugin has been downloaded over 1.4 million times. The latest version has fixed the flaws.

Tennessee Government Employee Health Information Exposed In Subcontractor Breach

August 14, 2014 – Tennessee government employees are being notified that personal information may have been exposed in a data breach involving Onsite Health Diagnostics, a subcontractor of the state's wellness vendor, Healthways. Onsite performs health screenings for members of the state's health plan. The data breach could have exposed sensitive information belonging to over 60,000 people. The information accessed includes names, dates of birth, addresses, email addresses and phone numbers. According to Onsite, social security numbers, employee ID numbers and other medical information was not compromised.

China Launching Frequent Cyber Attacks Against Taiwan

August 13, 2014 – Taiwan's Science and Technology Minister, Simon Chang, is accusing China of launching frequent cyber attacks against the country. Chang said, “The Chinese cyberwar units have been engaging with Taiwan units almost every day, with some severe attacks every few months.” Most of the attacks were designed to steal information for use in negotiations between the two countries. Taiwan has created its own military cyber units, but according to Chang, they are severely outnumbered by the Chinese forces.

Anonymous Launches OpISIS

August 13, 2014 – Members of the Anonymous collective have launched a new campaign called OpISIS. This is a campaign targeting ISIS supporters and Jihad websites. The hacktivists say this is a response to the inhumane actions taken by the extremist group in Mosul. The campaign is currently a series of distributed denial-of-service attacks being led by Anonymous Indonesia members.

Infected iOS Devices Leads To Revenue Being Stolen From 22 Million Ads

August 13, 2014 – Security researchers reported that a total of 75,000 iOS devices have been infected with malware that steals revenue from advertisements. The malware only works on jailbroken devices, but it has compromised approximately 22 million ads. It is designed to divert revenues generated by clicking on advertisements to the attacker. There is no information on the total amount of money stolen. The researchers observed about 22,000 daily infections taking place at the time of their report.

New Android Malware Found Infecting Legitimate Apps

August 13, 2014 – Researchers have discovered a new remote access Trojan (RAT) for Android that integrates malicious functionality into legitimate apps. The malware is distributed through several channels, including from websites sharing pirated content and social networks. An attacker can use the malware to take photos, record audio using the infected device's microphone, locate the infected device using GPS, access a list of installed apps, calls, text messages and contacts.

Anonymous Targets Ferguson, Missouri Police

August 12, 2014 – Following the death of Michael Brown, the teen that was shot multiple times by Ferguson, Missouri police, the Anonymous hacking collective have announced the OpFerguson campaign. A member of Anonymous posted a statement saying, “To the good people of Ferguson, take heart – and take your streets. You are not alone, we will support you in every way possible.” Part of the statement was directed to the Ferguson police saying, “If you abuse harass or harm in any way the protesters in Ferguson we will take every Web-based asset of your departments and governments off line.” They also threatened to release personal information on every member of the city's police department, and to make public all of the department's emails and databases if anything happens to protestors.

10,000 Records Held In Ransomeware Attack At Chinese University

August 12, 2014 – The Faculty of Medicine of Chinese University has been infected with the Synolocker crypto-malware. The malware encrypted at least 10,000 patient records before it was discovered. Once the malware was identified the infected systems were taken offline to prevent further propagation. The affected information belongs to the Center for Liver Health and the Institute of Digestive Disease at the Prince of Wales Hospital in Sha Tin. The ransom fee for unlocking the data is 0.6 Bitcoin or about $350.

Yahoo News Twitter Account Hacked

August 12, 2014 – The official Yahoo News Twitter account was hacked and used to post a fake news report about an outbreak of Ebola. The fake post said, “Ebola outbreak in Atlanta! Estimated 145 people infected . . .” A few minutes after the message was posted another message was posted saying, “Earlier, an unauthorized tweet with misinformation on Ebola was sent from this account; please disregard that tweet.” The fake tweet was up for about 20 minutes and several thousand retweeted it before it was removed. Yahoo says it is investigating the incident with assistance from Twitter.

CyberVor Gang Steals Over Two Million Australian Logins

August 12, 2014 – Security researchers are reporting that the hacking group known as CyberVor Gang has stolen over two million logins belonging to visitors of .au websites. The stolen data was collected from almost 6,000 Australian sites that were vulnerable to SQL injection exploitation. The stolen information includes email addresses, login IDs and passwords. The owners of the exploited websites are currently being notified so that the vulnerabilities can be patched.

Researchers Send Letter Telling Automakers To Get Serious About Security

August 11, 2014 – A group of security researchers have posted a letter addressed to “Automotive CEOs” calling on them to implement five security programs to protect cars from cyberattacks. The letter described a plan that asked industry executives to institute safety by design, third-party collaboration, evidence capture, security updates and segmentation and isolation. The letter reads, The once distinct world of automobiles and cybersecurity have collided. Now is the time for the automotive industry and the security community to connect and collaborate.” With so many features of cars being controlled by computers, a cyberattack against a car could lead to physical injury to drivers and passengers. The researchers believe that their security plans could be used by consumers to understand which automakers institute the most security programs. The letter closes by saying, “When the technology we depend on affects public safety and human life, it commands our utmost attention and diligence. Our cars command this level of care.”

Blackphone Vulnerabilities Discovered

August 11, 2014 – Researchers have discovered multiple vulnerabilities in the Blackphone, the first phone designed with security and privacy in mind. The vulnerabilities could allow hackers to gain root access and enable the Android Debugging Bridge without unlocking the bootloader. After being notified about the vulnerabilities, the makers of Blackphone have already issued fixes for most of them. For the vulnerabilities that have not yet been patched, fixes should be released very shortly.

Anonymous Access To WiFi Banned In Russia

August 11, 2014 – Russian Prime Minister Dmitry Medvedev has signed an order banning anonymous access to wifi in establishments offering connections, such as restaurants and public spaces. All users must now be identified with a full name confirmed by an ID. Initial reactions to the law have been “mixed” according to reports, and the new law may be changed according to the prime minister's press secretary. The US-owned Radio Free Europe/Radio Liberty has reported that bloggers may no longer be anonymous either. According to their report a new law requires bloggers with more than 3,000 daily readers to register with Russia's mass media regulator, Roskomnadzor, and following the regulations that govern the country's regular media outlets.

Snake Malware Infecting European Embassies

August 11, 2014 – The Snake malware, which security analysts say is linked to the Russian government, has been found infecting at least nine embassies. The malware has been found on dozens of computers in the Ukrainian prime minister's office and at least 10 of Ukraine's embassies abroad. It has also affected embassies in eastern Europe including Germany, China, Poland and Belgium. Sensitive diplomatic information has reportedly been leaked as a result of these infections.

ISP Networks Hijacked To Steal Bitcoins

August 8, 2014 – Researchers have discovered a hacker has been using a series of malicious activities to hijack at least 19 Internet service providers in order to steal Bitcoins from Bitcoin mining pools. The hacker broadcasted malicious network routes through BGP, which allowed the hijacker to redirect a portion of online traffic from legitimate currency-mining servers on one network to fake servers on another network. In a four month period, the hacker was able to generate about $83,000 in cryptocurrency. Some of the hijacked networks include Amazon, DigitalOcean and OVH.

Animal Rights Hacktivists Target Chinese Websites

August 8, 2014 – The hacking group known as Paw Security has started a hacking campaign against Chinese government and company sites. The hacktivists issued a statement saying, “We are Paw Security, we are the protectors of those you torture and cage/transport. We do not approve of these inhumane actions you inflict on our precious PETS. . . You disgust us!” Some of the sites targeted belong to Sinopec Limited, the largest oil and gas company in China; the state-owned Mobile Communication Corporation; Sina Corp., a Chinese online media company; the Ministry of Justice; the Ministry of Public Security, the Ministry of National Defense and the Ministry of Environmental Protection. At the time of this writing most of the impacted websites have been restored and are operating normally.

Multiple Zero-Days Used In Cyber-Espionage Campaign

August 8, 2014 – Researchers have reported that a cyber-espionage campaign, called Epic Turla, is using multiple zero-day exploits to infect targets. The zero-day exploits include one triggering an escalation of privileges flaw in Windows XP and Windows Server 2003 and another targeting Adobe Reader. Over 100 infected websites were used to deliver Epic Turla, with the most located in Romania. Epic Turla is known to target intelligence agencies, government institutions, embassies, military groups, education institutions and research and pharmaceutical companies in over 45 countries. The majority of the targets are in Europe, the Middle East and the United States.

Critical Vulnerability In WordPress Custom Contact Form

August 8, 2014 – A critical vulnerability has been found in the Custom Contact Form plugin for WordPress. The plugin is vulnerable to remote attacks that allow downloading and modification of the database. The flaw is related to the adminInit() function, which can be exploited to create new user accounts with administrator privileges. The vulnerability affects all versions of the plugin except the most recent release,

DHS Employee Data Leaked In Contractor Attack

August 7, 2014 – A Department of Homeland Security (DHS) contractor, US Investigations Services (USIS), has suffered a cyberattack that may have led to the personal information of some DHS employees being compromised. USIS conducts background checks for the DHS. While the attack is under investigation, the DHS has suspended all work with USIS. The attack was targeting USIS's corporate network and was ultimately discovered by the company's internal IT security team. USIS issued a statement saying, “We immediately informed federal law enforcement, the Office of Personnel Management (OPM) and other relevant federal agencies. We are working closely with federal law enforcement authorities and have retained an independent computer forensics investigations firm to determine the precise nature and extent of any unlawful entry into our network.”

WordPress And Drupal Vulnerability Could Lead To DoS Attacks

August 7, 2014 – Security researchers discovered a vulnerability in the way WordPress and Drupal implement XMLRPC, which could lead to websites being taken down with denial-of-service attacks. The vulnerability can cause complete CPU and memory exhaustion leading to the take down of the site. Both WordPress and Drupal have issued an update to fix the problem and advise all users to update to the latest version.

Government Spyware, FinFisher, Maker Hacked

August 7, 2014 – Gamma International UK Ltd., the company that makes the FinFisher spyware, has been hacked and information on it's government clients has been leaked. The FinFisher spyware is a secret surveillance software that remotely controls any computer it infects, copies files, intercepts Skype calls and logs keystrokes. The software is widely used by governments in the Middle East to spy on journalists and dissidents. The hackers published a 40G file containing client lists, price lists, source code, details about the effectiveness of FinFisher malware, user and support documentation and usage statistics by country. The files also contain a list of apps that the spyware uses.

Plextor Website Defaced By CoMoDo Islamic Hackers

August 7, 2014 – The hacking group known as CoMODo Islamic Hackers have breached and defaced the US website for computer hardware manufacturer Plextor. The defacement message reads, “You'll (be) demolished! Filthy bloodsuckers! America, Israel!! infamous America, infamous Israel. The CYBER-WAR will be appeared (sic) all the Countries which not respecting Islam. Islamic Hacker!!! islamic army coming.” The website is normally dedicated to firmware downloads, news and support for Plextor's SSD products. The company has not issued a statement at this time.

PayPal Confirms Security Key Can Be Bypassed

August 6, 2014 – PayPal has said it is aware of a new method, that researchers identified, that can bypass the two-factor authentication (2FA) mechanism that provides extra security for account holders. The 2FA system, called Security Key, is designed to protect accounts if login credentials are stolen. The researchers found that the 2FA system can be bypassed through Adaptive Payments, which is a system that merchants and developers use, and requires users to connect their accounts to an application. During this process, customers are redirected to PayPal to authenticate the connection using their login information, once done the user is logged into PayPal without entering the 2FA code. A PayPal representative said, “We are aware of a two-factor authentication issue that is limited to a small amount of integrations with Adaptive Payments. . . We are working to get the issue addressed as quickly as possible.”

Russian Hackers Have Over 1.2 Billion Stolen Logins And Passwords

August 6, 2014 – It has been reported that a Russian hacker group known as CyberVor is in possession of 1.2 billion unique login and password credentials stolen from about 420,000 websites around the world. The hacking group also has more than 500 million email addresses. The hackers leveraged botnets to identify SQL vulnerabilities in the various sites they targeted. The vulnerabilities were exploited to steal information from the websites' databases and led to the largest number of stolen personal information ever found. The group is believed to be located in a small city in south central Russia and is made up of around 10 men in their 20s. Many of the exploited sites are still vulnerable today.

72,500 TotalBank Customers Exposed In Data Leak

August 6, 2014 – TotalBank has issued a notification that there has been a security breach of their systems, which may have led to 72,500 personal and business account customers' information being leaked. The information that was exposed includes names, addresses, account numbers, account balances and personal identification numbers. The bank did say that the leaked information did not include login credentials. The bank's statement said, “We want to assure you that we have reinforced our internal security protections and firewalls, enhanced threat detection and monitoring and shut down access to any compromised system. We are also continuing to work closely with law enforcement.”

Civilians Defeat Military In Cyber War Games

August 6, 2014 – In a confidential training exercise, a group of civilian hackers soundly defeated a team from the US Cyber Command (CYBERCOM) in simulated cyber war games. CYBERCOM is currently training about 6,000 soldiers to defend the Department of Defense networks from intrusions, and for running offensive operations targeted at enemies. The civilian team was comprised of IT security specialists who defend against real world threats on a daily basis. A Capitol Hill staffer present at the exercise said the CYBERCOM team was “pretty much obliterated,” and they “didn't even know how they'd been attacked.”

Android Malware Disguising Itself As Kaspersky Mobile Security

August 5, 2014 – Researchers have discovered a new malware, called SandroRAT, that is targeting Android users. The malware is being spread through emails designed to look like bank alerts. The email warns the victim that they have a malware infection on their mobile device and includes a link that leads to a fake mobile security solution that will get rid of the infection. The fake solution says it is a Kaspersky Mobile Security app, but in reality it is a version of SandroRAT. SandroRAT gives the attacker unrestricted access to private information including SMS messages, contact lists, call logs and browser history that could contain banking credentials and then uploads the information to a command and control server.

Anonymous Continues Attacks On Israel

August 5, 2014 – Members of the Anonymous collective have again targeted the websites of Mossad and the Israel Defense Force with distributed denial-of-service attacks. According to a member of Anonymous known as AnonymousGlobo, these attacks were in retaliation for the death of a 22-year-old member of Anonymous shot by an Israeli soldier. Other Israeli government websites were also attacked. At the time of this writing the Mossad and IDF websites were back online and working properly.

Multifunction Printers Leave Corporate Networks Vulnerable To Hacks

August 5, 2014 – Researchers have found that they could successfully hack corporate networks through vulnerabilities in multifunction printers. The printers provide access to Active Directory accounts through credentials stored in the printers. The printers that were tested provided access to user names, email addresses, passwords, Active Directory user names, application data and hostname information, even after some vendors released fixes. Researchers were able to compromise Active Directory in 40 to 50 percent of their tests. LDAP pass-back attacks worked on almost all enterprise printers, since they allowed remote LDAP lookups which would send attackers plain text passwords.

China Investigating Canadians For Spying

August 5, 2014 – The Chinese government is investigating two Canadians accused of espionage. This comes a week after Canada accused China of hacking the Canadian National Research Council. The Chinese state run news agency Xinhua reported that, “Two Canadian nationals are under investigation for suspected theft of state secrets about China's military and national defense research.” The investigation is being conducted by the State Security Bureau in Dandong.

Security Products Blacklisted By Chinese Government

August 4, 2014 – The Chinese government has blacklisted security products from Symantec and Kaspersky. The ban has been issued in an effort to protect national security and public interests. The only approved security products are from five Chinese software developers. The ban follows China's State Internet Information Office's investigation on the major IT products used by government institutions.

Mozilla Leaks Information From Over 76,000 Developers

August 4, 2014 – Mozilla has issued a warning that the email addresses and encrypted passwords of 76,000 members of the Mozilla Developer Network have been leaked. A data sanitization flaw is the cause of the leak. The flaw persisted for 30 days, once Mozilla became aware corrective action was taken immediately. All users affected by the incident have been alerted.

Russian News Agency Hit With DDoS Attack

August 4, 2014 – RIA Novosti, one of the largest Russian news agencies, was hit with a distributed denial-of-service attack over the weekend. The mobile version of the website was completely down, while the full version of the site suffered issued for a short period of time. The attackers have not yet been identified. RIA Novosti had been hit with similar attacks in 2012 and 2013.

New Malware Infects Without Creating Or Installing Files

August 4, 2014 – Researchers have discovered a new malware that infects systems and steals data without installing or creating any files on the targeted system. The new malware, called Poweliks, resides in the computer registry only, which makes it very difficult to detect with anti-virus or anti-malware software. The malware is being distributed through emails that contain a malicious Word document. Once the malicious document is downloaded it creates an autostart registry key and keeps the key hidden. The malware then creates and executes code that connects to hard coded IP addresses in order to receive commands from the hackers.

Anonymous Claims Take Down Of Mossad Website

August 1, 2014 – Members of the Anonymous collective are claiming to have taken down the website of Israel's intelligence agency Mossad with a distributed denial-of-service attack. The hackers say the attack is part of OpSaveGaza and is a response to the conflict in Gaza. The site has been down for over 10 hours at this time. The Israeli government has not issued a statement about this attack.

Multiple Zero-Day Vulnerabilities Found In Symantec Endpoint Protection

August 1, 2014 – Security researchers have identified three zero-day vulnerabilities in Symantec Endpoint Protection. These vulnerabilities can be leveraged for privilege escalation exploits. All of the vulnerabilities have been reported to Symantec. All versions of Endpoint Protection clients 11.x and 12.x running application and device control are affected. Symantec issued an advisory which said that the vulnerabilities are being handled “with the utmost urgency and care.” They did note that there is no evidence that these vulnerabilities are being exploited in the wild.

POS Malware Compromises 600 US Businesses

August 1, 2014 – The US Computer Emergency Response Team and the Secret Service have issued an alert about a newly discovered malware installed on point-of-sale (POS) systems. The malware, known as Backoff, scrapes credit card data out of an infected computer's memory. Hackers use remote desktop software left active on the machines to gain entry and then instal the malware on the hacked systems. Backoff runs in the background and obtains account numbers on cards to create fraudulent cards that are used in ATMs and other point-of-sale systems. According to the alert, the Backoff malware is more of a threat to smaller retailers and franchises who commonly use remote desktop software to connect from another store or to allow remote software support. Researchers say that they have identified nearly 600 businesses across the United States that have been infected with the malware.

Payment Card Info Leaked From Backcountry Gear Website

August 1, 2014 – Backcountry Gear has notified their customers that malware was discovered on their servers and payment card data was likely stolen. It is believed that the malware was on the servers for about three months beginning in late April. The number of people impacted was not released. The information that was compromised includes names, addresses, purchase information and credit and debit card numbers. The malware has been removed and the incident has been reported to law enforcement.

Hacking Group Targeting Video Game Industry

July 31, 2014 – The hacking group known as Threat Group-3279 has been launching a wave of cyber attacks against the video game industry. The attacks are designed to steal source code from the companies. Researchers believe the hackers are stealing the source code to get free game use, to develop tools to cheat at the games or to use the source code for competing products. The hackers typically perform reconnaissance work on their targets before launching the actual attacks, to identify vulnerabilities and set the attack strategy.

Vulnerabilities Found In Major Anti-Virus Engines

July 31, 2014 – Security researchers have identified exploitable vulnerabilities in 14 major anti-virus engines. The vulnerabilities could expose users to man-in-the-middle attacks and are vulnerable to zero-day attacks. The researchers found that almost all of the anti-virus engines are written in C and/or C++ languages, which allows hackers to discover and leverage buffer and integer overflow bugs. Several of the anti-virus firms thanked the researchers for their work and notifications and have already fixed the vulnerabilities.

Attack On Tor Exposes “Anonymous” Users

July 31, 2014 – The Tor Project has said that it has experienced an attack on their network for over five months. The attack was designed to de-anonymize the net addresses of people operating or visiting hidden websites. Tor enables people to visit websites without being tracked and to publish websites whose contents will not show up in search engines. It is believed that the attacks were carried out by two university researchers who claimed to have leveraged vulnerabilities in Tor's design allowing them to identify users.

Kenyan Government Moving All Sites After Attacks

July 31, 2014 – The Kenyan government has announced that all government-owned websites will be hosted locally. The announcement was made in response to several attacks against the government sites in the past few weeks. Experts agree that this move will not do anything to help stop the attacks. The main issue appears to be that most government sites are implemented on open source content management systems, which are not upgraded on a regular basis allowing hackers to exploit vulnerabilities.

Huge Security Holes Found In IoT Devices

July 30, 2014 – Hewlett-Packard security unit Fortify has conducted a study of the most commonly used Internet of Things (IoT) devices and found that 70 percent contain vulnerabilities. The study reports that a scan of the most popular devices and their cloud components found an average of 25 vulnerabilities per device. The products scanned included televisions, webcams, home thermostats, remote power outlets, sprinkler controllers, hubs for controlling multiple devices, door locks, home alarms, scales and garage door openers. Eight of ten devices leaked private information including the user's name, email address, home address, date of birth and credit card information. The study says that 70 percent of the devices failed to use encryption for communicating with the Internet and local network.

Israel Denies Reports Of Chinese Hacks

July 30, 2014 – Earlier this week it was reported that Chinese hackers had compromised the systems of Israeli defense contractors and stealing information about missile defense systems. Eliana Fishler, spokewoman for Israel Aerospace Industries (IAI), said, “The information reported regarding the leakage of sensitive information is incorrect. The publications refer to an attempt to penetrate the company's civilian non-classified internet network which allegedly occurred several years ago.” The original report claimed that over 700 files were stolen from three defense contractors. Fishler continued, “IAI's cyber security systems operate in accordance with the most rigorous requirements and also in this case they were proven to be effective.”

Instagram Hijacking Tool Released

July 30, 2014 – A London-based researcher has released an Instagram hijacking tool, called Instasheep, that exploits a security vulnerability that was reported earlier this week. The researcher decided to build and release this tool after he was denied a “bug bounty” from Facebook. He released a statement saying, “Denied bug bounty. Next step is to write automated tool enabling mass hijacking of accounts. Pretty serious vuln, FB. Please fix.” Facebook has not issued any reply at this time.

Australian Wireless Provider Taken Down By DDoS Attack

July 30, 2014 – The Australian wireless broadband provider, Cirrus Communications, suffered a distributed denial-of-service attack that took down half of its network. The attack hit Cirrus' core network, which led to over 50 percent of its network going down. Cirrus CEO Eric Heyde issued a statement saying, “We are very close to full recovery. We've only got a couple of percent of the network down at present.” It is currently unknown where the attack came from.

Amazon Cloud Hosting DDoS Bot

July 29, 2014 – A vulnerability in a version of Elasticsearch software is being exploited in order to load distributed denial-of-service malware in Amazon Elastic Compute Cloud (EC2) services. The vulnerability exists in the scripting capability of the software and is being exploited to execute arbitrary code remotely on the server it is installed on. Since vulnerable versions are active in EC2, hackers are using a modified version of the exploit code to deliver DDoS malware to EC2. Amazon is now notifying their customers about this threat. Elasticsearch can be installed on other cloud services other than Amazon, and they could be facing the same threat as well. Elasticsearch has issued a patch for the vulnerability.

Chinese Hackers Steal Israeli Missile Defense System Plans

July 29, 2014 – It is being reported that the Chinese hacking group, Comment Crew, has stolen the plans for Israel's Iron Dome missile defense system and other missile interceptors. The hackers are accused of breaching three databases belonging to Israeli defense contractors. The contractors were targeted through email phishing attacks. Once the systems were breached the hackers stole many different documents including emails and presentations containing sensitive data about the Iron Dome and other ballistics projects.

Canada's National Research Council Hacked By Chinese

July 29, 2014 – The CIO of the Canadian government, Corinne Charette, said that Chinese hackers have breached the computer networks of the National Research Council (NRC) in Canada. She said, “The Government of Canada, through the work of the Communications Security Establishment, detected and confirmed a cyber intrusion on the IT infrastructure of the National Research Council of Canada by a highly sophisticated Chinese state-sponsored actor.” The NRC network has been isolated from the broader government network as a precautionary measure. The NRC is Canada's research and technology organization which provides “innovation support, strategic research, scientific and technical services to clients and partners.”

University Of Nebraska-Lincoln Student Hacker Sentenced

July 29, 2014 – Daniel Stratman, a 23-year-old student from the University of Nebraska-Lincoln has been sentenced to six months in prison for hacking into the school's systems. Stratman breached the school's network at least seven times in a one month period in 2012. He pleaded guilty to one count of fraud in exchange for dropping 11 other related charges. During his hacks, Stratman accessed student records, account information and passwords. In addition to the time in prison, he will serve three years of supervised release and pay over $107,000 in restitution.

Instagram Vulnerability Can Lead To Account Hijacking

July 28, 2014 – Security researchers have discovered a security vulnerability in Instagram's Android application that could allow a hacker to hijack users' accounts. Once a hacker takes over an account they can access private photos, delete photos, edit comments and post new images. Instagram uses an unencrypted HTTP connection to communicate with its servers, which leaves it vulnerable to man-in-the-middle attacks. Facebook, which owns Instagram, has said it will be using HTTPS in the future, but does not have a date as to when that will happen. They said in a message to the researchers, “Facebook accepts the risk of parts of Instagram communicating over HTTP not over HTTPS.”

Ukrainian Ministry Of Defense Emails Leaked

July 28, 2014 – Members of the Cyber Berkut hacking group are claiming to have leaked emails from the Ukrainian Ministry of Defense. The hackers claim that the emails contain confidential information about the ongoing conflict between Ukraine and Russia. Cyber Berkut says that the emails detail how the Ukrainian military faces a threat of mass desertion. There has been no confirmation that these emails are authentic.

Anonymous Warns Of More Attacks Against Kenya

July 28, 2014 – Members of the Anonymous hacking collective issued a warning that they will continue with attacks against Kenya. Kenyan government, military and political sites are all targets, as the hacktivists continue to expose corruption in Kenya. Anonymous members have already hacked the Immigration and Registration of Persons, National Environment Trust Fund and Integrated Financial Management Information System's websites. They have also hacked the Twitter accounts of the Kenya Defense Forces and Deputy President William Ruto. The hacktivists say that they are answering a “cry for help” from unnamed anti-corruption activists in Kenya.

Twitter Blocks Russian Hacking Collective Account

July 28, 2014 – Twitter has blocked the account belonging to the b0ltai hacking collective. The hacker group has posted stolen emails from high-profile Russian government officials. When Twitter was asked for the reason for the ban the response was, “We do not comment on individual accounts, for privacy and security reasons.” A Russian court had previously issued a decision to ban b0ltai's blog and microblog in accordance with a lawsuit by an unnamed individual concerning “personal data.” The account is only blocked in Russia, so users can still see b0ltai's postings as long as their country setting is anything other than Russia.

Fake Googlebots Used As DDoS Attack Tool

July 25, 2014 – Hackers are exploiting the fact that many companies allow Google's search bot software, Googlebot, access to their systems. Googlebots collect data from websites in order to build a searchable index used to list and rank sites. Knowing this, hackers have created fake Googlebots that they are using to launch application-layer distributed denial-of-service attacks. Application-layer attacks do not require the same amount of resources as the more popular network-layer distributed denial-of-service attacks. Hackers are able to focus attacks at a specific website resource, such as requesting a download for a particular form hosted on the site, and simply overwhelm a website with fake Googlebots. Researchers have seen a number of attacks that combine network-layer and application-layer tactics.

Hackers Leveraging IE Vulnerabilities On Large Scale

July 25, 2014 – Security researchers are reporting that hackers are leveraging security vulnerabilities in Internet Explorer to research what kinds of security software are running on target computers. These vulnerabilities are allowing reconnaissance to be performed on a large scale, across entire companies without being detected, exposing security holes and allowing hackers to create intelligent attacking strategies. The hackers also search systems to see what other software is present that might be vulnerable. The information collected from Internet Explorer is being shared throughout the hacker community. Microsoft is aware of the security flaws and has issued patches for a few, but many remain open for over a year. A Microsoft spokesperson said, “We're aware of the reported issues, one of which has been addressed in newr versions of Internet Explorer. Each version of Internet Explorer is more secure than the last and contains new and improved security features that help protect customers.”

Russian Teen Arrested For DDoS Attacks On Banks

July 25, 2014 – The Russian Interior Ministry has announced that a nineteen year-old hacker, known as Pump Water Reboot, has been arrested for launching distributed denial-of-service attacks against three major Russian banks. The Ministry's statement said, “Pump Water Reboot organized massive distributed DDoS-attacks on a number of websites including the resources of three major Russian banks, information agency websites, print media, telecommunications companies and even an anti-virus lab.” The hacker would demand a ransom in order to stop the attacks. The ransom was usually around $1,000. If convicted the hacker would face up to seven years in prison.

Linux And FreeBSD Web Servers Targeted By New Malware

July 25, 2014 – Researchers have discovered a new piece of malware that is targeting Linux and FreeBSD web servers and making them a part of a world wide botnet. The malware is known as Mayhem, and it includes a number of payloads that infect machines that are not updated with security patches or are less likely to run security software. Over 1,400 Linux and FreeBSD servers have been compromised with the malware. Most of the compromised servers are located in the United States, Russia, Germany and Canada.

50,000 Websites Hacked Through WordPress Plugin Vulnerability

July 24, 2014 – A critical vulnerability in the MailPoet WordPress plugin has been exploited to hack over 50,000 websites. The vulnerability allows a hacker to inject any file including malware, defacements and spam on to a server without any authentication. According to researchers, the 50,000 sites were all compromised within a three week period. The MailPoet vulnerability is an entry point, the website doesn't have to have it enabled or even have the plugin on the website. If the malware is on the server any site on that server can be impacted.

UN Subdomain Defaced By Turkish Hacker

July 24, 2014 – The Turkish hacker known as Turk Guvenligi has hacked and defaced the United Nations Civil Society Participation subdomain. The attack was in protest of the Israeli attacks in Gaza. The defacement message says, “What is the International purpose of United Nations? What are you working for? Freedom for Palestine People!” At the time of this writing the website is offline and displaying an error message.

Arrests Made In $10 Million StubHub Breach

July 24, 2014 – US law enforcement officials have arrested six men for stealing up to $10 million in tickets. The theft occurred after more than 1,600 accounts were breached and used to purchase tickets without the account holders' permission. Three men were arrested in London and another three were arrested in the United States. Additional people are still being investigated as part of this international cybercrime ring. Manhattan District Attorney Cyrus Vance Jr. said, “Cybercriminals know no boundaries – they do not respect international borders or laws.” The Royal Canadian Mounted Police, the City of London Police, the US Secret Service and the New York City Police Department are involved in the investigation.

European Central Bank Suffers Data Breach

July 24, 2014 – The European Central Bank (ECB), in Frankfurt, Germany, has confirmed that their website has been compromised and their has been a data breach. The ECB discovered the breach after they received an anonymous extortion email demanding that a ransom be paid for the compromised accounts. The compromised database stored information on journalists and other professionals who reigstered for ECB conferences, press briefings and other events. The ECB issued a statement saying, “No internal systems or market sensitive data were compromised. The database serves parts of the ECB website that gather registrations for events . . . It is physically separate from any internal ECB systems.” The stolen data includes email addresses, street addresses and phone numbers.

Wall St. Journal Responds To Hacking

July 23, 2014 – The Wall Street Journal (WSJ) has acknowledged that they suffered a system compromise, after the hacker known as w0rm posted images of a breached database. Dow Jones & Co., the publisher of the WSJ, said that the site's graphics servers were compromised, but “we see no evidence of any impact to Dow Jones customers or customer data.” Included among the images posted by the hacker, were administrator login details with encrypted passwords. A hacker could leverage this information to modify articles, add new content, insert malicious content, add users and delete users. It is believed that the hacker used an SQL injection to compromise the systems. The impacted servers have been taken offline while the investigation continues.

Banking Industry Targeted By Operation Emmental

July 23, 2014 – A new hacking campaign, called Operation Emmental, has been targeting the banking industry with a multi-faceted attack capable of bypassing two factor authentication. The hackers are using malware that is capable of intercepting SMS tokens used to authorize users. Once systems are compromised, the hackers are changing domain name system settings to send victims to rogue bank websites, which are copies of the legitimate sites. Operation Emmental targets have been banks in several countries, including Switzerland, Austria, Japan and Sweden.

Anonymous Announces More Planned Attacks For OpSaveGaza

July 23, 2014 – Members of the Anonymous hacking collective have announced that they are planning a new round of attacks against the Israeli government. These attacks are all part of OpSaveGaza, a campaign that is “a retaliation for Israel's ongoing military intervention in Gaza.” The hackers did not provide details about targets for the attacks planned for Friday. OpSaveGaza started in early July, and other Anonymous members are saying that the attacks will continue every day, not just Friday.

European Union Starting Cybercrime Taskforce

July 23, 2014 – The European Union will be beginning a trial run of their international cybercrime task force, which will coordinate investigations across Europe, as well as other countries including Australia, Canada and the United States. A six-month trial of the EU Joint Cybercrime Action Taskforce (J-CAT) is scheduled to begin on September 1. J-CAT will be headquartered in the Netherlands and will be headed by Andy Archibald, the deputy head of the UK National Crime Agency's National Cyber Crime Unit. During the trial period, the task force will be made up of cybercrime investigators from Austria, France, Germany, Italy, the Netherlands, Spain, the United Kingdom, Australia, Canada, Columbia and the United States. Depending on the success of the trial, other EU members may join the taskforce in the future.

Brokerage Benjamin F. Edwards Malware Infection Leads To Data Breach

July 22, 2014 – Benjamin F. Edwards & Co, a US brokerage firm, has admitted that they have been infected with the CryptoWall ransom malware, and they may have suffered a data breach. The company says that files that were stored on networks and some employee computers were encrypted by the CryptoWall ransom malware. They believe that this also resulted in data being sent to a rouge IP address. CryptoWall's purpose is usually to extort money, not steal data. The firm issued a disclosure notice saying, “The investigation of a professional forensic expert has not, however, been able to reveal the content of the data transmitted to the IP address.”

Credit Card Breach At Goodwill Stores

July 22, 2014 – It is being reported that multiple locations of Goodwill Industries stores are being investigated as likely points of credit and debit card compromise. Goodwill issued a statement saying, “Goodwill Industries International was contacted last Friday afternoon by a payment card industry fraud investigative unit and federal authorities informing us that select U.S. store locations may have been the victims of possible theft of payment card numbers.” No breach has been confirmed at this time, but the investigation is still ongoing. Sources say that a pattern of fraud on cards has been traced to stores in at least 21 states.

Hackers Leak Info On 4,000 Israelis As Part Of OpSaveGaza

July 22, 2014 – Members of the hacking group known as IzzahHackers are claiming to have exposed Personal information of over 4,000 Israeli citizens as part of the OpSaveGaza campaign. The leaked information includes names, emails, phone numbers and passwords. The hackers also posted a message saying, “Israel stop killing, maiming, injuring thousands of Palestinians . . . we will continue to fight you and your supporters in cyber space!” Analysts have inspected the leaked data and believe this is old information that had been posted previously.

Anonymous Hacks Kenya Defense Forces Twitter Account

July 22, 2014 – Members of the Anonymous Kenya hacking collective have hacked the Twitter accounts of the Kenya Defense Force and it's spokesperson, Major Emmanuel Chirchir. Several tweets were sent criticizing the Kenyan government and the Kenyan president. The accounts were briefly recovered, but were hacked a second time. After the second hack a message was sent from Major Chirchir's account saying that the websites of the Ministry of Immigration and Registration of Persons and the Integrated Financial Management Information System had been taken down. The websites only display a message reading, “Pwned by ANON_0X03 and Anonymous Kenya.” Additional messages were sent saying, “Violence produces violence,” and others were images of children waiting in food lines.

Database Of Stolen User Names & Passwords Hacked

July 21, 2014 –, a new search engine that contains a database of stolen user names and passwords from over 100 data breaches has been hacked by the hacking group known as Pernicious Developers. The hackers left a defacement message reading, “This is the Original Pernicious Developers, we're still here. Even if you don't know which version of the group who did this.” The site was breached by leveraging a backdoor shell that was loaded to the site. The owner of Indexeus posted a statement saying, “We had 14m entries at the time the website was 'hacked'.”

Wall Street Journal Facebook Page Hacked

July 21, 2014 – The official Facebook page of the Wall Street Journal was hacked on Sunday. The hackers posted two fake stories, one about Air Force One crashing in Russia and a second one saying that Vice President Biden would be addressing the nation. The Facebook page has over 2.8 million followers. The page was recovered by the Wall Street Journal after 20 minutes, when they posted a message saying, “We are aware that our Facebook page was compromised during the last 20 minutes. We have deleted the posts and are looking into it.” At this time it is not known who is responsible for the hack.

Anonymous Targets Over 1,000 Israeli Sites As Part Of OpSaveGaza

July 21, 2014 – Members of the Anonymous collective are claiming to have taken down or defaced over 1,000 Israeli websites as part of their OpSaveGaza campaign. Several of the defaced sites carried a message saying, “The Jerusalem cause is Muslims' fight of honour.” Hackers leaked email addresses from the Ministry of Immigrant Absorption, the Ministry of Justice, the Ministry of Culture and Sport and the Ministry of Housing and Construction. The majority of the sites targeted belonged to restaurants, businesses and foundations. At this time most of the websites have been restored.

Banco Popular Subsidiary Breached, 72,500 Customers Exposed

July 21, 2014 – Florida bank, TotalBank, a subsidiary of Banco Popular, has admitted that over 72,500 customers have had their account information exposed by a network breach. According to their investigation the hackers may have accessed customer names, addresses, account numbers, account balances and personal identification numbers. In a statement the bank said, “This information does not include passwords or the type of information that would allow access to our customer bank accounts, which remain secure.” The bank is currently working with law enforcement on the investigation.

Hackers Using Government-Grade Malware

July 18, 2014 – Researchers have observed “government-grade” malware being used by cybercriminals, who are integrating it into rootkits and ransomware. “Government-grade” malware is designed to operate undetected on computer systems for long periods of time. The researchers have observed malware known to have been created for government espionage being transformed by hackers to make their own rootkits and ransomware more sophisticated and harder to detect. This malware operates during periods of user inactivity, helping it avoid detection by sandbox-based security tools. The malware also exploits a log bug in Windows 7 and 8, contains anti-debugging and anti-reverse-engineering defenses and obscures malicious activity by converting the application into sections.

EC3 Takes Down Romanian Cybercrime Ring

July 18, 2014 – The European Cybercrime Center (EC3) and law enforcement agencies in France and Romania have taken down an organized cyber crime network of over 100 individuals. The cybercriminals are accused of hacking into international non-cash payment systems through malware infections. They compromised computers of franchisees authorized to perform money transfers using a remote access tool that integrated key-logging. According to authorities the hackers targeted copy-shop businesses in Austria, Belgium, Germany, Norway and the United Kingdom. EC3 estimates the total amount stolen by the crime ring to be at least $2.7 million. Sixty-five individuals have been detained in Romania and France.

Pushdo Malware Infects 11,000 Computers In 24 Hours

July 18, 2014 – A new variant of the Pushdo Trojan, one of the oldest active malware families, has been observed infecting over 11,000 computers in 24 hours. Pushdo is a multipurpose Trojan that is known for delivering financial malware onto infected computers. The new variant is leveraging a new domain-generation algorithm (DGA). DGAs dynamically generate a list of domain names based on an algorithm, this allows the malware to avoid domain blacklisting and blocking of known Command & Control domain names. The coutries most affected by this new Pushdo malware are India, Vietnam, Turkey, the United Kingdom, France and the United States.

Dominion Resources' Employee Wellness Plan Hacked

July 18, 2014 – Virginia-based Dominion Resources announced that personal information of 1,700 employees have been compromised in a hack of their employee wellness plan. The hackers gained access to the system through a subcontractor's system. The personal information that was exposed includes names, addresses, email addresses, phone numbers, gender and dates of birth. The hacker also gained access to password information for another company, but the passwords were encrypted and no breach occurred.

FBI Says 18 Computers Per Second Are Infected With Botnets

July 17, 2014 – During a hearing before a US Senate committee, FBI Cyber Division Director Joseph Demarest said that 18 computers per second worldwide are infected with botnets. This amounts to over 500 million compromised computers a year. He went on to say that botnet infections costs the US and global economies billions of dollars each year. Demarest continued, “We face cyber threats from state-sponsored hackers, hackers for hire, organized cyber syndicates and terrorists. They seek our state secrets, our trade secrets, our technology and our ideas – things of incredible value to all of us.”

Report Shows Amazon Web Services' Leading The Way In Serving Malware-Hosting Sites

July 17, 2014 – Researchers have published a new report showing that, out of the top ten ISPs and hosting providers surveyed, the proportion of malware-hosting websites served from Amazon infrastructure more than doubled from 16% in the fourth quarter of 2013 to 41% in the second quarter of 2014. An Amazon spokesperson issued a statement saying, “AWS employs a number of mitigation techniques, both manual and automated, to prevent the misuse of the services. . . Our terms of usage are clear and when we find misuse we take action quickly and shut it down.” During the same period, the change in proportion of sites being served from other companies included European company OVH going from 10% to 13%, Akamai from 9% to 12%, Google from 6% to 9% and GoDaddy declining from 14% to 2%.

Over 22 Million New Yorkers' Personal Records Exposed In 5,000 Breaches Since 2006

July 17, 2014 – New York Attorney General Eric Schneiderman has issued a report showing that data breaches in New York, between 2006 and 2013, have resulted in 22.8 million personal records of New Yorkers being exposed in almost 5,000 data breaches. The total estimated cost of these breaches is almost $1.4 billion. According to the report almost 40% of the breaches were due to hacking intrusions. AG Schneiderman said, “Our expansive look at data breaches found that millions of New Yorkers have been exposed without their knowledge or consent. It's clear that a broad, concerted public education campaign must take place to ensure that all of us are better protected.”

Israel Says Infrastructure Is Under Cyberattack

July 17, 2014 – Security experts in Israel are saying that professional hackers have been targeting infrastructure, such as the Port of Ashdod, the Dimona nuclear reactor and the main generating plant of the Israel Electric Company. The hackers have been attempting to infiltrate the systems hoping to disrupt the flow of water, electricity, transportation and other critical systems. Dr. Tal Pavel, an expert on Internet usage and crimes in the Middle East, said, “In some ways, the threat of hacking major infrastructure systems is even worse than the nuclear threat. Only governments can afford to purchase and deploy nuclear weapons . . . But anyone can develop or buy their own super-virus, potentially capable of a cyber-attack that could shut down a country for days, create panics or riots, or release dangerous substances, such as gas and sewage, that can kill people in the victim country.” The infrastructure organizations have all said that they employ the most up-to-date and comprehensive security technologies.

Smaller US Government Agencies Being Targeted By Chinese Hackers

July 16, 2014 – It appears that several Chinese hackers have started to target smaller US government agencies instead of high-profile targets, such as the Pentagon. Officials have reported recent attacks against agencies such as the Government Printing Office and the Government Accountability Office. Officials reported that some of these networks were so out of date that the hackers seemed unsure about how to navigate through the systems. Both the printing office and the accountability office released statements saying that no personal identification information had been compromised during the attacks.

Privacy Groups Urging Veto Of New Cybersecurity Bill

July 16, 2014 – Privacy groups including Access, the Electronic Frontier Foundation and Reddit signed a letter sent to President Obama urging him to veto the new cybersecurity bill, if it were to pass through Congress. The privacy groups are concerned that the Cybersecurity Information Sharing Act will increase the spying powers of the National Security Agency. The letter reads, “Legislation that focuses exclusively on facilitation of information sharing … jeopardizes the foundation of cybersecurity by improperly pitting human rights against security. We urge you to pledge to veto CISA and all future legislation that takes a similar approach." The purpose of the bill is to have businesses and government agencies share information about potential hackers and security flaws in an attempt to learn best practices for defending against malicious activity.

Hammas Hacks Israeli TV Station

July 16, 2014 – Part of the Hammas organization known as the Izz al-Din al-Qassam Brigades are claiming responsibility for hijacking the Channel 10 television station in Israel. During the few minutes that the satellite was under their control, the hackers fed images of people wounded by Israeli air strikes on the Gaza region. They also broadcasted a message saying that retaliating actions would be used if Isreal did not stop the bombings. The message read, “If your government does not agree to our terms, then prepare yourself for an extended stay in shelters.”

High-Risk Vulnerabilities Found In New Mexico Health Insurance Exchange

July 16, 2014 – A Department of Health and Human Services (HHS) audit of the New Mexico Health Insurance Exchange has revealed several high-risk security vulnerabilities. The audit report has not been released yet, but the indication is that the vulnerabilities may have left patient information exposed for a long period of time. CEO of the exchange, Mike Nunez said, “We are working to address the issues identified in the audit with our systems integrator and have every expectation of holding all of New Mexico citizens' persona information in high regard and confidential.” The exchange has not yet suffered any attacks, and have not been required to notify any individuals about the vulnerabilities.

Haaretz, Israel's Largest Newspaper, Hacked By AnonGhost

July 15, 2014 – The hacker known as AnonGhost is claiming to have hacked a sub-domain of Haaretz, Israel's largest and oldest newspaper. AnonGhost defaced the page and left a defacement message against Israel and the bombings in Gaza. The sub-domain publishes news about the World Cup. At the time of this writing the page was offline.

WordPress Plugin Vulnerability Provides Backdoor

July 15, 2014 – Researchers have discovered a vulnerability in the WPtouch plugin for WordPress, that allows a logged-in user with non-administrative privileges to upload PHP files to the server. A hacker can leverage the vulnerability to gain unrestricted access to the website by uploading a remote shell. The plugin has over 5.5 million downloads, but the vulnerability has only been found in versions 3.x. Those using older version are not facing a threat from this vulnerability.

PharmaNet Breach Leads To Leak Of Patient Data

July 15, 2014 – PharmaNet, a Canadian prescription information network, has been breached and confidential information on over 1,600 patients has been compromised. The British Columbia Ministry of Health conducted an audit and discovered that an unknown, unauthorized person used a doctor's PharmaNet account without the doctor's knowledge and accessed the patients' personal information. The compromised information includes patient names, dates of birth, addresses, phone numbers and personal health numbers. The Ministry issued a statement saying, “While this privacy breach did not include banking information, enough information was accessed to be used for identity theft.” The investigation into the incident is ongoing.

UK Investing Billions In Cyber Defense

July 15, 2014 – British Prime Minister David Cameron has announced an investment of over $1.3 billion dollars to improve cyber defense technology and surveillance equipment. Cameron stated that threats have changed since the Cold War, and today, the enemy may be seen or unseen. He said, “The plain fact is that in the 21st century, you cannot defend the realm from the white cliffs of Dover.” The focus of the investment will be on security against cyber attacks and the protection of the energy sector.

CNET Servers Breached

July 14, 2014 – The technology review website, CNET, has been breached by a Russian hacker known as w0rm. CNET issued a statement saying, “Here's the situation, a few servers were accessed. We identified the issue and resolved it yesterday. We will continue to monitor.” The hackers is currently trying to sell a CNET database for 1 Bitcoin, however it is not clear what information the database contains. The same hacker was previously involved in a breach of the BBC last year.

AnonGhost Hacks Israeli Galilee Development Authority Site

July 14, 2014 – The hacker known as AnonGhost is claiming responsibility for the hacking and defacement of the Israeli Galilee Development Authority website. The defacement page contains a message of support for Palestine, urging other hackers, activists and human rights organizations to unite against Israel. At the time of this writing the site has been restored.

17-Year Old Arrested For DDoS Attacks On Norway's Banks

July 14, 2014 – The Norwegian police have arrested a 17-year old for last week's distributed denial-of-service attacks against the nation's banking institutions. The teen is accused of launching DDoS attacks against five major banks, two telecommunication companies, three airlines and one insurance company. The hacker claimed to be a member of the Anonymous Norway hacking collective, however other members have said they are not connected with him. Police chief, Frode Karlsen said, “He could have had help, but we don't think that he is a part of an organized group. We do not have any proof of this right now.” He is charged with gross vandalism, which has a maximum prison sentence of six years.

Vulnerabilities Found In Popular Password Protection Programs

July 14, 2014 – Researchers have discovered critical vulnerabilities in five popular password manager programs. The vulnerabilities found in My1Login, PasswordBox, LastPass, RoboForm and NeedMyPassword could allow attackers to steal user credentials. The vulnerabilities were found in features such as one-time passwords, bookmarklets and shared passwords. Different causes of the vulnerabilities have been identified such as logic and authorization mistakes, misunderstandings about web security, cross site request forgery (CSRF and cross site scripting (XSS). The researchers have notified each company about the vulnerabilities.

Houstonian Hotel Breach Leads To 10,000 Credit Cards Exposed

July 11, 2014 – The Houstonian Hotel, Club and Spa's computer systems suffered a security breach that lasted for a six month duration. The breach resulted in the credit card details of at least 10,000 customers being exposed. The hotel's IT Security Director, Jason Love, said that immediate action was taken to secure the customer's data once the breach was discovered. The total number of customers impacted is not known. The 10,000 customers that were notified are only those that provided contact details during their visit at the hotel. A criminal report has been filed with the Houston Police Department.

Gmail For iOS Man-In-The-Middle Vulnerability Discovered

July 11, 2014 – Researchers have discovered a vulnerability in the Gmail for iOS app, that could allow an attacker to steal encrypted communications between the app and the server. The man-in-the-middle attack is possible due to the fact that the app does not incorporate the legitimate certificate that validates the server receiving the communication. Attackers can use a fake certificate to impersonate the server and send all traffic through their systems, giving them access to the unencrypted communication. Google has not yet issued a patch for this vulnerability.

Tunisia's Online Voter Registration Interrupted By Hackers

July 11, 2014 – Tunisia's Electoral Commission issued a statement saying that the online voter registration process for the upcoming Parliamentary and Presidential elections was briefly interrupted by hackers. According to the statement, “an aggressive attack from a group of electronic hackers seeking to prevent citizens from registering,” caused registration on the Internet or by SMS to be temporarily suspended. The commission was able to restore the online process, however they warned that “the hacking attacks are still going on.” Only slightly more than 100,000 people have registered in the past month.

Shipping And Logistics Firms Targeted With Scanner Malware

July 11, 2014 – Chinese cybercriminals are believed to be installing malware on handheld scanners being sold to shipping and logistics companies from all over the world. The Zombie Zero malware is loaded onto scanners that are ultimately used by shipping and logistics firms to track their inventory. The malware is installed on the Windows XP operating systems embedded in the devices, once the scanner starts being used the malware sends information back to the command and control server in China. Once the scanner is hooked up to the company's wireless network, the malware has been observed compromising the victim's network.

Chinese Hackers Access US Federal Employees Database

July 10, 2014 – It is being reported that Chinese hackers have accessed the computer systems of the US Office of Personnel Management, and breached the some of the agency's databases. Tens of thousands of files containing data on federal employees who applied for top-secret clearances were targeted. The compromised information includes employment records, foreign contacts, previous jobs and personal information such as past drug use and other offenses. A Department of Homeland Security official acknowledged that the breach occurred but said that they had not “identified any loss of personally identifiable information.”

POS Systems Being Targeted By Brute-Force Attacks

July 10, 2014 – Security researchers have discovered a group of cyber criminals that are leveraging thousands of infected computers to detect point-of-sale (POS) terminals that are accessed through the remote desktop protocol (RDP). Once identified the attackers are using brute-force attacks to crack the login credentials of the POS terminals. The infected computers scan for specific IP ranges in an attempt locate vulnerable systems. The command and control servers associated with these attacks have been traced to Russia, Iran and Germany. According to reports the attackers targed a set of 57 IP address ranges, 32 of which are in the United States. The additional address ranges are located in the United Kingdom, Netherlands, Spain, Tunisia, South Africa, Saudi Arabia, Uganda and Ukraine.

Anonymous Norway Hits More Financial Organizations

July 10, 2014 – Earlier this week it was reported that members of Anonymous Norway had hit Norwegian bank DNB with a distributed denial-of-service. That attack lasted a little over an hour, but the hackers then launched attacks against several other financial organizations. Additional targets included Norges Bank, Sparebank 1, Storebrand, Gjensidige, Nordea, Danske Bank and Norway's largest telecom company, Telenor. It seems that the hackers exploited a security flaw in WordPress, which allowed them to push bad traffic to the servers of the targets. Anonymous Norway issued a statement saying that these attacks were “to get the community to wake up. The number of major IT security attacks is increasing and there is nothing being done to prevent such events.”

Over 2,300 Indian Websites Hacked By Indonesian Hackers

July 10, 2014 – The Indonesian hacking group known as Sanjungan Jiwa Team are claiming to have hacked and defaced over 2,300 Indian websites. A defacement page was left on the sites with a message saying, “Don't Steal!!! The Government Hates Competition. We Are Sanjungan Jiwa Team.” The defaced sites include several government and educational institutions. At the time of this writing most of the sites were down.

Senate Panel Approves Cyberthreat Info Sharing Bill

July 9, 2014 – The Senate Intelligence Committee has approved an amended version of the Cybersecurity Information Sharing Act of 2014. Sponsors of the Bill say that it will encourage the government and private sector to voluntarily share cyberthreat information. The Center for Democracy & Technology, a civil liberties advocacy group, has said that the bill has provisions that could turn the program into a back door wiretap by authorizing use of cyberthreat indicators for overly broad law enforcement purposes. This version of the bill will be introduced later this week.

Deep Panda Hackers Changing Focus

July 9, 2014 – Security researchers are reporting that the China-backed Deep Panda hacking group have shifted their focus to individuals with an association with Iraq and Middle East matters. The group previously had targeted people with an association to geo-political policy issues in the China/Asia Pacific region. The researchers say that the latest attacks occurred through the use of powershell scripts executed on Windows as scheduled tasks. It is believed that the victims of these attacks are highly targeted and the hackers know exactly who they want to compromise.

New Variant Of Zeus Malware Discovered

July 9, 2014 – Researchers have discovered a new variant of the Zeus malware being called the Zberp Trojan. Zberp is believed to have been created from the source code of Zeus and Carberp. The Trojan allows criminals to steal information from compromised computers including names, IP, data submitted in HTTP forms and FTP/POP accounts. The malware is also capable of taking screenshots and sending them to command and control servers. The malware is being spread through emails with a URL link to a .zip file, which contains Zberp.

Park Hill School District Leaks Data Of 10,000 Individuals

July 9, 2014 – Missouri's Park Hill School District officials have notified over 10,000 former employees and students that their private information has been exposed. It is not known how long the information was exposed, but the incident occurred between February and April. The officials say that there is no evidence that the information has been misused in any way.

National Security Think Tanks Targeted By Chinese Hackers

July 8, 2014 – According to a recent report the Chinese hacking group Deep Panda has been hacking U.S. national security think tanks. The hackers have been stealing confidential information related to U.S. foreign policy. Think tanks in the defense, finance, legal and government industries have been compromised by the group over the course of the last three years. Deep Panda has been exploiting vulnerabilities in Windows operating systems.

DNB Bank Site Down After DDoS Attack

July 8, 2014 – Members of the Anonymous Norway hacking collective have taken responsibility for taking down the Norwegian bank DNB's website with a distributed denial-of-service attack. DND has reported the attack to the police and are taking the attack “extremely seriously.” Communication Adviser Vidar Korsberg Dalsbo said, “The website is partially down because of a DDoS attack, which means that there are log-in problems for some of our customers. We're working hard to get this solved and we believe we have localized where the attack is coming from.” Anonymous Norway did not provide a reason for the attack.

Russian Hacker Arrested By US Secret Service

July 8, 2014 – Roman Valerevich Seleznev, of Moscow, Russia, has been arrested by the U.S. Secret Service. Seleznev has been charged with hacking into point-of-sale systems at U.S. retailers and stealing credit card information between October 2009 and February 2011. According to U.S. prosecutors, Seleznev operated servers and international carding forum websites to facilitate the sale of stolen credit card information. The hacker is being charged with five counts of bank fraud, eight counts of intentionally causing damage to a protected computer, eight counts of obtaining information from a protected computer, one count of possession of 15 or more unauthorized access devices, two counts of trafficking unauthorized access devices and five counts of aggravated identity theft. In addition, Seleznev is facing a separate indictment in the District of Nevada for allegedly participating in a racketeer influenced corrupt organization (RICO), conspiracy to engage in RICO activities and two counts of possession of 15 or more counterfeit and unauthorized access devices. He is facing over 30 years in prison and over $2 million in fines if found guilty.

Netgear Vulnerability Give Hackers Full Access

July 8, 2014 – Researchers have discovered a vulnerability in Netgear ethernet switches that could provide hackers with full access to the hardware, including the ability to execute arbitrary code. Netgear's GS108PE Prosafe Plus switches using version contain hardcoded log-in credentials that could allow unauthenticated hackers to log-in to the firmware. At this time there does not appear to be a workaround for the issue.

New WhatsApp Vulnerability Allows Message Manipulation

July 7, 2014 – Researchers have discovered a new vulnerability in the popular messaging app, WhatsApp. This vulnerability allows attackers to manipulate who is shown as the message sender on the recipient's phone. This type of vulnerability is seen as highly critical due to the increased use of WhatsApp messages as evidence in court. At this time no patch has been issued for the vulnerability.

Video Sharing Site Dailymotion Hacked

July 7, 2014 – The popular video sharing website Dailymotion, has been hacked and visitors are being redirected to a malicious website that installs malware on the visitor's machine. The malicious site hosts the Sweet Orange Exploit kit, which exploits software vulnerabilities to infect the victim's with malware. The malware forces the infected computer to generate traffic to pay-per-click advertisements in order to generate revenue for the attackers.

Number Of North Korean State Backed Hackers Doubles

July 7, 2014 – According to military sources from South Korea, the number of government backed North Korean hackers has doubled over the last two years. The sources claim that there are now 5,900 “elite” hackers employed in the North Korean hacking unit. South Korea has accused North Korea of launching malware attacks against banks, media and government websites. North Korea has denied all of these allegations and says that South Korea is just fueling diplomatic tensions.

Lea Michele's Twitter Account Hacked

July 7, 2014 – The Twitter account belonging to Glee actress Lea Michele has been hacked and false messages have been sent. The hacker sent out a message saying the Michele was pregnant. The star has denied that she is pregnant and says the hacking was her fault due to her weak password. No one has claimed responsibility for the hack at this time.

Anonymous Threatens Action Over Pending Cyber Information Legislation

July 3, 2014 – The hacktivist collective Anonymous has threatened American congresspersons over a pending cyber security bill. Releasing two videos and several reports over social media against the pending CISA bill, Anonymous has said, "It has come to our attention that Congress is planning to pass a bill that will jeopardize privacy and personal security across all forms of media. We would like to inform you that despite our direct and crippling attacks on former cyber security bills like SOPA, PIPA, and CISPA, there is yet a new threat." Though Anonymous is famed for its various defacements and hacks against cyber-targets, this current action by the group also involves calling for massive on the ground protests. The Cybersecurity Information Sharing Act (CISA) enables the government and private companies to share information on security, attacks, and users.

SEC Examining Firms Over Hack Disclosures

July 3, 2014 – The Securities and Exchange Commission is investigating several companies that have been hit with cyberattacks, and the process they used to inform investors of the breaches and their impacts. Currently there is no official requirement public companies must comply with when their systems are hacked, but they do have to inform investors about events that could influence stock trading decisions. The findings of this investigation will be used by the SEC to create regulations designed to protect affected parties in the future.

Finland Announces It Has Been Hacked

July 3, 2014 – The government of Finland has announced that state-sponsored hackers have stolen a large amount of data over the last few years. At its press conference, the government accused government agents of being responsible but refused to name any specific country. The stolen data had the potential of impacting international negotiations, though the government reported that classified documents were not accessed. Surveillance programs were discovered on several Foreign Ministry computers, and new features have been added to its servers to increase security.

1.7 Million Sites At Risk Thanks To WordPress Plugin Flaw

July 3, 2014 – .MailPoet, a WordPress plugin with over 1.7 million users, has been discovered to contain a flaw that allows a hacker to upload any file they wish to the site's server. Designed to ease the sending of newsletters to subscribers, MailPoet's flaw comes from a misunderstanding of how the "admin_init" hook is enabled when a user attempts to visit the administrative page of MailPoet's plugin. All versions are vulnerable except for the patched one released after this bug was discovered and experts urge an immediate update. This is the second WordPress plugin vulnerability discovered this week, as it was reported earlier that the thumbnail plugin TimThumb allowed hackers to execute any code they wished on an infected website.

POS Provider Discovers Unauthorized Access To Payment Cards

July 2, 2014 – Information Systems & Supplies Inc., a distributer of POS (point of sale) and security systems, has sent a letter to customers informing them of a potential payment card information leak. The company has not disclosed the number of machines impacted, though it is possible that all payment card information at every POS it built has been compromised. Known victims include Dairy Queen, Buffalo Wild Wings, and Taco Time restaurants in the North West United States. The company discovered three unauthorized accesses to its remote access system which would have given the hacker nearly unlimited access to its payment files. The company and its remote-access partner have added additional security.

HotelHippo Website Taken Down After Several Critical Flaws Discovered

July 2, 2014 – Researchers have discovered an array of security flaws with HotelHippo, the hotel-booking site, that have resulted in it being temporarily shut down. The vulnerabilities found allow hackers to extract customer data - including hotels booked, the duration of the stay, room numbers and the number of people traveling. Though HotelHippo used a https secure URL, the booking number was sequentially generated and provided in the URL itself. Another vulnerability allowed researchers to obtain the billing address of a user, and another revealed the check-in date and time, along with other information, when the confirmation link was sent over an insecure connection. If hackers gained access to this information it would provide the groundwork for sophisticated phishing attacks and expose the location of victims. The website has been taken offline only after the researcher reported his findings several times.

Anti-Piracy Website Hacked, Replaced With Pirate Bay Proxy

July 2, 2014 – The website of an anti-piracy organization in Argentina has been hacked and transformed into a Pirate Bay proxy site. The Argentinean equivalent of the Recording Industry Association of America, the Argentine Chamber of Phonograms and Videograms Producers had its content replaced with links to torrents and other content available on the Pirate Bay. The attack seems to have happened following the group won an injunction in court that demanded 11 internet service providers block 256 IP addresses and several domains belonging to the torrent website. No one has claimed responsibility for the hack.

Two Chinese Students Prosecuted For Changing Gym Records

July 2, 2014 – Two students from the Lixin University of Commerce in Shanghai, China, have been arrested for hacking into the school's database and changing the physical education records of students for a price. The school requires that all male students complete twenty 1,500-meter runs per semester, and for female students to complete eighteen. If students fail to do so they fail the class, and the actions are tracked by swiping the student card in the gym. Fearing he would fail, one student hacked into the database and adjusted his records. Once another student found, they partnered together to gather students and charged them a fee for a record change. The university has pressed charges against the students. 

Energy Firms Targeted By Dragonfly

July 1, 2014 – Over 1,000 energy companies in North America and Europe have been breached by a malware attack launched by the Eastern European hacking group known as Dragonfly. The malware attack struck companies in eighty-four countries, with most of the targets located in the United States, Spain, France, Italy, Germany, Turkey and Poland. Dragonfly is known to have been targeting companies that use industrial control systems to manage electrical, water, oil, gas and data systems since 2013. Experts believe that Dragonfly is a state-sponsored group due to their high degree of technical abilities.

Houston Astros Suffer Data Breach, Trade Information Disclosed

July 1, 2014 – The computer network of the Houston Astros baseball team have suffered a data breach. Among the information stolen was internal trade talks. The system accessed is named "Ground Control" and is used by the Astros to provide communication and private player statistics and video to players, employees, and other important parties. All files accessed have been made public by the attackers. An investigation has been launched to find the hacker or group of hackers.

Twitter Of Rio De Janerio Police Hacked, Bomb Threat Left

July 1, 2014 – The official Twitter page of the Rio De Janeiro police force has been hacked, with the attackers posting a message about a bomb threat to one of the World Cup stadiums. It took roughly an hour for the tweet to be deleted, and the office of the President was forced to make a statement stating that it was false. No one has yet to take responsibility for the hack, and its 'prank' nature does not match the other hacks by Anonymous which is currently targeting Brazilian websites and the websites of the sporting event's sponsors.

Green Dragon Crew Claims Responsibility For Attacking Ukraine's Largest Commercial Bank

July 1, 2014 – A hacker group known as the Green Dragon Crew has announced that they are responsible for a recent cyber attack on Privatbank, the largest commercial bank in Ukraine. The attack in question centered on a prolonged distributed denial-of-service attack that left the bank's sites inaccessible. Green Dragon Crew also claims to have breached the bank's systems and obtained customers' bank account information, though this has not been confirmed by the bank itself. The group claims it targeted the bank because its owner is participating in the ongoing internal conflict in South-East Ukraine. It released a statement to the media explaining that customers who use the bank "co-finance the killings of civilians in Donetsk and Lugansk since [the owner] finances the war and profits from it, selling the army fuel at triple the prices."

Syrian Electronic Army Defaced Israeli Defense Force's Blog

June 30, 2014 – The Syrian Electronic Army hacker group has taken responsibility for hacking and defacing the official blog of the Israeli Defense Forces. The group uploaded a message denouncing Israeli actions against Palestinians and attacking the country for its interference in the ongoing civil war in Syria. The official blog of the Israeli military is a popular site in the country, offering news, updates, policy, and media content to the public in regards to military developments. It is unclear how the Syrian Electronic Army gained access to such a high visibility target, though the site has since been restored.

Anonymous Announces Campaign Against ISIS

June 30, 2014 – Members of the hacktivist collective Anonymous have announced that they will carry out cyber attacks against countries supporting ISIS - the Islamic State of Iraq and Syria. Anonymous is calling the campaign 'Operation NO2ISIS' and is planning to initiate efforts next week by targeting sites belonging to Saudi Arabia, Turkey and Qatar. One member is quoted as saying, "In the next few days we will begin defacing the government websites of these countries so that they understand.” It also appears that at least one Anonymous affiliated Twitter page was hacked by a person supporting ISIS, with the collective noting that the hacker's methods are very similar to those of the Syrian Electronic Army.

Another Plugin Leaves 1.3 Million WordPress Users Vulnerable

June 30, 2014 – Another massively popular plugin for WordPress has been discovered to contain a crucial security flaw. Disqus is a web comments and discussion plugin that assists site owners in managing user interactions and is currently used on 1.3 million sites. The flaw in question involves Remote Code Execution which allows any user to execute commands on the server using malicious PHP code. The flaw has been reported as a simple and dangerous vulnerability that requires all users to update both Wordpress and the plugin itself to the latest versions to fix the problem. If exploited a hacker could gain complete access to the website.

New EMOTET Malware Scans Outgoing Network Traffic For Banking Details

June 30, 2014 – Researchers are reporting on a new piece of banking malware that is capable of scanning entire networks for financial information. The malware logs all outgoing network traffic, and importantly is capable of extracting information sent over secure connections because of the way it integrates itself into an infected computer. Nicknamed EMOTET, the software has been being delivered through malicious e-mails pretending to discuss financial transactions. Though it logs all network traffic, it appears EMOTET is specifically looking for outgoing financial login credentials. It is currently targeting German banks, and seems designed to avoid detection by hiding stolen information in the system's registry instead of in a hidden file.

Enterprise DDoS Attacks Up 11% Since Last Year

June 27, 2014 – A report recently released by Akamai shows that distributed denial-of-service attacks against enterprises has risen 11% when comparing the first quarter of this year against the first quarter of 2013. Of the companies surveyed, twenty-six percent of organizations that suffered DDoS attacks were hit with repeat attacks. One organization suffered 17 distinct attacks against one target, which was the highest number of repeat attacks reported.

Vendor Hack Leads To Data Leak For University of California, Washington Center

June 27, 2014 – The University of California, Washington Center has reported that a hacker has accessed information stored on its pre-enrollment system hosted at GoSignMeUp. GoSignMeUp is a cloud-based online course registration system. The compromised information includes usernames, passwords, addresses, email addresses and dates of birth of the university's alumni. The school is currently working with GoSignMeUp to increase the security of their user data.

Hacker Pleads Guilty To Hacking Law Agencies

June 27, 2014 – Cameron Lacroix of New Bedford, MA, has pleaded guilty to hacking the computer networks of law enforcement agencies across the United States, and obtaining stolen credit and payment card numbers. He has been charged with two counts of computer intrusion and one count of access device fraud. Lacroix obtained and possessed payment card information for more than 14,000 individuals including names, addresses, dates of birth, social security numbers, email addresses and bank account and routing numbers. He also admitted to breaching a server of the a local Massachusetts police department and repeatedly breaching servers of other law enforcement agencies across the country. Lacroix is scheduled to be sentenced on October 27th.

Thousands Of Koreans Have Banking Information Stolen By Malicious App

June 27, 2014 – Thousands of people living in South Korea have had sensitive information related to their banking accounts stolen by a malicious app in the country's specific Android app market. The app contains a virus that when installed automatically begins scanning for official online banking software, prompts the user that the app needs to be updated, and then replaces it with another malicious application. The new application will ask for usernames and passwords, banking card information, and other details and, once acquiring them, will delete itself from the phone. The application that is first installed and then loads the virus into the Android device varies - from popular games to utility apps that are for various reasons not officially available through Google and must instead be installed from unofficial Android markets. On some days, over 6,000 South Koreans become infected by the virus.

Public Health & Human Services Breach Compromises 1.3 Million

June 26, 2014 – The Montana Department of Public Health and Human Services (DPHHS) has suffered a data breach. Hackers were able to access a server and compromise sensitive information belonging to 1.3 million individuals. The compromised information includes names, addresses, dates of birth and social security numbers. Upon discovery of the breach, DPHHS officials immediately shut down the server and contacted law enforcement.

European SCADA Systems Hit With Havex Malware

June 26, 2014 – Researchers have discovered a new Stuxnet like malware, known as Havex, which has been used in a number of cyber attacks against energy organizations. Havex is programmed to infect industrial control system softwares of SCADA and ICS systems. It appears that the hackers are using the malware to harvest data from infected machines used in SCADA/ICS systems. Researchers believe this indicates that the attackers are not just trying to compromise the networks of companies, but they also want to control the SCADA/ICS systems.

New Zero-Day Puts Thousands Of Wordpress Blogs At Risk

June 26, 2014 – A new zero-day vulnerability has been discovered in TimThumb, a popular image resizing library used in thousands of Wordpress themes and plugins. The vulnerability resides in TimThumb's Webshot feature, and allows attackers to execute commands on a remote website. A hacker can execute a simple command that will allow them to create, remove and modify any file on a victim's server. TimThumb users can disable the Webshot feature.

BBC App Hacked

June 26, 2014 – The BBC News reader app for iPhones was hacked and used to send fake “Breaking News” notifications. The BBC issued an apology after the fake news item was sent out, saying, “We apologize for previous two test push notifications from BBC News which were sent in error.” Some security experts believe that the app was not actually hacked, but the hackers exploited the way in which the BBC feeds in breaking news alerts to push them out to the users.

Hackers Attack European Bank, Steal $700,000 In One Week

June 25, 2014 – Security researchers are alerting the public to a cyber attack in Europe where criminals were able to steal roughly $700,000 in just one week. Over 190 customers of the bank have been identified as victims; the majority of them hail from Italy and Turkey. According to the researchers the criminals deleted all evidence that could have been used to track them down and carried out the attack by using a Trojan that intercepted financial information and executed banking transactions as soon as the victim logged onto their bank's online portal. The attack has been codenamed the Luuk campaign and the researchers believe the attackers will strike again.

Anonymous Targeting EU Sustainability Week Site

June 25, 2014 – Members of the Anonymous collective are claiming to have breached the EU Sustainability Week website. The hackers claim to have compromised 10,000 accounts belonging to companies and governments involved in the high level policy conference. Anonymous issued a press release saying, “This operation aims to underline the hypocrisy and deceit of the financial powers in Europe. Today begins the week of marketing energy, and sustaining profits for the biggest companies. The event is organized by the European Union, however, the list of accounts that we have stolen from the database . . . indicates that high profile companies are also involved in the profitable destruction of ecosystem.” Anonymous is calling on all hackers to join in the attacks under the campaign OPGreenRights.

Pakistani Protesters Take To Website Defacement Against Police Brutality

June 25, 2014 – Pakistani Hackers have increased their defacement of government and private-industry websites following a string of perceived brutality against protesters. The official website of the Directorate General Public Relations - a major website of the Government of the Punjab region - has been hacked and defaced, with its content replaced with a picture of police beating an unarmed youth and a message accusing police of killing innocent people. Team Pak Cyber Experts claimed responsibility for the attack. The Pakistan Haxors Crew took down the website of the Pakistan Electric Power Company just a few days earlier also in protest of police brutality.

At Least One GameOver Zeus Campaign Escapes Law Enforcement Crackdown

June 25, 2014 – Despite the international coordination of law enforcement and private security firms that took down most GameOver Zeus servers, researchers have discovered a new campaign - codenamed Citadel - that used the trojan to create a new botnet system of infected computers. The new campaign acts similar to old ones - infecting computers with ransomware that demands payment to unlock the devices, stealing financial and personal information, and connecting the computer to a network of other infected devices to be used in targeting other networks. It is unknown how this campaign escaped the law enforcement crackdown, though experts believe the criminals have slowly changed the malware versions used in the campaign as a means of making it more efficient.

Major Video Game Company Suffers Massive DDoS Flood Attack

June 24, 2014 – An unnamed video game company's website suffered a massive distributed denial-of-service attack that brought nearly 110Gbps worth of traffic in an attempt to shut it down. The attack is reportedly still ongoing. Though security experts are not revealing the name of the company, it is said to be one of the larger and more well-known companies rather than an independent developer. The attack is the most recent DDoS flood attack to be discussed by researchers, and many believe the trend of rushing servers with tremendous amounts of traffic will only continue as the number of botnets - or completely compromised computers - continues to grow worldwide.

Industrial Sector Targeted With Havex Trojan

June 24, 2014 – Havex, a remote access Trojan typically targeting the energy sector, has been found to have infected several industrial control systems. Over 88 variants of Havex have been discovered and all contain the potential to completely take over a user's machine and steal data. By targeting industrial control systems, experts believe criminals are trying to gain access to industrial electrical, water, gas, oil, and data supplier machines. Over 1,500 infected machines have been identified, and the malware is delivered by compromising the website of ICS vendors - so that user's computers are infected when they check for updates or browse for additional products - as well as through spam and phishing campaigns. Security experts believe this is more about cyber espionage than an attempt to gain payment information, in part because of the sophistication of the software the systems target provide complete access to industrial data and transmit information on hardware to infected servers rather than information such as credit card data.

British Gas Twitter Page Hacked

June 24, 2014 – The customer help page on Twitter for the company British Gas has been hacked. Customers have been receiving strange tweets and links to phishing websites. The account began to post links to what it claimed were interesting content, just for users to be redirected to a fake Twitter page that requested their log in credentials. The company's Twitter page was verified and had a reputation for interacting with customers, so it is unknown how many victims clicked on the links and gave out their information.

Alabama Police Department Infected With Ransomware

June 24, 2014 – The computer system at the Collinsville, Alabama Police Department has fallen victim to ransomware. Delivered through a phishing campaign, the ransomware spread quickly through the station's computer network and ultimately infected seven machines. Of the information encrypted and held for ransom was mug shots and photos/videos meant to be used as evidence. The department is unsure if its backup system is working properly, and has promised not to pay the ransom - even if it means having to rebuild their network and files from scratch. In part because of the plethora of files and e-mails police stations receive from outside groups - other departments, lawyers, victims, community groups - experts warn that police stations are extremely vulnerable to phishing campaigns.

Reuters Attacked By Syrian Electronic Army

June 23, 2014 – Reuters suffered an attack on Sunday when all visitors to their website found themselves redirected to a page controlled by the Syrian Electronic Army. The webpage users were brought to contained a simple message that read, "UK government is supporting the terrorists in Syria to destroy it, Stop spreading its propaganda." Though the hack impacted Reuters, it appears fault lies with the Taboola advertisement firm that creates many of the advertisements on the news organization's webpage. The company reported that a phishing campaign released passwords to the hackers who then exploited dynamic code features of some advertisements to redirect all visitors of the Reuters website.

Hedge Fund Loses Millions To Sophisticated Cybercriminals

June 23, 2014 – An undisclosed hedge fund in the United States suffered millions of dollars worth of damage when cybercriminals gained access to their trading system. In what has been described as a sophisticated attack, the criminals installed malware on the computers of traders by specifically designing an infected e-mail that contained information about capital markets that a hedge fund worker would want to read. Afterwards, the malware would send all information about active trades to a server so that the criminals could profit off of the data. Though the company's trade would still go through, the malware delayed its execution enough that the criminals could 'buy' or 'sell' on the market first, giving them priority on prices. The company estimates it lost millions of dollars in damages because the criminals' trades altered the price of their own actions.

Code Space Shutting Down Due To Extortion Attempt

June 23, 2014 – Code-hosting provider Code Spaces was brought down when hackers gained access to the Amazon Elastic Compute Cloud (EC2) control panel of the site. EC2 and Code Spaces are part of the Amazon Web Services, which allow customers to rent virtual computers where they can run, test, and develop code. The service first suffered a distributed denial-of-service attack that shut down its servers, and was ultimately revealed to be part of an extortion attempt by cyber criminals. When administrators attempted to gain access to the system, the extortionist responded by deleting large amounts of data belonging to both the company and customers. According to a spokesperson: "We finally managed to get our panel access back but not before he had removed all EBS snapshots, S3 buckets, all AMI's, some EBS instances and several machine instances". Code Spaces has announced it will now shut down, with the financial burden of rebuilding their data and refunding customers beyond its capabilities. Their spokesperson added, "In summary, most of our data, backups, machine configurations and offsite backups were either partially or completely deleted."

Bitminer Facebook Trojan Spreading Fast

June 23, 2014 – A new malware campaign spreading on Facebook targets European and Indian users in an attempt to turn their computers into bitcoin mining machines. Security researchers are alarmed at the speed of the malware's spread. Victims receive a private message from a trusted 'friend' with the message "hahaha" and a file attached that masquerades as an image but is really a zip file. Once clicked on, various pieces of software are installed through a dropbox executed link that enables the hackers to install everything they need to take over the victim's computer. Experts suggest that the attack may be ineffective at mining - as most laptops and computers are not powerful enough to be efficient - and that the attackers may switch to installing other malware that would steal other information from the victims.

American Express Notifies Customers Of Two More Data Breaches

June 20, 2014 – American Express is warning customers that it was once again the victim of a data breach that revealed various bits of information to hackers. This makes the second and third time in one month that the credit card company has been forced to deal with such data leaks. Names, account numbers, and card information were exposed when hackers gain accessed to a merchant's system, but no social security information was revealed. It is believed that one of the breaches resulted from a hack of a hotel and hospitality company which was discovered in January, and the other comes from a luxury service company. American Express has not personally released any more details about the breach.

American Airports Targeted By State-Sponsored Hackers

June 20, 2014 – A new report has identified a long-standing operation by state-sponsored actors to spy on aviation systems at 75 U.S. airports. Law enforcement officials were able to identify and stop the attack in its early stages, but not before two airports had their security systems breached. Various aviation officials were targeted by sophisticated phishing campaigns that attempted to install malicious code on networks. It has not been made public if the attack was centered on just understanding how the infrastructure in the U.S. worked or if attackers were attempting to gain cargo and passenger manifests. Through coordination with industry and cybersecurity agencies, all infected networks were cleared and all airports were alerted to the attack. It is unknown what information was obtained or what actions were taken in the two infected airports, which were not identified.

SEA Defaces UK's The Sun And Sunday Times Websites

June 20, 2014 – The Syrian Electronic Army (SEA) has breached and defaced the websites belonging to two UK newspapers – The Sun and the Sunday Times. Both sites displayed the following message, “Hacked by Syrian Electronic Army – Stop publishing fake reports and false articles about Syria! UK government is supporting the terrorists in Syria to destroy it, Stop spreading its propaganda.” Both sites were restored after a few minutes. A spokesman for the newspapers said, “We were back up within 20 minutes of the attack.”

Historical DDoS Attack Hits Hong Kong Democracy Movement On Eve Of Referendum

June 20, 2014 – A pro-universal suffrage democracy organization in Hong Kong known as Occupy Central has suffered what some are calling one of the largest and most persistent distributed denial-of-service attacks in the history of the internet. Occupy Central is pushing for democratic reform in the Chinese city-state that calls for the right for citizens to directly elect candidates running for office. Under the attack, the organization's website - which is running an unofficial referendum of Hong Kong citizens - has been suffering stability issues and in many cases could not be loaded by users. It is being reported that the organization's website is "battling 300Gbps+" worthy of DDoS attacks and that even more sophisticated attempts to bring down the site were occurring. The site received over 1 billion hits in a short period of time. The online and in-person referendum is taking place Friday and Saturday. The organization has refused to place blame on China, saying instead that it is the doing of persons who simply do not want free elections in Hong Kong.

Tumblr and Pinterest Blogs Compromised By Redirecting Spam Script

June 19, 2014 – A large number of Tumblr and Pinterest social media blogs have been comprised by a redirection script that takes visitors to a spam site highlighting a fake miracle diet pill. Researchers discovered that in the case of Tumblr, a script implanted on the compromised sites that is hosted on the file-sharing service dropbox activates when a user goes to the blog and immediately redirects them to a fake version of Women's Health Magazine's website. In the case of Pinterest, the script also exploited the service's connection to Twitter to repeatedly send out the diet-pill spam on multiple accounts. It is still unknown how the accounts were compromised. Suffers Crippling DDOS Attack

June 19, 2014 –, one of the world's largest ancestry research providers, has suffered a large distributed denial-of-service attack that temporarily shut down its services. The cause and reason for the attack are unknown. and its subsidiaries serve over 2 million paying online users, and since the attack the services have been available only sporadically, with the company announcing that it is still not fully restored days after the attack started on Monday. Ancestry's Chief Technology Officer wrote to customers saying, "Your data was not compromised by this attack. This attack overloaded our servers with massive amounts of traffic but did not impact or access the data within those servers."

City of Manila Suffers Anti-Semitic Defacement By Turkish Hackers

June 19, 2014 – The official website for the city of Manila, capital of the Philippines, has been breached by a group of Turkish hackers. Going by the handles VirtuaL & DARKWAR2, the hackers defaced the page and replaced its content with anti-Israeli, anti-American images. Along with a message that read "Freedom For All Muslims" followed by profanity. The group left a list of several other sites the hackers have defaced. It is unknown why Manilia's site was targeted, though the hacker's history suggest it may have been chosen at random.

LinkedIn's Failure To Require HTTPS Connection Leaves Millions Vulnerable

June 19, 2014 – Security researchers have discovered that millions of LinkedIn users are at risk to Man-In-The-Middle cyberattacks due to weak Secure Sockets Layer (SSL) encryption. Though users login using a HTTPS connection, which typically secures encrypted credentials, the company is not using HTTP Strict Transport Security software which prevents any information from traveling over a non-HTTP connection. Hackers who manage to install malicious software on a public network (such as a wireless router) or on a specific device, can redirect user's traffic for LinkedIn from HTTPS to HTTP, allowing them to then steal the cookie that stores the login credentials for the site and gain access. Such attacks can only be prevented by requiring all logins to happen over HTTPS, and not just offering it as the default method of signing in.

AnonGhost Planning Friday Attacks On Energy Firms

June 18, 2014 – The hacking group known as AnonGhost has announced that they will be launching attacks on oil, gas and energy companies globally on Friday. The hackers said, “Petrol is sold in US dollars and Saudi Arabia has betrayed Muslims with their cooperation. So why isn't petrol sold with the currency of the country which exports it? Because the Zionists own us like that.” The planned attacks are a continuation of the OpPetrol campaign that began in 2013.

FBI Arrests NullCrew Member

June 18, 2014 – Timothy Justin French, a 20-year-old from Tennessee, has been arrested by the FBI and charged with federal computer hacking for allegedly conspiring to launch cyber attacks on five organizations. French is known as the hacker Orbit, a member of the NullCrew hacking group which has claimed responsibility for dozens of hacks against corporations, educational institutions and government agencies. According to the FBI, they have been working with confidential witnesses to communicate with members of NullCrew in chat conversations. During these communications NullCrew members disclosed past, present and future attacks and current methods used in attacks. Using this information, agents were able to trace five attacks to French. If French is convicted he will face a maximum sentence of 10 years in prison and a $250,000 fine.

AT&T Confirms Data Breach

June 18, 2014 – AT&T has confirmed that it suffered a data breach in April in which hackers compromised several mobile customers and stole personal information including birth dates and social security numbers. The number of customers impacted was not disclosed, however a California law requires disclosure if an incident affects at least 500 customers in the state. AT&T also did not give a reason as to why it took so long for them to disclose the breach. The company issued a statement saying, “AT&T’s commitment to customer privacy and data security are top priorities . . . employees of one of our service providers violated our strict privacy and security guidelines by accessing your account without authorization between April 9 and April 21, 2014, and, while doing so, would have been able to view your social security number and possibly your date of birth.” It is believed that these alleged employees were attempting to obtain unlock codes for devices so they could remove the devices from AT&T's network and sell them to second-hand markets around the world.

Hackers Access UK Government Intranet

June 18, 2014 – Francis Maude, the UK's Minister for the Cabinet Office, said that the UK Government's internal network was breached recently, when attackers gained access to a system administrator account. According to Maude, the hackers were a state sponsored group, who were detected and fended off in the early stages of the attack before any damage was caused. He said the efficient defense was thanks to “brilliant people working to keep us safe . . . drawn from GCHQ and the security services, the armed forces, the police and National Crime Agency, the civil service, and of course the private sector too.”

Evernote Suffers Forum Security Breach

June 17, 2014 – Following an attack on the servers that run its popular note taking service and temporarily brought down the software's network, the discussion forums of Evernote have been hacked and the login credentials of many users exposed. The breach allowed hackers to possibly gain access to some administrative functions and profile information including: login credentials, e-mails, and in some cases, birthdays of users who created their accounts in 2011 or earlier. Evernote has stressed that its own servers have not been breached and that the vulnerability was on the side of the private service that assists in hosting their forum. It is unclear if this attack is related to the distributed denial-of-service attack that targeted Evernote last week because they refused to pay an extortion fee to a hacker.

Anonymous Resumes Attack On World Cup In Brazil

June 17, 2014 – Following a lull in hacking activity by Anonymous despite its pledge to punish the Brazilian government and the sponsors of the World Cup, Anonymous has launched a series of cyber attacks as part of its OpWorldCup. Most attacks resulted in a leak of employee credentials and contact information: Globo TV Brazil (169 e-mails and names of journalists and employees), the Brazilian federal government (450 names and login credentials of employees), the Regional Electoral Court of the Amazon (e-mails and encrypted passwords of various officials), and the Power Plants of Northern Brazil (names, e-mails, and phone numbers of 3,400 users) were all victims. Anonymous also claims to have administrative access to the official portal of the federal police in Brazil and has attacked several other smaller targets. In support of the hacktivist collective, a group of Tunisian hackers have also attacked the database of Cemig Telecom, releasing the names and e-mails of 1000 employees and customers.

Iraq Terminates Internet Amid Violent Civil Crisis

June 17, 2014 – Researchers have identified two large internet outages throughout Iraq last week and have tied the moves to an attempt to stem the use of broadband technology by the militant group ISIS that has taken over large areas of territory. Hoping to hinder coordination of violent attacks, sources in the Iraqi government have admitted to using the shutdowns. The Internet has been shut off in Iraq before, most recently this Fall when a pricing dispute between retailers and the government led to the government attempting to stifle traffic as a sign of strength, just for the retailers to re-connect via a broadband connection to Turkey. It does not appear that ISIS has launched cyber attacks against the Iraqi government and that the outages are just to prevent communication by the group.

New Trojan Targets Banking Information By Duplicating Browsing Activity

June 17, 2014 – A new remote access Trojan has been discovered and is believed to target banking and financial services websites in part because of its ability to steal otherwise secure and encrypted browsing information. Nicknamed Dyre or Dyreza by security experts, the Trojan forces a user's browser to send all information to two sources instead of one - first to several corrupted servers owned by the hacker, and second to the legitimate site. To the user, the browser activity will appear normal and the address bar will continue to show "https" for secure sites. However, all information - including cookies - are being duplicated and sent freely to the corrupted servers, making it possible for cybercriminals to log in as the user and gain access to their financial information. The malware appears to be spread by spam and phishing campaigns and is targeting Bank of America, Citigroup, and the Royal Bank of Scotland.

Report Suggests Chinese Military Hackers Did More Than Steal Corporate Secrets

June 16, 2014 – A new report shows that Chinese military-backed hackers conducted espionage campaigns against American utilities, studying everything from command-and-control systems to guard patrols. Though the U.S. only publicly charged several Chinese officials with infiltrating computers to steal corporate secrets, the released documents suggest that the same hackers are responsible for infiltrating public utilities and stealing operational data as well. Rep. Mike Rogers, chairman of the House Intelligence Committee, said: "This is as big a national security threat as I have ever seen in the history of this country that we are not prepared for." National security experts are warning these particular hacks go beyond espionage, intelligence gathering, and attacks on corporate entities because they model the mapping of infrastructure in the lead up to traditional warfare.

Hackers Hold Domino's Pizza France Customer Data Ransom

June 16, 2014 – Hackers going by the shared handle of Rex Mundi have breached the servers of Domino's Pizza in France and Belgium, stealing over 600,000 records. The group announce the success of their attack, and demanded $40,000 USD from Domino's Pizza France or else they would release the data. Stolen information includes names, phone numbers, addresses, e-mail addresses and passwords. The company reassured customers that credit card data was not stolen, but did warn that the information Rex Mundi did have could be used for phishing attacks.

Over $600,000 in Dogecoins Mined From Infected Network Access Boxes

June 16, 2014 – A hacker has managed to mine over $600,000 in dogecoin, a competitor of the BitCoin cryptocurrency, from Synology network access storage boxes. Flaws in the DiskStation Manager operating system that powered the network file-sharing technology allowed the hacker, believed to be of German decent, to gain administrative access to a large number of devices. In a folder called "PWNED", the hacker left various files designed to carry out the CPU intensive data mining required to get the cryptocurrency. The flaw was identified nearly a year ago, and Synology has released several patches since to re-secure its network boxes. It is only recently, however, that researchers have identified that the malware was mining dogecoins and managed to purge the infected systems.

DeviantArt Website Targeted By Malicious Advertisements

June 16, 2014 – The world's most popular online art community, deviantArt, has been found to host potentially malicious advertisements. The malicious advertisements are connected to newly registered domains and, when clicked, bring the users to a site where they are requested to "update their media player" and windows drivers before viewing the site's content. Once they consent, users download a potentially unwanted application that spread spyware and slows down user's computers. DeviantArt ranks as the 148th most visited website.

Hackers Release Netflix Credentials

June 13, 2014 – The hacker group known as Derp has released hundreds of log-in credentials for Netflix, the popular streaming service. Despite the leak, security researchers are suggesting it may not be anything more than a joke. The nearly 2,000 passwords and usernames released have been identified as identical to ones leaked back in December, and random tests have shown that none of the credentials work. Some researchers are suggesting that Derp knowingly released the outdated log-in credentials for no reason other than to play on users' fears about hackers.

UPDATE: Romanian Hacker Guccifer Indicted In The US

June 13, 2014 – The Romanian hacker known as Guccifer has been indicted in a U.S. District Court for wire fraud, unauthorized accessing of a computer, cyber-stalking, obstruction of justice, and aggravated identity theft. The hacker has been sentenced to four years in prison in his native Romania for hacking various social media and e-mail accounts of celebrities and politicians in Romania, and his U.S. charges are for similar actions against American citizens. Though the indictment does not reveal who he attacked, it is known that the victims include family members of presidents, a Cabinet member, a member of the Joint Chiefs of Staff, and a former presidential adviser. Guccifer not only stole information, but he leaked some of it to the media on several occasions. He will be extradited to the United States after he serves his sentence in Romania.

UPDATE: TweetDeck Brought Down Accidentally

June 13, 2014 – Yesterday, TweetDeck - the second most popular Twitter management application - was brought down in a XSS (cross-site scripting) attack that exploited the ability to insert code into a Tweet. A 19-year-old Austrian has been identified as the 'cause' of the hack, though it was an accident. According to an interview, the teenager accidentally generated a heart image in his Tweet by typing "&hearts", which then allowed the Tweet to execute other codes. He alerted Twitter to the vulnerability, but also Tweeted about his discovery. Soon, various hackers were abusing the &hearts bug and eventually brought down the service.

P.F. Chang's Caught Off Guard By Data Leak

June 13, 2014 – An unknown number of credit and debit cards' information has been found for-sale online, all belonging to customers of P.F. Chang's China Bistros. Customers who used their cards in various P.F. Chang's from March to May in several states have been exposed in the leak. The company does not know how hackers were able to steal the card information, though P.F. Chang's believes the attack came from recording the mag stripe at the cash register and not a breach of its servers. It is cooperating with law enforcement to discover the cause of the leak. It is believed the hackers are from Russia, since they are asking for payment before June 12th - 15th, which "are the government holidays." June 12th is Russia Day.

Twitter's 'TweetDeck' Targeted With Cross-Site Scripting Attack

June 12, 2014 – TweetDeck, a Twitter application that allows users more management control of their tweets and Twitter profiles, has been disrupted by a XSS (cross-site scripting) attack. TweetDeck allows users to manage multiple accounts, schedule tweets, and connect their Twitter accounts with other social media platforms and has a 23% market share of all Twitter applications (second only to Twitter's own application). The attack caused malicious tweets to create pop-ups and warning messages on user's profiles, and to cause several obscene or malicious tweets to be automatically re-tweeted over and over again. The attackers exploited the ability to post any 140-character string in a tweet which allowed them to enter small bits of code that was eventually executed by the system. TweetDeck fixed the issue after shutting its services down for 30 minutes.

Anonymous Takes Down New York State Board of Elections Website To Protest World Cup

June 12, 2014 – The Anonymous hacktivist collective has taken responsibility for the defacement of the New York State Board of Elections website. In the attack, Anonymous left a video on the home page explaining why they are protesting the soccer World Cup which begins this week in Brazil. It is unknown how the New York government website is related to the sporting competition. Yesterday Anonymous took down the website of the Military Police of Sao Paulo also in protest, as well as released a list of potential targets, ranging from McDonalds to Budweiser.

Anonymous Denmark Leaks Details Of Socialist Party After Internet Monitoring Bill Passes

June 12, 2014 – The Danish parliament has approved a bill that allows the government to track user's Internet activity. Joining protests from human rights organizations, Anonymous Denmark has hacked several accounts belonging to the Danish Socialist political party and leaked the information online. The collective released names, e-mails, passwords, addresses and social security information of multiple parliamentarians who voted for the bill. Anonymous left a message for the public that read: "We are strongly encouraging whistleblowers and other hacktivists to reveal what our politicians will try to keep away from the general public."

Svpeng Trojan Evolves From Finance-Stealer To Mobile Ransomware

June 12, 2014 – The Svpent Trojan, discovered a year ago by security researchers, was initially designed to target mobile banking accounts. Researchers are now reporting that the Trojan has been modified to lock the entire Android mobile phone and demand a ransom for its release. Unlike the first-ever ransomware to target Andorid devices reported on last month, which can encrypt a select number of files to demand a ransom, Svpent locks the entire phone and only allows the user the ability to 'pay' or turn off their device. Researchers believe Svpent started out as a banking trojan that targeted Russians, but this newer version is largely targeting the United States. Importantly, the Trojan also checks to see what banking mobile apps are installed on the device and reports this to the hackers, suggesting the attackers are gathering an understanding of the mobile apps used in the United States as opposed to Russia to continue the original design of the Trojan - to steal financial information.

Evernote And Feedly Hit With DDOS Attack And Extortion

June 11, 2014 – Two popular apps - the news aggregator Feedly and the web clippings service Evernote - have come under heavy distributed denial-of-service attacks that prevented users from accessing application functions. In a blog post, Feedly said: "The attacker is trying to extort us for money to make it stop." It is unknown if the attacks are connected, but the two applications have a working and developmental relationship and can be used together. The two companies have assured users their data is safe and are doing everything possible to restore functionality.

Anonymous Takes Down Sao Paulo Police Website In Protest Of World Cup

June 11, 2014 – In its latest attack in protest of the Word Cup to be held in Brazil, Anonymous has taken down the website of the Military Police of Sao Paulo thanks to a successful distributed denial-of-service attack. Anonymous released a press release following the attack, claiming responsibility and attacking the Brazilian President for not doing more for indigenous people. Last month Anonymous stated it was going to enhance its protest against lavish spending on the World Cup despite wide-spread perceptions of poverty and corruption in the country. The collective has also threatened sponsors of the World Cup.

Two Russian Hackers Possibly Responsible For 'Lost My iPhone' Hack On Australia

June 11, 2014 – Authorities have arrested two Russian hackers - aged 17 and 23 - who have reportedly confessed to hacking various Apple devices and holding them for ransom. It has strongly been suggested the arrest involves the hacking of iPhones and iPads largely in Australia and New Zealand. Russian authorities claim to have found various hacking equipment and literature belonging to the two people and believe they may be involved in several other cases outside of the 'Lost My iPhone' exploit. The hack left a message on the user's phone demanding a small payment to unlock the device, and blamed "Oleg Pliss" for the attack.

Energy Firm Employees Targeted Via Social Media

June 11, 2014 – Security researchers are warning that hackers are beginning to use social media networks to target employees of energy firms. They identified one particular campaign as an example. In an attempt to get individuals to install malware onto their computers, hackers created a fake persona who reached out to important individuals at a particular energy firm about applying for a job. After conversing, the fake profile would send a resume and several other files to the individual, one of which was infected with malware. The attackers targeted user's personal e-mails instead of their professional ones as these generally have weaker security standards. As well, social network sites are more likely to be linked to personal accounts instead of work e-mails.

New Cyber-Espionage Group Identified

June 10, 2014 – Security experts have identified a new cyber-espionage group called Putter Panda. It is believed that this group is backed by China's People's Liberation Army. Targeted attacks against US defense and European satellite and aerospace industries have been linked to the group. One of the groups members has been identified as 35-year-old Chen Ping, who is the registrant for several domains used by Putter Panda. Most of the group's attacks are exploits of vulnerabilities in popular applications such as Adobe Reader and Microsoft Office.

New Banking Trojan Discovered, Alternative To Zeus

June 10, 2014 – Researchers have discovered a new banking Trojan that is seen as an alternative to the Zeus Trojan. This new Trojan is called Pandemiya and is similar to Zeus in that it enables hackers to steal form data, login information and files from infected devices. Pandemiya is able to inject fake elements into websites, capture screenshots of victim's computer screens and encrypt its communications with the control panel. What makes this Trojan unique is that it was written without sharing any source code with Zeus. Pandemiya is available for purchase in underground forums for $1,500 for the core application to $2,000 for the core application and additional plugins.

Canadian 9th-Graders Hack ATM

June 10, 2014 – Two 9th-graders from Canada were able to hack into an ATM at the Bank of Montreal after discovering an old manual to the machine online. The manual provided detailed instructions on how to access administrative privileges and provided the default password to the machine - which was never changed. The children alerting the bank of the flaw and, when faced with disbelief, hacked into the computer once again and begin printing administrative details and changed the message of the ATM. The bank has accepted their proof and has assured customers it was fixing the issue.

Researchers Warn Smart TVs Are Vulnerable To Broadcast Hack

June 10, 2014 – Smart TVs have been made vulnerable to hacks by the introduction of a new feature - HbbTV. Hybrid Broadcast Broadband Television is an increasingly used feature on Smart TVs that enable the television to render embedded HTML. With little to no security features, a user who visits a compromised broadcast displaying HTML could find themselves infected with malware that will begin to compromise the TV, steal data, attempt to disrupt local systems such as a printer or router, or turn to the Smart TV into a botnet to carry out distributed denial-of-service attacks elsewhere. Importantly, researchers believe that - though extremely dangerous - attacks are unlikely for some time as they require an infected signal to be broadcast out similar to broadcast television.

Anonymous Launches #OpHackingCup And Targets Brazil & Sponsors

June 9, 2014 – Members of the hacking collective Anonymous have announced their intention to target the commercial sponsors of the World Cup, this year to be held in Brazil, in protest of what some see as excessive spending during a time of austerity. Acting as a spokesperson for the movement, Anonymous hacker Che Commodore has announced that vulnerable sites have already been identified. The hacker siad, "We have a plan of attack." As the date of the cup approaches, Anonymous has had small attacks against government e-mails or business websites, but the campaign, known as #OpHackingCup continued to be suggested not to start until the cup's first day.

Romanian Hacker Guccifer Sentenced For Hacking Into Government E-mails

June 9, 2014 – A Romanian hacker best known for breaching the e-mails and social network accounts of several government officials and popular entertainers has plead guilty and been sentence to a total 4-years of jail. Marcel Lazar, also known as the hacker Guccifer, was sentenced for repeatedly hacked the e-mail of Romanian politician Cornia Cretu, as well as the head of the Romanian Intelligence Service, George Major. The hacker has also targeted members of the American Bush family, Colin Powell, US military personnel, British politicians, and members of the Council on Foreign Relations. Guccifer was apprehended via a partnership between American and Romanian law enforcement. Though the hacker plead guilty, he argued for leniency saying that hacking e-mail was not as serious of a threat as the government suggested since, he said, almost everyone has their e-mail hacked at one point.

Saudi Arabian Hacker Targets American Electronic Road Signs

June 9, 2014 – Security experts have identified a Saudi Arabian hacker believed to be responsible for a string of hacks against Electronic Road Signs in late May and Early June. Replacing the instructions or warnings on the signs with silly messages, the hacker's attack was relatively harmless but cost time and money for officials to fix. In some cases the hacker changed passwords or infected systems with malicious code, forcing factory resets of the signs. Though the identity of the hacker was not released, authorities did state they are not believed to be affiliated with any group and has a track record of defacing devices attached to the internet, and then explaining to other hackers how to do so. Security experts report that this is a good example that as more devices are connected to the internet, security standards need to be strengthened.

New Hampshire Police Department Infected With Ransomware

June 9, 2014 – The police department in Durham, New Hampshire reports that several of its systems were infected by the Cryptolocker ransomware. The malware was introduced into the police department's system through e-mail phishing, where the code was hidden in what appeared to be a legitimate file. The infected machines were immediately isolated and the police department began disinfection routines and restoring data through backups. The Town Manager stated that no ransom would be paid to free the files, and that little data was lost because of the department's backup system. Cryptolocker is a powerful ransomware software that is nearly impossible for most users to decrypt, making it very difficult to restore one's files without paying the fee or using a backup system.

Heartbleed Investigation Leads To Discovery Of New Vulnerability

June 6, 2014 – Since the discovery of Heartbleed earlier this year, security researchers have been taking a harder examination of OpenSSL, an encryption standard for the web. The latest vulnerability discovered threatens to allow hackers to intercept active communications, change data, or create sophisticated social-engineering attacks to gain even more sensitive data. When on the same network as a user - such as a public WiFi spot - the new vulnerability can allow a hacker to force unsecure encryption keys when the user connects to a server, thus giving the attacker the knowledge to access, ease-drop on, and even change ongoing communications. All PC and mobile software using OpenSSL that have not been updated to the latest version are vulnerable. The vulnerability has been a part of the software for 16 years.

US Military Hack Leaves South Korean Employees Exposed

June 6, 2014 – General Curtis M. Scaparrotti, commander of US Forces in South Korea issued an apology for the “possible theft” of private details belonging to South Korean employees. Two databases were hacked leading to almost 16,000 current and former workers, almost all Korean nationals, and people who have applied for jobs with the US military exposed. The details contained on the databases include names, contact information and work history. No classified military data was compromised in this hack. The incident is currently being investigated.

Apple, Google And Amazon Purge Fake Virus/Malware Detection Apps

June 6, 2014 – Over the last year several security researchers have issued warnings on fake Anti-Virus or Malware Detection applications popping up in the application stores of Apple, Google and Amazon. Either acting as a new company or pretending to be an established brand, the applications trick users into installing them and thus install malware, steal information or at least just charge a fee while providing zero protection. In a recent move, Google and Amazon have purged their respective stores of any application that independent security researchers have pointed to as fake, and Apple has taken similar steps when users or media report on the issue.

IPMI, Important In Maintaining The Cloud, Revealed To Be Extremely Vulnerable

June 6, 2014 – A new report showcases that IPMI - Intelligent Platform Management Interfaces - leave servers extremely vulnerable to intrusions and attacks. Independent computers that assist larger servers in managing out-of-band communications, IPMI enables remote control by administrators and allows access to memory, networking and storage. Detailed in the report, the vast majority of servers utilizing IPMI are extremely vulnerable to attack because of lax security practices and weak software. Roughly half of all IPMI do not require authentication for administers to login, and many contain weak encryption standards that allow hackers to easily steal passwords or force their way in regardless of security standards. The security team announced that not only could attackers steal information or cripple entire networks if they disabled the server, but that it was nearly impossible to upgrade the IPMI software and security standards to the point of making them more secure.

Android Sees First Encrypting Ransomware

June 5, 2014 – Security researchers are warning Android users of the first-ever ransomware that actually encrypts the files of an Android device. Ransomware is an increasingly popular form of malicious software that locks a victim's computer and demands payment in order for a user to regain access. On computers, ransomware will also begin to encrypt a user's files so that even if the victim manages to remove the malicious software, they will not have access to their files - thus increasing the chance the victim will pay. Until now, no ransomware for Android smart phones was sophisticated enough to encrypt user files. The new software provides victims a warning - in Russian - that they have accessed child pornography and that payment is required for their phone to be unlocked, all while it begins encrypting random files on the phone. Experts warn paying the ransom only encourages more ransomware.

United Kingdom Wants To Hand Out Life Sentences For Serious Cyber Attacks

June 5, 2014 – The British government announced it wants to hand out life sentences to anyone found guilty of 'serious cyber attacks', especially those that result in the loss of life, illness or injury, or poses a serious threat to national security. Sentencing also became harsher if the attack damages the economy or the environment of the United Kingdom. The government believes the punishment laws around hacks - many established in the 90s - are outdated and do nothing to stop the growing issue of cyber-espionage on businesses. Opponents argue that many of the attacks suggested are unrealistic and have only happened in movies or books, and that tougher laws make the internet unsafe by forcing researchers to avoid certain areas of research. Some experts believe that under these new laws, any UK researcher who was working on understanding the Heartbleed bug would need to be arrested and that it equally punishes altruistic and criminal hackers.

Security Company ESET Defaced By Indonesian Hacker

June 5, 2014 – The website of the IT Security company ESET and several of its domains designated for Spain have been defaced by the Indonesian hacker Hmei7. The defacer left the same message on every page: "hello ESET your security service, need more security cheer from me, indonesian [sic] people". ESET has had its Spanish domains hacked and defaced before, most recently last year by a Panamanian hacker. Hmei7 is known in security circles as a 'serial defacer' who targets a wide array of websites.

US Hacker Charged With Breaking Into Law Enforcement and Academic Servers

June 5, 2014 – A 25 year-old hacker, Cameron Lacroix, of Massachusetts has been charged with hacking into computer networks across the United States, including those of law enforcement agencies and a local college. The hacker's motive was stated as acquiring sensitive law enforcement data, altering academic records, and stealing credit card information. Lacroix pleaded guilty and will serve four years in prison. The hacker obtained over 14,000 pieces of payment card information, as well as identification information and social security numbers. He also obtained information such as search warrants and intelligence reports, as well as the Chief of Police's e-mail account for a local station. He also changed his grades at the local Bristol Community College.

Linux Vulnerable To Attack Due To Bug In GnuTLS Cryptographic Library

June 4, 2014 – A major bug has been discovered in the GnuTLS cryptographic Library used by Linux, leaving the operating system vulnerable to remote code execution. The library is key in implementing secure communications with the Internet and other machines. In an advisory, the bug was explained as: "A malicious server could use this flaw to send an excessively long session ID value and trigger a buffer overflow in a connecting TLS/SSL client using GnuTLS, causing it to crash or, possibly, execute arbitrary code." Though a critical bug, the released patch designed to fix the problem shows that it stemmed from one line of incorrectly worded code.

Google Faces Attacks In China On Eve Of Tiananmen Square Anniversary

June 4, 2014 – The vast majority of Google services, from Gmail to image search, as well as the normal search engine, have been blocked in China on the eve of the Tiananmen Square anniversary. In an attempt to dissuade commemoration of brutal crackdown on pro-democracy protesters in 1989, China has arrested or detained a number of individuals and intensified its Internet screening policies. Though Google is generally freely available in Hong Kong, security experts are saying that almost all traffic to Google products, including in semi-independent Hong Kong, are being disrupted. One expert claimed, "This is by far the biggest attack on Google that has ever taken place in China," and it is unknown if the blocks will be lifted after the anniversary.

YouTube Restored In Turkey, Court Orders Government To Stop Censorship

June 4, 2014 – Turkey's Supreme Court has ruled a government ban on YouTube to be unconstitutional, citing freedom of expression protections. Stating, "everyone has the right to express and disseminate his/her thoughts and opinions by speech, in writing or in pictures or through other media," the court's ruling suggest that recent government actions in Turkey to punish Twitter, Facebook, and YouTube for hosting content that some see as hostile to the current government may be coming to an end. YouTube was largely blocked in Turkey in late March after a leaked audio recording of Turkish officials discussing security in Syria appeared on the site. Importantly, the Turkish government has already ignored court orders to lift the ban. Though YouTube is now accessible - after the elections have ended - the Turkish executive branch has reserved the right to block access in the future. The Turkish hacker group RedHack has targeted government institutions in recent months to protest the censorship movements.

Ransomware 'Poshcoder' Hides, Is Caught, In Windows PowerShell

June 4, 2014 – Security researchers have discovered new ransomware software that attempts to exploit the Windows PowerShell. Like all ransomware, Poshcoder begins encrypting all files on the hard drive of an infected machine and then demands payment for the unlock code. This newly discovered malware attempts to use Windows PowerShell, an administration framework that allows full access to systems so that administrators can perform tasks on local and remote systems, because experts believe hackers thought it would make it harder to detect or analyze the malware. However, researchers have shown that their use of PowerShell made it much easier for the malware to be identified, which will then speed up the development of detection and deletion practices with popular security software. Unlike CryptoLocker, which targeted users around the world, Poshcoder seems concentrated on English speakers in the United States.

US Leads International Team In Disrupting Damaging Malware Campaigns

June 3, 2014 – The U.S. Department of Justice announced that the FBI and other authorities have carried out an international effort to disrupt the "Gameover Zeus" botnet and "Cryptolocker" ransomware campaigns. "Gameover Zeus" is one of the most successful botnet campaigns in history, having stolen more than $100 million and infected nearly one million machines. Along with arresting the criminal believed to be the administrator of the botnet, US authorities have gained control of the botnet and are redirected the malicious traffic to government servers in an attempt to identify victims and to assist them in removing the malware. Similarly, the US has disrupted the "Cryptolocker" ransomware that encrypts victims' hard drives and only frees the information for a fee. Over 200,000 computers were infected, and some estimate that $27 million had been paid in ransoms. US and international authorities have seized the servers at the heart of the malware.

Anonymous Ukraine Leaks American Express Credit Card Information

June 3, 2014 – American Express has announced that over 76,000 customers had their credit card and personal information posted online by users claiming membership with Anonymous Ukraine. After being informed by law enforcement that information was suddenly appearing online, American Express confirmed to the public that its files have indeed been breached, though it is unknown if the credit card company was aware of attack before the information was posted by Anonymous. Though over 76,000 credit cards were contained in the leaked files, the company only contacted the 58,522 customers who had their names published along with the card information. It is unknown why Anonymous Ukraine - a splinter group of the larger Anonymous that formed during the recent crisis in the Eastern European country - had access to the files or potentially carried out the hack.

Monsanto Subsidiary Hacked, 1,300 Impacted

June 3, 2014 – The biotechnology and agricultural giant Monsanto has announced that one of its subsidiaries - Precision Planting - has suffered a security breach that exposed the login credentials and personal information of 1,300 customers and employees. Information potentially accessed includes addresses, driver's license numbers, social security information and tax IDs. Monsanto has been a target of Anonymous in the past, with the hacktivist collective claiming to have obtained thousands of e-mails containing sensitive information thanks to a hack last week. However, neither Precision Planting or Monsanto have named Anonymous in the attack, and in a press release stated, "The unauthorized access was not an attempt to steal customer information," suggesting the user files were not the target of the attack. Anonymous has also not taken responsibility for this attack.

Middle Eastern Hackers Target European & American Sites

June 3, 2014 – New security reports have named a series of attacks against Western governments and international businesses 'Operation Molerats' due in part because of their shared origin in the Middle East and because of their similar exploitations and attack patterns. Victims of the attacks include Israeli, Slovenian and American government bodies and the BBC. Molerat campaigns typically utilize freely available malware, and because of the repeated use of a fake Microsoft security certificate, the mixed use of English and Arabic-language content, and the apparent goal of infecting computers with the Xtreme RAT malware, researchers have come to believe that many recent attacks are actually part of a targeted campaign by the same hacker group. It is unknown what the hacker's goals are or if the attack is state sponsored.

15 Million Websites Put At Risk Through Popular WordPress Plugin

June 2, 2014 – Researchers have discovered that an extremely popular plugin for WordPress - 'All In One SEO Pack' - has exposed millions of sites to the risk of hacks and exploitations. The software, used to enhance search engine results of someone's website or blog, has been discovered to contain various critical flaws, and the developers released an emergency patch addressing them over the weekend. Over 15 million websites are currently using the plugin. The major vulnerabilities with the plugin revolve around the ability for any user - including guests and subscribers - to modify site code. This ability ranged from modifying site meta data and search results to injecting code into the site itself that could change the site's admin password or create a backdoor admin account. The plugin was also reportedly key to the massive DDoS attacks in recent months that utilized thousands of infected WordPress accounts.

Turkish Hacker Group 'RedHack' Moves Against Nuclear Power Summit

June 2, 2014 – The Turkish hacker collective, RedHack, which in recent memory has targeted the Turkish government over censorship and their response to the mining accident that made world headlines, has taken credit for defacing the website of the Ankara Chamber of Industry. The hackers reportedly targeted the group to protest against a Nuclear Power Summit that took place over the weekend. They defaced the site with a picture of a mushroom cloud and information about nuclear disasters, with the (translated) headline of: "Nuclear Power Summit supporters will Fall ASO hacked Redhack Taksm Free Text Will Travel". RedHack's attacks against the Turkish government and similar organizations have all been at least outwardly politically motivated - including another hack over the weekend of the website of the Governor's Office in Tunceli, Turkey to protest sexual abuse cover ups.

Adobe Flash Player Vulnerability Big In Japan

June 2, 2014 – Security researchers have discovered that 94% of hacks exploiting a vulnerability in the popular Adobe Flash Player were targeting Japanese users. The attacks use a bug in Adobe Flash Player that allows it to download files on its own with little input - if any - from the user. If a user visited an infected site, or was redirected to an infected site by an exploit in the player itself, malicious code would then execute through the Flash Player. Many legitimate websites in Japan - from travel agencies to blog services - were compromised by hackers and loaded with the malicious code, and researchers believe over 8000 attacks occurred last Monday and Tuesday alone. Adobe claims to have patched the issue.

Linkin Park Facebook Page's Hack Exposes 62 Million Users To Spam

June 2, 2014 – The official fan page for the band Linkin Park, with over 62 million followers, has been hacked. The attackers have filled the feed with lude images, spam and links to random - and occasionally malicious - sites. It is unknown who is behind the hack or how long it will take the Linkin Park team or Facebook administrators to restore the site.

Food Giant Monsanto Hacked By Anonymous

May 30, 2014 – In another move against the bio-technology giant Monsanto, the hacktivist group Anonymous has claimed responsibility for bringing down the company's website. This is a follow up to an announcement last week that Anonymous, under its Operation Green Rights, obtained over 18,000 e-mails and passwords belonging to Monsanto and other companies. Stating, "We are prepared to retaliate against the industry giants responsible for polluting and contaminating natural resources," the group targeted Monsanto, Syngenta, Dupont, and other major bio-technology companies. Operation Green Rights claims to oppose corruption and lobbying in the agricultural industry and supports defending small farmers and raising public awareness on genetically modified food. Monsanto's website has been restored, and Anonymous has yet to release the data it claims to posses. Anonymous has been targeting Monsanto since 2012.

Heartbleed Bug Can Steal Android Data When Connecting To Wi-Fi

May 30, 2014 – A new report warns that the Heartbleed bug that shocked the internet two months ago can still be used to exploit Wi-Fi vulnerabilities. Nicknamed Cupid because it exploits Wi-Fi instead of the open web like Heartbleed, the vulnerability allows attackers to pull information from routers or have routers infected with malicious code steal data from Android devices when they connect. Not all routers are infected, and only Android devices still running version 4.1.1 of the Jelly Bean operating system - estimated at over one million - are vulnerable. Researchers believe damage from this exploit will be much more limited compared to Heartbleed, but that hackers targeting popular Wi-Fi hotspots could still steal passwords, security keys, credentials and other information. Importantly, all a victim has to do is connect to an infected Wi-Fi spot to have information stolen.

Arizona's Department of Homeland Security Website Defaced

May 30, 2014 – The websites of the US Department of Homeland Security in Arizona and the Arizona Commission on Indian Affairs have been defaced. The Turkish attacker, known as Swan, left a message that read: "Hacked By Swain ( Stop Violence in Middle East !..).” In the attack against the Homeland Security site, Swan was able to break into an administration page of the entire server, thus defacing every single page connected to the website. Swan is known for defacing various websites - from government to personal - and defacing the pages with simple messages urging the ending of violence around the world and especially in the Middle East. The websites were restored soon afterwards.

OpenSSL To Undergo Security Audit

May 30, 2014 – OpenSSL, the open source cryptographic software at the heart of the Heartbleed bug exposed two months ago, is about to undergo an intensive security audit. Funded by the Linux Foundation, a project called the Core Infrastructure Initiative will be founded with two full-time developers whose sole purpose will be to increase the security of the critical infrastructure OpenSSL and other major open source programs. Beyond exposing millions of users to hackers, Heartbleed has exposed just how poorly funded open source projects can be, and has forced major tech giants to come together to fund better security. The Initiatives mission is to "move from the reactive, crisis-driven response to a measured, proactive way to identify and fund those projects that are in need."

China Accuses US Of Cyberspying, Removes IBM Servers From Banks

May 29, 2014 – The China Academy of Cyber Space has issued a report titled, “America's Global Surveillance Record”, in which they accuse the US of “unscrupulous” surveillance. As a response to this report, China has announced a decision to remove all US-made IBM servers from their national banking system. An excerpt from the report states, “America's spying operations have gone far beyond the legal rationale of 'anti-terrorism' and have exposed the ugly face of its pursuit of self-interest in complete disregard for moral integrity.” The removal of IBM servers in favor of Chinese-made products, is the latest move designed to eliminate the dependence towards US information and technology companies.

Report Claims Half Of US Internet Population Hacked In 2014

May 29, 2014 – Security researchers are warning that nearly half of all American adults browsing the internet experienced some form of hack in 2014. Over 11 million Americans were hacked directly thus far, and over 432 million accounts - from Facebook to eBay - have been breached. The increasing risk of personal or financial information being stolen or misused comes from a combination of stronger, more sophisticated attacks by hackers and the continued use of outdated software such as the Windows XP operating system. In an attempt to target larger institutions, criminals are pulling together resources to create fewer but more personalized attacks which have a greater chance of exposing more information. As well, the cost in time and money to continually upgrade software and security tools leaves both corporations and individuals vulnerable, according to the report.

Decade Old Encryption Program TrueCrypt Mysteriously Shuts Down

May 29, 2014 – One of the world's most used encryption programs, TrueCrypt, has shut down and warns users that "using TrueCrypt is not secure as it may contain unfixed security issues." The popular service adds encrypted protection for files hosted online or entire hard drives, and an audit last year by cryptography and security professionals showed the service was still a strong and secure means of gaining privacy and that there were no known backdoors exploited by the NSA, an issue of big concern following revelations that other encryption programs had been cracked by the U.S. government. Both the shut down and the warning that TrueCrypt is not as secure as people thought have alarmed many, especially by its suddenness.

Iranian Hackers Use Facebook To Scam Military And Governments

May 29, 2014 – An Iranian cyber-espionage campaign has been brought to an end after three years by the deletion of several fake Facebook profiles. Iranian hackers created a fake news service,, which reposted articles from the BBC, Reuters, and AP that they then used to trick US, British, Israeli and other officials to download malicious software. By creating fake Facebook profiles for the journalists and defense consultants for the site, the Iranians linked to the friends, family and colleagues of key professionals, and ultimately used those connections to gain access to their ultimate targets, including a 4-star U.S. general. Once trust was established, the hackers would switch from sending normal news links to malicious ones - ultimately targeting hundreds of officials. The Facebook profiles have been deleted following the campaign's exposure.

Spotify Hacked, Urges Android Users To Upgrade

May 28, 2014 – The popular music streaming product Spotify is urging users to upgrade their Android application following a security breach that exposed user information of one individual to a hacker. Spotify reported that one intruder was able to access some data, but was unable to obtain the password or any financial information. Despite the extreme small scale breach compared to hacks of major companies like eBay or major breaches such as the Target credit card issue this last holiday, the company states it is taking no risks with its user's data, going far enough to require an upgrade that will force users to spend time redownloading playlists and other files. Spotify has not released information on whether the hacker was targeting the one individual or Spotify in general.

Apple Blames Users, Defends iCloud For Global Ransomware Attack

May 28, 2014 – In an update to a story reported yesterday, the incident of iPhones and iPads being locked with the message "Hacked by Oleg Pliss" in Australia and New Zealand has now spread to the United States and other countries. The hack exploits a flaw in the 'lost my phone' feature of the latest generations of Apple Products where the attacker is able to impersonate a secure Apple server. In response to the incident, Apple stated that the iCloud service (which is responsible for 'lost my phone') is working properly and has not been breached. Instead, Apple argued that users most have given away their passwords in a phishing scam or exposed their passwords and usernames for another internet service which also happened to be their Apple ID. Some users have discussed on the Apple support forum that they were recently victims of a such a phishing scam.

Southern Hemisphere's Fastest Super Computer Hacked

May 28, 2014 – A super computer in New Zealand, named FitzRoy, has been attacked by a hacker believed to be from China. The computer, which has the power of over 7000 laptops working simultaneously, is designed to study global weather patterns and climate change and is the fastest computer of its kind in the Southern Hemisphere. Researchers are unsure what the hacker was trying to do, with experts split between the ideas that the hacker was hoping FitzRoy was connected to other government servers or that the hacker hoped to turn it into a super 'botnet' computer. The second option could be exploited to solve cryptographic problems - including spy codes. Regardless, New Zealand's researchers were able to detect the breach quickly and disconnected FitzRoy from the network and switched to backup systems based in another city to repair any damage. They report the problem has been fixed.

Website Of Taj Mahal And Agra Fort Targeted By Pakistani Hackers

May 28, 2014 – The Pakistan Haxors Crew have made the websites of the Taj Mahal and Agra Fort their next targets in a recent spree of attacks against Indian websites. The defacement campaigns replaced information with the Pakistani flag and included the same messaged used in all their attacks: "Pakistan Haxors Crew is here to remind you of your Security.. Our fight is not against any individual but the system as whole".

Government Asks For Leniency In Sabu Sentencing

May 27, 2014 – Hector Xavier Monsegur, the former hacker known as Sabu, was arrested in 2011 and faced two decades in prison for various cyberattacks against major corporations. As leader of LulzSec, a splinter group of the hactivist collective Anonymous, Monsegur led attacks against Nintendo, PayPal, and Fox, among others. However, by cooperating with the FBI, Monsegur has been responsible for stopping over 300 hacks and preventing millions of dollars in damages. After his arrest, Monsegur assisted the FBI in tracking LulsSec, Anonymous, and other hackers, began providing evidence against his former teammates, and assisted in capturing Jeremy Hammond - the former FBI's Most Wanted cybercriminal. Due to his cooperation, the federal prosecutors asked a judge to reduce Monsegur's time in prison to no more than two years.

Apple Users In Australia and New Zealand Hit With Ransomware Attack

May 27, 2014 – Many Australians and New Zealanders discovered Tuesday morning that their iPhones and iPads had been locked and hacked. The devices showed the message, "Device Hacked by Oleg Pliss..." and then demanded money for it to be unlocked. It is unknown how many people have been affected. The attack is believed to exploit the 'Lost my phone' feature present in new Apple devices that was discussed on an earlier Watch Desk bulletin. Apple has yet to make official comment, though several users have posted makeshift solutions online.

AutoNation Suffers Hack, Exposes Credit Card Data To Attackers

May 27, 2014 – AutoNation, Inc, one of largest car retailers in the United States, has alerted customers that hackers may have obtained their personal information - including financial details. TradeMotion, a third party affiliate of AutoNation, recently experienced a cyberattack that left parts of AutoNation's own website vulnerable, exposing customers' personal information and credit card numbers to hackers. It is unknown how many users are impacted, but they are warning any customer who used AutoNation from March 5 to May 2, 2014 to monitor their financial activity.

Avast Anti Virus Forum Hacked, 400,000 User Credentials Compromised

May 27, 2014 – The forum of Antivirus firm Avast has confirmed it has been hacked, and that log in ids and passwords of more than 400,000 users were compromised. Though the forum boasts 200 million registered users, it believes most users are safe. No financial data was stolen, however users have been urged to change their passwords in case their Avast credentials are the same for other popular sites. The forum has been shut down and is in the process of being rebuilt; Avast blames the third-party hosting platform as the reason for the vulnerability.

Hacker Claims To Have eBay Database

May 23, 2014 – An unnamed hacker is claiming to have a copy of eBay's customer database following the company's recent security breach. The hacker said the database, which contains up to 145 million contacts, is available for sale starting at 1.45 Bitcoin. A preview of 3,000 rows from the database were released as proof that the hacker had the information. The released information includes names, addresses, phone numbers and dates of birth. An eBay spokesperson has said that the information released does not belong to eBay users, stating, “The published lists we have checked so far are not authentic eBay accounts.”

Syrian Revolution Soldiers Hack Website Of Jordan's King

May 23, 2014 – The Syrian hacking group known as the Syrian Revolution Soldiers (SRS) have claimed responsibility for a recent hack and defacement of the website for King Abdullah of Jordan. The group also defaced several other government websites, replacing all of their content with messages criticizing Jordan's care for refugees fleeing the Syrian civil war.

Twitter And Turkey Come To Censorship Agreement

May 23, 2014 – Following Turkey's recent crackdown on social media - including temporarily blocking access to Twitter - it appears a new censorship agreement will allow Turkish citizens to continue to tweet. Turkey announced that Twitter has accepted terms to be more accommodating to government requests to remove offending content from its website, and has agreed to open a live customer support service specifically for Turkey. Critics warn that the government will use this new power to censor any criticism of the ruling party, and not to stop acts of slander or libel. Twitter has only been restored in Turkey since April, when the Turkish Constitutional Court ruled the ban breached freedom of expression laws.

Bitcoin Proponent Roger Ver Puts Bounty On Hacker

May 23, 2014 – Roger Ver, a Bitcoin investor and entrepreneur with a strong reputation in the Bitcoin community, recently discovered that an old e-mail and Facebook account were hacked. Concerned that more accounts were under threat, Mr. Ver placed a 37.6 Bitcoin bounty, roughly $20,000 USD, on the hacker, offering the money to anyone who provided enough information for an arrest. Ver managed to get the Hacker's Skype ID, and once he warned of the bounty, was able to get the hacker to return the accounts and to give up the assault on Ver's accounts.

Hackers Release Apple Unlock To Public

May 22, 2014 – Two hackers from the Netherlands and Morocco have identified a means of unlocking iPhones and iPads which have been locked because their owners reported them as stolen. The unlock hack will allow thieves to more easily resell the devices on the black market or access personal information stored within. The vulnerability allows hackers to trick a device into believing the attacker's computer is a legitimate Apple server that is transmitting an unlock signal. The duo went to Apple with the information, but when they were turned away, they decided to release the information to the public. The hackers themselves have unlocked over 30,000 iPhones.

HP's Zero Day Initiative Warns Of Microsoft's Failure To Address New Vulnerability

May 22, 2014 – Security researchers have discovered a new zero day vulnerability in Internet Explorer 8 that allows hackers to run almost any code on infected machines thanks to the installation of malware through e-mail or drive-by downloads through infected sites or advertisements. Microsoft was alerted back in October to the vulnerability, but because they have yet to patch it, HP's Zero Day Initiative has announced the details to the public along with possible fixes.

Indonesian Hackers Deface Pioneer Electronic's Site

May 22, 2014 – Members of the Indonesian hacking group, Gantengers Crew have breached and defaced the United Arab Emirates site for Pioneer Electronic Corporation. The defacement message left reads, “Gantengers Crew/SultanHaikal hacked you!” There was no explanation as to why the site was targeted. At the time of this writing the site was still displaying the defacement message. The Gantengers Crew previously hacked sites belonging to Yemen's Ministry of Human Rights and Earth Hour Philippines.

Two Australian Anonymous Members Arrested

May 22, 2014 – The Australian Federal Police (AFP) have arrested two men accused of defacing websites and conducting denial-of-service attacks against Australian and Indonesian government sites. A 40-year-old man, that is known as “Lorax” has been charged with “the unauthorized modification of Melbourne IT Limited computer network located in Brisbane, Queensland to cause impairment,” and “unauthorized modification of Indonesian government web servers to cause impairment.” The man faces up to 10 years in prison if found guilty. The other man, an 18-year-old is from New South Wales, is charged with “unauthorized modification of data to Netspeed ISP located in Canberra, ACT, to cause impairment,” and “unauthorized access to and modification of restricted data belonging to the ACT Long Service Leave Board.” He would face up to 2 years in prison if found guilty.

American Military Websites Targeted By Anonymous

May 21, 2014 – Members of the hacking collective Anonymous are claiming to have taken down several US military websites belonging to the Marines, Army, Navy, and other groups. The impacted sites include the public websites of all branches of the military. Part of a campaign called Operation Payback, Anonymous claims to be targeting US websites because of the arrest of thirteen hackers connected to Anonymous in 2010 and 2011. All websites were restored extremely quickly, though there are screenshots that appear to show the sites being unavailable around the time of the hackers' announcement.

ICS-CERT Warns Of Weak Cybersecurity For Public Utilities

May 21, 2014 – The Industrial Control Systems Cyber Emergency Response Team (ICS-CERT), which monitors issues of cybersecurity in several industries, has released a report on the state of security for public utilities. The report warns that utilities are prime targets and that many have weak security practices or outdates software that leaves them extremely vulnerable. ICS-CERT also warned that some utilities lacked even basic firewalls, exposed control systems to the Internet, and were often vulnerable to simple - though not necessarily quick - hacks as opposed to the sophisticated breaches that are needed to target major corporations.

Argentinean Hacker Team Targets Websites Of Ukrainian Government

May 21, 2014 – The Argentinean hacking group known as Libero has breached and defaced several government websites in Ukraine under the #OpUkraine hashtag created by the Anonymous hacktivist collective. Fourteen websites were defaced, most with messages of "We are Anonymous" or "Hacked by Libero". One website was hacked to stream a video released by Anonymous Ukraine, which discusses corruption within Ukraine and denounces violence by the Russian government against the people of Ukraine. Not all websites have been fully restored.

Chinese Government Websites Hacked By Anonymous Philippines

May 21, 2014 – Over two hundred websites belonging to the Chinese government have been hacked and defaced by Anonymous Philippines. The hacks are in response to an ongoing maritime dispute between the Philippines and China. The defaced websites displayed the message: "China's alleged claim on maritime territories and oppressive poaching can no longer be tolerated. Stand against Oppression! It's time to fight back! Say NO to China's Bullying!" Several of the sites are still offline.

Tunisian Hackers Team Announces 'Week Of Horror' Campaign Against The United States

May 20, 2014 – The hacker collective known as the Tunisian Hackers Team has threatened the U.S. financial sector with a campaign set to begin on July 5, 2014 titled the 'Week of Horror'. The Tunisian group released a list of banks they threaten to hit with distributed denial-of-service attacks. The calendar lists a different bank for each day and schedules the attack for 8 hours. The Tunisian Hackers Team is demanding that the United States remove all troops from Islamic countries and that the United States government respond to the hacker's threat.

Europe's Internet Suffers Issues Due To Update Problems

May 20, 2014 – Last night, Internet users across Europe experienced delays when attempting to connect to US-based websites. At first reports were circulated that the delays were caused by a cut transatlantic cable, but these reports were incorrect. Swedish-Finnish telco, TeliaSonera issued a statement saying that their International Carrier arm caused the issues due to “a planned update that went wrong.” Popular websites including Reddit, Facebook and Twitter were affected by the incident. A Telia spokesperson said, “There was an incident caused by human error on what should have been a non-customer affecting planned work. Customers found it hard to reach servers in USA and Asia. The issue was quickly detected and resolved and we're now working to prevent similar incidents to happen again.”

Silverlight Exploits Target Netflix, Other Streaming Customers

May 20, 2014 – The Microsoft Silverlight platform is best known as the browser plug in that enables streaming of video on Netflix - one of the world's most popular websites. A new report from security researchers shows that criminals have infected AppNexus - the second most popular online ad network - with malicious advertisements that redirect users to infected sites that download the 'Angler Exploit Kit', a tool designed to make use of Silverlight vulnerabilities. Once installed, the malicious software exploits flaws in Silverlight that allow it to modify ports and system files, potentially leaving the infected computer open to attack or data theft. Researchers believe that because security companies have been focused on fighting malware that targets the more popular Flash and Java, criminals are hoping to exploit Silverlight while they can.

Popular Open Source Instant Messaging Service Goes Mandatory Encryption

May 20, 2014 – XMPP, also known as 'Extensible Messaging and Presence Protocol', is a popular open source instant messaging application that supports or enhances several popular services. Used either directly or optionally in Google Voice, Facebook Messenger, AOL Instant Messenger, and various third party applications and Voice-over-IP programs, XMPP's decision to require mandatory encryption is an acknowledgement of the desire by consumers for increased privacy and protection. Though XMPP's open-source foundation and developers cannot force clients to adopt encryption, those who do not will face technical and quality issues. XMPP hopes that mandating encryption - and a continued effort to strengthen its own built-in security - will strengthen security and privacy around the world due to its popularity with major programs.

Hundreds Of Yahoo Pages Impacted By XSS Vulnerability

May 19, 2014 – A security researcher has discovered a cross-site scripting (XSS) issue within Yahoo pages that targeted the comment sections. The issue allows attackers to inject infected code into any user's machine that visits the page. Through storing a specific script code within a comment, the flaw in the comment section of the Yahoo pages would execute the XSS and thus allow the hacker to access the user's cookies or browsing sessions. The most popular areas of Yahoo were targeted, including Yahoo! Tech, Finance and Sports. Yahoo has now fixed the issue, though potentially thousands were exposed.

UPDATE: 81 People Arrested In BlackShades RAT Raids

May 19, 2014 – In an update to a story from last week, officials have announced that 81 people were arrested and 300 houses raided by various state law enforcement agencies targeted people who sold, purchased, or used the BlackShades Remote Access Trojan. Rumors began to spread through hacking-focused forums that police were raiding houses, but the actions were only confirmed by Europol this Monday. Actions took place in the US, Canada, Belgium, the Netherlands, Belgium, Germany, the United Kingdom, Estonia, Chile, Italy, Croatia and Austria. Over 1,000 computers, phones, USB and external hard drives and routers were seized. It appears the raids were coordinated by EC3, the European Cybercrime Centre, with some support from the FBI in the United States.

UPDATE: RedHack's Campaign Targets Turkish Cooperation And Coordination Agency

May 19, 2014 – The Turkish hacker collective, RedHack, launched a campaign last week to target the websites and servers belonging to the Turkish Government following the mining accident in Western Turkey that took over 300 lives. In their latest move, RedHack has breached the website of the Turkish Cooperation and Coordination Agency, leaking usernames and passwords to the public. The collective has requested people abuse the usernames and passwords of the organization, which operates under the office of the Prime Minister. RedHack also released usernames and passwords of a dating site used by government employees. Both attacks were dedicated to the memory of communist activist Ibrahim Kayapakkaya, in a move that supports the collective's pro-labor protest against the government in response to miner's safety.

Pennsylvania Payroll Company Breached, Information Leaked

May 19, 2014 – Paytime Inc., a Pennsylvania payroll company, has been breached. It appears that hackers exploited a vulnerability in their systems. An undisclosed number of individuals may have had their personal information stolen. The compromised information includes names, addresses, dates of birth, phone numbers, hire dates, social security numbers, bank account information and other payroll related data. Chris Haverstick, Vice President of Paytime said, “Our investigation has also determined that the intruders were skilled hackers working from foreign IP addresses.” Paytime is currently working with a third-party IT forensics team to further investigate.

United States Retail Giants Join Forces On Cyber-Security

May 16, 2014 – Major US retailers and the United States Retail Industry Leaders Association (RILA) have moved to create the Retail Cyber Intelligence Sharing Center. Following a string of cyberattacks on retail stores that everything from websites, databases, and point-of-service devices, the industry is hoping this new move will keep customer data safe and public opinion strong. The Center will allow stores to share information on threats between each other and authorities in the United States - including the FBI and Homeland Security. The Center announced: “In the face of persistent cyber criminals with increasingly sophisticated methods of attack, the R-CISC is a comprehensive resource for retailers to receive and share threat information, advance leading practices and develop research relevant to fighting cyber crimes.” While membership is expected to grow, current members include giants Nike, Target, American Eagle, Gap, J.C. Penney, Lowe's, and Walgreens.

Saudi Arabia Recruits Ethical Hackers For Defense

May 16, 2014 – The Kingdom of Saudi Arabia's Ministry of Interior will begin recruiting ethical hackers to defend the nation through its National Information Center. The initiative is designed to "transform their abilities into productive energy", and to train hackers who may only know how to breach websites to defend entire networks. While admitting that hiring hackers directly is not a perfect solution to national cyber security, the center's external affairs coordinator, Dr. Zaidan Al-Enezi, announced that the program should decrease hacker attacks by 80%, if universities and large institutions work with them on the program. The government says it will only hire ethical hackers, with any hacker who has previously targeted government systems or websites denied, and that it will follow international standards on network safety.

European Police And The US FBI Coordinate Arrests Of Trojan Users

May 16, 2014 – This last week, European law enforcement authorities have raided an unknown number of hackers who purchased the BlackShades remote access Trojan. Blackshades is a tool, readily purchased from cybercriminal forums, that allows users to take over an infected computer and monitor keystrokes, steal files or use the webcam. French media reported that 70 locations were searched in relation to hackers possessing the software, and individuals in the Netherlands, United Kingdom, Denmark, Italy, Sweden and Germany have reported on forums that they too have been raided - though police confirmation is limited. Security researchers have pointed to announcements from the American FBI that it would soon be launching an anti hacker software crackdown as proof that it is coordinating efforts with Europe. One of the developers of Blackshades was arrested by the FBI in 2012.

Website Of Pakistani Police Force Defaced By Taliban Supporters

May 16, 2014 – The website of the Rawalpindi police in Pakistan had their website defaced by apparent Taliban supporters. Along with portraits of Taliban and Al-Qaeda leaders, including Osama bin Laden, the website read: "Hacked by Anti Mortadin!@. This site was hacked a victory for the Taliban". The police reported that the hackers were unable to gain access to any sensitive information because the website is for public awareness and campaigns and public information.

AnonGhost Announces OpFIFA

May 15, 2014 – A member of the AnonGhost hacking group, Ali KM, has announced a new hacking campaign called OpFIFA. The operation will focus on disrupting FIFA websites from June 10 – June 12, 2014. Ali KM says the motivation for the attacks is FIFA's “humiliating attitude” towards Muslim teams. At this time over 100 individuals have committed to taking part in the operation. Ali KM went on to promise that if participants launch successful distributed denial-of-service attacks against FIFA sites, he will provide free HD live streaming from his own servers during World Cup games.

Kate Middleton's Phone Hacked By Former News-Of-The-World Reporter

May 15, 2014 – Former royal reporter of the now-defunct News of the World paper, Clive Goodman, admitted to hacking into voicemails of Kate Middleton almost every day, as well as the voicemails of Princes William and Harry. The hackings of celebrity, royal, military and disaster victim phones ultimately forced the 168 year old paper to close. Reporters used the voicemails to generate tabloid and real stories and several reporters, editors, and staff have faced criminal charges. The full extent of the hacking campaign is still unknown, with the latest news about the targeting of Kate Middleton just being revealed.

Belgium's Ministry of Economy Suffers Data Leak - Suspects Foreign Intelligence Agency

May 15, 2014 – Belgium has experienced a string of hacks and data breaches in recent months, including an attack on their Ministry of Foreign Affairs reported earlier in the week. Now, the Federal Public Service Economy - also known as the Ministry of Economy - appears to be the next victim. The country's deputy Prime Minister has confirmed that the department's systems were breached and data was stolen. A formal investigation has begun, and it has been suggested by those in the media that the sophisticated piece of malware used in the attack is the work of a foreign intelligence agency and not a rouge hacker group. The software was installed as early as 2012 and has only now been detected.

Owner Of POS Company Admits Hacking Into Subway's Systems

May 15, 2014 – An owner of a point-of-service (POS) company - the machines that read debit and credit cards at stores - has pleaded guilty to hacking into his own products owned by the Subway fast food chain to add value to gift cards. Adding roughly $40,000 in value to cards, Shahin Abdollahi and a co-conspirator used some of the cards at Subway but sold most of them online. Both men would pre-install their POS hardware with remote log-in software before shipping them to Subways around the country.

New Report Shows Evolution Of Iranian Sponsored Hackers

May 14, 2014 – A new report on Iranian cybersecurity has outlined the evolution of Iranian hackers from simple defacers to a collective of offensive and defensive trained hackers. The report has found that Iranian sponsored hackers, codenamed the Ajax Security Team, has increased dramatically in skill over the last decade and is now capable of both sophisticated attacks against US institutions and utilizing social engineering to trap dissidents. Though outsiders fear Iran's increasing ability to target defense contractors, the report shows that Iran's main objective in cyber-attacks is targeting dissidents. Through circulating anti-censorship software infected with malware or tricking political activists into visiting fake anti-Iran websites, the group is now aiming to track, explore, and watch target computers rather than conduct immediate arrests. The report suggests that while Iran is still behind other countries like the US or Russia, more practice will only make them grow more advanced.

New Inbox-To-Inbox Facebook Campaign Spreads Malware

May 14, 2014 – Security experts are warning that the latest malware campaign to target Facebook is abusing inbox-to-inbox messaging to spread a trojan capable of stealing Facebook account details and other credentials. The message sends the text "lol" followed by a broken image link that unsuspecting users will click on to view, thus installing the trojan. Importantly, the message is sent from an infected friend, tricking users into thinking it is a legitimately funny conversation from another trusted user. Researchers believe the file has spread widely because of the popularly of Facebook around the world, and because a message from a 'friend' appears much more trustworthy than other typical scams that include videos or funny headlines posted to people's news feeds.

Estonia Told To Stop Using Its E-Voting System

May 14, 2014 – The Internet voting system in the Baltic state of Estonia, which a quarter of its citizens use to vote, has been discovered to contain multiple vulnerabilities days before the European Union's Parliamentary elections. Researchers are concerned about the program itself - with outdated security architecture - and the security practices of its maintenance staff who have been shown to download applications on unsecured networks and have allowed themselves to be filmed typing in passwords. Experts also warned that the vulnerabilities would allow a foreign power with enough cyber-prowess to rig the election without ever being detected. Estonia has refuted these findings.

Turkish Hackers Target Town Of Recent Mine Accident

May 14, 2014 – Hackers from the Turkish hacktivist collective RedHack have announced they defaced multiple Soma, Turkey government websites "in protest against the mine explosion deaths." Roughly 700 workers were trapped in a mine in the town of Soma, Turkey following an accident. The death count is currently at 256 and expected to rise. Referencing reports that the mines were known to be dangerous and that several inspections suggested it needed to be closed, RedHack has continued to criticize the government. Other hacker groups have begun to target various websites of the Turkish government with distributed denial-of-service attacks to join the protest.

Attack Against Taiwanese Government Leverages Flaw In Microsoft Word

May 13, 2014 – Security researchers have announced that despite Microsoft's acknowledgement and eventual patch of a flaw in Microsoft Word that allowed malicious programs to be hidden within word documents, cybercriminal exploitation has continued as some institutions are slow to upgrade. Several government agencies, the mailing service, and an institution of education in Taiwan have been highlighted as victims of the exploit where criminals used e-mails pretending to be from other government employees to infect and steal files from the Asian government. In one instance, the document pretended to be an important file on free-trade updates but, when opened, began a series of file drops to install a backdoor to the computer. These recent attacks are believed to be part of a campaign dubbed 'Taidoor' that targets Taiwanese government institutions.

Belgium Ministry Of Foreign Affairs Hacked

May 13, 2014 – The Belgium Ministry of Foreign Affairs has announced that hackers infected several systems with information-stealing malware that targeted sensitive material on the ongoing territorial crisis in Ukraine. While the government has begun an investigation, several media outlets have claimed knowledge that Russian actors were behind this particular attack. The last several years has seen Belgium be the target of several attacks, with the United States, Russia, and cybercriminal gangs blamed for the various break-ins on Belgium systems. The government has recently announced a multimillion dollar endeavor to strengthen its cyber security infrastructure.

China Arrests Hackers-For-Hire Who Targeted Shanghai Gaming Company

May 13, 2014 – Five individuals have been arrested for launching distributed denial-of-service (DDoS) attacks against a Shanghai online gaming company. The attacks crippled the company's login page and prevented paying customers from launching the program; it caused roughly $1.6 million in damages. One arrested individual claimed they were hired by a competitor gaming company. He also claimed that the competitor company also hired hackers to break into various systems and then use those computers to launch DDoS attacks against companies if that particular service was bought by a client.

Doge Vault Cryptocurrency Wallet Hacked

May 13, 2014 – The popular Dogecoin wallet service Doge Vault has been hacked. The company has issued a statement saying, “The Doge Vault online wallet service was compromised by attackers, resulting in a service disruption and tampering with wallet funds. As soon as the administrator of Doge Vault was alerted, the service was halted. The attackers had already accessed and destroyed all data on the hosted virtual machine.” An investigation is on-going, as the company tries to determine how the attack happened and what damage was done. Users are advised to not transfer any funds to Doge Vault addresses while the investigation is being conducted.

WordPress Themes Developer Suffers Data Breach

May 12, 2014 – WooThemes, a popular developer of templates for the WordPress blogging and content management site, has announced that customer financial information has been breached. Over the last two weeks, customers have been notified by their banks of fraudulent payment activity on their accounts, while WooThemes became aware of issues processing payments on its own servers. It soon became evident that it was through WooThemes that over 300 cases of fraudulent activity was taking place and the issue the developer was facing on its side was the breach-in-progress. The company is still unsure how its customer financial data was stolen, but it has suspended all payments, notified all customers and hired a security firm to investigate.

Indian Car Manufacturer's Website Defaced by Pakistan Haxors Crew

May 12, 2014 – A domain owned by the Indian Car Manufacturer, Tata Motors, has been hacked and defaced by the group Pakistan Haxors Crew. The group has repeatedly targeted high-profile Indian websites, including railroad companies and telecoms. In this incident they wrote: "We just defaced your website to give you a chance to put your hands on it before others come and destroy it. Consider yourselves warned because consequences will follow." The site has since been taken offline. The past month has seen several Pakistani hacker groups attacking Indian sites, including the compromising of the Indian Railroad ministry.

Resurgence Of Click Fraud Trojan Concerns Security Researchers

May 12, 2014 – Security researchers are raising alarm about a sophisticated malware called Viknok. Cybercriminals who use this particular Trojan are believed to have developed sophisticated means of penetrating operating systems that may be undetectable by most anti-malware software. It is also designed to turn infected computers into botnet zombies. The use of Viknok has surged in 2014, with 16,500 newly recorded victims in May alone. Once infected, Viknok Trojan forces a customer's computer to rapidly 'click' on an advertisement on a corrupted website, thus generating revenue for the host site which is often operated by or also hacked by the Viknok-using cyber criminals.

Point DNS Hit With DDoS Attack, 220,000 Domains Impacted

May 12, 2014 – Point DNS, a UK based domain host, was hit with a high intensity distributed denial-of-service attack that knocked it's servers out for several hours. It is not known who is behind the attack. Point DNS posted a statement saying, “We're experiencing a DDoS attack on all DNS servers, we are working hard to mitigate the attack.” Point DNS hosts over 220,000 domains, which were impacted by the attack. The company is saying that the attack originated in China. At this time the attack is still ongoing, but the impact to customers has been mitigated.

Over 300,000 Servers Are Still Vulnerable To Heartbleed

May 9, 2014 – A month after the OpenSSL Heartbleed vulnerability made headlines, researchers say that there are still over 300,000 servers that remain vulnerable. A recently conducted global Internet scan revealed that 318,239 systems are still vulnerable, and over 1.5 million servers still support the vulnerable “heartbeat” feature of OpenSSL that allows the bug. Researchers say that the numbers could be larger, as this reflects only the confirmed cases.

Bitly Site Hacked, Customer Credentials Compromised

May 9, 2014 – The URL shortening service Bitly( has issued a warning saying their systems have been compromised and customer credentials have been exposed. According to the warning, there has been no evidence that any accounts have been accessed by the hackers at this time. As a precaution users' Facebook and Twitter accounts have been disconnected from the service. Bitly CEO, Mark Josephson issued a notification to users saying, “We have already taken proactive measures to secure all paths that led to the compromise and ensure the security of all account credentials going forward.”

US Cybersecurity To Get Boost From Defense Authorization Bill

May 9, 2014 – The House Armed Services Committee is moving forward on a defense authorization bill that would provide $5.1 billion for cybersecurity operations. The growth of the federal cyber workforce has been prioritized by the Pentagon, with a call for more than 6,000 professionals to work in support of the National Security Agency by 2016. The bill would “direct the Secretary of Defense to establish an executive agent to coordinate and oversee cyber training and test ranges, critical to operationalizing and improving our DOD cyber forces.”

Shanghai Students Hack School Systems

May 9, 2014 – Two students at a college in Shanghai's Songjiang District have been arrested and charged with hacking their school's systems and changing the grades of 200 students. According to reports, the two hackers charged between $2 - $3 for each change they made, earning a total of over $12,800. School administrators noticed the changes and notified the police, leading to the arrest of the students. The school says that they have fixed the security hole that was exploited.

Sentencing Of Sabu Delayed Again

May 8, 2014 – For the seventh time, the sentencing of the infamous Sabu, Hector Monsegur, has been delayed. Monsegur was scheduled to be sentenced today, but it appears that the US government is still using his services. Since his arrest in August 2012, Monsegur has been working with the government in identifying other hackers and in launching cyberattacks against foreign governments. A new sentencing date has not been set.

StubHub Hit With DDoS Attack In Brazil

May 8, 2014 – StubHub's, the Ebay owned online ticket vendor, Brazil website has been taken down by a distributed denial-of-service attack. A spokesperson for StubHub said that there has been a “huge DoS attack on the site from Brazil.” In response to the attack the company decided to deny access within Brazil while the incident is being investigated. The attack comes after the site started offering tickets to the World Cup. Both FIFA and the Brazilian government have said that tickets to the World Cup should only be purchased directly from FIFA. StubHub is still investigating the incident and have not said when the site will again be accessible within Brazil.

100 Thai Government Websites Breached

May 8, 2014 – Approximately 100 sites belonging to the Thai government have been hacked by cybercriminals in the last month. The sites have been used to distribute malware and for phishing attacks. Researchers have seen over 500 attacks originating from these breached sites. The impacted sites include those belonging to police forces, the Thai Navy and various other military organizations. Experts believe that these hacked sites will not be fixed any time soon, as the Thai government does not view this as a high priority.

50% Of DDoS Targeted Organizations Get Attacked Again

May 8, 2014 – Two reports have been released that show that over half of organizations targeted with DDoS attacks will be hit with another attack. According to a report from Neustar, once an organization is attacked there is an estimated 69% change of a repeat attack. Over 48% of the companies surveyed said they had been targeted by DDoS attacks between two to ten times. The reports also show that larger DDoS attacks are becoming more frequent with a 200% increase in attacks affecting bandwidth of between 1 and 20 Gbps.

Wall Street Journal Twitter Hacked By Syrian Electronic Army

May 7, 2014 – At least four twitter accounts belonging to the Wall Street Journal have been compromised by the Syrian Electronic Army (SEA). SEA used the accounts to post a message that read "@Irawinkler (Ira Winkler) is a cockroach" along with an image of his head on a cockroach's body. Mr. Winkler is the CEO of a security firm and recently presented on SEA, its methods, and its members at a security conference; he called SEA the "cockroaches of the internet." At that time, the hacker group defaced the conference's website, using it to show a threatening message against Ira Winkler. The Wall Street Journal secured its accounts shortly after the breach was discovered.

Members Of Team Digi7al Accused Of Hacking US Navy

May 7, 2014 – Two people thought to be members of the Team Digi7al hacking group have been charged with breaching the computer systems of the US Navy and over 30 other entities. Nicholas Paul Knight, 27, and Daniel Trenton Krueger, 20, are charged with targeting organizations to steal identities, obstruct justice and cause damage to protected computers. Knight is thought to be the leader of Team Digi7al, and served in the Navy as a systems administrator in the nuclear reactor department. A trial date has not yet been set, each man faces up to five years in prison. The other organizations targeted include the US National Geospatial-Intelligence Agency, the US Department of Homeland Security, the World Health Organization, the Toronto Police Service in Canada, the Los Alamos National Laboratory, the Montgomery Police Department, AT&T U-verse,, the Library of Congress and various universities.

France's Orange Suffers Huge Client Data Theft

May 7, 2014 – France's largest mobile phone company, Orange has suffered another attack leading to the theft of personal information affecting 1.3 million customers. This attack comes just three months after Orange suffered an attack that resulted in data belonging to 800,000 customers being stolen. The attack occurred on April 18, but Orange delayed the announcement so they could “lock” down their systems and find out how many customers were actually impacted. The stolen information includes names, email addresses, phone numbers and dates of birth.

Indonesian 'Gangsters Crew' Hacks Various UN, Government Sites In Yemen

May 7, 2014 – An Indonesian based hacker group with the name 'Gangsters Crew' has breached and defaced the website of the Ministry of Human Rights in Yemen, as well as the websites of the Yemeni branches of the United Nations, United Nations Development Programme, and United Nations Volunteers. The defacement pages include a smiley face, social media links, and the message "be secure your security get down xD". It has not been made clear why Yemen or the Yemen pages of the United Nations were targeted. Gangsters Crew is also responsible for several cyber attacks on Australia amid a recent spying row between them.

Cybercriminals Team Up To Target Smartphones With Ransomware

May 6, 2014 – Security researchers have noted that two teams famed for their PC ransomware have joined forces to target smartphones running Android, Linux or Window's operating systems. The malicious software masquerades as a legitimate application that then locks the device and demands a fine be paid because the device has been used to look at child pornography or other illegal material. Though ransomware on smartphones is not entirely new, the teaming up of two different cybercriminal organizations (the creators of a PC ransomware called Reveton, and the Nertra Ransomware team) to cast a wider criminal net seems to be a first for this kind of attack.

Newly Discovered DNS Flaw Redirects Users To Malicious Sites

May 6, 2014 – Two students from the Israel Institute of Technology have discovered a flaw with the protocols of the world's most used DNS software - BIND. Researchers believe that the flaw has yet to be exploited by criminals and so full details have not been released, however the exploit centers on a loophole that allows hackers to force a DNS server to connect with a specific server rather than one of the many decentralized databases that enable a computer to translate the names of websites to IP addresses. If hackers control the server, they can then provide a false IP address to the DNS service, thus forwarding the end-user to a malicious website. The students presented their findings to the relevant organizations, which have promised a patch soon.

DrawQuest Forced To Shut After Hackers Gain Access To Amazon's Servers

May 6, 2014 – DrawQuest, a popular free drawing application for Apple smart-devices has been shut down after hackers breached the Amazon servers used by the program. The production team announced that "the entirety of Drawquest" had been compromised, with the malicious actors ordering "hundreds of expensive servers, likely to mine Bitcoin or other cyrptocurrencies." The service was shut down immediately after the activity was detected, and the team announced it had no way of knowing what user information was accessed by the attackers - potentially putting user's passwords and e-mails at risk. DrawQuest does not intend to re-open.

Casino Company Affinity Gaming Suffers Additional Payment Hack

May 6, 2014 – Hackers managed to breach the credit and debit processing system of Affinity Gaming, a Nevada-based casino operator. The breach was discovered on April 28th, and it is not believed that any payment information was stolen after that period. However, it is unknown how long the system was unknowingly compromised or for how long hackers had access to the company's systems. Affinity Gaming is working with the authorities to investigate the matter and claims it has secured its systems. This is the second time within a year the payment system has been compromised, with the company announcing to customers that their card information had been stolen back in December 2013 - impacting as many as 300,000 customers.

Vulnerabilities Found On NSA Website

May 5, 2014 – Researchers have discovered vulnerabilities on the official National Security Agency (NSA) website. A cross-site scripting vulnerability was found on the site's homepage, which allowed the researcher to deface the page. The researchers also say they found a SQL injection vulnerability, which can be leveraged to access information stored in the site's databases. The vulnerabilities were reported to the NSA. No response was received by the researchers, but the vulnerabilities appear to have been fixed.

OpenID And OAuth Vulnerability Enables Third-Parties To Steal Account Credentials

May 5, 2014 – Popular authorization protocols OpenID and OAuth contain a recently-discovered covert redirect vulnerability that allows personal identification information to be stolen. Best known for allowing users on third-party sites to use their Facebook, Google, or Twitter log-in credentials rather than creating an entirely new account, the newly-discovered vulnerability centers around the Open Redirect principle where one site will freely transfers you to another for authorization. When a user opts to use their social media credentials to login, the third-party site redirects them there to approve the action, and the social media site then redirects the user back - along with their credentials - to the third-party. The vulnerability allows malicious sites to disrupt the final redirect and to transfer users to other sites all while stealing their login information.

University Of North Carolina Wilmington Breached

May 5, 2014 – Hackers have breached an application server at the University of North Carolina Wilmington. The university has said that it is possible that the hackers accessed the personal information of employees and students. The information on the server includes names, addresses and social security numbers of some employees and students. According to a notice from the school, there is no evidence that this information has been accessed or used at this time. It appears that the hackers breached the server in order to host a phishing page.

Student Arrested For Hacking School Computer To Change Grades

May 5, 2014 – Jose Bautista, an 18-year old student, has been arrested and charged with hacking the school's computer system to change grades for himself and four other students. It is being reported that Bautista gave a written confession to the principal of Dr. Michael M. Krop Senior High School. The principal then reported him to the police. He currently faces four counts of offenses against intellectual property, public records exemption and four counts of offenses against computer users. Bautista has been released on a $20,000 bond and will be on house arrest.

Google Search Appliance XSS Vulnerability Found

May 2, 2014 – Researchers have discovered a cross-site scripting (XSS) vulnerability in Google Search Appliance, which is a device that allows organizations to index and search through web content, databases and content management systems. The appliance is actually a combination of Dell hardware with Google software. In a Computer Emergency Response Team Coordination Center (CERT/CC) advisory they say that the device is vulnerable to reflected XSS attacks when the dynamic navigation feature is enabled. A fix has been issued through the release of versions 7.2.0.G.114 and 7.0.14.G.216.

Hackers Targeting Microsoft XP Machines

May 2, 2014 – Researchers have discovered a new attack that targets out-of-support Windows XP machines running Internet Explorer 8. The attacks have been seen in multiple industries throughout Europe and the United States. In response, Microsoft has issued an emergency, unscheduled patch. Multiple hacking groups have been observed using the vulnerability to attack government and energy sector organizations. An estimated three quarters of UK companies are still running XP even after the end of support.

British National Party Hacked By Anonymous

May 2, 2014 – A member of the Anonymous collective is claiming to have hacked the Twitter account and website of the British National Party (BNP). The hacker used the Twitter account to post anti-government messages, in addition to several offensive messages sent to members of the British Parliament. The BNP website was also defaced with a picture of a man wearing a Guy Fawkes mask and a message saying, “Hacked by Anon_0x03, F*** the Government!” It is unclear if the BNP has regained control of the Twitter account. There have been legitimate messages posted by the BNP, but the hacker's posts remain on the feed.

Anonymous Member Faces 440 Years In Jail

May 2, 2014 – Twenty-seven year-old Fidel Salinas of Donna, Texas, an alledged member of the Anonymous collective is facing 44 charges of cyber assault. He is accused of hacking computer systems of a county government, a school district and a newspaper. Salinas is also accused of several counts of cyber stalking. The FBI released a statement saying, “Salinas had the intent to harass and intimidate a female victim. Allegedly, he repeatedly emailed her, attempted to gain unauthorized access to her website, made submissions through a contact form on that site and tried to open user accounts without her consent.” Each of the charges carries a maximum sentence of 10 years in federal prison, bringing the total possible sentence to 440 years. Salinas' attorney denies he has had any connection to Anonymous.

DDoS Attack Takes Down UltraDNS Service

May 1, 2014 –A customer of UltraDNS, a Neustar DNS service provider, has been hit with a 100 Gbps distributed denial-of-service attack, that has resulted in the DNS service being down for several hours. UltraDNS issued a statement saying, “The Neustar UltraDNS Operations and Security teams continue to work with our Tier One Providers to further refine upstream mitigations within the Carriers networks. . . The DDoS traffic continues to shift attack vectors and our teams are working on altering countermeasures to insure stability of service as quickly as possible.” At the time of this writing the service has stabilized and is operating normally. Several customers reported outages of over 8 hours.

UK's National Crime Agency Warns Of Cyber Threat Increase

May 1, 2014 –The United Kingdom's National Crime Agency (NCA) has released the 2014 National Strategic Assessment of Serious and Organized Crime. The report focuses on attacks aimed at deleting, modifying or stealing data, disruption of access to systems through distributed denial-of-service attacks, traditional crime groups using services offered on cybercrime marketplaces and the increase of use of support services for cyber-dependent crimes. The NCA expects to see an increase in these areas over the next one to three years. The report says, “Specialist service providers and bespoke toolkits are opening opportunities for those criminals who have limited technical competence. Different organized crime groups who share the use of key criminal technical and other infrastructures is a growing threat. Criminal online forums provide a market place for the trading of such services.” The NCA does not have an estimate of the costs associated with these cybercrime, but they do say that it can be “reasonably assessed” at several billion pounds each year.

Ireland's Eircom Breached By Hackers

May 1, 2014 –The Irish telecommunications company, Eircom has taken down their email service after discovering a breach of their system. Eircom issued an alert saying, “We detected an intrusion on the perimeter of our email service and in accordance with our security procedures and industry best practice, we took immediate steps to lock down our email service and eliminate any threat to our 350,000 email users.” The origins of the breach are still unknown, and no hackers have taken credit for the breach. At the time of this writing email services have been restored for Eircom customers.

Russia Facing New Android Malware Spreading By Text Message

May 1, 2014 –Researchers have discovered a new android malware that spreads via text message in Russia. The malware is an APK file that when downloaded sends texts to entire address books in an attempt to infect others. The malicious text says, in Russian, “Is this your photo?”, and includes a link. If the link is clicked on the device will be infected. At this time, it appears that the malware is limited to Russia.

4chan Hacked

April 30, 2014 –The popular image-based bulletin board, 4chan has been hacked. The hacker was able to gain access to one of 4chan's databases by exploiting a website vulnerability. Christopher Poole, the founder of 4chan, posted a statement saying, “Due to the way the intruder extracted information from the database, we have detailed logs of what was accessed. The logs indicate that primarily moderator account names and credentials were targeted.” The hack was motivated by the hackers wanting to expose the posting habits of a specific user the hacker doesn't like. According to Poole, no customer financial data was compromised. The vulnerability that was exploited has been patched.

SEA Defaces RSA Conference Site

April 30, 2014 –Members of the Syrian Electronic Army (SEA) hacking group have redirected all visitors of the RSA Conference website to a site displaying a defacement page. This attack is in response to a RSA presentation by Secure Mentem President Ira Winkler, in which he made fun of SEA. SEA did not actually compromise the RSA site, rather they redirected visitors to the defacement page by exploiting Lucky Orange, an analytics tool installed on the website. The defacement message says, “Dear Ira Winkler, Do you think that you are funny? Do you think that you are secure? You are NOT. If there is a cockroach in the internet it would be definitely you.” The members of SEA said that there have been three negative reports published about the group, in response they have said there will be three attacks.

Colorado's Mercy Regional Medical Center Breached

April 30, 2014 –Mercy Regional Medical Center in Durango, CO has informed patients that their systems have been breached and hackers may have accessed patients' personal information. The information that may have been compromised includes names, social security numbers, Medicare beneficiary numbers, addresses, dates of birth, phone numbers and clinical information. It is believed that the hackers gained access through a phishing attack. Centura Health, the owner of Mercy Regional, has sent letters to approximately 1,000 patients notifying them of the situation. The letter states, “Centura Health took immediate steps to implement and/or reinforce necessary protective measures to help prevent similar events in the future.” Centura Health is currently working with authorities to investigate the attack.

European Advanced Threat Report Released

April 30, 2014 –A new report focusing on sophisticated attacks targeting Europe has been released. According to the report approximately 250 new workstations are infected each day in Europe. The United Kingdom, Switzerland, Germany and France account for 70% of the total number of infections. The leading targeted industries include the healthcare sector (21%), financial services (17%), chemicals/manufacturing/mining (9%), higher education (9%), telecom (7%), energy/utilities/petroleum refining (6%) and high-tech (6%). Twenty-five percent of advanced persistent threats have targeted federal governments.

Commerce Bureaus Fail Cyber Security Tests

April 29, 2014 –A recent report published by the Inspector General says that the Department of Commerce is unprepared to defend against cyber attacks. The report studied five bureaus or operations centers, and only one responded adequately to an external threat. The Bureau of Economic Analysis, the Bureau of Industry and Security, the International Trade Administration, the US Patent and Trademark Office and a Security Operations Center in the CIO's office were tested as part of the report. Over the course of eight months the Inspector General used automated software to send a steady flow of suspicious traffic at the department's public-facing websites. Only one analyzed and blocked the threat, while three did nothing at all in response. The report says, “The close communication between department bureaus and their Internet and security services providers that is needed to stave off cyber-threats is sorely lacking.” Outgoing Commerce CIO, Simon Szykman said that the department agreed with the report's findings and promised “corrective action plans from individual bureaus.”

Anonymous Planning May Day Protests

April 29, 2014 –Members of the Anonymous collective have posted a video announcing a campaign called “MayDay”, which calls on people to stage a “global day of resistance” on May 1. People are instructed to avoid using the services of banks and from shopping, so that “the one percent realizes that without the 99 percent they are nothing.” In the video the hacktivsts say, “March the streets, occupy the public space; be free and reclaim your rights as human beings.” There was no mention of any online protests on that day, however past Anonymous protests have always included cyber activity, such as distributed denial-of-service attacks.

Libyan Cyber Army Defaces Egyptian Ministry Of Information

April 29, 2014 –Members of the Libyan Cyber Army hacking group have breached and defaced the website of the Egyptian Ministry of Information. The defacement included a picture of the Libyan flag and a message saying, “Hacked by the Great Team.” The hackers did not give a reason for the hack. In the past, the Libyan Cyber Army has attacked sites belonging to the Libyian government and privately owned Israeli sites. At the time of this writing the website was still displaying the defacement.

European Cybercrime Center Looks To Disrupt Cybercriminals

April 29, 2014 –Troels Oerting, the head of the European Cybercrime Center (EC3), said that EC3 is shifting their focus from the prosecution of online criminals to the disruption of their activities. The shift is a response to cybercriminals increasingly using the darknet to stay anonymous, making it more difficult for law enforcement to find suspects' true identity and successfully prosecute them. According to Oerting, 75 to 80 percent of the crimes EC3 investigates is carried out by Russian-based groups. Oerting said, “They are out of reach and there's no extradition, so the best we can hope for is local prosecution. We need to move between prosecution to disruption of cybercrime.”

Microsoft Internet Explorer Zero-Day Vulnerability Found

April 28, 2014 –Microsoft has issued an alert that an Internet Explorer zero-day vulnerability has been discovered. The vulnerability impacts Internet Explorer versions 6 through 11. Cybercriminals have been exploiting the vulnerability in a campaign called Operation Clandestine Fox. Microsoft's alert warns, “If the current user is logged on with administrative user rights, an attacker who successfully exploited this vulnerability could take complete control of an affected system. An attacker could then install programs; view, change, or delete data; or create new accounts with full user rights.” Microsoft said they are investigating the vulnerability and will take “appropriate” steps. This will be the first zero-day vulnerability that will not be patched for Windows XP users, since Microsoft officially ended support for that system.

Hackers Say There's A New OpenSSL Flaw Similar To Heartbleed

April 28, 2014 –A group of hackers are claiming to have found a new OpenSSL flaw, that is similar to the Heartbleed bug. The hackers released a statement saying, “We have just found a vulnerability in the patched version OpenSSL. . . We are a team of five people, and we have coded nonstop for 14 days to see if we could find a workaround, and we did it!” The hackers have not yet made the vulnerability public, but are trying to sell it for 2.5 Bitcoins (about $1,070). Experts do not believe the hackers' claims and see this as a money-making scam.

UNICEF New Zealand Defaced By Syrian Hacker

April 28, 2014 –The Syrian hacker known as Dr.SHA6H has defaced the blog site of the United Nations Children's Fund (UNICEF) of New Zealand. The defacement message said, “Today, after looking at what faces (Syria) note most of the countries in the world do not want to help Syria.” Dr.SHA6H also breached and defaced a website owned by the Saudi Arabian Ministry of Health. At the time of this writing both sites were still displaying the defacement page.

Westminster, California Website Breached And Defaced

April 28, 2014 –Two Saudi Arabian hackers known as NeT-DeViL and Dr-TaiGaR are claiming to have breached and defaced the website of the city of Westminster, California. The two hackers are known members of the Group Hp-Hack hacking group. The defacement message reads, “City of Westminster California (Go to Hell) Hacked By: Group Hp-Hack!” No reason for the attack was given. At the time of this writing the website has been restored and is working properly.

Bitcoin Mining Malware Found In Google Play Store

April 25, 2014 –Researchers have discovered new malware in the Google Play store that is used to mine for Bitcoins. The malware, called BadLepricon, uses infected devices to perform the resource intensive computational processes needed to mine BitCoins. The malware was hidden within wallpaper apps, that had been downloaded hundreds of times. BadLepricon turns infected devices into a bot that uses a large amount of computer processor and battery power. Google has removed five apps that were found to be hiding the malware. This is the second time in less than a month that bitcoin mining malware has been discovered in the Google Play store.

Belgian Hosting Company Blackmailed By Hackers

April 25, 2014 –The hacking group known as Rex Mundi is claiming to have breached the systems of Belgian hosting company AlfaNet. The hackers are attempting to blackmail the company, threatening to leak data and attack websites hosted by AlfaNet if their demands are not met. The hackers said, “We have hacked their database and we have stolen all of their customer data. Alfanet has two more days to pay us 15,000 Euros.” To prove that they have the information, the hackers have posted samples of some customer data and database information. AlfaNet has not responded to the threats at this time.

Anonymous Cambodia Responding To Arrest Of Members

April 25, 2014 –Earlier this week it was reported that two members of Anonymous Cambodia have been arrested. Other members of the hacking collective have now announced plans to attack Cambodian government websites in response to the arrests. The hackers claim that they have a lot of supporters, and have published instructions on how to launch distributed denial-of-service attacks. The list of targets include private businesses, as well as the Cambodian government and police. Anonymous Cambodia issued a statement saying, “You arrested only two of us, but still we can continue our work and will be stronger than before. Ten times to 1,000 times and 10,000 times. It will never end.”

Indian Hackers Launch OpPakistan

April 25, 2014 –Indian hackers are claiming to have hacked and defaced a number of Pakistani government sites as part of the OpPakistan campaign. OpPakistan is a response to the number of hacks carried out by Pakistani hackers against Indian government websites. Defacement messages left by the Indian hackers say, “One minute of silence for those who think that by hacking Indian sites they will get Kashmir. Stop hacking Indian sites or expect us. It's the last warning.” OpPakistan targets include the National Portal of Pakistan, the Cabinet Ministry, the Pakistan Manpower Institute, the Ministry of Defense and the Ministry of Railroads. All of these sites are currently displaying a message that says, “Server is Under Maintenance & Thanks for visiting!”

AOL Mail Service Hacked

April 24, 2014 –AOL officials have confirmed that their mail service has been hacked. Thousands of users have been complaining about their accounts being used to send spam emails to their contacts. AOL released a statement saying, “AOL takes the safety and security of consumers very seriously, and we are actively addressing consumer complaints. We are working to resolve the issue of account spoofing to keep users and their respective accounts running smoothly and securely.” There has been no indication of who is behind the hack.

FBI Says Healthcare Cybersecurity Lagging

April 24, 2014 –The FBI has issued an alert to the healthcare industry saying, “according to open source reporting from SANS, Ponemon and RSA, the healthcare industry is not technically prepared to combat against cyber criminals' basic cyber intrusion tactics, techniques and procedures, much less against more advanced persistent threats.” The alert was not issued due to any imminent threats, but as a service to the industry as more organizations shift to electronic healthcare systems and medical devices that are connected to the Internet. A spokeswoman for the FBI said, “We're trying to educate people in the sector who are not aware.” The alert points out that the healthcare industry is not as resilient to cyber intrusions compared to the financial and retail industries.

Cyber Attacks From Iran Increasing

April 24, 2014 –A new report shows that in the past year there has been an increase in cyber attacks originating in the Middle East and Iran specifically. Up until now Iran has been thought of as a second-tier cyber threat behind countries like China and Russia. The report speculates that the increase in attacks from Iran is due to an interest in breaching critical infrastructure targets. After analyzing these new attacks, the report concludes that Iran still lacks the tools and skills necessary to be considered a “full-scope cyber actor.” Traditionally Iranian-based attackers rely on publicly available tools to exploit known vulnerabilities, which would put a limit on how much damage they can actually do. However, the researchers warn that Iran is expanding their capabilities and technical proficiency making them a more persistent threat.

New Russian Bill Could Ban Facebook, Gmail, Skype

April 24, 2014 –Russia's parliament has passed a new bill, as part of it's anti-terrorism laws, that would ban technology services that do not store Russian data within the country. The bill requires companies, such as Facebook, Gmail and Skype, to relocate Russian customer data within Russian territory, so that it can be legally acquired and inspected by the Russian government. If domestic or foreign email, social networking and instant messaging providers do not provide access to six months' worth of data, they can be banned from operating in Russia. To be compliant with this new law, foreign companies would need to install servers and data centers in Russia. The law has not yet been ratified by President Vladimir Putin.

HP And Amazon Cloud Service Vulnerabilities Discovered

April 23, 2014 –Researchers have discovered that HP and Amazon Cloud Services are vulnerable to hacker attacks, due to their running unpatched versions of Windows Server 2003. The researchers were able to exploit old security vulnerabilities on the servers because updates were never applied. It was discovered that the last patches applied to HP's Public Cloud were done in July 2013. Experts believe that the cloud service providers have disabled the autoupdate feature on their servers resulting in these issues. Other cloud service providers have the same problems, including GoGrid which hasn't updated their server installations since April 2012.

30,000 Iowa State University Students Have SSNs Exposed In Hack

April 23, 2014 –Iowa State University has said that five servers were breached in a recent hacking attack. The servers contained the social security numbers of approximately 30,000 students. According to the school no financial information was exposed, and there is no evidence that the social security numbers were actually stolen. Jonathan Wickert, Iowa State's Senior Vice President and Provost said, “We don't believe our students' personal information was a target in this incident, but it was exposed. Iowa State has always taken information security very seriously, and we will continue to take every possible action to safeguard the personal information of those who learn and work here.” The university is currently working with law enforcement to investigate the incident.

Indian Political Party Blocks Pakistani Access

April 23, 2014 –Following several recent Pakistani hacker attacks against India's Bharatiya Janata Party (BJP) website, the political party's site can no longer be accessed from Pakistan. When attempting to reach the BJP site from Pakistan, users receive a message saying, “The owner of this website has banned your IP address on the country or region you are accessing it from.” The head of BJP's IT department said that the blocking is an automatic response by their self-defense mechanisms due to the number of hacking attacks originating in Pakistan. The website for the BJP's candidate for Prime Minister is also blocked from Pakistan.

Two Members Of Anonymous Cambodia Arrested

April 23, 2014 –Two 21 year-old Cambodian men, believed to be members of Anonymous Cambodia, have been arrested and charged with computer hacking. The men, known as the hackers Black Cyber and Zoro, face up to two years in prison. The director of Cambodia's Ministry of Interior's internal security department said, “These are the first members of the Anonymous hacker group who have been arrested by the [Cambodian] police, and we found no [evidence] of any [planned] terrorist attack.” The men are currently in prison awaiting trial. Additional people are currently being investigated for alleged connections to cyber attacks against the Cambodian government, but no further arrests have been made at this time.

AnonGhost Reveals Critical Facebook Flaw That Leads To DNS Hijack

April 22, 2014 –The hacker known as Mauritania Attacker, a known member of the AnonGhost hacking group, has revealed that there is a critical Facebook security flaw which allows any hacker to perform a DNS hijack attack. A DNS hijack will result in Facebook users being navigated to any server the hacker chooses. Mauritania Attacker has published a package containing full instructions on how to perform this attack. The hacker was able to show four sample attacks that would result in Facebook's DNS being hijacked.

iBanking Malware Targeting Android Users

April 22, 2014 –A new mobile malware known as iBanking has been discovered. The malware is able to steal SMS messages and redirect incoming phone calls. The attack actually begins with a Trojan called Win32/Qadars, which attempts to have victims download iBanking. The iBanking mobile application is used to bypass mobile two-factor authentication methods. This method is called mobile transaction authorization number, and is used by several financial institutions as well as Gmail, Twitter and Facebook.

Anonymous Announces OpMcDonalds

April 22, 2014 –Members of the Anonymous collective have released a video announcing the planning of a new operation targeting McDonalds. They accuse McDonalds of abusing their employees and stealing wages. In the video, the hacktivists say, “The corporation's flagrant disregard for the millions of people slaving away each day to create its profits is truly staggering. But that millions more of us continue to hand over our cash to such an unethical company, for food barely worthy of the description, that is even worse.” No specific details about the operation have been released at this time.

Indian Party Leader's Site Defaced By Pakistani Hacker

April 22, 2014 –The Pakistani hacker known as Muhammad Bilal breached and defaced the website of the Indian BJP party leader L.K. Advani. The defacement message called for an end to “militarized governance in Kashmir.” There has been no statement from Advani or the BJP party.

GAO Not Satisfied With SEC Information Security

April 21, 2014 –The Government Accountability Office (GAO) has issued a report saying that the Security and Exchange Commission (SEC) needs to improve its information security controls. The report specifically addresses issues with access controls, patch management, contingency and disaster recovery planning and segregation of duties. The report reads, “The information security weaknesses existed, in part, because SEC did not effectively oversee and manage the implementation of information security controls during the migration of a key financial system to a new location.” The SEC's CIO, Thomas Bayer said, “In 2014, the SEC will continue to optimize our controls and further improve the security of our systems that support financial processes and our overall risk management process.”

NullCrew Hacks University Of Virginia

April 21, 2014 –Members of the NullCrew hacking group are claiming to have breached and stolen data from the systems of the University of Virginia. The hackers say that this hack is part of the F**kTheSystem operation. NullCrew issued a statement saying, “F**kTheSystem is generally aimed at the government, or anything that is corrupt . . . ranging from government contractors, to universities, to telecommunications companies and other things. . . They are all part of the system.” The hackers said they were targeting other entities including Spokeo, Telco Systems and BATM, Klas Telecom, the State of Indiana, National Credit Union, ArmA2, International Civil Aviation Organization and the Science and Technology Center of Ukraine.

Over 500,000 Mobile Banking Users Infected With Malware

April 21, 2014 –Researchers have discovered a new malicious mobile phone app called mToken that has infected over 500,000 online banking users. Most of the infected users are located in the Gulf region. The cybercriminals have created fake phone apps that look identical to the official apps of well-known Middle East banks. They then use the malicious apps to infect the device and steal personal and banking information.

Bangalore, India City Police Site Breached

April 21, 2014 –The Pakistani hacker known as H4x0r10ux m1nd is claiming to have hacked and defaced the Bangalore, India City Police website. The hacker left a message on the site criticizing the Indian government for killing innocent people in the Kashmir region. The message reads, “Govt. of India its time to repay for what you have done to our Kashmiri Brothers! You killed them just because they support and want to be a part of Pakistan.” At the time of this writing the site was restored and operating normally.

Vulnerabilities Found In SATCOM Systems

April 18, 2014 –Satellite communications (SATCOM) systems have become a target for cyber attacks due to their critical role in military and government operations. Researchers have uncovered several critical vulnerabilities including hardcoded credentials, undocumented and insecure protocols and backdoors in widely deployed SATCOM terminals. If an attacker exploits these vulnerabilities they could intercept, manipulate or block communications. Attackers could also remotely take control of the physical devices used in satellite communications.

Redhack Breaches Turkish Investment Bank

April 18, 2014 –Members of the RedHack hacking group are claiming to have hacked the systems of Aktif Bank, a Turkish investment bank. The attack is a response to the bank's new e-ticketing system for soccer fans. The new system requires ticket purchasers to provide personal information, and then will keep track of where each person is seated. According to the government, the system is designed to help reduce violence at games, but the hackers believe its a way to keep track of anti-government protestors. RedHack has also started a distributed denial-of-service attack against the bank's website.

LocalBitcoins Confirms Security Breach

April 18, 2014 –LocalBitcoins, a decentralized Bitcoin exchange located in Finland, has confirmed that they have suffered a security breach. The breach was first discovered by several users who reported missing funds from their accounts. LocalBitcoins issued a statement saying, “Most likely explanation to these attacks have been stolen user credentials through phishing or malware.” The company has over 110,000 users, which makes it the largest decentralized market in the world.

Hacker Taking Credit For Inappropriate US Airways Tweet

April 18, 2014 –Earlier this week an inappropriate tweet was sent from US Airways Twitter account. US Airways has since issued an apology and said one of their employees posted it accidentally. However, a hacker known as breakfast_ is claiming responsibility for hacking the US Airways account and sending the offensive image. The hacker said, “A friend of mine sent me the picture . . . and I told him 'I'm going to work my a** off to hack airlines this week.' Originally, I wanted to tweet it out form the Malaysian Airlines account but I thought better of it and US Airways was the first account I got a hold of.” breakfast_ hacks corporate accounts because he believes the US is becoming an oligarchy, and he feels the country is being controlled by the wealthy. He went on to say, “I'm working actively right now to hack some hardcore republicans. The usual suspects who are talking on Fox News.”

SQL Injection Attacks Hit 65% Of US Organizations

April 17, 2014 –The Ponemon Institute has issued a new study that 65% of US organizations have experienced an SQL Injection attack in the last 12 months. The study included 595 US security practitioners, who also reported that it took an average of 140 days to discover a breach and an additional 68 days to remediate. Only 34% of respondents agreed or strongly agreed that their organization had the technology or tools to detect SQL injection attacks. Fifty-two percent said that they do not test or validate any third party software to ensure it's not vulnerable to SQL Injection attacks. Dr. Larry Ponemon, the founder of the Ponemon Institute, said, “Organizations believe they struggle with SQL Injection vulnerabilities, and almost half of the respondents said the SQL Injection threat facing their organization is very significant.”

Canadian Teen Arrested For Using Heartbleed To Compromise Tax Payer Info

April 17, 2014 –A 19-year-old Canadian man, Stephen Arthuro Solis-Reyes, was arrested by the Royal Canadian Mounted Police (RCMP) for stealing the personal information of 900 Canadian tax payers. The man leveraged the Heartbleed bug to gain access the data. The RCMP released a statement saying, “It is believed that Solis-Reyes was able to extract private information held by the CRA by exploiting the security vulnerability known as the Heartbleed bug.” Solis-Reyes is charged with with mischief and unauthorized use of a computer to steal data from the Canada Revenue Agency's website.

Nigerian Cyber Army Breach And Deface Nigerian Army Site

April 17, 2014 –Members of the Nigerian Cyber Army (NCA) hacking group breached and defaced the Nigerian Army's website. The defacement messages warned the Army that the NCA has returned and they plan on targeting more government sites. The Nigerian Army was able to quickly regain control of the site and delete the defacement messages.

Romanian Arrested For Attempted Hack Of President's Site And Stealing Credit Card Data

April 17, 2014 –Romania's Directorate for Investigating Organized Crime and Terrorism (DIICOT) have arrested a 37-year-old man who they believe attempted to hack into Romania's presidency website. He is also accused of stealing details of over 62,000 credit cards. Authorities say that the man attempted to breach the president's website to access restricted information. Representatives of the Special Telecommunications Service, the organization that administrates the website, have said that the site has never been breached.

LaCie Hacked, Customer Information Leaked

April 16, 2014 –The website of LaCie, the digital storage manufacturer, has been hacked. According to the company they were breached by a piece of malware that stole website transaction information. The compromised information includes user names, passwords, names, addresses, email addresses, credit card numbers and card expiration dates. LaCie has contracted a forensic investigation firm to analyze the breach.

Bulgarian Cryptocurrency Exchange Hit With DDoS

April 16, 2014 –Bulgarian cryptocurrency exchange, BTC-e suffered a distributed denial-of-service attack. According to BTC-e the attack happened periodically, but there was nothing significant about it. In a statement the company said, “We don't consider it as an important problem, as there is a workaround to fix it quickly.” The company said this was a minor outage and there was no security breach. At the time of this writing the exchange was up and operating normally.

Connecticut Utilities Penetrated, But Interruptions Prevented

April 16, 2014 –Connecticut state utility regulators reported that electric, natural gas and major water companies and regional distribution systems have been penetrated by cybercriminals, but their defense systems were able to prevent any disruptions. The report from the Public Utilities Regulatory Authority said that security threats are constantly evolving and “becoming more sophisticated and nefarious” and the utilities must constantly improve their defenses to prevent breaches. Governor Dannel Malloy said, “The chance of an attack doing serious damage to the state of Connecticut cannot be taken lightly, and therefore we are stepping up our game in preparation.”

Twitter To Ban Some Turkish Accounts

April 16, 2014 –A senior Turkish government official said that Twitter has agreed to ban several users' accounts at the government's request. Recently the Turkish government had attempted to block the Twitter service in the country, but they were not successful. The block was lifted after a Turkish court ruled that blocking the service violated free speech laws. There has been no official word on how many accounts would be banned. Twitter has not released a statement about this issue.

German Aerospace Center Under Spyware Attack

April 15, 2014 –The German Aerospace Center, Germany's national center for aerospace, energy and transportation research is being targeted by a coordinated and systematic spyware attack. It is believed that the attack is being conducted by a foreign intelligence agency. The attack is so complex that forensic investigators have not been able to detect the actual malware. Some of the Trojans used are designed to self-destruct when they are discovered. All operating systems at the German Aerospace Center are impacted by this attack.

VFW Breached, 55,000 SSNs Exposed

April 15, 2014 –The Veterans of Foreign Wars website has been breached by hackers believed to be from China. The names, addresses and social security numbers of over 55,000 VFW members were compromised. A letter from the VFW said, “VFW has been informed that the purpose of the attack wasn't identity theft, but rather to gain access to information regarding military plans or contracts.”

National Retail Federation Developing Cybersecurity Program

April 15, 2014 –The National Retail Federation (NRF) is developing a retail and merchant industry information sharing and analysis center designed to assist companies when dealing with cyber threats. The program, being developed with the support of the Financial Services Information Sharing and Analysis Center. The new program will give retailers a central location for cyber security information from government departments, law enforcement agencies, other retailers and financial service organizations.

480,000 Individuals Exposed In UK Cosmetic Surgery Breach

April 15, 2014 –The personal details of 480,000 people have been compromised in a breach of the UK based Harley Medical Group website. The names, addresses and phone numbers of the individuals that entered their information in a form on the website. No medical or financial information has been exposed. Harley Medical Group representatives said that they took “measures” as soon as they were made aware of the breach.

Flickr Vulnerabilities Discovered

April 14, 2014 – Flickr, the online photo management website, has multiple web application vulnerabilities according to researchers. SQL injection vulnerabilities have been discovered on Flickr Photo Books, a new custom printing feature that was launched 5 months ago. Two parameters have been found that are vulnerable to Blind SQL injections and one vulnerable to Direct SQL injections. A successful SQL attack could allow access to the database and MySQL administrator password. Yahoo, which owns Flickr, said it has now patched the vulnerabilities.

Tunisian Hacker Team Threatens United States

April 14, 2014 – Members of the Tunisian Hackers Team hacking group have posted a new video in which they threaten to target the United States. The new campaign is called TheWeekOfHorror and the goal is to get the United States to remove their military from the “Muhammad lands.” According to the video, the campaign will begin in July 2014. The hackers say they will attack the US's financial industry and computer systems at airports.

Israeli Hackers Identify Individuals Behind OpIsrael

April 14, 2014 – The Israeli hacking group known as Israeli Elite Force is claiming to have identified the individuals behind the OpIsrael hacking campaign. Buddhax, a member of the Israeli Elite Force, has posted files that include the names, email addresses and pictures of sixteen people that are accused of being behind OpIsrael. The individuals are from Indonesia, Malaysia, Portugal, Italy, Finland, Switzerland, Saudi Arabia, the UK and Algeria. Buddhax also posted a message with the information saying, “Next time do not take part in an offensive against Israel. We know who you are, we know where you are. Hail Israel.”

Nine Arrested For Using Zeus Malware To Steal Millions

April 14, 2014 – The US Department of Justice has charged nine alleged cybercriminals for using the Zeus banking malware to steal millions of dollars from banks. The men are charged with defrauding Bank of America, First Federal Savings Bank, First National Bank of Omaha, Key Bank, Salisbury Bank & Trust, Union Bank and Trust and United Bankshares Corporation. All of these banks are insured by the Federal Deposit Insurance Corporation. The defendants are also charged with infecting thousands of business computers with malware that steals passwords, account numbers and other online banking information. The Metropolitan Police Service in the UK, the National Police of the Netherlands' National High Tech Crime Unit and the Security Service of Ukraine are assisting with the investigation.

South Korean Banks Breached, Leads To Data Leaks

April 11, 2014 – According to South Korean authorities, Citibank Korea Inc. and Standard Chartered Bank Korea have been breached. Information belonging to over 50,000 clients have been stolen from the banks. This is the second data leak involving the two banks, in December the personal data of 130,000 customers was leaked. The new data leak apparently does not include any critical information such as credit card numbers or passwords. This new information is being utilized in a phone phishing scheme, where the cybercriminals are attempting to scam the bank's customers into revealing sensitive financial information.

US Government Says Companies Will Not Be Sued For Sharing Cybersecurity Information

April 11, 2014 – The US Justice Department and the Federal Trade Commission issued a formal policy statement, assuring companies the federal government will not bring lawsuits against them for sharing cybersecurity information with each other. There has been concern that sharing cybersecurity information would be in violation of antitrust laws. Antitrust laws are meant to prevent companies from inflating prices and hindering competition. The policy statement says that sharing cybersecurity information such as incident reports or malicious code is unlikely to violate the law. The head of the Justice Department's Antitrust Division said, “As long as companies don't discuss competitive information like pricing and output when sharing cybersecurity information, they're okay.”

Saudi Arabian Ministry Of Health Site Defaced

April 11, 2014 – The hacking group known as the Moroccan Islamic Union-Mail have breached and defaced a website belonging to the Saudi Arabian Ministry of Health. The defacement is in response to Saudi Arabia naming the Muslim Brotherhood a terrorist organization. The defaced site belongs to the Public Administration for Combating Generic and Chronic Diseases. The defacement includes a picture of a group of people holding signs of Mohamed Morsi, the former president of Egypt and a leader within the Muslim Brotherhood. At the time of this writing, the site is still defaced.

Lubbock, TX Cardiology Clinic Breached, Leak Health Records

April 11, 2014 – The Lubbock Cardiology Clinic in Lubbock, TX has issued a notification that their EHR (electronic health records) system was breached and the hackers gained unauthorized access to medical records. According to the notification the breach occurred between December 15, 2013 and January 30, 2014. Over 1,400 medical records were viewed, copied, downloaded and exported. The records included names, addresses, phone numbers and social security numbers. The Clinic says they are, “vigorously seeking answers and recovery of this information.”

IRS Data Security Not Sufficient According To GAO

April 10, 2014 – The Government Accountability Office (GAO) have reported that the Internal Revenue Service (IRS) does not sufficiently monitor their databases for activity that could indicate a breach has occurred. According to the GAO report, for the seventh consecutive year the IRS has not patched security vulnerabilities that could lead to leaks of financial data. GAO Managing Director, Nancy Kingsbury wrote in the report, “Serious weaknesses remain that could affect the confidentiality, integrity and availability of financial and sensitive taxpayer data.” IRS officials in a written response to the GAO said they are dedicated to improving data security and look forward to working together to “develop appropriate measures.”

Financial Malware On The Rise According To Report

April 10, 2014 – A recent report shows that the number of cyberattacks involving financial malware increased to 28.4 million in 2013, a 27.6% increase over 2012. The increased use of cryptocurrency is partially responsible for this increase. The most common methods of financial malware are banking Trojans, keyloggers and two new types of malware – the first that breaches Bitcoin wallets and the other that downloads software designed to generate cryptocurrency.

Deltek Breached, Customer Info Leaked

April 10, 2014 – Deltek, an enterprise software and information solutions provider, had it's GovWin IQ website breached. The website provides information to assist organizations in winning government business. The hackers accessed customer information including names, billing addresses, telephone numbers, business email addresses, credit card numbers and expiration dates. President and CEO of Deltek, Mike Corkery issued a statement saying, “We have remedied the security vulnerability that we believe the hacker exploited in order to gain unauthorized access to our GovWin IQ system.” Deltek is working with law enforcement to investigate the incident.

Another Pleads Guilty In Cybercrime Ring

April 10, 2014 – Cameron Harrison, one of several individuals charged with being involved in the identity theft service has changed his plea from not guilty to guilty. Harrison said he has not been offered a plea agreement from the government. Harrison is accused of purchasing counterfeit identification documents and stolen payment card data from members. He is charged with participating in a racketeer influenced corrupt organization, conspiracy to engage in a racketeer influenced corrupt organization and trafficking in the production of false identification documents. The total sentence for all charges could be up to 55 years in prison and a fine of up to $750,000. Over 50 other individuals have been charged in connection with, but the heads of the organization have not yet been found.

Bank Of Israel Ids And Passwords Leaked

April 9, 2014 – The hacking group known as Moroccan.Agent.Secret has leaked data that they claim belongs to over 1,800 Bank of Israel customers. The hackers say that the leak is part of OpIsrael, and that the information was obtained when they breached the bank's systems earlier this week. There has been no verification that the information is legitimate. Other hacking groups have claimed to leak information from Israeli sources this week, but it has turned out that the information was old.

Anonymous To Target Educational Institutions

April 9, 2014 – Members of the Anonymous collective have announced the formation of OpSafeEdu. The hackers said that the lack of security on educational websites is a violation of student liberties. The Center for Internet Security (CIS) has issued a warning about a potential increase in attacks on educational institutions in response.

President Of Gabon's Site Taken Down

April 9, 2014 – Members of the Anonymous hacking collective are claiming to have taken down the official website of Ali Bongo Ondimba, the President of Gabon. The distributed denial-of-service attack is part of OpGabon. At the time of this writing the site is back up and operating normally.

Remote Code Execution Flaw On BlackBerry 10

April 9, 2014 – BlackBerry customers have received warnings that a stack-based buffer overflow vulnerability in the qconnDoor service could lead to a remote code execution on BlackBerry 10 phones. The qconnDoor service is used to provide shell and remote debugging capabilities. However if exploited, an attcker can execute code with superuser rights, or terminate the qconnDoor service. An update has been released to fix the vulnerability.

Russian Crime Syndicate Accused Of High Profile Hacks

April 8, 2014 – U.S. officials say they have identified a Russian crime syndicate as the group responsible for dozens of high profile hacking operations over the last several years. The attacks attributed to the group include Neiman Marcus, 7-Eleven, JetBlue Airways, JC Penney and Visa. The officials say that they have been unable to dismantle the syndicate due to a lack of cooperation from Russian authorities. Richard Clarke, former special adviser for cybersecurity to the Bush administration said, “The FBI has tried to get cooperation, the State Department has asked for help and nothing happens, so law enforcement options under the current circumstances are pretty negligible.” The FBI did issue an advisory to retailers warning that the memory-parsing malware that infects POS systems used in the Neiman Marcus and Target breaches has been connected to over 20 other hacking cases in the last year, and retailers should expect more breaches. The syndicate is believed to be responsible for stealing over 160 million credit card records.

Top Websites Vulnerable To New Heartbleed Vulnerability

April 8, 2014 – Researchers have discovered a new OpenSSL vulnerability that is being referred to as the Heartbleed bug. The Heartbleed bug can be leveraged to intercept private keys, user names, passwords and other private information. According to the researchers several of the top 1,000 Alexa sites are vulnerable to the bug including Yahoo, Imgur, Stackoverflow, Flickr, OKCupid, DuckDuckGo, Eventbrite and several popular adult sites. The researchers were able to detect successful exploitation of the vulnerability by inspecting the sites' network traffic.

OpIsrael Results

April 8, 2014 – Yesterday, hackers launched the second OpIsrael campaign meant to, “wipe Israel from the Internet”, as the AnonGhost hacking group said. Hackers launched attacks against thousands of Israeli sites, most belonging to small businesses. Only a few Israeli government sites suffered outages that lasted only a few minutes. In response to the attacks, Israeli hackers launched counter attacks against several radical Islamist sites and the OpIsrael website. The hackers defaced the OpIsrael site with pro-Israel slogans and links.

Indian Hacker Takes Down Pakistani Terrorist Website

April 8, 2014 – The Indian hacker known as Godziila is claiming to have taken down the Pakistani terrorist group, Tehreek e Taliban Pakistan's (TTP) website. The hacker issued a statement saying, “This website was hosted on a shared server, we found several security flaws and crushed down the website.” TTP is an organization of various militant groups that have been banned and labeled as terrorist organizations by the Pakistani government. Godziila has previously attacked the websites of the Pakistani Army and other political groups.

European Cyber Army Leaks Over 60,000 Account Details From Syrian Sites

April 7, 2014 – A member of the European Cyber Army known as Zer0Pwn is claiming to have leaked over 60,000 account details from two Syrian websites. The leaked information includes names, email ids, passwords, phone numbers and other details. The hacker published the leaked information with the title, “ECA vs. Assad.”

OpIsrael Launched

April 7, 2014 – As previously stated by members of Anonymous and AnonGhost, OpIsrael was launched today. This is the second time that the hackers have run this operation against Israel. So far there have been several small business websites in Israel that have been defaced. In addition some government and financial websites have been targeted with distributed denial-of-service attacks. There have also been a number of false hack claims, with hackers publishing old data and claiming to have leaked it from different companies. At this point most of the analyzed “leaked data” appears to either be old or fake.

Kansas Online Student Testing System Suffers DDoS Attack

April 7, 2014 – The Kansas Interactive Testing Engine (KITE), an online student testing system, was hit with a distributed denial-of-service attack. Students who were taking the test during the time of the attack received an error message or a blank screen. Marianne Perie, co-director of the Center for Educational Testing and Evaluation at the University of Kansas said, “We don't know if it was two bored teenagers or an anti-testing attack. We have no information.” State representatives have stated that no student information was accessed. At the time of this writing all systems have been restored and are operating normally.

Leak Of Over 36k Accounts From Hacked Jobs Site

April 7, 2014 –, an online jobs website, has been hacked by the hacker known as ProbablyOnion. ProbablyOnion is the hacker responsible for the recent hack of After breaching the website, the hacker also leaked information of over 36,000 users. The leaked information includes names, home addresses, phone numbers, emails and clear text passwords. It is believed that an SQL injection vulnerability was leveraged in the attack.

Sabu Sentencing Delayed Again

April 4, 2014 – The sentencing of Hector Xavier Monsegur, formerly known as Sabu - the leader of the LulzSec hacking group, has been delayed for the sixth time. Monsegur was scheduled to be sentenced on April 2nd, but it was postponed until May 8, 2014. Monsegur has been working with the government in finding other hackers. He was originally arrested in June 2011 and has pled guilty to 12 charges. The first sentencing date was scheduled for August 2012.

Arcadia, FL Website Hacked

April 4, 2014 – The official government website for the city of Arcadia, Florida has been hacked. The hackers breached the site and have set up a pop-up advertisement for a video player download. Visitors that clicked on the download were actually downloading either a Trojan or a piece of ransomware. The Arcadia website administrators removed the pop-up as soon as they were notified about the issue.

Israel To Suspend International Traffic

April 4, 2014 – In preparation for OpIsraelBirthday, the Israeli government has announced that they will temporarily block international traffic to some government websites. OpIsraelBirthday is a hacking operation being planned by the AnonGhost hacking group and other pro-Palestinian hackers. The operation is scheduled for April 7, 2014. According to sources the suspension will be in effect from Friday through Monday. In addition Israeli civil servants have been instructed not to open emails from any foreigners.

Anti-Testing Group Website Hacked

April 4, 2014 – The United Opt Out National, a nonprofit organization dedicated to eliminating standardized tests, website has been hacked. The hack took place last month while the leaders of the organization were attending a conference to discuss strategy to promote their mission. Administrators were not able to access the site and they have since taken the site down. Visitors to the site now are greeted with a message that says, “Our site has been maliciously hacked and destroyed in an act of political sabotage. Please be patient while we rebuild the site, and get our Opt-Out resources back on line.”

NullCrew Hacks Saudi News Org

April 3, 2014 – Members of the NullCrew hacking group have breached the Saudi-owned Al Arabiya news organization. NullCrew claims to have worked with members of The Horsemen of Lulz hacking group to exploit a vulnerability in Al Arabiya's email server and web client software. As a result of the breach the hackers leaked user names and passwords for the mail server. The hackers posted a message saying, “Al Arabiya is the second largest news agency in the Middle East. Considering we've been targeting large media corporations? Well, it falls right into our range; So, without further ado. NullCrew and The Horsement Of Lulz persent to you? The candies.” The hackers claim that they have additional information that they could leak, but have not decided if they will at this time.

Oracle Java Cloud Service Attack Code Posted

April 3, 2014 – Adam Gowdiak, a Polish security researcher has posted the technical details and attack code for several security vulnerabilities that affect Oracle's Java Cloud Service. Some of the vulnerabilities could allow an cybercriminal to remotely attack applications hosted in the service's data centers. The vulnerabilities affect customers in Java Cloud's US and EMEA data centers. Gowdiak said he published the information because Oracle stopped corresponding with him about the vulnerabilities. Oracle has not issued a statement at this time.

Egyptian Armed Forces Training Authority Defaced

April 3, 2014 – The hacker known as YMH is claiming to have breached and defaced the Egyptian Armed Forces Training Authority website. The defacement message was left in Arabic, translated to English it says, “Owned by YMH! We don't know with whom to fight, el Sisi or the Muslim Brotherhood, leave all the politics behind and enjoy yourselves a little with the tea of Om Hasan.” YMH has previously claimed to hack the sites of the Tourist Development Authority of Egypt and the Military Technical College of Egypt.

ISPs Suffering From DNS DDoS Attacks

April 3, 2014 – New research has discovered that ISPs have become increasingly vulnerable to DNS amplification distributed denial-of-service attacks due to the millions of home routers that have open DNS proxies. In February 2014 alone, over 5.3 million home routers were used to generate DDoS attacks. In one specific attack over 70% of the ISP's DNS traffic was associated with an amplification DDoS attack. The researchers conclude that due to this built-in vulnerability in DNS proxies, ISPs can be victimized even if they follow normal best practices to protect their networks.

Samsung's Hacked

April 2, 2014 – Web based television service company has been hacked and customer data has been leaked. The cybercriminals posted private information belonging to 158,000 of Boxee,tv's clients. The breach includes almost 800 Mb of data stolen from the company's forum. Over 158,000 user accounts were compromised exposing password hashes, user IPs, dates of birth and user messages sent through the service.

WinRAR Files Allow Spoofing Vulnerability

April 2, 2014 – Israeli researchers have discovered a WinRAR file extension spoofing vulnerability, which can assist hackers in the delivery of malware.. The file spoofing allows hackers to modify the filenames and to bind malignant code in the archive disguising itself as '.jpg', .'txt' or another format. Researchers have also found Zeus like Trojans attached to the files. Users are advised to use alternate archive software and avoid opening archives with passwords.

Liquor Sore Chain Suffers Data Breach

April 2, 2014 – Spec's, a Texas liquor store chain, suffered a breach of the systems of 34 stores for a total of 17 months.. The cybercriminals had access to customer credit and debit card numbers, expiration dates and security codes. They also obtained driver's licenses numbers, check information, bank account and routing numbers and birth dates. The company stated that less then 550,000 customers and Spec's employees were impacted. Spec's released a statement saying, “Thankfully, most of our customers were not affected. While it is a relief that fewer than 5% of our total transactions may have been impacted, that in no way diminishes our great concern for those affected.” Spec's advised their customers to place fraud alert on their files with major credit card holders.

OpAlbuquerque Continues

April 2, 2014 – Members of the Anonymous collective have issued a new statement with a list of new demands for OpAlbuquerque. Operation Albuquerque is a response to the police shooting of a homeless man in March. The hacktivists' statement said, “We are here in solidarity with the Albuquerque's citizens and to help bring justice that is long overdue. . . We call upon you to hold the appropriate authorities accountable . . .” The demands include the US Department of Justice taking over the Albuquerque Police Department, 'authentic and verified citizen oversight of APD', the immediate arrest of the officers involved in the shooting, the termination of the Police Chief and the indictment of all officers who violate citizens' rights. OpAlbuquerque has so far included the distributed denial-of-service attacks against the APD and City of Albuquerque websites. The Anonymous members are also planning a Twitter storm for today.

DDoS Attack On Mad Mini

April 1, 2014 – Email marketing service company Mad Mimi was hit with a distributed denial of service attack from an attacker using the name Mark Nds.. In order for the attacks to stop, the cybercriminal demanded to be paid 1.8 bitcoin, (which is worth less than $1,000) in 24 hours. The marketing company has refused to make payment, saying, “Blackmail and extortion don’t stop with acquiescence – it only encourages further attacks. As such, we’ve decided to not play along.” At this time Mad Mimi is working with law enforcement to find a solution.

Kuwait's Ministry Of Interior Hacked

April 1, 2014 – Two hackers known as Shmook Amer and Dr. Hjd are claiming to have hacked the website of Kuwait's Ministry of Interior. The message left by the hackers was a plea to Middle Eastern countries to join forces and take military action on the crisis in Syria. The hackers left a message on the defaced page in Arabic saying, “We need actions because they are louder than words.” At the time of this writing the website has been restored.

China Reports That US Is Responsible For Most Cyberattacks Against China

April 1, 2014 – According to a recent report released by China's Computer Emergency Response Team (CNCERT), most cyber attacks on China's computers are coming from the United States. The CNCERT report shows that the US is responsible for attacks on 30% of Asia's computers each year. According to the report, Anonymous hackers are responsible for breaching over 600 of China's government computer system and malware tripled in 2013 because of the US based attacks. The Chinese agency claims they have the data to prove these claims against the US.

DeadMau5 Twitter And Facebook Accounts Hacked By Anonymous

April 1, 2014 – Earlier today, members of the Anonymous collective hacked the Twitter and Facebook accounts of music producer Joel Zimmerman, also known as DeadMau5. Several messages were posted on Zimmerman's Twitter account before it was recovered. After also hacking the entertainers Facebook account, a message was posted that said, “Way to use the same password.” After a few hours Zimmerman was able to recover the accounts. No reason was given as to why the hackers targeted Zimmerman.

Chinese Embassy In Moscow Hacked

March 31, 2014 – Members of the Russian Cyber Command hacking group are claiming to have breached the Chinese Embassy in Moscow. The hackers have leaked information from Ukrainian telecom company Intertelecom. The leaked information includes data of over 100,000 customers. The hackers say this is the first leak in a series of seven. The hackers say that they obtained the information from the Chinese Embassy in Moscow after installing a Remote Access Trojan. The fact that Intertelecom's information was stored at the Chinese Embassy is seen as proof by the hackers that the Russian and Chinese governments are working together to spy on Ukraine.

Albuquerque Police Department Website Hacked

March 31, 2014 – As we reported last week, members of the Anonymous collective published a statement threatening the City of Albuquerque and the Albuquerque Police Department after the shooting of a homeless man on March 16. Today, the Albuquerque Police Department website has been taken down by hacktivists. Authorities told The Associated Press that the source of the attack is not known. City officials had said they enhanced their website security, but the site was still taken down despite these efforts.

Smart Cars Can Be Hacked

March 31, 2014 – New research carried out on the Tesla Smart car has proven that hackers are able to remotely locate and unlock the Tesla Motors electric vehicles by cracking a six character password using traditional hacking techniques. Researchers have reported that by using a tool kit called Can Hacking Tool (CHT) hackers can breach the smart cars, giving them entire control of the car to the attacker. When the customer purchases the smart car they are required to sign up for the Tesla smart phone app which controls the vehicle. The password is vulnerable to several kinds of attacks similar to those used to gain access to a computer or on line account. Tesla spokesperson Patrick Jones declined to comment on it, though he said the research is being carefully reviewed by the car makers.

Pakistani Consulate Website Hacked In Protest

March 31, 2014 – Hasnain Haxor, a Pakistani hacker, is claiming to have hacked and defaced the official website of the Pakistani consulate in Jeddah. The hacker left the website defaced, along with messages written in Urdu and English on the home screen. The messages spoke about protesting against the ongoing corruption in Pakistan. The hacker stated, “Pakistan Haxors Crew is here to remind you of your security. Our fight is not against any individual but the system as a whole. Should you choose to ignore security, it will reincarnate as your worst nightmare! We just defaced your website to give you a chance to put your hands on it before others come and destroy it!” At this time the website has been restored and is currently operating normally.

RedHack Attacks Turkey's Telecommunications Directorate Site

March 28, 2014 – Members of the RedHack hacking group attacked Turkey's Telecommunications Directorate (TIB) website. The attack was in response to Turkey's attempt to ban YouTube and Twitter. The hackers posted a message saying, “You forgot the coordinator of everything while calculating things. The ban is meant to be banned.” YouTube was blocked after a recording of top security officials discussing possible military operations in Syria was leaked. Prime Minister Tayyip Erdogan has said the leak is just another attempt to discredit him before the upcoming elections.

Anonymous Threatens Albuquerque Police Department

March 28, 2014 – Members of the Anonymous collective have threatened to crash the Albuquerque Police Department's (APD) website in response to the shooting of a homeless man. The hacktivists posted a message saying, “Whether this man had a history of crime is irrelevant. We drastically need to address the growing police state that has occupied our country.” Albuquerque City Attorney Rob Perry stated, “We respect this group. They have an ability to get into highly, federally protected computer systems ... and we're going to do what we can to guard against the problem.”

Monster Job Website Targeted With Gameover Zeus Malware

March 28, 2014 – Cybercriminals are reportedly targeting companies that use the services of with a new variant of the Gameover malware. The Gameover malware infection is similar to the Zeus banking malware whose source codes were leaked in 2011. The malware steals log-in information and other sensitive information by injecting false web forms into legitimate websites when accessed from infected computers. In the second phase of the attack, the hacker obtains your sensitive information and uses it to conduct fake security checks. Security experts are warning that users should “be wary of any irregularities. If the account is potentially tied to a bank account and a spending budget, it's a target for banking Trojans.”

Chinese Authorities Detain People Allegedly Involved In Spam Operation

March 28, 2014 – Chinese officials have arrested 1,530 individuals involved in a mobile spamming operation. Authorities have also seized 2,600 devices used for spamming and shut down 24 websites that sell spam distribution equipment. Departments within the Chinese government have been targeting people involved in the manufacturing, selling and purchasing unlicensed telecommunications stations. One of the groups arrested are charged with sending more than 200 million spam messages.

Report: 30 Million New Malware Variants In 2013

March 27, 2014 – A new report has been released showing that 30 million new malware variants were created in 2013. Over 30% of the computers in the world were found to be infected with malware. The Android platform was the primary target for malware. There were four major categories of malware with Trojan malware accounting for 78.97% of infections. Worms (6.89%), Viruses (5.83%) and Adware/Spyware accounted for most of the remaining infections. The most infected countries were China, Turkey, Uruguay, Chile, Spain and Colombia.

New CoinKrypt Malware Targeting Mobile Phones

March 27, 2014 – Researchers have discovered several new variants of the CoinKrypt malware. CoinKrypt is designed to hijack mobile devices and turn them into digital currency mining bots. The malware is not stealing information from the infected devices, but it is using its resources and data plans to mine for digital currency. CoinKrypt is targeting Litecoin, Dogecoin and Casinocoin, it has not yet been seen targeting Bitcoin.

Over 275 DDoS Attacks Every Hour According To Report

March 27, 2014 – A recent study on distributed denial-of-service attacks is claiming that there are over 275 DDoS attacks against major corporations around the world occurring every hour. According to the study these attacks are frequently being used to hide APT attacks. DDoS amplification attacks are also rising, and continue to be a major challenge for businesses. In the month of February amplification attacks were seen to rise 371%. The study was based on analysis of attacks in Tier-1 and Tier-2 data centers operated by ISPs and major corporations throughout 2013.

South Korean Search Portal Breached

March 27, 2014 – Naver, South Korea's largest Web portal, suffered a breach which resulted in 25 million accounts being compromised. The Asian National Police Agency arrested a 31 year-old South Korean man, referred to as Seo, on charges of infiltrating and hacking the accounts. The allegations say that the man purchased the user information from another hacker several months ago. Seo is accused of using the stolen information to breach the accounts of Naver users and sending out spam messages and other “illicit emails” to the account holders. A Naver representative said, “The best preventive measure for now would be for users to change their passwords on a regular basis so that even if someone should access their accounts the impact would be minimal.”

WordPress Major Source Of Malware Distribution

March 26, 2014 – Security researchers have issued a report showing that sites running the WordPress software are a major source for malware distribution. The report points out that in many instances the fault for the security issues lies with the site administrators, who do not keep WordPress updated. Only recent versions of WordPress have auto updating features, but even this requires the web server process have access to the WordPress program files. In addition, insecure plugins lead to many blog breaches and attacks on blog visitors according to the report.

Israeli Defense Magazine Forum Hacked

March 26, 2014 – It is being reported that it is suspected that Muslim hackers have breached the Israel Defense Magazine website and customer database. The customer database is believed to have been used to launch a SMS attack on Israelis. Hundreds of Israelis, including many journalists, received texts warning that Hamas was going to conquer Israel. Other messages said they were "a warning to the Zionists, the al-Qassam rockets are waiting for you." In addition, an email that appeared to come from Israel Defense was sent to its subscribers warning that Israelis will be sent to hell if they think of reoccupying Gaza.

Ethiopian Government Accused Of Spying On Opponents

March 26, 2014 – A human rights watch group has accused the Ethiopian government of importing technology to spy on the phones and computers of its opponents. The group claims that the government is using the technology from European and Chinese firms to attempt to silence dissent. Ethiopian Information Minister Redwan Hussein said, "There is nothing new to respond to," when asked about the accusations. All phones and Internet connections in Ethiopia are provided by a state-owned company, giving the government the ability to monitor communications.

AnonGhost Planning OpIsraelBirthday

March 26, 2014 – Members of the AnonGhost hacking group have announced plans for OpIsraelBirthday. The operation will take place on April 7, 2014, the one year anniversary of the original OpIsrael. Last year's operation did not have any major impact on Israel, although the hackers say they hacked over 1 million Facebook accounts of Israelis and over 7,000 Israeli websites to date. AnonGhost is the group behind other hacking operations, such as OpPetrol and OpUSA.

Anonymous Ukraine Leaks Millions Of Credit Cards

March 25, 2014 – Members of the Anonymous Ukraine hacking collective have posted over 7 million credit card numbers on the Internet. The hackers posted a message with the data saying, “Today we publish the first part of our exposure of the international financial system Visa, MC, Discover & Amex, enslaved people around the world. More than 800 million credit cards. Over a trillion dollars.” While the hackers claim over 800 million cards, only slightly over 7 million cards have been released. Of those released, about 4,000 have full user data including social security number, credit card, card expiry, name, pins, dates of birth and zip codes. The other data appears to have valid credit card numbers, bank routing numbers and full names, but does not contain the credit card CCV or card expiry dates. The majority of the cards come from United States based banks.

Basecamp Suffers DDoS Attack

March 25, 2014 – Basecamp, the project management tool, has been hit with a distributed denial-of-service attack. The hackers claiming responsibility have contacted Basecamp and are demanding payment in exchange for stopping the attack. Representatives of the company have said they “will not succumb to blackmail.” It is believed that the hackers are the same ones that attacked last week. Basecamp issued a statement saying, “We're doing everything we can with the help of our network providers to mitigate this attack and halt the interruption of service. We're also contacting law enforcement to track down the criminals responsible.”

Microsoft Word Vulnerability Exploited In Targeted Attacks

March 25, 2014 – A remote code execution vulnerability is being actively exploited in targeted attacks against Microsoft Word 2010. The vulnerability allows remote code execution when a user opens a maliciously written RTF file using Word 2010 or when previewing or opening an RTF email message in Microsoft Outlook while using Word as the email viewer. An attacker could access the user's rights if the vulnerability is exploited successfully. Microsoft is working to fix the vulnerability, but suggests that users disable opening RTF content in Word in the meantime.

Anonymous Plans April Attacks On South Korean Government

March 25, 2014 – Members of the Anonymous collective have issued a statement warning of attacks against South Korean government websites on April 14. The hacktivists are blaming the government for wating taxpayers' money, distorting the media and suppressing its citizens. An official from the South Korean Ministry of Science, ICT and Future Planning said, “The ministry is working with the intelligence and other government to work out countermeasures as Anonymous has a track record of making actual hacking after warning.”

NSA Accused Of Stealing Huawei Source Code

March 24, 2014 – Several sources are reporting that the National Security Agency conducted an offensive cyber operation about Huawei, the Chinese networking company, in 2009. Known as Operation Shotgiant, the NSA worked with the CIA, the White House intelligence coordinator and the FBI, to find an association between Huawei and China's People's Liberation Army. According to reports, the NSA stole the source code for certain Huawei products, and learned how to exploit the products in order to conduct surveillance on foreign customers. The NSA is accused of spying on former Chinese President Hu Jintao, the Chinese trade ministry, banks, telecom firms and tracking more than 20 Chinese hacking groups, including some which were Chinese Army and Navy units.

Anonymous Takes Down Monsanto Brazil Site

March 24, 2014 – Members of the Anonymous collective conducted a distributed denial-of-service attack against the Monsanto Brazil website yesterday. As a result the website has been unavailable. Monsanto has been a frequent target for the hacktivist community. This attack was specifically protesting the use of GE Trees, which the hacktivitsts claim poisons land and displaces communities in Latin America. At the time of this writing the website is still down.

Android Flaw Leaves Billions Of Devices Open To Infection

March 24, 2014 – Security researchers have discovered new Android vulnerabilities that carry out privilege escalation attacks because of the weakness in its Package Management Service (PMS). These new vulnerabilites puts over one billion Android devices at risk to malware infection. The researchers are calling these flaws “Pileup flaws”. Six different vulnerabilities have been discovered within the Android PMS. All of the flaws have been reported to Google. At this time only one has been fixed.

Hackers Take Down Egyptian State Information Service Site

March 24, 2014 – The hacker group known as IzzahHackers are claiming to have taken down the Egyptian State Information Service website. The hackers refer to the website as the government's propaganda service. They also refer to Deputy Prime Minister of Egypt, Abdel Fattah el-Sisi, as the Egyptian Hitler. Other hackers are calling on the IzzahHackers to take down additional websites.

SEA Leaks Microsoft Invoices To FBI

March 21, 2014 – The Syrian Electronic Army (SEA) has leaked copies of invoices from Microsoft to the FBI's Digital Intercept Technology Unit (DITU). The hackers see this as evidence that Microsoft is selling user information to the government. The invoices detail the amount charged for each request for data. SEA says they accessed the invoices by compromising DITU. The invoices were from December 2012, August 2013 and November 2013. The last invoice was for $281,000.

HootSuite Hit With DDoS Attack

March 21, 2014 –The social media management tool, HootSuite was hit with a distributed denial-of-service attack. Ryan Holmes, CEO of HootSuite, sent an email to customers saying, "HootSuite services experienced downtime, which might have impacted you or your organization. . . We experienced what's known as a denial of service attack (DoS). I’m writing today to let you know that the HootSuite Engineering and Security teams are working to mitigate the DoS attack and that there are no inherent security risks to your accounts, nor has any customer data been compromised." At the time of this writing the site is back up and operating normally.

Turkish Government Blocks Twitter

March 21, 2014 –The Turkish government has blocked access to Twitter, just days prior to local elections. Turkey's Prime Minister Recept Tayyip Erdogan, had threatened to "root out" Twitter, after wiretapped recordings showing evidence of corruption among his administration had been leaked. Officially Twitter was blocked due to their failure to follow four court orders. BTK, a Turkish telecom watchgroup said that Twitter was blocked after complaints were made by citizens that Twitter was breaching privacy. BTK issued a statement saying, "Because there was no other choice, access to Twitter was blocked in line with court decisions to avoid the possible future victimization of citizens." Twitter has made no formal statement, but did post a message advising people that they could still post messages to the platform by using mobile phone text messaging. Erdogan's office issued a statement saying, "If Twitter officials insist on not implementing court orders and rules of law ... there will be no other option but to prevent access to Twitter to help satisfy our citizens' grievances." The ban quickly caused an uproar among Turkish users, and they have quickly come up with ways to bypass the block, including using the text messaging suggested by Twitter and by using VPNs. Online activists have been comparing this action by the Turkish government to those of the Iranian and North Korean governments. In addition, some of the activists are trying to organize physical protests in Turkey.

Poland's Military Strengthening Cybersecurity Through Universities

March 21, 2014 –Poland's Ministry of Defense has signed an agreement with three universities to bring in research collaborations in the areas of mathematical and information technology. The agreement will bring the National Cryptology Center, Poland's cryptography and cyberwarfare military branch, together with the University of Warsaw, the Technical University of Warsaw and the Technical University of Wroclaw with the goal of arming itself with the technical knowledge necessary for increased cyberwar capabilities. The first goal of the program is to increase Poland's cryptography capabilities. The National Cryptology Center's director, Piotr Markowski said, "The cryptographic security of information should not depend on algorithms to which a country does not have full rights. The ability to secure its information with its own algorithms shows the power of a country."

Australian Arrested In Connection With US Gaming Company Hack

March 20, 2014 – A 21-year-old man from Kingaroy, Australia has been arrested by Australia's Queensland Police Service and charged with fraud and hacking related offenses. The suspect and the company he attacked were not named, but he is suspected of hacking the systems of a US-based online gaming company. Detective Superintendent Brian Hay of the Fraud and Cyber Crime Group said, "We would like to acknowledge the assistance of the FBI and the US based gaming company for their assistance in bringing this investigation to a successful close." The man has been charged with three counts of computer hacking and misuse, and five counts of fraud, including dishonestly obtaining property from another, dishonestly applying property to own use and dishonestly cause detriment and possessing equipment for purpose of committing or facilitating the commission of an offense. He is scheduled to appear in court on April 8.

New Variant Of Zeus Malware Discovered

March 20, 2014 – Researchers have discovered a new variant of the Zeus malware. This new variant is unique in that it is not designed to steal sensitive information, rather it is designed to load clickbots. The TROJ_ZCLICK.A variant displays arbitrary websites on infected computers, once opened by the threat the sites occupy the entire screen, preventing users from opening other windows or files. New websites are opened every time the victim performs an activity like opening a window or a file. If the user doesn't take any action the malware will take control of the mouse. The malware is designed to generate income for its masters through pay-per-click activities. The only way to return to the desktop is by pressing the Windows key + D. Even when this is done, the sites will continue to run in the background.

Another Bitcoin Exchange Hacked

March 20, 2014 – It is being reported that another Bitcoin exchange, has been hacked. A representative of posted a message saying, "Yes, our wallet server got hacked and all funds were withdrawn . . . we're covering this from our own pockets." Since the exchange has gone down, the site's administrator has deleted his Twitter and Github accounts. has not issued any further statements at this time.

Cryptocurrency Mining Linux Worm Found

March 20, 2014 – A new variant of a Linux worm that infects Internet enabled devices, including security cameras, routers, set-top boxes, printers and industrial control systems running Linux, has been found by security researchers. This worm infects computers running Intel x86 architectures, but can also infect devices running MIPS, ARM and PowerPC architectures. Once the malware is installed on a device it downloads open source mining software. Through the end of last month, the worm had stolen over 42,000 Dogecoins and 282 Mincoins. Researchers believe it focuses on Dogecoins and Mincoins, instead of Bitcoins, because they can be mined from home PCs. The areas most affected by the worm are China, the United States, South Korea, Taiwan and India.

Hacked EA Games Site Hosting Apple Phishing Page

March 19, 2014 – A hacked EA Games webserver has been found to be hosting a phishing page which attempts to steal Apple IDs. Hackers broke into the EA subdomain by exploiting vulnerabilities in an outdated version of a web calendar application. The phishing page is designed to trick visitors into providing their login information for the Apple website. Investigators are still trying to determine if the hackers accessed any internal servers or other information.

Diabl0 Arrested

March 19, 2014 – The Moroccan hacker known as Diabl0 has been arrested in Thailand. Diabl0 is Farid Essebar, a 27-year old Moroccan with Russian citizenship. Essebar is being accused in Switzerland of hacking into the systems of several banks and causing damage estimated at $4 billion. Essebar has previously been accused of creating the Zotob worm, which infected computers at CNN, ABC News, NY Times, Boeing and the US Department of Homeland Security.

Botnet That Infected 25,000 UNIX Servers Found

March 19, 2014 – Researchers have discovered a malware campaign in which over 25,000 UNIX servers have been infected and abused over the past two years. The infected servers were used to send out 35 million spam emails a day. At that rate almost 500,000 computers were at risk of being infected each day. Most of the infected servers are in the United States, Germany, France and the UK. Experts say that infected devices should be wiped and the operating system and software should be reinstalled.

Three Charged In Attempt To Hack Pentagon Payroll

March 19, 2014 – Three men have been indicted for attempting to hack into the Department of Defense's payroll service and customer accounts at 14 different financial institutions. If successful, the hackers would have stolen at least $15 million. The US Attorney's office has charged two men from Kiev, Ukraine and a third from New York, with conspiracy to commit wire fraud, conspiracy to commit access device fraud and identity theft and aggravated identity theft. The New Yorker is in custody, while both Ukrainians are currently fugitives. The men face a maximum sentence of 27 years.

Vulnerability In Paypal Subsidiary Allows Internal Network Access

March 18, 2014 – Researchers have discovered a critical Server Side Request Forgery (SSRF) vulnerability in the website for Paypal subsidiary, Bill Me Later. The vulnerability was found in the subdomain. A hacker could send a request to any internal network through Bill Me Later's API and get a response. Researchers were able to query internal databases without being required to enter login credentials. Paypal has partially corrected the vulnerability by restricting the API's ability to access the internal servers. However, it can still act as a proxy to view other hosts.

Hackers Deface Multi-Hazard Early Warning System Site

March 18, 2014 – The Indonesian hacking group known as Black Angels, have breached and defaced the Regional Integrated Multi-Hazard Early Warning System for Africa and Asia (RIMES) website. The defacement message reads, "Initiating System! System loaded, Your web server needs security! Security system owned by Black Angels." RIMES is an international group that generates early warning information for its member states. At the time of this writing, the site is still displaying the defacement.

Russian Cyber Command Hackers Leak Investment Fund President Personal Info

March 18, 2014 – Members of the Russian Cyber Command (Rucyborg) hacking group have leaked personal information belonging to Alexandr Bagnuk, the President of the Russian Industrial Investment Fund, a semi-governmental investment company. The hackers are claiming to have stolen information from Bagnuk's personal computer, including information on "critical Russian business operations and shadow banking." Along with the stolen information, the hackers posted a message saying, "Today we aren’t going to say much, since we aint got nothing to say pretty much, except that Putin has lost his mind. Russian Industrial Investment Fund is one of the biggest Russian ‘non-profit’ as they declare organization but they attract investments into Russian economy."

Toyota, Chevrolet and Renault's Guatemalan Sites Defaced

March 18, 2014 – The Pakistani hacking group known as Team Cyber Criminals have breached and defaced the Guatemalan sites of Toyota, Chevrolet and Renault. The three websites seem to have been developed by the same company, leading experts to believe that the sites share a common vulnerability. The hackers left a message saying, "Hacked by Algeriano. TOYOTA & RENAULT & CHEVROLET Guatemala hacked. Cyber Criminals Was Here." There was no reason given by the hackers as to why these sites were targeted. At the time of this writing the sites have been restored and are operating normally.

Google's Public DNS Hijacked

March 17, 2014 – Yesterday, Google's public DNS service was hijacked for 22 minutes, affecting networks in Brazil and Venezuela. It appears that the traffic was redirected to BT Latin America's network. Approximately 70 million IP addresses use the DNS service, accounting for about 130 - 150 billion queries a day. At this time it is not known who was behind the attack.

SEA Attacks US CENTCOM And Syrian National Coalition Site

March 17, 2014 – The Syrian Electronic Army (SEA) is claiming that they have penetrated the systems of the US Central Command (CENTCOM). SEA has provided information that shows they have accessed some Army Knowledge Online servers. The information that they released appears to be unclassified and CENTCOM is denying that their systems have been breached. In addition, SEA has hacked and defaced the National Coalition for Syrian Revolutionary and Opposition Forces (also known as the Syrian National Coalition) website. The Syrian National Coalition is made up of opposition groups that focus on replacing Bashar al-Assad and his government.

Ukrainian Hackers Target NATO Sites

March 17, 2014 – The Ukrainian hacking group known as Cyber Berkut are claiming responsibility for the downtime of three NATO websites. The sites that suffered the distributed denial-of-service attacks are, the NATO Parliamentary Assembly and the NATO Cooperative Cyber Defense Center of Excellence. NATO representatives have confirmed that the sites were the target of a "significant DDoS attack." The representative added that no NATO data or system was affected by the attack. The hackers say they launched the attack because they don't want NATO to interfere in Ukraine.

Polish Bitcoin Exchange Hacked

March 17, 2014 – Bitcurex, Poland's largest bitcoin exchange, temporarily shut down it's site due to a hacking attack that targeted users' funds. Bitcurex posted a statement online saying that due "to an error and ongoing maintenance work (Bitcurex) has decided to temporarily shut down service." The temporary closing of the site will allow Bitcurex's IT team to "perform a necessary verification." The statement continued, "We successfully blocked a hacking attack . . . preventing mass theft of BTC funds of our users. Thanks to automatic safety procedures, hackers managed to defraud only a portion of the funds stored in operational Hot Wallet Bitcurex. The majority of funds from Hot Wallet, as well the entirety of funds from Cold Wallet and FIAT monetary funds remained intact." The total amount that was stolen has not been disclosed at this time.

UK Supermarket Giant Morrisons Suffers Financial Data Breach

March 14, 2014 – The fourth largest supermarket chain in the United Kingdom, Morrisons, reported that a list of personal information – including names, addresses and banking payroll data – has been stolen. The information on all of its employees was posted on an unnamed website and was available for hours until the company could take it down. The company is in the process of analyzing the threat, but believes it came from an internal actor rather than an outside cyber-criminal. Morrisons has promised to support all employees with financial and personal identity security, although it is still in the planning process of how to do this.

Russian Government Blocks Anti-Putin Sites, Hackers Retaliate

March 14, 2014 – The Russian government has blocked access to several website that have in the past been highly critical of President Putin and his coalition. One site included the blog of Alexei Navalny, an outspoken opponent of Putin and a vocal anti-corruption advocate. Russia claims the websites were blocked because they promote crime, releasing a statement that read “[t]hese sites contain incitement to illegal activity and participation in public events in violation of the established order.” Critics have argued they are deliberate censorship of legitimate anti-Putin sentiment. In response, several hackers have defaced or attacked government and other websites, including the Russian central bank. Others have posted public information on how to bypass the new blocks.

Google Begins To Encrypt Search Terms In Mainland China

March 14, 2014 – Google is taking steps to encrypt all searches on its search engine within China, mirroring actions it has taken in the United States and several other countries. Google retreated from much of the mainland in 2010 following revelations that its servers had been hacked by China and increased requests to censor content. The company now currently headquarters its Chinese efforts in Hong Kong and commands only 5-10% of the market share. Google has begun to offer encrypted searches around the world, with the service now automatic in the United States, and believes it will allow Chinese users to search any topic, regardless of Chinese spying or filtering. The majority of Google users in China are believed to be tech-savy, however, and are largely believed to know how to bypass Chinese censorship anyway. China has not commented on Google's initiative.

Target Was Alerted To, But Ignored, Warnings Of Massive Data Theft

March 14, 2014 – New reports show that Target, who suffered a data breach of over 40 million customers' cards during the peak of the holiday shopping season, was receiving alerts about active malware in its system and of suspicious activity but ignored them. The prolonged breach now seems to have occurred, in part, because of security operational failure. Target, which reportedly moved to a new security system just 6 months prior, ignored many of the alerts because of a combination of mistrusting the new software and believing the alerts to be false-alarms. As well, outsourced system monitors in Bangalore failed to connect with Target's security team in the United States, slowing down the company's response to the threat.

EC-Council Reports Hackers Gained Access To Member E-mails

March 13, 2014 – EC-Council, a US-based ethical-hacker certification organization, reports that hackers gained access to its e-mail system, hosted by a third-party. The breach, although only compromising 2% of user e-mails, would have exposed any private conversation using the address for a short amount of time. EC-Council is still investigating the attack, though it claims it has identified the vulnerability and addressed it. No credit-card or financial information has been made vulnerable.

Agent.btz Believed To Be Possible Ancestor Of Recently Discovered Espionage Campaigns

March 13, 2014 – Several recently discovered cyber-espionage campaigns that targeted government computers and defense networks may have a common origin in Agent.btz, a malware program discovered in 2008 that forced the US Department of Defense to ban USB drives. Both the Red October Campaign, first reported in 2013, and the 'Snake' campaign discovered this month, share coding similarities with the Agent.btz program. All three campaigns, including the also-recently discovered Uroburos malware component to the Snake campaign, seemed to specifically target government, defense and diplomatic institutions. In addition, all three programs seem to have been written by Russian speaking programmers and the malware within the Snake campaign shares extensively similar logging and other similarities with Agent.btz. While researchers are not ready to confirm that all three attacks have been orchestrated by the same group, some believe it is likely that Agent.btz at least inspired the other campaigns; especially after much of the code of Agent.btz was released to the public, providing at least a partial blueprint for future attacks.

North Dakota University System Has 290,000 Personal-Information Records Stolen

March 13, 2014 – The North Dakota University System discovered that its servers had been breached sometime in October and that over 290,000 files containing identification information – including social security numbers – of students, applicants and employees were stolen. The university is unsure if the hackers took advantage of the information, as it appears the primary purpose of the attack was to leverage the system's processing power to attack other sites. It is possible they did not know the files were even present, according to a statement from the school, but it is still offering free identity protection services for a year.

Nigerian Electronic Army Defaces Popular Reddit Pages

March 13, 2014 – A group going by the name 'Nigerian Electronic Army', claimed responsibility for a series of defacements on popular Reddit pages on gaming, technology and general interests. Reddit reported that each attack was carried out by successfully logging into various Moderator accounts with just one password try, suggesting there is an accurate password list somewhere on the Internet. Reddit is uncertain how the list was gathered but urged all moderators to create stronger, unique passwords for their accounts. The Nigerian Electronic Army is attempting to sell the information to carry out similar attacks for one bitcoin on its created-Monday Twitter page.

NSA Nominee Talks Cyberwar Units

March 12, 2014 – President Obama's nominee to head the National Security Agency, Vice Admiral Michael Rogers, told the Senate Armed Services Committee that cyberwar combat units would help counter the perception that the United States is "an easier mark" for cyberattacks because it did not "have the will to respond." The plan is for all major combat commands in the US military to have dedicated forces to conduct cyberattacks. The Senate committee still must approve Rogers appointment as the head of the NSA and the US Cyber Command. Rogers testified that the United States has seen evidence of cyberattacks on the new government in Ukraine, but would not say if he believed the Russian government was behind the attacks. Rogers said, "Clearly, cyber will be an element of almost any crisis we're going to see in the future." He also said that the Defense Department systems were vulnerable to major attacks, and would be until a new architecture was implemented. Rogers committed to making the NSA's activities more transparent and he would "assure a sense of accountability" for their activities.

Harvard Law National Security Journal Site Breached

March 12, 2014 – The Harvard Law School National Security Journal website has been breached. The hackers injected links to various rogue pharmacies into the website. This allows the hackers to optimize the rogue sites by creating backlinks to them, a common mal-intended SEO tactic. The hidden links have been inserted into almost every sentence of the site's source code. Further research shows that these same links have been injected into at least 300 other websites. There has been no comment made by the Harvard Law National Security Journal at this time.

Data Leaked From Russian IT Security Firm

March 12, 2014 – Members of the hacking group known as Russian Cyber Command have leaked data they claim was accessed by compromising SearchInform. SearchInform is a Russian IT security company that offers solutions for employee monitoring and data protection. The hackers say they gained access to SearchInform's systems and used that access to compromise their support system, allowing them to access the servers of the company's customers. The hackers claim that SearchInform is a "top Russian spy company." "Tonight we deliver a devastating blow into Putin regime by annihilating his TOP IT market leader – the FSB company that is in control of main Russian infrastructure companies," a representative of the hacking group said. The data leaked contained over 3,000 files that included emails, databases, source code, software and various types of documents. The hackers said their next target is Veles Capital, which is the main investor in Russian Crimea.

Adviser To Turkish Prime Minister Has Twitter Account Hacked

March 12, 2014 – The official Twitter account of Mustafa Varank, a top adviser to Turkish Prime Minister Recep Tayyp Erdogan, has been hacked by a Turkish hacking group. The hackers posted messages from the account about supporting the protests in memory of Berkin Elvan. Elvan is a teenager that died as a result of a head injury caused by being hit with a teargas canister during the Gezi protests in Istanbul. The account was recovered after a few hours, and Varank posted a message saying, "After voyeurism, montage and blackmail, they have also started to steal accounts. I think I have succeeded to get my account back. I apologize to my followers."

Ongoing Investigation Reveals 200 Million Consumer Records Stolen In Experian Compromise

March 11, 2014 – The latest findings from a year-long investigation into Hieu Minh Ngo, a 24 year old Vietnamese national, reveals that up to 200 million Americans may have had personal information – including social security numbers – stolen from the databases of Experian, one of the big three national credit reporting agencies. Posing as a private investigator in Singapore, Ngo payed a license fee to access the online database ,U.S. Info Search. U.S. Info Search has an agreement with Experian-owned Court Ventures, an aggregator of public records data, which ultimately gave him access to countless records of American citizens. The stolen information includes addresses, contact information and social security numbers. Ngo is accused of selling batches of data – and taking requests for specific searches – on identity theft websites. Though Ngo had access to the 200 million records, investigators believe he may have only sold records of up to 30 million citizens, but it will be some time before the final number is known.

Hacker 'Ethical Spectrum' Goes On Celebrity Website Defacement Spree

March 11, 2014 – The hacker Ethical Spectrum, who made headlines in February for breaching the system of Finnish game developer Supercell, has defaced the websites of American celebrities Miley Cyrus, Selena Gomez, Taylor Swift, Britney Spears, Nicki Minaj and Chelsea Handler. The hacker originally launched an attack around March 8th replacing the websites with a popular dancing Internet meme and the message “Hacked. For more security [e-mail address]”. The hacker has defaced the websites again and posted the e-mail address of Greg Patterson, the COO of ground(ctrl), a web development firm specializing in celebrity clients. In previous cases the hacker has reached out to companies and offered to secure their systems, hacking the systems only after the offer is ignored.

Data Breach Of Archdiocese Of Seattle Exposes SSN Of 90,000 Employees And Volunteers

March 11, 2014 – The Archdiocese of Seattle has alerted 90,000 employees and volunteers that personal information – including names, addresses and social security numbers - have been stolen by unknown cybercriminals. The organization, which keeps the information on file for running background checks, has hired a forensic security company to investigate and has alerted the FBI. The first known case of fraud occurred last week and the list of victims has continued to grow. The information, thus far, has been used to file fake tax returns with the IRS.

Over 160,000 WordPress Accounts Used In DDoS Attack Of WordPress Account

March 11, 2014 – A new security investigation has revealed that a vulnerability in all WordPress accounts, accessed through the enabled-by-default XML-RPC setting, has been abused to carry out a DDoS attack against another popular WordPress site. The site, which has not been named publicly, was brought down by the attack that turned thousands of accounts into botnets without actually gaining login information or otherwise compromising the accounts. A subsequent examination by the site's new security firm immediately identified that a majority of the page-requests used in the attack were coming from legitimate WordPress websites. An investigation revealed the XML-RPC abuse and the site has since been restored.

Mt.Gox Bitcoin Exchange Hacked Again, Attackers Claim CEO Lied To Customers

March 10, 2014 – On Sunday, the official blog of Mark Karpeles, CEO of the now defunct, Tokyo based Bitcoin exchange Mt.Gox, was hacked. A post was made by the attackers claiming that Karpeles lied about the number of BitCoins stolen in the breach that resulted in the exchange's closure. The post contains balance information and various company files that seem to suggest the bank still contains the estimated 850,000 Bitcoins reportedly stolen and argues the organization is lying to its customers in an attempt to pocket the currency. The hackers posted proof of their access to servers and large amounts of information, but refused to release customer data as they claim they want revenge against Mt.Gox and not to make the customers suffer further. Some researchers have suggested the hackers are showing outdated financial information, while others have argued that the reportedly stolen Bitcoins have not yet been used or moved – suggesting they really are still at Mt.Gox. The attackers have promised more information is still to come.

New Findings Link Various Sophisticated Malware Programs To Russian Campaign

March 10, 2014 – A new report links various ongoing malware campaigns that infect classified databases primarily in Eastern Europe, but also in Western Europe and the United States. The Uroburos malware, reported on last week, has been linked to a Russian cyber-espionage campaign entitled 'SNAKE', that has gone undetected for at least eight years. Also within this campaign is the Turla malware program discovered by Western intelligence organizations that has specifically targeted European and US government computers. The various programs within 'SNAKE' share similar sophisticated coding and attack patterns that target vulnerabilities in Windows operation system security.

Indian Defense Ministry Hacked, Classified Military Files Vulnerable

March 10, 2014 – It is being reported in India that over fifty computers belonging to the Defense Ministry and the Defense Research and Development Organization had been infected with malicious software. Indian intelligence agencies became alerted of the spyware in December and reported that the malware was capable of infecting devices not connected to the Internet. It has been suggested that up to thirty classified military-related files may have been breached by hackers, though the Indian Army has downplayed the severity of the attack. The majority of cyber-espionage attempts against India are carried out by China or Pakistan, though it is still unclear who is responsible for this latest breach.

Latest Hack of Justin Bieber's Twitter Exposes Danger of Celebrity Accounts

March 10, 2014 – The official Twitter account of Justin Bieber, with over fifty million followers, was hacked again over the weekend. Tweets were posted in Indonesian that directed followers to a phishing site that promised more social media attention if users entered their information. The account was eventually recovered, but with so many followers it is unknown how many users fell victim to the scam. Celebrity accounts have increasingly come under attack as their viewership, likes or followers have increased, exposing millions of people to spam or intrusions even if the celebrity account is only briefly hijacked.

Over 2 Million Facebook Profiles Infected By Latest Scheme

March 7, 2014 – The latest scheme by hackers hoping to gain access to profiles on the popular global social network service has infected over 2 million accounts and is believed to be spreading rapidly. The attack involves infected profiles posting what appears to be private, adult or pornographic content on friends profiles. Once the user brings up the video – which is set up to appear as a YouTube page – they download an infected flash plug-in and their profile data and passwords are stolen.

Dendroid Toolkit For Sale Makes Infecting Android Easier

March 7, 2014 – A new Android development toolkit - called Dendroid – is on the market for $300. Dendroid allows criminals to infect legitimate Android applications with malicious software, which can then take control of various device functions including web access, recording video, audio, calls and texts and file deletion. The toolkit is not the first commercialized malware program for Android but researchers believe it is the most sophisticated currently available. The control panel for the program is delivered as a service, with the function hosted on offshore virtual private servers.

Prime Minister Of Turkey Threatens To Shut Down Social Media

March 7, 2014 – Following increased scrutiny over an ongoing corruption scandal, Prime Minister Tayyip Erdogan of Turkey has threatened to ban popular social media sites Facebook and YouTube in the near future. Many of the allegations against his government have originated on the Internet and Mr. Erdogan has expressed interest in blocking various social media sites to to stop “all kinds of immorality, all kinds of espionage.” Turkey's president, Abdullah Gul, has ruled out such actions except to protect privacy. Anonymous Turkey, through its #OpTurkey campaign, is believed to have condemned the threat through a picture posted on its Twitter promoting free speech.

ComiXology Website Breached, Accounts Compromised

March 7, 2014 – The digital comic delivery platform ComiXology announced its website has been hacked, with a database containing customer and merchant profiles and passwords compromised. The breach was discovered when several e-mails to users and merchants not authorized by the website were sent out. ComiXology claims no payment information was stolen and that it has fixed the vulnerability in its security system. All users must reset their passwords before being able to log back on.

Update: Newsweek Exposes BitCoin Creator, Supporters React With Anger

March 6, 2014 – The creator and original coder of the BitCoin digital currency, Satoshi Nakamoto, has been exposed in an article by Newsweek magazine. The Japanese-American retreated from public life in 2011 and had not been heard from since. Having tracked him and members of his family down, Newsweek revealed details about his personal life and political leanings. They also published a photograph of Nakamoto and his house; an act viewed as a breach of privacy by many BitCoin champions and fans, that has resulted in the exposure of Nakamoto's home address. Forums dedicated to BitCoin traders and fans have erupted in debate over the article with some calling for action against Newsweek for exposing and endangering the creator of BitCoin.

Anti-Putin Hacker Group Leaks Classified Military Files; Claims More To Come

March 6, 2014 – Announcing a successful hack of Rosoboronexport, the dominant defense exporter for Russia, a group of Anti-Putin hackers leaked thousands of documents pertaining to Russia's military trade with India and other related files. Claiming they breached the security of the Embassy of India in Moscow, the Hackers said they gained access to Rosoboronexport and other businesses by sending infected e-mails from Embassy accounts. The hackers have threatened to release more leaked documents in the future. The company has not yet responded to the leaks.

Manufacturers Releasing Android Phones With Pre-Installed Malicious Apps

March 6, 2014 – Security researchers have discovered that major manufacturers like Samsung, LG and Motorola are producing several versions of Android phones pre-installed with malicious apps. Examples include fake Netflix applications that are designed to steal log in and credit card information. Current investigations of the stolen information reveals that it is sent to Russian networks.

BitStamp, World's Largest Bitcoin Exchange, Has Mailing List Hacked

March 6, 2014 – In another string of bad news for the Bitcoin currency, BitStamp, the world's largest Bitcoin Exchange, admitted that its mailing list has been breached and used to send out malicious e-mails to users. Admitting to the hack only after users reported the messages, BitStamp said they became aware of the breach two weeks earlier. It is unclear what other information – if any – has been compromised. The phishing e-mails are similar to the recent incident with MtGox, the Tokyo-based BitCoin exchanged that was forced to close after a major attack that stole thousands in Bitcoins.

Over 280,000 Stolen Credit Cards For Sally Beauty Discovered For Sale

March 6, 2014 – Sally Beauty, a nationwide beauty product company is the latest victim of credit card data theft after information from 282,000 stolen credit and debit cards was found for sale on a popular Internet crime store. Sally Beauty found evidence of an intrusion into its network recently but investigations suggested that no data had been stolen. Analysis of the stolen credit card information, however, revealed that all cards were used to purchase from the company during the same period of time. Security investigators said there are several similarities between this attack and the massive breach of Target customer data in December.

Smucker's Forced To Shut Down Online Store After Hack

March 5, 2014 – Smucker's has been forced to temporarily close its online store following an attack that may have exposed customer information – including names, addresses, and credit card data. The information was stolen while it was entered by the customer during the check-out process via a sophisticated piece of malware. Security researchers believe the hackers are the same one's who recently targeted Adobe, the National White Collar Crime Center and SecurePay. It is believed all were running an outdated version of ColdFusion software.

NSA Chief Reports Anti-Leaks Legislation Coming Soon

March 5, 2014 – National Security Agency head General Keith Alexander suggested legislation designed to stop or punish media leaks would be forthcoming. Hinting the new laws could begin within weeks at a cyber-security talk on Tuesday, Alexander said “We've got to handle media leaks first. I think we are going to make headway over the next few weeks”. General Alexander is an outspoken critic of media leaks, especially since Edward Snowden's communications on NSA activity.

Russian 'Uroburos' Cyber-Espionage Program Targets Government Institutions

March 5, 2014 – Security researchers have discovered a Russian malware program that has possibly been active for three-years. The malware uses a sophisticated rootkit to steal data and monitor traffic specifically within highly secure systems. Code similarities with previous malware is believed to link the software to the Russian intelligence service. The program infected various European and American government, corporate and research institutions operating Windows before being discovered.

Security Audit Reveals Surprise Vulnerability In Linux

March 5, 2014 – Hundreds of open source applications and services, including Ubuntu, Red Hat and Debian versions of the Linux operating system, have been discovered to possess a security bug in their GnuTLS libraries that allows attackers to bypass SSL and TLS security protections. It is believed the coding error that enables the bug has been present since 2005. The library developer has urged an update to fix the recently discovered problem.

Russia Today's Video News Service, Ruptly, Hit With DDoS Attack

March 4, 2014 – Following yesterday's defacement of the Russia Today (RT) website, the Ruptly international video news agency website has been hit with a distributed denial-of-service attack. Ruptly announced the attack while it was happening this morning. Within an hour service had been restored to the website. Though no one has yet to claim responsibility for this attack, there are on-going DDoS efforts against Russian and Ukrainian sites in regards to recent events.

Meetup Website Faces Several Day Long DDoS Attacks, Temporarily Goes Down

March 4, 2014 – The popular social networking and group meet up website, reports it has been the victim of a massive distributed denial-of-service attack since February 27th, that has periodically taken down its website and mobile apps. In a statement made by CEO Scott Heiferman, the company claims a hacker allegedly hired by a competitor threatened to begin the DDoS attack unless paid $300. Meetup ultimately decided not to pay and, as of today, the website has been restored.

300,000 Hacked Routers Redirect Traffic To Hacker Sites

March 4, 2014 – Security researchers have discovered a scheme where DNS settings were rewritten on 300,000 routers largely in Asia and Europe to redirect users to hacker-controlled sites. The attack has been linked to 3NT Solutions, a United Kingdom based company that has been offline for some time and has not responded to comment since the allegations have been made. While this type of attack is not necessarily uncommon, this case is reportedly the largest in recent memory.

$600,000 Worth Of BitCoins Stolen From Flexcoin Bank After Website Hack

March 4, 2014 – Bitcoin bank FlexCoin has reportedly been hacked, with 896 bitcoins worth over $600,320 stolen from the organization. The website has currently been closed. FlexCoin says the attack occurred on March 2nd and, citing a lack of resources and assets to recover, has shut down immediately. Users who deposited their bitcoins in 'cold-storage' offline servers will be contacted and refunded their currency; meanwhile, users who were not protected in this manner have been directed to FlexCoin's terms of service which state it is not responsible for insuring lost bitcoins.

Syrian Electronic Army Issues Threat To US Government

March 3, 2014 – Members of the Syrian Electronic Army (SEA) have issued a statement saying, "SEA advises the terrorist Obama to think very hard before attempting 'cyberattacks' on Syria. We know what Obama is planning and we will soon make him understand that we can respond." SEA is known for hacking social media accounts and defacing some websites, but they say the attacks against the US government will not be "of the same kind." The first government target appears to be the US Central Command. SEA issued an additional statement saying, "The next attack will prove that the entire US command structure was a house of cards from the start."

Russia Today Website Hacked And Defaced

March 3, 2014 – Russia's largest news channel website, Russia Today, was hacked and defaced over the weekend. A group of unknown hackers breached the website and replaced 'Russia' and 'Russians' with 'Nazi' and 'Nazis'. Russia Today issued a statement saying, "RT website has been hacked, we are working to resolve the problem." After 30 minutes the site was restored to normal.

Hackers Leak Info From Mt. Gox

March 3, 2014 – The hacker known as nanashi is claiming to be a part of a group of hackers that have breached the systems of Mt. Gox. According to the hacker, the breach is an attempt to find out what really happened to the now closed Bitcoin exchange. nanashi says the hackers have access to Mt. Gox source code, a conversation in Japanese between a banker and Mt. Gox's CEO Mark Karpeles, passport scans and personal information belonging to the company's employees. Information that has been leaked so far includes employee email addresses, phone numbers and the Mt. Gox source code.

AnonUkraine Hacks Polish Sites

March 3, 2014 – Members of the Anonymous Ukraine hacking collective have breached and defaced several Polish websites. The hackers say they have targeted the Polish sites as a warning that they may face the same fate as Ukraine. A member of Anonymous said, "Ukraine has suffered a coup and Nazis came to power. Yes, Nazis came to power in a European country in the 21 century! Europe has suffered Nazi terror in the past. Now it may happen again. We want to warn people of Poland that their country is in great danger." The defaced pages included a message that read, "Nazi alert!", and had a picture of a swastika and a link to a video called "Europe. Nazi alert."

UK Intelligence Agency Hacked Webcams Of Millions

February 28, 2014 – It has been revealed that the UK's Government Communications Headquarters (GCHQ) worked with the NSA on an operation called Optic Nerve. The operation was a bulk surveillance program in which they stole webcam images every five minutes from Yahoo users' video chats. The operation targeted Yahoo webcam chats between 2008 and 2010. Within a six month period images of almost 1.8 million users were captured and stored on the agencies' servers. According to leaked information from GCHQ, Optic Nerve was still active in 2012. The purpose of capturing these images was so that they could experiment with facial recognition. Yahoo has denied any knowledge of the operation, and said this activity is "a whole new level of violation of our users' privacy." A GCHQ spokesperson said, "It is a longstanding policy that we do not comment on intelligence matters."

Anonymous Declares Cyberwar On Countries Interfering In Ukraine

February 28, 2014 – Members of the Anonymous collective have released a video declaring cyberwar on countries and organizations that pose a threat to the freedom and independence of Ukraine. In the video Anonymous says, "Members of Anonymous Ukraine are aware of the internal meddling by the United States, NATO and the European Union into the internal sovereign affairs of Ukraine. The people of Ukraine do not want European Union integration. The people of Ukraine do not want NATO on their territory. The Bandera Nazis and fascist thugs that are beating and killing police and members of the security services of Ukraine do not represent the will or the wishes of the people of Ukraine." The hackers want the Ukrainian President Yanukovich to restore order and stability in the country. The video ends with the hackers saying, "We will strike at the web resources of countries and organizations that pose a threat to freedom and independence of Ukraine!"

New Charges Against Hacker Lauri Love

February 28, 2014 – New charges have been brought against British hacker Lauri Love, accusing him of hacking the US Federal Reserve's servers. According to the charges, Love worked with other hackers from October 2012 to February 2013 to gain access to the servers of the Federal Reserve. They used an SQL injection vulnerability to access names, email addresses and phone numbers of Federal Reserve users. He has been formally charged with one count of computer hacking and one count of aggravated identity theft. He faces up to 12 years in prison for these charges. Previously, after being arrested by the UK's National Crime Agency's Cyber Crime Unit, Love had been charged with hacking into the systems of the US Army, the Missile Defense Agency, NASA, the military's Plans and Analysis Integration Office and the Environmental Protection Agency. A representative from the FBI said, "Cyber crime knows no boundaries and justice will not stop at international borders. The FBI is committed to working with private and public entities to stop computer intrusions and prevent hackers from harming victim companies and individuals. We thank the Federal Reserve Bank of New York for its assistance in this investigation."

Ukrainian Government Sites Targeted By Hackers

February 28, 2014 – The websites of the Ukranian Parliament and the Right Sector Nationalist Movement have been attacked by hackers. Distributed denial-of-service attacks have been launched against six government run sites in the latest online attacks. At the time of this writing the parliament website has been restored, but the other sites are still offline. Hackers have been attacking Ukranian government sites since November.

World Cup Cyber Attacks Threatened

February 27, 2014 – Brazilian hackers have issued a statement threatening to launch attacks to disrupt the World Cup in June. The hackers say the attacks will include distributed denial-of-service attacks against websites and data theft. The hacker known as Che Commodore said, "The attacks will be directed against official websites and those of companies sponsoring the Cup." General Jose Carlos dos Santos, the head of the cybercommand for Brazil's Army said, "It would be reckless for any nation to say it's 100 percent prepared for a threat. But Brazil is prepared to respond to the most likely cyber threats."

Bitcoin Exchange Hacked, $30,000 Stolen

February 27, 2014 – Crypto-Trade, a Hong Kong based Bitcoin exchange, has announced that it suffered a hack in which $30,000 was stolen. This comes only days after MtGox announced it was closing due to a hack that stole over $300 million. Crypto-Trade posted a statement on their site saying, "We discovered a bug in our system which allowed someone to hack around $30,000. All coins are safe and we will pay (for the loss) . . will open back in 24 - 48 hours with trading halted. You will be able to withdraw your coins. When all users (are) refunded, we will close the website for an undetermined period (2 - 3 weeks estimated) in order to fix our software and make a security audit to reopen later in best conditions."

Indiana University Suffers Data Breach

February 27, 2014 – Indiana University has notified 146,000 students and recent graduates that their names, addresses and social security numbers may have been compromised during a data security breach. The administration says the breach was not a targeted attack, rather the information was accidentally stored in an insecure location and was downloaded by three automated webcrawling programs. James Kennedy, a University Associate Vice President said since this was not a targeted attack, "the chance of sensitive data falling into the wrong hands . . . is remote."

Korean Hackers Arrested For Stealing Data

February 27, 2014 – Three hackers have been arrested by South Korea's Incheon Metropolitan Police Agency for allegedly hacking 225 websites and stealing personal information of 17 million people. Some of the sites they are accused of hacking include real estate and trading services, the Korean Dental Association, the Association of Korean Medicine and the Korean Medical Association. The charges say that they sold the stolen data to loan companies and chauffeur services for about $93,000. Six other individuals are also being investigated as part of this criminal operation.

360 Million Records Stolen From FTP Servers

February 26, 2014 – Security researchers have found 360 million stolen credentials and 1.25 billion records containing only email addresses available for purchase online. It appears that the records were stolen in different attacks, with the most significant hack resulting in 105 million credentials. The researchers believe that these records were stolen in hacks that have not yet been revealed, meaning that some organizations may not be aware they've been breached. A this time the researchers are attempting to identify and notify the victims.

EC-Council Denies Being Hacked

February 26, 2014 – Earlier this week it was reported that a hacker claimed to have breached the website of the EC-Council, an organization that provides Ethical Hacker certifications. The EC-Council is now denying these reports saying that the hacker used a DNS hijack to redirected visitors to a defacement page hosted in Finland. The council posted a statement saying, "EC-Council's Security Team has confirmed no access to any EC-Council Servers was obtained, the domain redirection was done at the DNS Registrar and traffic was re-routed from Authentic EC-Council Servers to a Host in Finland known for hosting other illegal websites." The council is working with the FBI and international law enforcement to identify the hacker.

Z Hacking Crew Takes Down English Defence League Site

February 26, 2014 – Members of the Z Hacking Crew are claiming to have taken down the website of the English Defence League. The hackers posted a statement early this morning saying, " tango down again lol." No reason was given for the attack. At the time of this writing the site is offline.

Philippines Government Sites Targeted By Anonymous

February 26, 2014 – Members of the Anonymous collective have hacked several Philippines' government websites in a protest against a provision of the Cybercrime Prevention Act. The targeted sites include the Office of the Vice President, the PNP Command Center, the National Telecommunications Commission, the Pilipinas Anti Piracy Team, the DOST Information Network, the Technical Education and Skills Development Authority, the Philippine Embassy in Italy and several city and municipalities. The hacktivists posted a message saying, "In the year 2012 politicians and lawmakers came up of the bill that kills the right of the people to freely express their opinion and freedom of speech through the Internet . . . This is our way to express and oppose the bill that may destroy the future of the Internet in the Philippines." Some of the affected sites have been restored, but many remain offline.

Anonymous Targeting 'Facebook Pedophiles'

February 25, 2014 – Members of the Anonymous collective are starting a new campaign targeting Facebook pages which share images of underage children in underwear or swimsuits. The hacktivists believe that the pictures are usually stolen from parents' pages and then distributed through websites, groups and pages on Facebook. The first target of the campaign is a Facebook page called "S*** Little Girls. An Anonymous member posted a message saying, "Facebook will not take this page down so we are Anonymous and we will take matters into our own hands."

Google Paraguay Hijacked

February 25, 2014 – The Iranian hacker known as Mormoroth hacked the Network Information Center of Paraguay (NIC), and used the access to alter the DNS records for Google Paraguay to redirect visitors to a defacement page. The hacker exploited a remote code execution vulnerability to hack NIC, and has leaked user credentials and other information from their database. He only leaked the information because Paraguayan authorities said there wasn't any hack, so he felt the need to prove them wrong. Google's systems were never breached by the hacker.

World Wildlife Fund Site Hacked

February 25, 2014 – The Indonesian hacking group known as Gantengers Crew have breached and defaced the website of the World Wildlife Fund. The group also hacked the website of Earth Hour Philippines. Both websites were defaced with the same message reading, "Gantengers Crew Hacked you! :) Hacked WWF-Philippines, Indonesian h4x0r back! Greets / sh00ts To All Muslim hackers!" No reason for the attacks were given. At the time of this writing both websites have been taken offline.

Venezuela Internet Shut Down

February 25, 2014 – The Electronic Frontier Foundation reported that Venezuelan Internet has lost connectivity. It is believed that this a government response to the protests against President Nicolas Maduro and his administration. Venezuela's media regulation network CONATEL is saying that the outage is not due to the protests, and blame hackers working for the opposition. Maduro has admitted that he ordered the shut down of news network NTN24 because it was attempting to "torment anxiety about a coup d'etat."

Ethical Hacker Website Hacked

February 24, 2014 – The website for EC-Council, an organization that provides Ethical Hacker certifications, has been breached by the hacker known as Eugene Belford. Belford posted a defacement message that reads, "Owned by certified unethical software security professional." It appears that the hacker used a DNS hijacking attack to deface the site and possibly gain access to their email. Belford later updated the message saying, "It seems like lots of you are missing the point here, I'm sitting on thousands of passports belonging to (Law Enforcement and Military) officials." If the hacker gained access to the EC-Council email, he may have access to email correspondence with law enforcement and military personnel.

South Korea To Develop Stuxnet-Like Cyberweapons

February 24, 2014 – South Korea's defense ministry has proposed building Stuxnet-like cyberweapons to destroy North Korean nuclear facilities. The first part of South Korea's plan is to conduct online propaganda operations through the use of North Korean social networking and social media services. A senior military official said, "Once the second phase of the plan is established, the cybercommand will carry out comprehensive cyberwarfare missions." Security experts are warning that using cyberweapons to physically damage critical infrastructure can backfire. As an example, Stuxnet's spread was impossible to predict or control. Experts worry that the South Korean code could rebound and end up damaging South Korean infrastructure that uses the same technologies as the North Korean nuclear facilities.

Philippines' Government Site Breached By Portuguese Hacker

February 24, 2014 – The Portuguese hacker known as Touch is claiming to have breached and defaced the website of the City of Cebu, the second largest city in the Phillipines. The defacement page reads, "Owned By Touch. Security Touched By Portuguese Hacker." City of Cebu representatives said that they are not sure why anyone would target their website since it doesn't store any classified information. At the time of this writing the website is still offline.

YouTube Ads Distributing Banking Malware

February 24, 2014 – Security researchers have discovered a YouTube link that leads users to an exploit kit website. The cybercriminals have built an ad network that's used to serve advertisements on YouTube, which leads users to a site hosting the Styx exploit kit. The kit leverages Java vulnerabilities in order to push malware that steals banking information to the victims' devices. The command and controls servers have been traced to Europe. Google has been notified of the attack, but there has been no comment at this time.

Namecheap's DNS Platform Hit With DDoS Attack

February 21, 2014 – The DNS platform of Namecheap, a domain registrar and web hosting company, was hit with a large scale distributed denial-of-service attack. The attack lasted for about 3 hours, however services were not fully restored for almost 11 hours. According to a statement posted by Namecheap, the attack targeted around 300 domains on the DNS platform. The statement said, "Our DNS platform is a redundant, global platform spread across 3 continents and 5 countries that handles the DNS for many of our customers. This is a platform meticulously maintained and ran, and a platform that successfully fends off other DDoS attacks on an almost-daily basis. Today, however, I am compelled to announce that we struggled. The sheer size of the attack overwhelmed many of our DNS servers resulting in inaccessibility and sluggish performance. Our initial estimates show the attack size to be over 100Gbps, making this one of the largest attacks anyone has seen or dealt with.”

United Nations Internet Governance Forum Breached

February 21, 2014 – The hacking group DeleteSec are claiming to have breached and leaked data from a United Nations based website. The leaked data includes 3,215 user names, email addresses and encrypted passwords. The Internet Governance Forum's purpose is to support the United Nations Secretary-General in carrying out the mandate from the World Summit to "provide an interactive, collaborative space where all stakeholders can air their views and exchange ideas." The hackers did not give a reason for the attack. At the time of this writing the website is operating normally.

Hackers Target Churches Of Scotland And Cyprus

February 21, 2014 – The Saudi Arabian hacker known as SeCuRiTy_511 is claiming to have breached the websites of the Church of Scotland and the Church of Cyprus. Almost 3,000 user details have been leaked from the sites. The leaked information includes names, email addresses, password hashes and administrator credentials. These attacks are a part of a larger campaign of Muslim hackers targeting Christian sites.

Israel Electric Opens Cyber War Room

February 21, 2014 – Israel Electric, Israel's main power company has announced that they have opened a cyber war room, which will focus on stopping attacks from hackers. The company will staff the room 24 hours a day in an attempt to monitor and block as many as 400 million cyber attacks a day. The state-owned Israel Electric generates, transmits and distributes nearly all of the electricity used in the country. Chairman Yiftach Ron-Tal issued a statement saying, "There are hundreds of thousands of attempts to infiltrate Israel Electric's networks every day. We are talking here about a threat on a national level. There is no doubt that cyber is and will be the most significant battlefield of the present and the future." Targeted By New ZeuS Variant

February 20, 2014 – Security researchers have discovered a new variant of the banking trojan known as ZeuS. This variant does not target banking credentials, instead it uses web-crawling to target Software-as-a-service (SaaS) applications and steal proprietary data or code. The researchers found a targeted attack against users, which began spreading through a Salesforce employee's home computer. The malware created a real time copy of the user's instance which contained all the information from the company account. It is still not known who is behind these attacks, but researchers warn it could be used against any SaaS application to steal business data and customer information.

University Of Maryland Hacked, Info Of 300,000 Staff And Students Compromised

February 20, 2014 – The University of Maryland has confirmed that over 300,000 records of staff, students and affiliates have been stolen during a recent breach of their systems. According to the school no financial records, academic, health or contact information was stolen. President of the University, Wallace D. Loh sent a letter to those affected saying that names, social security numbers, dates of birth and University ID numbers were compromised. In the letter he wrote, "The University was the victim of a sophisticated computer security attack that exposed records containing personal information. I am truly sorry. Computer and data security are a very high priority of our University."

Turkish Ajan Hacks Nepali ISP

February 20, 2014 – Members of the Turkish Ajan hacking group are claiming to have hacked Mercantile Communications Pvt. Ltd., a major Nepali Internet service provider. The hackers say that there is no particular reason they targeted Mercantile, they just wanted to announce their return. They have leaked database structure information and over 100 files containing the names and email addresses of employees. The hackers say they also have phone numbers and physical addresses, but haven't released the information to protect the individuals. According to the representative of the group, Turkish Ajan will now be targeting government organizations, mainly in the United States, Israel and China.

Austrian Energy Provider Hacked

February 20, 2014 – Austria's Energie Steiermark has issued a statement saying that their systems have been breached. The attack only breached a web server that hosts information on gas customers, no financial information is stored on this server. The company is still trying to determine if any information has actually been stolen. The attack was discovered when an internal warning system was triggered. It is unclear who is behind the attack, or what their motive is. State police and CERT Austria are working with Energie Steiermark to investigate the incident.

Syrian Electronic Army Hijacks FC Barcelona Twitter Accounts

February 19, 2014 – The Syrian Electronic Army (SEA) has hacked three official twitter accounts of the FC Barcelona soccer team. SEA posted messages on the accounts that said, "Dear FC Barcelona management, Don't let the Qatari money funds you, it's full of blood and kill." The hacked accounts were the Spanish, Catalonian and English accounts for the team. The messages were deleted from the Spanish and Catalonian accounts within 10 minutes, but the English account took longer to restore. SEA has said that the attack on FC Barcelona is now over.

US Army Website Taken Down By Hackers

February 19, 2014 – Members of the DerpTrolling hacking group are taking credit for the US Army Knowledge Online website ( being down for the past several hours. The hackers posted a message saying, "All Hail Gaben! We will show the infidels the way back to hell! Lord Cage welcomes you." Gaben is the nickname for Gab Newell the co-founder and managing director of Valve. The official home page of the US Army ( is operating normally. At the time of this writing is still down.

Z Company Hacking Crew Hacks Official Indian Sites

February 19, 2014 – Members of the Z Company Hacking Crew (ZHC) are claiming to have hacked two official domains of India's national portal. The hackers left a message on the sites saying, "ZHC was here! Owns Indian National portal. It has been 65 years since your invasion of our lands but the fire of freedom still burns in our hearts." The attack is a protest against India's occupation of the Kashmir region. At the time of this writing the defacement message was still displayed.

Iran Says They Are Ready For Cyber War

February 19, 2014 – General Mohammad Aqakishi, the commander of the IT&C department of the General Staff of the Iranian Armed Forces announced that Iran is ready to handle any cyberattacks that might be launched. He said, "One of the options on the table of the US and its allies is a cyber war against Iran. But we are fully prepared to fight cyber warfare." The General said that Iran has made significant progress in IT and their military has taken advantage of these new technologies.

Forbes Accuses SEA Of Blackmail

February 18, 2014 – Forbes has published an article with details about the Syrian Electronic Army (SEA) attack from last week. In the article Forbes confirms that SEA used spear-phishing emails to obtain employee passwords to the publishing systems. The hackers reportedly sent an email showing information captured from the publishing database, and said that the attack would stop if 'fees' were paid. SEA representatives responded to these claims by saying, "Dear Forbes, making a fake story (we requesting 'fees') after we posted a joke about selling the data is not the good way to defend yourself. Just for future notice, we would never ask for money in return for anything. All we ask for is your support." SEA continued by saying, "We didn't publish the user table of Forbes to show off, but because they deserved to be embarrassed. We have access to bigger user tables than Forbes one but Forbes has been so unethical that they deserved it." Forbes is currently in the process of notifying the million subscribers that were compromised.

$2.5 Million In Bitcoins Stolen In Silk Road 2.0 Hack

February 18, 2014 – Silk Road 2.0, the online black market site, has posted a statement saying, "We have been hacked." The breach has resulted in approximately $2.5 million in Bitcoins being stolen. The Silk Road statement continued, "Our initial investigations indicate that a vendor exploited a recently discovered vulnerability in the Bitcoin protocol known as 'transaction malleability' to repeatedly withdraw coins from our system until it was completely empty."

Hackers Claim To Have 828 Gb of Data From Sands Casino

February 18, 2014 – Last week it was reported that several websites belonging to Sands Casino were hacked and defaced. The hackers behind that attack are now claiming to have stolen 828 Gb of files from the casino's systems. A video has been posted by the hackers showing that they have the stolen information stored on a local hard drive. The files include budget information, details on IT systems, passwords and user data. The company has confirmed that employee information has been compromised, but they have not yet determined if customers have been impacted. There is no evidence that gambling systems or customer financial information has been compromised. The hackers targeted the company after their CEO, Sheldon Adelson said that the United States should drop a nuclear bomb on Iran.

Two Students Arrested For Hack Of Data Infosys

February 18, 2014 – Two Indian students, Kulshrestha Varma and Hardik Sud, have been arrested and charged with hacking into the systems of Data Infosys and fraudulently recharging prepaid mobile phones. It is alleged that Varma and Sud hacked into Data Infosys' website and accessed the e-processing systems to recharge 500 mobile phones. The total amount stolen is believed to be $12,872. Authorities will continue their investigation, as they believe there are more people involved in this operation.

SEA Leaks 1 Million Forbes' Users Details

February 17, 2014 – Last week it was reported that the Syrian Electronic Army (SEA) hacked Forbes Magazine. Over the weekend, SEA followed up the hack with the release of information belonging to over 1 million Forbes customers. The leaked information includes email addresses and login information. Originally SEA tried to sell the information, but then released it for free. Forbes posted a statement saying, "Users' email addresses may have been exposed. The passwords were encrypted . . . We have notified law enforcement. We take this matter very seriously and apologize to the members of our community for this breach."

Kickstarter Hacked, Customer Data Leaked

February 17, 2014 – The online crowdfunding website, Kickstarter has confirmed that hackers have stolen some of its customers' information in a breach that occurred last week. According to Kickstarter, the leaked information includes passwords, phone numbers and email addresses. Kickstarter CEO Yancey Strickler said that no credit card data was accessed and that the breach has been repaired. Strickler posted a statement saying, "We're incredibly sorry that this happened. We set a very high bar for how we serve our community, and this incident is frustrating and upsetting. We have since improved our security procedures and systems in numerous ways."

Facebook's Zuckerberg Has Timeline Hacked

February 17, 2014 – The Egyptian hacker known as Dr. FarFar is claiming to have removed Mark Zuckerberg's Facebook timeline cover photo. According to the hacker he was able to leverage a private exploit to remove the photo. The cover photo was missing for a few hours, but there is no evidence that the account was actually hacked. Facebook representatives issued a statement saying, "There is no merit to this claim. We have confirmed there was no suspicious activity on the account."

Venezuelan Government Sites Hacked In Response To Student Killings

February 17, 2014 – Several Venezuelan government websites have been hacked and defaced in protest of the killing of three students during clashes between demonstrators and police. The hacktivists, from Venezuela, Mexico, Argentina and Colombia, have targeted at least seven sites. Along with the defacements, the hackers have posted instructions on how to bypass the Venezuelan government's censorship system and how to anonymize your identity online. Several of the websites are still defaced at this time.

Syrian Electronic Army Hacks Forbes

February 14, 2014 – The Syrian Electronic Army (SEA) is taking responsibility for hacking several Forbes websites and three Twitter accounts. The hackers compromised the Wordpress Administration panel of the Forbes website and edited several articles. The Twitter accounts that were hacked belonged to the Social Media Editor Alex Knapp, personal finance reporter Samantha Sharf and the ForbesTech account. SEA issued a statement saying, "The Syrian Electronic Army attacked Forbes because many articles against the SEA were posted on Forbes, also their hate for Syria is very clear and flagrant in their articles."

UNICEF And NY Times' FTP Servers Compromised

February 14, 2014 – Administrator credentials for over 7,000 FTP servers are allegedly in the hands of cybercriminals. Security researchers have said that the list of servers includes ones belonging to UNICEF and the New York Times. The cybercriminals are using these servers to host malware, scam websites, exploits and other content. The compromised servers also belong to various other organizations including small businesses, ISPs, multinational corporations and individuals from all over the world. A New York Times representative said that they are currently working on securing the server, while UNICEF issued a statement saying that the affected server is part of a system that is no longer active.

Sochi Olympics Email Leads To Banking Trojan

February 14, 2014 – A new spam email campaign has been launched advertising an Olympics live streaming app for Android devices. The title of the email is, "Olympic live stream in Sochi". The email contains a link to a website that hosts an application file called "olympic.apk". When the file is downloaded it launches a banking Trojan, which contacts a command and control server and sends information from the infected device.

IE Zero-Day Exploit Being Served From US VFW Website

February 14, 2014 – Researchers have discovered a new zero-day exploit on the US Veterans of Foreign Wars' website. Cybercriminals are using the exploit in an operation they are calling "SnowMan". The researchers believe that this is part of a larger attack against US military personnel. The attack is being credited to a group of criminals that were behind previous attacks against the US government, defense companies and law firms. Microsoft has confirmed that the exploit impacts IE 9 and 10, and recommends that companies update to version 11.

30 Vulnerabilities In Java Cloud Service

February 13, 2014 – It is being reported that 30 Java Cloud Service security vulnerabilities have been discovered. All of these vulnerabilities have been confirmed by Oracle. At least 15 of them can be exploited to bypass the Java security sandbox. The company was notified by researchers of these flaws in late January. Oracle has not issued any statement or timeline for when these issues will be fixed.

National-Socialist Party Of Canada Breached, Details Leaked

February 13, 2014 – The hacker known as nairb is claiming to have hacked the website of the National-Socialist Party of Canada. The hacker leaked the information of over 1,000 members including names and email addresses. Other database files, including one containing MySQL credentials, were also leaked. The National-Socialist Party of Canada is a Neo-Nazi organization that advocates for Canada to be "an independent nation of White citizens sovereign in its own living space." The hacker also posted a message saying, "Racists, fascists and hate-mongers beware, nairb is here."

DDoS Disrupts UK Ministry Of Justice Site

February 13, 2014 – The United Kingdom's Ministry of Justice website was hit with a distributed denial-of-service attack. The hackers that launched the attack said the site was targeted because the Ministry of Justice has not condemned the NSA's surveillance. The Ministry posted a statement saying, "The Justice website is now back up and running. Sorry for any inconvenience the downtime caused." The site is now operating normally after being down for about three hours.

Japan Records Over 12.8 Billion Cyberattacks In 2013

February 13, 2014 – A recent report shows that Japan saw over 12.8 billion cyberattacks targeting their government and other organizations in 2013. This is the largest number recorded since attacks began to be tracked in 2005. A spokesperson from the National Institute of Information and Communications Technology said that cyberattacks originating from China, the United States and emerging countries have been growing. The number of cyberattacks grew 64.1% over the 7.8 billion attacks tracked in 2012. The attacks included distributed denial-of-service and system probes used to determine if servers were vulnerable.

CloudFlare Hit With 400Gbps DDoS Attack

February 12, 2014 – Hackers launched a massive distributed denial-of-service attack targeting the European data servers of content-delivery and anti-DDoS firm Cloudflare yesterday. The attack reached more than 400Gbps at its peak of traffic, which is the largest reported attack to date. Cloudflare CEO Matthew Price released a statement saying, "Very big NTP reflection attack hitting us right now. Appears to be bigger than the Spamhaus attack from last year. Mitigating."

Sands Casino Website Defaced

February 12, 2014 – Members of the Anti WMD Team hacking group are claiming to have breached and defaced the websites of the Sands Casino and its subsidiaries. The defacement page features a map of the world with the locations of Sands Casinos marked with flickering flames. The message on the page reads, "Damn A, Don't let your tongue cut your throat. Encouraging the use of weapons of Mass destruction, Under Any condition is a Crime." The defacement also included personal information of Sands employees such as email ids, social security numbers and other information. A total of eight sites have been affected including the Sands official site. All of the impacted sites are currently showing a "Undergoing Maintenance" message. Sands has issued a statement saying they are working with law enforcement to investigate the incident.

Anonymous Attacks GCHQ Websites

February 12, 2014 – Yesterday, members of the Anonymous collective launched a distributed denial-of-service attack against the website of the UK's GCHQ. The attack was in support of the "The Day We Fight Back" anti-surveillance protests. It has been confirmed that the website experienced "noticeable performance issues", but it has not been confirmed what caused those issues. At this time it seems that attack originated in Romania, but the investigation is on-going.

RedHack Leaks US Embassy Staff Information

February 12, 2014 – Members of the RedHack hacking group have leaked the personal information of 36 staff members of the US Embassy in Turkey. The leaked information includes names, email addresses and phone numbers. According to one of the hackers the leak was in memory of one of the founders of the Turkish People's Liberation Army. The hackers say they are protesting the government of the United States, but not the people. Along with the leaked information, the hackers posted a message saying, "Go Home Yankee."

Details Of Seven Year Cyber Espionage Campaign Revealed

February 11, 2014 – Security researchers have released the details of an advanced cyber espionage campaign dubbed “The Mask” which has been ongoing since at least 2007. According to researchers, The Mask campaign has been targeting government agencies, energy companies and other high-profile organizations spread out across a total of 31 countries in the America, Africa, Europe and the Middle East. It is believed the cybercriminals are from a Spanish-speaking part of the world, as they have been using the Spanish language to communicate with one another. The attackers are also said to have a large arsenal of cybercrime tools at their disposal, including a bootkit, a rootkit, malware for Max OS X and Linux and possibly Android and iOS variants of sophisticated threats. The cybercriminals have been distributing the sophisticated malware with the aid of spear-phishing emails sent to victms; these emails contain links to websites which host the exploit kit, and depending on the victim's system configuration, an appropriate type of malware is served. It is believed the main objective of these cybercriminals is to collect sensitive information from networks of government institutions, energy, oil and gas companies, diplomatic offices and embassies, research organizations and even activists.

US Law Firm Attacked By CryptoLocker Ransomware

February 11, 2014 – A U.S. law firm based in Charlotte, North Carolina is reporting that it has fallen victim to a cyberattack which leveraged the CryptoLocker ransomware. According to reports the attackers were able to infect one of the company's servers before sending out fake voicemail notifications which contained the ransomware as an attachment. Representatives of the company stated they lost access to thousands of legal documents, however, no confidential information was stolen. Once the law firm's IT department failed to recover the files, it agreed to pay the $300 fee to get them back, however at this point experts believe it is too late. CryptoLocker is a ransomware which instructs victims of infected machines to pay a ransom fee within 72 hours to recover their lost files.

Mass Protests Launch Today In Opposition Of NSA Mass Surveillance

February 11, 2014 – Mass Protests Launch Today In Opposition Of NSA Mass Surveillance
Some of the leading tech companies of the US are taking part today in a massive protest against the NSA's policy of mass surveillance, known as “The Day We Fight Back.” Over 5,700 websites are hosting banners on their homepages today urging Internet users to call and email members of Congress and ask them to vote against the proposed NSA reforms that the American Civil Liberties Union has labeled “bad for privacy.” The event comes two years after 8,000 websites went black to protest bills that would have given the government free reign to remove websites that were found to violate the Stop Online Piracy Act and the Protect IP Act. Some of the notable participants in the protest include, Facebook, AOL, Twitter, LinkedIn, Yahoo and Reddit. The banner used by participants will read, “Dear Internet, we're sick of complaining about the NSA. We want new laws that curtail online surveillance. Today we fight back.”

Nigerian Government Websites Hacked by Syrian Anonymous

February 11, 2014 – Members of the Syrian Anonymous group, a sub group of the larger Anonymous collective, has managed to hack and deface a total of 25 Nigerian government websites. The list of websites hacked includes the Ministry of Justice, the Ministry of Finance, the Ministry of Education, the Ministry of Power, the Nigerian Christian Pilgrim Commission, the Federal Neuro Psychiatric Hospital Yaba and the Federal Ministry of Science and Technology. There is no known motive for the attacks on Nigerian websites. At the time of this writing, several of the websites have restored, others have been taken down and some are still defaced.

Bank of America Customers Target Of Massive Malware Distribution

February 10, 2014 – Security researchers have identified a new malware distribution campaign aimed add customers of Bank of America. The malware, which is part of the Bredo family of Trojans, leverages traffic volume in an effort to evade filtering engines. Cybercriminals have been sending out fake emails which contain the malware to customers of Bank of America; once the malware is opened it steals sensitive information, including banking data from infected devices. It should also be noted that the Trojan is also capable of downloading other malicious elements onto affected computers. According to researchers the malware was only identified by 11 anti-virus engines.

Barclays Customer Data Stolen, Thousands Of Files Leaked

February 10, 2014 – It is being reported that an Anonymous whistleblower has provided a memory stick with the personal details of 2,000 Barclays' customers. The whistleblower says this is only a sample from a database of 27,000 files. The leaked files are said to contain highly sensitive information, including customers' earnings, savings, mortgages, health issues, insurance polices, passport numbers and national insurance numbers. An investigation has already been set up with both Barclays and the Police working together to solve the crime. It is not yet clear how the data was stolen, however Barclays has stated it has begun notifying investors of the possible breach.

RedHack Begins Attacks In Opposition Of New Internet Law

February 10, 2014 – Members of the RedHack group have remained true to their word and have began attacking websites on Turkish cyberspace. The group is protesting, along with other activists and hacktivists, the new Internet law which they believe seriously limits the freedom of speech of Turkish citizens. The group has leaked two dozen records which contain the phone numbers of police chiefs and superintendents, and have stated this is only the first phase of the attacks. The group then defaced the website of the Kars Municipality, the Gas Distribution Authority of Sakarya and the website of the City of Amasya, from which the hacktivists also leaked AKP (Justice and Development Party) membership applications. The Ministry of Education was also attacked by the group , which leaked invoices and expenditures of the school. The controversial new law has been heavily criticized not only by Turkish citizens but also by members of the EU as well.

Website of Nepalese President Hacked And Defaced

February 10, 2014 – Two different hackers have breached and defaced the official website of Nepal's Office of the President. The first hacker, the Iranian Dr. 3v1l, uploaded a defacement page to the website and leaked some information including administrator user names and passwords. A second hacker of Indian origin was also able to exploit the vulnerability to deface the website's homepage. There is no known motive for the hack and at the time of this writing the website has been restored to its working condition.

Anonymous Releases Message To Russia As Part Of OpSochi

February 7, 2014 – With the Winter Olympics kicking off in Sochi, Russia members of LegionOps a subgroup of the Anonymous collective have issued a warning statement to Russia as part of its OpSochi campaign. The group is demanding the Russian Winter Olympics stop animal cruelty and the use of animals for entertainment and sport. The group is threatening to launch DDoS attacks on various Russian government websites, as well as defacing and leaking sensitive information. A target list including over 25 Olympic related websites has been provided by the group.

Huawei Hacks Indian Telcom Company

February 7, 2014 – According to a new report, Chinese telcommunications company, Huawei, has allegedly hacked into the network of Indian state-owned telecommunications company, Bharat Sanchar Nigam Limited (BSNL). Allegedly, Huawei engineers hacked into a mobile tower owned by BSNL in the Costal area of Andhra Pradesh in October 2013. Minister of State for Communications & IT, Killi Kruparani has stated, "The government has constituted an inter-ministerial team to investigate the matter." The investigation will be led by a team of top officials from the National Security Council Secretariat, the Intelligence Bureau, the Union Home Ministry and BSNL themselves. The Indian government suspects this hacking may be an "inter-corporate" rivalry between Huawei and ZTE, a Chinese telcom company which was offered a major part of BSNL's network in 2012.

Turkmenistan Banks Hacked By Dr.SHA6H

February 7, 2014 – Syrian hacker, Dr.SHA6H is continuing his effort to bring attention to the situation in Syria by hacking and defacing the official websites of two Turkmenistan state-owned banks. The banks targeted by the hacker were, the Turkmenbashi Bank and the PrezidentBank; the homepages of both websites were defaced with a message. On the website of Turkmenbashi Bank Dr. SHA6H left a message urging the U.S. and other countries to intervene in the situation in Syria, as the U.S. has done for other countries in need of help. In addition to hacking the banking websites, Dr.SHA6H has also defaced the government owned website of the Union of Industrialists and Entrepreneurs of Turkmenistan, the Nowruz Festival website, and the Research Institute of Earthquake Engineering. At the time of this writing the defaced websites have been restored to their normal settings.

Anonymous Threatens Release Of Singapore Government Employee Information

February 7, 2014 – Members of the Anonymous hacking collective are threatening to leak the personal details of Singapore government employees in protest of the recent arrests of individuals allegedly tied to the Anonymous collective. The names, government email addresses, dates of birth, phone numbers and passport numbers of 10 individuals has been released as a sample to prove that they have obtained the sensitive information. The collective claims the stolen information is from a Singaporean security company, "that does much business (with) government." The hackers have stated they will leak details of thousands of people if the government does not "begin to show a sense of justice and fairness."

Syrian Electronic Army Hacks Mark Monitor, Close To Hacking Facebook

February 6, 2014 – Early this morning members of the Pro-Syrian hacker group, Syrian Electronic Army (SEA), have hacked the domain management brand, Mark Monitor. One member of SEA confirmed that they were minutes away from changing the DNS details of Facebook, however before the changes could be made Mark Monitor disabled their portal. However the group was able to change the registrant information of Facebook to Damascus, Syria, and provided a screenshot of the change. Mark Monitor manages the domains of many of the world's biggest companies, such as Google, Yahoo!, Amazon and Facebook, the group has also provided a screenshot of the Mark Monitor Administration panel. At the time of this writing the registrar data of Facebook appears to have been restored.

Comcast Targeted by NullCrew Hackers

February 6, 2014 – Hackers of the NullCrew group are claiming to have hacked into the systems of Comcast, a major telecom company, after exploiting a local file intrusion vulnerability in a mail server. The group has released a statement which reads, “Hello there beautiful people of the internet, once again; we here at NullCrew have some fun information for you. This time, our target is Comcast, yet another internet service provider who proclaims to be a secured one; shall we test these claims as well?” The hackers were first able to obtain a list of Comcast mail servers running Zimbra, an email server and web client software before finding the local file intrusion flaw on the servers. By leveraging this vulnerability the group was able to gain access to usernames, passwords, and other sensitive information. Comcast has yet to make an official statement regarding the hack.

RedHack Plans Protest Against Turkey's New Internet Law

February 6, 2014 – Hackers of the RedHack hacking group are planning a protest after Turkey's parliament approved controversial changes to Turkey's Internet Laws, which will allow authorities to block access to certain websites. RedHack, along with other hacktivists and activists, is preparing to protest against the new law, which they say limits freedom of speech. A RedHack representative has stated, “Education is a necessity and corruption sucks...This law is designed to suppress people more and silence them in order to stop them from criticizing the AKP government. This is fascism. If people don't react, their rights and freedoms will be stripped from them at all levels.” RedHack has also stated it intends to leak data stolen from the systems of Turkcell before the planned demonstrations. The demonstrations are schedule to start February 8, 2014.

Monsanto And WWF Attacked By Anonymous As Part Of OpGreenRights

February 6, 2014 – As part of its ongoing Operation Green Rights effort, members of the Anonymous collective have attacked the websites of Monsanto Fund, the charity organization of Monsanto agricultural company, the Round Table on Responsible Soy (RTRS), and the Italian and Indonesian websites of the World Wildlife Fund (WWF). Members of the collective launched several distributed denial of service attacks, as well as dumping the database for the Round Table on Responsible Soy. Members of the Anonymous collective also launched several distributed denial of service attacks on the websites of Monsanto South Korea, as well as websites of Italian energy companies in December 2013. At the time of this writing no official statement has been made by any of the companies affected.

Report: US Government Easy Target For Hackers

February 5, 2014 – According to a recent report written by Senator Tom Coburn and other staff members at the Homeland Security and Governmental Affairs Committee, several government agencies are leaving themselves open to hacker attacks by neglecting to implement simple fixes to network problems. The report states that the United States has spent almost $65 billion since 2006 on securing computers and networks, but agencies "continue to leave themselves vulnerable, often by failing to take the most basic steps towards securing their systems and information." In response to the report, the White House admits there is still more work that needs to be done. Special Assistant to the President on cybersecurity policy, Michael Daniel, said, "Almost every agency faces a cybersecurity challenge. Some are farther along than others . . . It often depends on whether they've been in the crosshairs of a major cyber incident."

Anonymous Issues "Final" Warning For OpFunKill

February 5, 2014 – Members of the Anonymous collective have been attempting to raise awareness of animal abuse with Operation Fun Kill. They have issued a new video that says they have issued a final warning to their targets. The hacktivists say, "We have been researching, probing, scanning, and preparing to strike. Our targets have been warned and soon it will be time to act! We are Operation FunKill; a united collective of operations, hackers and activists who stand together against cruelty." Previously targeted websites have suffered distributed denial-of-service attacks.

RedHack Leaks Data From Vodafone

February 5, 2014 – Members of the RedHack hacking collective have leaked data from Vodafone. The data was stolen in RedHack's breach of their systems earlier this week. The leaked information includes names, dates of birth, phone numbers and voicemail delivery dates. The hackers posted a statement saying, "Vodafone has shown great interest in controlling the global internet and lobbies USA and EU to give them the biggest piece from the cake. But yet again they are unable you protect their own systems." Phone numbers and last names have been deleted "to protect the public." According to the hackers they have leaked this information to show that Vodafone is logging voicemails.

Pakistani Hackers Continue Attacks Against Indian Sites

February 5, 2014 – Several different Pakistani hacking groups have launched attacks against Indian banks and government websites. The Hackers Army is reporting that they have breached and defaced the website of India's State Bank of Patiala., Members of the Team Maximizers hacking group claim to have defaced several subdomains belonging to the State of Kerala. In addition, the Pakistan Haxors Crew is claiming to have hacked and defaced the West Bengal State Coastal Zone Management Authority and a portal of the Damodar Valley Corporation.

New Data Security And Breach Notification Act Introduced

February 4, 2014 – Senators Dianne Feinstein, John Rockefeller, Mark Pryor and Bill Nelson have introduced a new bill that will provide a federal standard for data security and breach notifications. If the bill passes, the Federal Trade Commission will create security standards for companies that store personal and financial information. If a company is breached, they will be required to notify authorities and affected customers. The key points of the bill include the FTC establishing security standards for databases, establishing notification requirements to allow people impacted by the breaches to take steps to protect themselves, creating a central entity for breached organizations to report incidents and creating incentives to increase the use of technology to combat cybercrime.

FBI Emails Hacked By Anonymous Slovenia

February 4, 2014 – A member of the Anonymous Slovenia collective known as Black-Shadow is claiming to have compromised the email accounts belonging to several FBI agents. The hacker posted server and DNS information along with email account user names and passwords. The hacker said that he was able to accomplish this with the help of other hacking groups such as AntiSec and LulzSec.

RedHack Breaches TTNet, Vodafone and TurkCell

February 4, 2014 – Members of the RedHack hacking collective are claiming to have hacked the systems of Turkish ISP TTNet, Vodafone and Turkish mobile company TurkCell. The hackers released a statement saying, "Customer data of ISP TTNET, mobile operator Vodafone and Turkcell infiltrated and vast amount of data collected from the systems." At this time the hackers have only leaked some data from TTNet. The information includes the membership details of Ministries, National Intelligence Agencies and the Security Directorate. The motivation for the attack is to show that no system is 100% secure. The hackers added, "In the coming days we'll continue with those exploiting the country. No public information will be shared. Our people can be at ease."

Pakistani Hackers Deface Indian Public Health Engineering Department

February 4, 2014 – Members of the Pakistan Haxors Crew hacking group have breached a defaced the website of West Bengal, India's Public Health Engineering Department. The defacement page reads, "Free Kashmir. Free Syria. Stop Spying On Us. Stop Killing Muslims. We Have All Your Data. Don't Try To Catch Us." The Pakistan Haxor Crew has targeted several Indian websites over the past two months.

Syrian Electronic Army Attacks PayPal and eBay

February 3, 2014 – The Syrian Electronic Army (SEA) has defaced the UK, France and India websites of PayPal and eBay. The sites were displaying a Syrian flag and a message saying, "Hacked by the Syrian Electronic Army. Long live Syria. F*** the United States government." Senior Director of Global Initiatives for PayPal, Anuj Nayar has said that PayPal's systems have not been compromised. He stated, "For under 60 minutes, a very small subset of people visiting a few marketing web pages of Paypal France, UK and India websites were being redirected." SEA said that they had no intention of doing any damage to customers. They said, "Rest assured, this was purely a hacktivist operation, no user accounts or data were touched. If your PayPal account is down for a few minutes, think about Syrians who were denied online payments for more than 3 years.” SEA is claiming to have accessed PayPal's MarkMonitor account. At the time of this writing all PayPal and eBay sites are restored and working properly.

Bell Canada Customer Data Compromised

February 3, 2014 – Members of the NullCrew hacking group have leaked information from over 22,000 Bell Canada customers. Bell Canada has confirmed the leaked data is valid, but they say their systems have not been hacked. The company is claiming that the data was stolen from a third-party supplier in Ottawa. Bell released a statement saying, "Bell's own network and IT systems were not impacted. The issue does not affect Bell residential, mobility or enterprise businesses." NullCrew members have said this is "quite laughable" that Bell Canada was not breached. The hackers say that they notified Bell Canada of the vulnerability two weeks ago.

Orange Hack Compromises 800,000 Customers

February 3, 2014 – Telecom company, Orange has suffered a data breach of the "My Account" section of their website. Information for almost 800,000 customers was accessed during the hack. The information stolen includes names, mailing addresses, email addresses, phone numbers and other information. Once the attack was detected, Orange shut down the section of the website. Technical Director, Laurent Benatar said that passwords were not accessed, but some partial financial information may have been stolen.

UK National Health Service Site Set Up To Serve Malware

February 3, 2014 – The United Kingdom's National Health Service (NHS) website has been breached, and infected with malicious code that redirects people to malware sites. Researchers have determined that that number of infected pages is over 800. NHS representatives have issued a statement saying, "Apologies to anyone having trouble navigating our website - we are aware of the issue and currently working to resolve it."

Yahoo Email Accounts Compromised

January 31, 2014 – Yahoo has announced that "a number of Yahoo mail accounts" have been breached by hackers. According to Yahoo the hackers compromised a third-party database and then gained access to the email accounts. The name of the third-party was not revealed, and Yahoo did not say how many accounts were impacted. Yahoo is working with federal law enforcement to investigate the incident. In their official statement, Yahoo says that there is no evidence that the credentials were compromised directly from its servers.

California High School Students Caught Hacking Computers To Change Grades

January 31, 2014 – Eleven students from the Corona del Mar High School in Newport Beach, California, have been expelled for hacking into the school's computer system and changing their grades. Timothy Lance Lai, a 28 year-old tutor, is accused of teaching the students how to use a key logger. The students then connected the device to a teacher's computer and stole their login credentials. No official legal charges have been filed against the students or Lai.

Indian Paramilitary Website Hacked

January 31, 2014 – Members of the Pakistan Haxors Crew hacking group have hacked and defaced Assam Rifles, one of India's paramilitary forces, website. In addition to posting the defacement page, the hackers posted another message saying, "We have what we want." At the time of this writing the defacement page is still being displayed.

Cambodian Government Sites Defaced For OpCambodiaFreedom

January 31, 2014 – Members of the Team Khmer-Shadow hacking group have defaced two Cambodian government websites as part of OpCambodiaFreedom. The operation is a protest against local Cambodian government. The targeted websites were the Economic, Social and Cultural Council and the Siem Reap Provincial Hall. The home pages of both sites were defaced. The hackers said it is not their goal to "destroy the websites".

Target Hack Blamed On Vendor

January 30, 2014 – Target representatives have said that the hackers that stole information of more than 70 million customers had stolen credentials from a vendor, and used that information to access the company's system. The accused vendor has not been identified and it is still unclear on how the hackers actually stole the information. Target has not identified which portals were used to access the breached payment systems. However, it is being reported that two portals, a supplier's database and a human resources website, have been shut down.

Nigerian Ministry Of Police Affairs Defaced

January 30, 2014 – Members of the Nigerian Cyber Army hacking group have hacked and defaced the website of Nigeria's Ministry of Police Affairs. The attack was a protest against the Nigerian government and police. The defacement message said, "Every offense should have a fair punishment. People have committed greater offenses and nothing was done to them. Police officers collecting bribes only confirms how corrupt our society has become."

Anonymous Portugal Leaks Documents From Parliament

January 30, 2014 – Members of the Anonymous Portugal collective have leaked 185 documents they claim were stolen from the Portugal Parliament's systems. Many of the documents were dated from several years ago, going back as far as 2004. Anonymous Portugal has also released a video where they say that 2013 was "the most shameful year that the Portuguese witnessed during nearly 40 years of democracy."

Vulnerability Leaves Wikipedia Open To Attacks

January 30, 2014 – Researchers have discovered that Wikipedia is vulnerable to remote code executions due to a flaw in the MediaWiki software, an open source wiki software. The vulnerability allows an attacker to execute shell code remotely through an incorrectly sanitized parameter on the MediaWiki application server. The latest version of MediaWiki has patched the vulnerability.

Angry Birds Website Defaced

January 29, 2014 – The official Angry Birds website was defaced for a short time early this morning. Vice President of Rovio Saara Bergstrom said in a statement, "The defacement was caught in minutes and corrected immediately. The end user data was in no risk at any point. Due to how the internet name resolution works, for most areas it was not visible at all, but some areas take time for the correct information to be updated." Security experts say that this was a DNS hijacking and that Rovio's systems were not breached. It appears that the attack came from Lithuania.

Cross-platform Java-Bot Launching DDoS Attacks

January 29, 2014 – Researchers have discovered a new cross-platform Java-Bot, which is infecting computers running Windows, Mac OS X and Linux that has Java Runtime Environment installed. The Java-Bot is exploiting a known critical Java vulnerability that was patched in June. Once a computer is infected, the malware copies itself into the home directory, and registers with the system startup programs. The malware is designed to launch distributed denial-of-service attacks from the infected computers.

ZCompany Hacking Crew Attacks Team Madleets

January 29, 2014 – Members of the ZCompany Hacking Crew (ZHC) are claiming to have breached two subdomains of the Team Madleets website. The Pakistani hacking group, Team Madleets have breached several high-profile websites recently, and ZHC feels they have become "arrogant." The defacement pages contained a message from ZHC saying, "We are not against Madleets or any other team, but when we see someone tryna act like they ‘Own The Scene’ with much arrogance, starts praising and greeting Indians, insulting groups/people who hack for cause like us ‘The ZHC’ & starts yelling about not to hack Indians and they are our friends ? It’s surely something to react too!" Members of Madleets say that their servers have not been breached, saying that the breached servers are not theirs. According to Team Madleets the server was an old server that had expired and has since been purchased by someone else.

Indian Hackers Respond To Republic Day Attacks

January 29, 2014 – On January 26, Republic Day in India, several Pakistani hackers defaced over 2,000 Indian websites. In response, the Indian Cyber Rakshak hacking group has defaced 100 Pakistani sites, but it is believed that they will be continuing the attacks. Several of the sites are still defaced. The Pakistani groups behind the Republic Day attacks include Team Madleets, Maximizers and the KashmirCyberArmy.

Israel Defense Ministry Computer Hacked

January 28, 2014 – Hackers have broken into the computer systems of the Israeli Defense Ministry using a malicious software, which was delivered via an email attachment. The email was made to look as if it was sent by the Shin Bet Israeli spy agency thus fooling users to open the email. Security researchers stated the hackers had temporary control of 15 computers in January. One of the targeted computers belongs to Israel's Civil Administration, which is responsible for monitoring Palestinians in Israeli-occupied territory. At the time of this writing the Israel government is not providing a comment on the incident, however they have stated that the hackers used a variant of the Xtreme RAT software to infect the computers.

Thai Police Website Hacked and Defaced

January 28, 2014 – The hacker known as Stricker Rude of Maximizers Team, has hacked the subdomain of the Thailand Police website. The hacker has also uploaded a defacement and a message that reads, "Owned By The Rude | Team MaXiMiZerS. Secure it Before i come again." This is the second attack carried out by Striker Rude, who earlier this week also targeted several high-profile sites from India, including the Central Bank of India, and the State Bank of Patiala. The Maximizers Team was also the group responsible for attacking several government websites in Morocco and Bangladesh. At the time of this writing the website is still defaced.

Indian Railways Website Hacked

January 28, 2014 – Members of the Pakistan Haxor Crew have once again hacked the website of the Indian Railways. The group was able to upload a defacement page to the Executive Director Rail Movement (EDRM) section of the website. In early April 2013 another Pakistani hacker was able to deface the Indian Railways website in the same manner, and it remains to be seen if the Indian Railways administrators are aware of the vulnerability. At the time of this writing the defaced page is still active.

Chief Rabbinate of Israel Hacked

January 28, 2014 – Members of the Anonymous collective are reporting the Chief Rabbinate of Israel website has been hacked and defaced. The attack is part of the Operation Israel campaign, a coordinated cyber-attack by anti-Israel groups on Israeli cyberspace. It is unknown at the moment who is responsible for the attack on the website. At the time of this writing the website has been restored and is functioning properly.

Hasbro Website Hacked

January 27, 2014 – The website of American toy company, Hasbro, has been hacked by cybercriminals and is being used to distribute malware onto visitors' computers. Visitors of the website are redirected to a site serving a Java exploit. The malicious software has been found on numerous occasions on the site. Research experts have also stated that normal antivirus programs are not capable of detecting the threat, and advise users to avoid visiting the Hasbro website.

Documents Stolen From Microsoft During Email Hack

January 27, 2014 – Microsoft has issued a statement saying that documents "associated with law enforcement inquiries" have been stolen. The announcement comes just a few days after the Syrian Electronic Army (SEA) hacked Microsoft emails and social media accounts. Microsoft has confirmed that SEA did hack employee email accounts. Microsoft also stated, "We have learned that there was unauthorized access to certain employee email accounts, and information contained in those accounts could be disclosed. It appears that documents associated with law enforcement inquiries were stolen." At this time SEA has only leaked internal email conversations.

Nigerian Ministry of Police Affairs Website Hacked

January 27, 2014 – Members of the Nigerian Cyber Army are claiming to have hacked and defaced the official website of the Ministry of Police Affairs of Nigeria. In a message posted on the defaced page, the hackers blame police officials and the government for being corrupt and allowing corruption to continue in the country. The hackers write, "Every offense should have a fair punishment. People have committed greater offenses and nothing was done to them. Police officers collecting bribes only confirms how corrupt our society has become. It is also a sign of a failed government." The website is currently offline.

Colombian Hospital Website Defaced By Moroccan Hackers

January 27, 2014 – The Moroccan Islamic Union-Mail have hacked and defaced the official website of Our Lady of Las Mercedes Hospital, which is operated by the government of Colombia. The hackers left a message which reads, "We do not want muscle-flexing. Just want to get our message across the world to discover the truth…" In addition to the message the hackers also added a video to the defaced website depicting the life of the Prophet Muhammed as written in the Bible. At the time of this writing the website is still defaced.

Pakistani Hackers Target Websites Of Indian Celebrities

January 27, 2014 – Hacker, Haxor 99 of the MadLeets hacking team has hacked and defaced the websites of Indian celebrities, Poonam Pandey and Daler Mehndi. The website of Pandey, who is a famous Indian model and actress, has been defaced with a message that reads, "Your site security is compromised. Nothing Delete(d) or Harmed. Rise a Voice for Justice of Kashimr. Patch Your Site." The other victim, Daler Mehndi, an Indian musician, songwriter and author has the same pro-Pakistan message posted to his website as well. At the time of this writing both websites are still defaced.

CNN Accounts Hacked By Syrian Electronic Army

January 24, 2014 – The Syrian Electronic Army (SEA) has hacked several blogs and Twitter handles belonging to CNN. The group has stated the motive behind these attacks is because CNN is, “reporting lies aimed at prolonging the suffering in Syria. CNN used its usual formula of presenting unverifiable information as truth, adopting a report by Qataris against Syria. Instead of any actual journalism, CNN turned into a loud horn calling for the destruction of Syria.” The group also added, “US media strategy is to hide the fact that the CIA controls and funds Al Qaeda by blaming Syria instead for their terror. The SEA will not stop pursuing liars and will expose them and their methods for the world to see.” On the hacked accounts SEA has posted fake news articles as well as a message which reads, “Syrian Electronic Army was here.” The impacted CNN blogs are Security Clearance, The Lead, Political Ticker, Crossfire and The Situation Room. CNN has removed all fake posts made by SEA and has stated, “Some of our organization's social media accounts were compromised. We have secured those accounts and deleted unauthorized tweets.”

Anonymous Announces New Campaign: OpAreva

January 24, 2014 – The Anonymous global hacker collective has released a new video outlining a new campaign dubbed OpAreva. Anonymous has targeted Areva, a French public multinational industrial conglomerate specializing in mining and energy. Members of the collective have stated they are unhappy with the large amounts of money the company makes through its operations in countries such as Niger, Gabon, Kazakhstan and the Central African Republic, while doing very little to help the people of these countries. The hacker collective has urged journalists to investigate Areva's activities and expose the company's wrongdoings. The group has not outlined the types of attacks they will launching against Areva in the coming weeks.

Neiman Marcus Provides Details Of Data Breach

January 24, 2014 – Representatives of Neiman Marcus are reporting that some 1.1 million credit card and debit card information was obtained by cyber criminals in the data breach which occurred earlier this month. In a statement posted on its website, Neiman Marcus said that the malware had been “clandestinely” put into its system and had stolen payment data off cards used from July 16 to October 30. MasterCard, Visa and Discover have all reported to the company that about 2,400 cards used at Neiman Marcus and its Last Call outlet stores have since been used fraudulently. Like Target, Neiman Marcus will be offering those impacted a free one year free credit monitoring service.

Indian Authorities Launch International Operation Against Cybercriminals

January 24, 2014 – Last December representatives of the Indian and American police set up a new cybercrime portal which would enable the two groups to cooperate more efficiently with one another on investigations. Now this new portal has led to the arrest of one individual as part of an international law enforcement operation targeting cybercriminials. India's Central Bureau of Investigation (CBI) has searched several locations in Pune, Mumbai, and Ghaziabad after receiving information on suspects from the U.S. Federal Bureau of Investigation (FBI). In addition to the U.S., law enforcement agencies from Romania and China are also said to be involved in the international operation. No details have been provided regarding the targeted cybercriminals as the investigation is still ongoing.

Snapchat's CAPTCHA System Hacked

January 23, 2014 – Security experts are reporting that they have successfully hacked the CAPTCHA system on Snapchat's website. The newly introduced system is designed to prevent bots from registering accounts. Soon after Snapchat announced the new system, a security expert was able to write code that hacked the system. Other researchers have since announced that they too have hacked the system. Snapchat recently suffered a data leak and had promised to focus more on security.

Brazilian City Website Hacked

January 23, 2014 – Researchers have discovered a piece of a malicious code in a Javascript file on the official website of the city of Franca in Sao Paulo, Brazil. Visitors of the website are redirected to the website with the malicious code. According to researchers, the attackers have exploited a vulnerability in the outdated version of Joomla running on the website. The Brazilian Security and Incident Response Team has been notified of the vulnerability by researchers.

16 Million Accounts From Germany Compromised By Hackers

January 23, 2014 – The Federal Office for Security in Information Technology (BSI), Germany has confirmed a recent data breach, which effects more than 16 million accounts from Germany. BSI was made aware of the breach by law enforcement and research institutions which were analyzing botnets and malware. In addition to the emails, social media accounts and shopping portal accounts being compromised, hackers were also able to infect users with malware. Tim Griese, a spokesman for BSI, confirmed that about half the accounts have the .de domain name denoting it to be German-based accounts. BSI has set up a website where users can check if their accounts have been compromised and have asked infected users to run an antivirus program to remove any malware.

Armenian Government Ministries' Websites Hacked

January 23, 2014 – Members of the Anti-Armenia Team hacking group have breached and defaced sixty-four Armenian government ministries' websites. The defacement pages included a video with an anti-Armenia message. The targeted websites include the Ministry of Education, Artsakh State University, Youth For Achievements Educational NGO and the Football Federation of Armenia. The hackers are from Azerbaijan, which is currently involved in a conflict with Armenia. At the time of this writing all of the sites have been restored and are operating normally.

Authorities Arrest Man Alleged To Be Hacker Guccifer

January 22, 2014 – The Romanian Directorate for Investigating Organized Crime and Terrorism (DIICOT) is claiming to have arrested the man alleged to be the notorious hacker, Guccifer. Romanian authorities have arrested 40 year old, Marcel Lazar Lehel of Arad county and have searched his home for evidence. Authorities suspect that Lehel, "accessed, without authorization, and bypassed security measures to obtain email accounts belonging to public figures from Romania, with the purpose of obtaining confidential information found in their electronic mailboxes." Guccifer has previously hacked several US government officials and celebrities. DIICOT representatives have stated that the law enforcement organization is working with US authorities on the case.

Syrian Electronic Army Targets Microsoft Again

January 22, 2014 – Last week after breaching Microsoft's corporate email and leaking employee information online, the Syrian Electronic Army (SEA) stated that this would not be the last attack on Microsoft. The SEA has kept their word and have now hacked the official Microsoft Office blog. Members of the hacker collective were able to access the WordPress panel of the official blog and posted an article titled, "Hacked by the Syrian Electronic Army." This is the fourth time SEA members have targeted Microsoft, earlier this month the collective also hacked the official Twitter and Skype accounts of Microsoft, as well as the Microsoft XBOX Twitter and Instagram accounts. SEA posted a message to Microsoft after this latest attack. "Dear Microsoft, changing the CMS will not help you if your employees are hacked and they don't know about it." Microsoft has not yet made an official statement on this latest attack by SEA.

Cambodia's Royal Gendarmerie Website Hacked

January 22, 2014 – Members of Team Khmer-Shadow collective have hacked and defaced several domains of Cambodia's Royal Gendarmerie. The group has also hacked the site of Cambodia's Development Program, and a local news website. Team Khemer-Shadow has stated Cambodian websites were targeted as part of its "pentesting" program. The hacking occurred shortly after 11 political activists were arrested by police for protesting outside the US Embassy in Phnom Penh, Cambodia's capital city. Members of Anonymous Cambodia have clarified that Team Khmer-Shadow is a "friend".

Islamic Cyber Resistance Hacks Official Perl Blog

January 22, 2014 – The official blog of Perl has been breached and defaced by members of the Islamic Cyber Resistance. Perl is a family of high-level, general-purpose, interpreted, dynamic programming language created by Larry Wall. In addition to defacing the blog, the group has also leak the credentials of 3,000 users. The information is said to contain user names, email addresses, account passwords, and other data. The hackers have stated the attack on the blog is in support of the Syrian people, as well as the Syrian Electronic Army.

Anonymous Provides Update And Announces New Operation

January 21, 2014 – Members of the Anonymous hacking collective have announced a new operations dubbed, "OpPhDPounds" which will target government supported academic institutions. The new campaign is aimed at institutions that are employing PhD students to conduct research on Anonymous. The types of attacks that will be carried out is unclear at the time. The global collective has also released a video declaring the start of Phase 2 of Operation Killing Bay, warning Japan that if it does not end the slaughter of dolphins in Taiji, they will target government officials, businesses, and media outlets.

Officers Involved In Kelly Thomas Case Targeted By Anonymous

January 21, 2014 – Following the acquittal of two Fullerton, California police officers who beat a homeless man to death in 2011, Anonymous has released the personal details of the officers involved. The hackers also leaked the personal details of the officers' family members as well. The leaked data includes addresses, phone numbers, social media accounts and birth dates. Other hackers have stated this is not the end of their operation against the Fullerton Police Department.

Ubuntu Domains Hacked By Indonesian Hacker

January 21, 2014 – Hacker SultanHaikal of the Gantengers Crew hacking group has hijacked 6 domains belonging to Ubuntu One. Ubuntu is a Debian-based Linux operating system based on a free and open source software. The hacker has added a defacement page to each of the 6 domains that have been hacked, and left the message, "You say that you are a hacker, Defacer, but you are proud? it turns out that you are proud, you are a newbie." It is unclear who this message is directed towards and at the time of writing, the defacement pages are still active.

Monsanto Korea Website Hacked By Anonymous

January 21, 2014 – Members of the Anonymous hacking collective have hacked and defaced the website of Monsanto South Korea as part of the on going Operation Green Rights. Monsanto is a multinational chemical, and agricultural biotechnology company, and is the leading producer of genetically engineered seed. Anonymous hackers stated, "Monsanto: Anonymous thinks you're responsible, in front of mankind, for genocide, environmental disaster, and mass contamination."The hackers were able to deface a page from the "news releases" section of the website, as well as leaking some of its database information online. This past weekend the hackers of Operation Green Rights also launched several distributed denial-of-service attacks against a number of websites belonging to Monsanto.

Personal Information Of Puerto Rican Doctors Stolen

January 20, 2014 – Eduardo Ibarra, President of The Puerto Rican College of Physicians and Surgeons, has revealed that the personal details of thousands of licensed medical doctor in Puerto Rico has been stolen by cybercriminals. The hacking was discovered when medical doctors began receiving harassing emails. It is uncertain what type of information has been compromised, however reports suggest that close to 10,000 physicians could be impacted. The FBI and the Puerto Rico Justice Department are investigating the incident.

Massive Data Leak Of 20 Million South Koreans

January 20, 2014 – The information and personal data of at least 20 million bank and credit card users in South Korea has been leaked. In a statement made by the Financial Supervisory Service (FSS), "the stolen data includes the customers' names, social security numbers, phone numbers, credit card numbers and expiration dates. Reports suggest that an employee from personal credit ratings firm, Korea Credit Bureau, has been arrested and accused of stealing the data from customers of three credit card firms while working as a temporary consultant. The data was then sold by the employee to phone marketing companies, whose managers were also arrested.

Linode Suffers Data Breach

January 20, 2014 – Christopher Aker, founder and CEO of Linode, a web hosting and cloud computing company, has stated the company has suffered a second data breach in less than a year. The compromised server plays no role in the infrastructure of Linode, unlike the server attacked in April 2013. The attackers managed to gain access to the database stored on the old server by using forum credentials used in the April 2013 attack. One report suggests that a user with the moniker n0tryan, has posted the credentials for a Linode server online. The database leak is said to include some invalid credit card numbers, user names, email addresses and encrypted passwords, and appears to be for the phpBB forum. Cybercriminals also made a false report and had the offices of Linode evacuated and searched by Galloway Police Department's SWAT team.

LeakSec Releases Data As Part Of OpFunKill

January 20, 2014 – Hacking group LeakSec has stated they have attacked the monthly newsletter for hunters, The Hunting Report. The group has gained access to its database and have provided a portion of its information as a “sneak peak” as part of the OpFunKill campaign. In a press release by Anonymous, OpFunKill was, “created to hunt and expose hunters. We are opposed to trophy hunting, and any form of hunting for entertainment...OpFunKill has been engaged to attack and expose animal abusers.” At the time of this writing the details of the full leak have not been provided by LeakSec.

Alleged Stolen Data Leaked From DHS Fusion Centers

January 17, 2014 – Several systems of the U.S. Department of Homeland Security (DHS) Intelligence Fusion Centers have been breached by hackers of TeamBeserk. The group has leaked 60MB of documents from the systems. TeamBeserk has stated they are publishing a, "selection of documents" that proves there are, "real threats out there against all Americans and the United States. The security of our Nation needs to be inspected and made better without hurting the rights of Americans." The hacker group has not reveled which Intelligence Fusion Center were targeted, however they have stated they first breached the California Intelligence Fusion Center, before gaining access to other centers in the Midwest.

Anonymous Announces Operation Walmart

January 17, 2014 – The Anonymous global hacker collective has released a new video outlining a new operation planned for Black Friday 2014 and 2015. The new operation is dubbed Operation Walmart and is in response to Walmart Corporation's claims they are unable to pay its workers a living wage. Anonymous states, "In the spirit of solidarity with our fellow activists and the working poor, Anonymous is prepared to use the full might of the collective in defense of the working class, until Walmart is willing to give its workers fair pay for fair work. We demand that the Walmart Corporation change its labor practices, so that all full time workers get minimum pay of eleven dollars an hour and basic health benefits." The collective has provided a list of Walmart locations for protest with the ultimate goal of blocking the entrance of Walmart locations in order to disrupt Walmart's profits.

Pakistani Hackers Deface 1400+ Indian Websites

January 17, 2014 – Pakistani hacker group Team MaXiMiZerS has hacked and defaced 1,448 Indian websites. The hacked websites were left defaced with a short message over the Kashmir issue. Kashmir is a former princely state which is now a disputed territory, now administered by three countries: India, Pakistan, and the People's Republic of China. At the time of this writing many of the websites have been taken offline, while some are still active and defaced.

RedHack Disrupts Website Of Turkish Central Bank

January 17, 2014 – Members of the RedHack hacking group have disrupted the official website of the Central Bank of Turkey. The distributed denial-of-service attacks were launched against the financial institution to protest the Central Bank allowing the Turkish Lira to lose its value against foreign currency. At the time of this writing the website is back online and operational.

Microsoft's Corporate Email Breached By Syrian Electronic Army

January 16, 2014 – The Syrian Electronic Army (SEA) has targeted Microsoft for a third time, this time hacking corporate email accounts belong to employees. Microsoft confirmed the breach in a statement stating the cyber attack was carried out using a phishing campaign and resulted in a small number of Microsoft employee social media and email accounts being impacted. According to a Microsoft spokesperson, "These accounts were reset and no customer information was compromised." It is not immediately clear how many accounts were targeted during the recent attacks, or how much data SEA was able to obtain. A SEA representative says that the attacks were designed to be a distraction, indicating there could be further compromises in the future. Moments after defacing several Saudi Arabian government websites, the group posted a message stating, "We didn't finish our attack on Microsoft yet, stay tuned for more!"

Syrian Electronic Army Hacks Saudi Government Websites

January 16, 2014 – Pro-Syrian hacker collective, Syrian Electronic Army, has hacked several websites belonging to the Saudi Arabia government. The attacks were conducted in an attempt to expose the alleged terrorism being done by the Saudi government. In total, SEA hackers were able to successfully hack and deface 16 websites. A majority of the websites defaced by the hackers belonged to various Principalities across Saudi Arabia.

Cyber Attack On Israel Announced For April

January 16, 2014 – Hacker collective AnonGhost has announced the launch of a new attack on Israeli cyberspace planned for April 7, 2014. The new attack is dubbed Operation Israel Birthday and is in support of Palestine, while also celebrating the OpUSA, OpPetrol, and OpIsrael of 2013.

Public Safety Communication Agency Hacked

January 16, 2014 – It is being reported that in mid-December 2013, the North East King County Regional Public Safety Communication Agency (NORCOM) systems were compromised. Hackers were able to obtain information such as social security numbers, date of births, medical response records and email addresses. NORCOM is a Washington based company which provides 911-type emergency service communications for emergency fire, police and medical service agencies. The server which was targeted contains detailed information of around 6,000 individuals. NORCOM has clarified that the compromised server has been taken offline and is advising those affected to place a fraud alert with all three major credit service bureaus.

Italian Weather Website Hacked

January 16, 2014 – According to a new report cyber criminals have hacked the website of popular Italian weather forecaster The criminals have changed a number of JavaScript files to redirect the websites's visitors to a compromised domain called, which contains malicious content. The goal of the criminals is unknown, and at the time of this writing Google has not flagged the website for malicious content. Until the issue is resolved users are advised not to visit the website.

Syrian Electronic Army Website Hacked By Turkish Group

January 15, 2014 – Turkish hacker group, Turkguvenligi has defaced and leaked the subdomain of a website belonging to the Syrian Electronic Army (SEA). The hackers were able to compromise the website through its hosting provider. The attack comes in response to SEA's recent attacks against Turkey. The hackers stated, "You imbeciles will attack our country with fake phishing emails and we'll accept your lies and not do anything? That is the end you deserved: 'And never think Allah is unaware of what the wrongdoers do. He only delays them for a Day when eyes will stare.'" SEA has responded to Turkgivenligi by stating they are unfazed by the attacks.

Hackers Claim To Have Leaked Apple Database

January 15, 2014 – Two hacker groups, European Cyber Army and 1775Sec, are claiming to have breached and leaked information from Apple. They originally leaked data two days ago with a message saying, "We repeatedly warned you Apple, Inc. . . . You thought because we faked some Drop Box leaks, that we actually didn't hack you? You made a foolish move Apple! We are the 1775Sec and the European Cyber Army!" There was no response to this leak, so now the hackers leaked more information from the database. They say they are leaking data for the "lulz" and to send a message.

Anonymous Re-Launches Operation Fullerton

January 15, 2014 – Members of the Anonymous hacking collective have announced the re-launch of Operation Fullerton after two police officers were found not guilty of beating a homeless man with schizophrenia to death. The collective has called on supporters to occupy and protest at police stations throughout Fullerton, California. The group has provided addresses of local precincts.

Hackers Expose Wrongdoings Of Turkish Mayor

January 15, 2014 – Members of the RedHack hacking group have breached the systems of the General Directorate of EGO, an organization which servers as the public transport department for the municipality of Ankara, Turkey. Hackers say that they discovered that employees of the public transport department are registering fake twitter accounts to "hike follower numbers and spread misinformation about the public demand for justice." The hackers have provided screenshots indicating they have access to the email addresses, user names and passwords of department employees.

LeakSec Breaches Database Of Promat Romania

January 15, 2014 – Hacker group LeakSec has claimed to have breached the database of Romanian fire protection systems supplier, Promat Romania. The hackers have released the stolen information to the Internet. The leak is part of Operation Down With Romania, which is protesting the killing of stray dogs as well as the negligence and corruption within the government. LeakSec members stated in a message to the Romanian government, "You disgust us. You shall reap what you sow, your servers shall fall to the teeth and claws of our KRAKEN and your data well be leaked, published, and lost."

Sentencing Postponed For Fifth Time For LulzSec Member

January 14, 2014 – The sentencing of former LulzSec member-turner-FBI-informant Hector Xavier Monsegur, better known as Sabu, has been postponed for a fifth time for unknown reasons. Monsegur's cooperation with the FBI led to the arrests of several high ranking LulzSec members, including Jeremy Hammond the hacktivist who took part in leaking the internal emails of Stratfor employees and its clients. Hammond was sentenced to a maximum of ten years in prison on November 15, 2013. The delay of the sentencing of Monsegur was confirmed by the office of the presiding Judge Loretta Preska.

Yemen Embassy's Emails, Passports Compromised

January 14, 2014 – Members of the AnonSec hacking group have compromised 1,565 emails and passports of the Yemen Embassy. The leak contains the emails, names, passport numbers, dates of birth, gender information, place of birth and phone numbers of individuals impacted. The same group was responsible for leaking 11,000 email accounts and defacing 250 websites two weeks ago as part of a New Year Event. No explanation has been given as to what the motive was for the attack.

Anonymous Targets Website Of Granada Archbishop

January 14, 2014 – Members of the Anonymous hacker collective have breached and defaced the official website of the Archbishop of Granada, Spain. The website has been littered with various satirical messages and adult images. This latest attack is part of the Operation Opus Dei campaign which was launched in mid-December 2013. At the time of this writing the website is operational, however it is unknown if the vulnerabilities exploited by the hackers have been fixed.

Official Blog And Twitter Of Microsoft Hacked By Syrian Electronic Army

January 13, 2014 – Members of the Syrian Electronic Army have breached Microsoft's Official Blog as well as the Twitter handles of MSFTNews and Xbox. This new attack comes a week and a half after the group targeted Microsoft's Skype social media properties on New Year's Day. Members of the group left several messages, including repeating their claim that Microsoft is selling user data from its email services to the U.S. Government. Microsoft has released a statement saying they are aware of the targeted cyberattack, and that the accounts were quickly reset. Microsoft has also confirmed no customer information was compromised in this latest attack.

Payment Card Data Stolen From Systems Of Neiman Marcus

January 13, 2014 – Representatives of Neiman Marcus, a retailer which specializes in luxury goods, have confirmed that their systems have been breached by cybercriminals. As a result of the breach, customer payment data information has been compromised. Neiman Marcus first learned of the breach in mid-December after their credit card processor informed them. The company has stated it is not sure how the cybercriminals gained access to the payment card information or for how long they had access to their systems. At the moment there is no evidence suggesting that individuals who made purchases on Neiman Marcus' website are impacted. The company issued a statement saying, "We informed federal law enforcement agencies and are working actively with the U.S. Secret Service, the payment brands, our credit card processor, a leading intelligence and risk management firm, and a leading forensics firm to investigate the situation."

MIT Subdomain Hacked By Anonymous

January 13, 2014 – Members of the Anonymous collective have defaced the MIT subdomain for the Cogeneration Project ( The MIT subdomain was defaced by hackers to mark the one year anniversary of Aaron Swartz's death. Swartz committed suicide shortly after being charged by MIT Police for thirteen counts of felony after systematically downloading academic journals from JSTOR. The attack is part of Operation Last Resort, the campaign initiated in retaliation of the suicide shortly after Swartz's death on January 11, 2013. Anonymous has directed visitors who land on MIT's Cogen site to the website of "The Day We Fight Back," a protest against mass surveillance planned for February 11, 2014.

RedHack And Anonymous Issue Message To Turkish Government

January 13, 2014 – Members of the RedHack and Anonymous have sent a second video message to the Turkish government urging the country to bring an end to censorship. In a video made available to the public, the hacktivists are demanding the Turkish government not only end censorship in Turkey, but also the use of violence during peaceful protests. The video message was released shortly after Turkish prosecutors charged 36 people with acts of terrorism after participating in the Gezi protests. The hacktivists state, "We suffered from the mainstream media blackout about what is really happening in Turkey. This is a peaceful popular revolt. It is a movement that spans all levels and sectors of society. This is a movement that requires only freedom, justice, and democracy."

Argentina's National Rehabilitation Service And Other Government Sites Hacked

January 10, 2014 – The Syrian hacker known as Dr.SHA6H has targeted various government websites from Argentina. The motivation for the attacks is to convince the US and other countries to intervene in Syria. The latest targets include the National Rehabilitation Service ( website, and various subdomains of the official website of Argentina's Catamarca Province ( At the time of this writing most of the sites remain defaced, with the website of the National Rehabilitation Service being taken offline. In addition to the Argentinian government websites, DR.SHA6H has also published his message on the front page of the Mongolian Agency for Standardization and Meteorology's website.

Arrest Warrants Suggest More FBI Moles In LulzSec

January 10, 2014 – Members of the Anonymous collective have leaked FBI search warrants indicating that Hector “Sabu” Monsegur was not the only hacker-turned-FBI informant responsible for bringing down the LulzSec group of international hackers. The new leak indicates two unnamed LulzSec members were arrested on June 29,2011 and turned informants, specifically giving up information on core LulzSec members. Documents do not reveal the identity of the second informant, however LulzSec members have accused M_nerva of cooperating with authorities, alleging that he provided information that led to the arrest of a British LulzSec member in June of 2011. Anonymous has also leaked nine other warrants, one which dates back to the same day Monsegur was arrested. As a result of Monsegur's cooperation numerous senior-level officials and the remaining top-ranking members of the LulzSec group were arrested or hit with additional charges Tuesday morning.

Website of Peruvian Congressman Hacked by Argentinian Group

January 10, 2014 – The Team Hack Argentino hacking group is claiming to have breached and defaced the official website of Peruvian Congressman Jamie Delgado ( The hackers haven't defaced the website's main page, instead they've added an HTML to the page. The Congressman has yet to make any official statement regarding the incident, however the website has been taken down by its administrators. The hackers have also defaced several other sites from Peru, including the subdomain used by the police of the San Jamie municipality, which is currently offline. Team Hack Argentino has also revealed they will be “targeting Mexicans tomorrow.”

1775Sec Breaches Ford As Part Of OpTrollSec

January 10, 2014 – The hacking group 1775Sec is claiming to have breached and leaked a database from Ford Motor Company. The leak contains user names, phone numbers, emails and car types from Ford. The leak is part of the group's OpTrollSec campaign, which aims to leak data and disrupt various websites. As part of the campaign, 1775Sec has also launched distributed denial-of-service attacks on websites of and At the time of this writing 1775Sec has stated they will be targeting various websites over the next few days as part of OpTrollSec. The website of is back online and functioning properly.

Islamic Cyber Resistance Group Hacks Systems Of Israel Airports Authority

January 9, 2014 – Hackers of the Islamic Cyber Resistance Group are claiming to have breached the computer systems of the Israel Airports Authority (, the group responsible for the management of the country's civil airports and land-to-land border terminals. The hackers have said they gained access to the organization's internal networks and stole sensitive files, including information on domestic and international flights, details on management and flight routing software, weather condition maps and flight briefs used by the control towers and pilots. The attack is part of a campaign dubbed OpIsrael, and the hackers claim they could have caused service disruptions but haven't, “due to humanitarian considerations.” They have however wiped the data found on the compromised server, which they claim they've had access to for months. In a statement published by the hackers the attack on Israel was because, “ [As] the world knows, killing women, children and innocent people is a profession exclusive to Israel and its neophytes, and we, as ordered by Islam, do condemn such moves and, thus, find it sufficient to release sensitive information to prove that we have had the access to the servers and downed the website.” At the time of this writing the Israel Airports Authority is yet to issue an official statement.

Malware Steals Data From Computer At Japanese Power Plant

January 9, 2014 – On January 2nd researchers identified a piece of malware on a computer in the reactor control room at the Monju nuclear power plant in Japan. The malware is said to have stolen private information from the infected machine. It appears that one of the facility's employees wanted to update a video playback program, which turned out to be malware. The computer which was infected is used by employees to file paperwork and the damage caused by the malware is limited. However, the cybercriminals controlling the malware could have accessed sensitive documents, including emails, training records and employee data sheets. The infected device was accessed more than 30 times during a five-day period after the worker performed the video software update and it is being reported that over 42,000 documents were stored on the device. Researchers have stated that the malware is apparently communicating with a server in South Korea possibly identifying the location of the attacker.

Scam Emails Distribute Malware That Steals Bitcoins

January 9, 2014 – Bitcoin users are reporting that they have received suspicious emails that are designed to steal their Bitcoins. Security researchers say the attack begins with an email that carries the subject line “Wallet Backup”. The email message asks users to visit a link which is attached to the email to redeem 30 BTC, however the link points to a website that is set up to serve an archive named “”. When the file is executed a Notepad document containing a password is opened while a malicious executable is launched in the background. The malware then waits for victims to open his/her Bitcoin Wallet using the Bitcoin-Qt software and begins stealing the Bitcoins. It has been determined that the URL in the email was clicked by at least 1,674 people, with most of the victims located in the United States.

The Straight Dope Forum Hacked, User Passwords Stolen

January 9, 2014 – Popular online question and answer newspaper column, The Straight Dope, is advising users of its forum to change their passwords because the information may have been compromised in a recent attack on the bulletin board. The company has posted a notice on its forum but has provided very little details. The breach was discovered by the Straight Dope security team, but they have not revealed when and how long the attackers had access to their systems. The information compromised includes usernames, email addresses and passwords. The Straight Dope has stated that it is working with law enforcement as well as conducting an internal investigation to resolve the issue.

AnonSec Claims Release Of US Government Server Files

January 8, 2014 – Hacking group AnonSec is claiming to have accessed the File Transfer Protocol Server belonging to nine US government websites. The group has provided a list of the targeted websites which include the US National Institute of Health, US Securities and Exchange Commission, and the US Department of Agriculture. At the time of this writing the motive for the attack is not know, however, AnonSec has stated they will continue releasing sensitive information.

T-Mobile Customer Data Hacked

January 8, 2014 – A T-Mobile supplier had a server hacked that contained names, addresses, social security numbers and driver's license numbers. The breach was discovered by T-Mobile in November 2013, and the company believes that the cybercriminals were after customer credit card numbers, which were not found in the compromised files. Affected individuals are being offered free identity protection services for one year. The supplier whose systems were breached says they have taken measures to ensure that such incidents are avoided in the future. The exact number of impacted individuals has not been disclosed, however the incident has been reported to the California Attorney General indicating that at least some of the victims are from the state of California.

OpFunKill Continues With Attack On Namibian Government Portal

January 8, 2014 – Yesterday we reported on OpFunKill, the Anonymous led campaign protesting the killing of animals; now the hacker collective has taken action against Namibian government websites and sites related to hunting. The hackers issued a statement in response to the Dallas Safari Club's auction of killing a rhino, saying, “The trophy hunting of vulnerable and/or endangered species in Africa has to stop. For years, this unethical sport and tourism has hidden behind the ridiculous South African laws that allow it.” The collective was able to disrupt Namibia's main government portal,, however, currently the website appears to be working properly. Hackers were also able to breach the systems of The Namibian, an independent newspaper, claiming to have stolen sensitive information from the newspaper's database. Namibia's Deputy Minister of Environment and Tourism, Phamba Shifeta, says that the government has no plans of abandoning the auction because it could generate a lot of money for conservative initiatives.

DailyMotion Serving Malvertisment To Unsuspecting Users

January 8, 2014 – Security researchers are warning users of popular video sharing website DailyMotion, of fake antiviruses being served through malicious ads. According to researchers, users who visit the website are served fake antivirus ads which falsely inform victims of malware infections and asks them to register the product in order to remove the Trojans, Downloaders, Backdoors, and Rootkits. The threat was discovered by researchers on January 7th, and at the time of this writing it is uncertain if the website has been cleaned up. Users are advised to avoid visiting the website until a statement is released from DailyMotion.

Guccifer Returns With More High Profile Attacks

January 7, 2014 – The hacker known as Guccifer is claiming to have hijacked online accounts of several high-profile individuals. In the past, Guccifer has compromised the accounts of several celebrities and government officials, including members of the Bush family. The most recent victims include the CEO of MetLife, Steven Kandarian; former Air Force Secretary, George Roche; head of the Romanian Intelligence Service, George-Cristian Maior; author Kitty Kelley; DHS official Laura Manning Johnson; actress Mariel Hemingway, fitness instructor, Denis Austin; members of the Council on Foreign Relations; members of the UK's House of Lords and comedian, Steve Martin. Guccifer did not reveal details about how he managed to breach these accounts. He claims to have stolen bank statements, payment card data, financial documents, personal photographs, phone records and correspondence. All of this information has allegedly been given to an unnamed reporter. The hacker says he has intercepted communications between his victims and the authorities. However, he said, “I am not concerned.”

Amateur Poker League Admits To Being Hacked

January 7, 2014 – Last week hacker smitt3nz leaked the email addresses and clear text passwords of more than 175,000 World Poker Tour Amateur Poker League users, including some US government workers. Officials of the World Poker Tour are downplaying the impact of the attack with CEO Kurt McPhail stating that the information stolen is, "pretty much worthless." According to McPhail around 50,000 of the leaked accounts are still active. Some of the leaked email addresses appear to belong to employees of the US government, including the Centers for Disease Control and Prevention, the Department of Health and Human Services, US Courts, the US Federal Bureau of Prisons, the House of Representatives, the Department of Energy, and the Department of Labor. Impacted users are being notified and the vulnerabilities exploited by the hacker are being patched.

Payment Card Data Compromised In Sandwich Company Breach

January 7, 2014 – The computer systems of sandwich chain 'wichcraft have been breached and payment card data has been stolen. Payment card details of customers who made purchases between August 11 - October 2, 2013 at locations in San Francisco and New York may have been compromised. The information accessed by the cybercriminals included names, payment card numbers, expiration dates and security codes. 'witchcraft is notifying affected customers; and working with law enforcement agencies and credit card issuers in investigating the incident.

Anonymous Threatens Government of Namibia

January 7, 2014 – Anonymous affiliated hacking group, Team Defiant, is threatening the government of Namibia after it allowed the US-based Dallas Safari Club to auction the chance to kill a black rhino from the country's Mangetti National Park. At this time there has been no action taken against the government. The attacks to date include the defacement of the America Made Outdoors website, a major supplier of hunting, fishing, and camping gear; and the website of Just Holidays, Namibian travel company. The hacktivists are referring to the campaign as OpFunKill.

2.5 Million European Yahoo! Users Hacked And Possibly Infected With Malware

January 6, 2014 – Millions of users from Europe may have had their computers infected with malware served via malicious advertisements. The attack was discovered on December 30, 2013. Cybercriminals compromised with malicious iframes which redirected users to domains hosting the Magnitutde Exploit kit. Users do not have to click on the ads in order to have their devices infected with malware. The exploit kit leverages Java vulnerabilities to push various pieces of malware, including ZeuS, Andromeda, Dorkbot, Tinba and Necurs. Yahoo has stated that only users from Europe are impacted, with the most infections in Romania, the UK and France. Yahoo has cleaned the infection, however, as many as 2.5 million users may have been impacted.

Financial Data Of Over 93,000 StaySure Customers Stolen

January 6, 2014 – British travel insurance company StaySure has suffered a data breach. In a statement from the company, hackers broke into its server in the second half of October 2013, however, the breach was not detected until mid-November. In a notice published on its website, StaySure has revealed that the attackers have stolen names, addresses, encrypted payment card details, and CVVs of customers who had purchased insurance before May 2012. According to StaySure around 93,000 people may have been impacted. The company is sending out notification letters to affected individuals and is confident that the vulnerabilities exploited by the cybercriminals have been patched.

24 Mexican Government Websites Hacked

January 6, 2014 – Members of the Anonymous collective have breached and defaced websites hosted on the Mexican government domain. The sites targeted are from the cities of Angangueo, Villa Guerrero, Capulhuac, Aporo, Nahuatzen, Ocoyoacac, Langunillas and Tejupilco. On the homepage of each website the hacktivists have posted images of the Anonymous logo and messages that read, “We Are Anonymous.” The attack was announced around three hours ago, and at the time of this writing all of the websites are still defaced. It is not known what the motive is behind the defacements.

Anonymous Sends Message To Turkish Government

January 6, 2014 – The Anonymous hacking collective has published a video message addressed to the government of Turkey. The collective is demanding that the government puts an end to corruption and the use of violence against peaceful demonstrators. The hacktivists wrote, “You have created a system which ensures the poor remain poor and the wealthy remain wealthy. It is now very clear to us that you have no intention of running the country for the people but you will continue to run it for your own personal interest.” The statement was released shortly after 36 Gezi protestors were charged with acts of terrorism by prosecutors. The hacktivists have stated they will continue to target the Turkish government, however, no immediate plans have been announced.

Brazilian Government Sites Hacked In Protest of World Cup

January 6, 2014 – Brazilian hackers have continued the hacking and defacing of several Brazilian government websites as part of the OpWorldCup campaign. Over the last several days the DK Brazil Hack Team, the Insanity HackTeam and other Anonymous affiliated groups have hacked the website of various Brazilian states, including Ceara, Santa Catarina, Bahia and Sao Paulo. The hacktivists are hacking and defacing websites in protest of the 2014 FIFA World Cup which they feel is having a negative impact on Brazil and its people. At the time of this writing some of the websites have been restored, however, many have been taken offline.

Nationalist Movement Website Hacked By Anonymous

January 3, 2014 – The official website of the Nationalist Movement has been hacked and defaced by members of the Anonymous collective. The attack is part of OpAntifa, a campaign against nationalists, racists and fascists. The group has also left a message on the website writing, "We will take all actions to eradicate white pride from every corner of our world, physical and virtual. We will strike at all who support, promote, spread or hold fascist ideals, and we will do so with all of our strength, which is a great strength." At the time of this writing the website is still defaced. This is the second attack in the past 3 weeks against the website of the Nationalist Movement. Anonymous hacktivists first attacked the website on December 15, 2013.

Hackers Steal Money From European ATMs

January 3, 2014 – Hackers in Europe are now reportedly targeting ATM machines using malware-loaded USB drives to steal money. Most of the world's ATMs are running on the Windows XP operating system, which is highly vulnerable to malware attacks, and just like desktop/laptops, some ATMs also have USB sockets which is hidden behind the ATM. Researchers found that hackers are now exploiting this vulnerability by cutting holes into the ATM to access the USB port and uploading malware into the machines. The malware allows thieves to create a unique interface on the ATMs by typing in a 12-digit code, this interface then allows withdrawals and also shows the amount of money and bill denomination inside the machines. The malware does not appear to harvest customer PINs or other sensitive data, however, some banks have began upgrading the ATMs to prevent them from booting from external USB devices.

Hackers Leak Data From Financial Services Online

January 3, 2014 – The Pakistani hacking group known as Pakiz Cyber Squad, have leaked user data stolen from the systems of Financial Services Online, an Australian company that provides insurance, finance, superannuation, and investment services. The leaked data was published to the Internet, and included user names, names, addresses, phone numbers, email addresses, passwords and in some cases Pay Pal email addresses. The data belongs to affiliates of Financial Services Online, a total of 527 record sets have been released.

86,369 User Credentials Leaked By Hackers

January 3, 2014 – The HitlerSec hacker group is claiming to have breached and leaked data from the website of MMMOOO, a mobile phone application owned and operated by Shanghai Jibiao Info Tech Co., Ltd. The hackers posted the leaked information, including Pay Pal email addresses, full names, encrypted passwords, and user email addresses, to the Internet. At the time of this writing the motive for the breach is unknown, MMMOOO is yet to officially release a statement.

SnapChat Hacked, 4.6 Million Usernames And Phone Numbers Published Online

January 2, 2014 – Photo messaging application SnapChat has been hacked and the personal information of about 4 million users has been leaked. At this time it is not known who is responsible for the attack. The leaked information, which includes user names and phone numbers, was posted to a website called SnapChatDB. On SnapChatDB, it says that the hackers accessed the data by exploiting a vulnerability which has now been fixed. The hackers removed the last 2 digits from the usernames and phone numbers to avoid putting user privacy at risk. The data was available online for a few hours, however the SnapChatDB website has now been suspended. The reason for the attack was to raise awareness and pressure SnapChat administrators to fix the vulnerability.

Supreme Court of Bangladesh Attacked

January 2, 2014 – Hacker group, IzzahHackers is claiming an attack on the Supreme Court of Bangladesh as part of the ongoing OpBangladesh campaign. According to the hackers they have breached the database of the Supreme Court and have posted the information to the Internet. The hackers have stated the purpose of this attack was to stop the unlawful executions being conducted in Bangladesh. At the time of this writing the website has been restored, however the leaked data is still available.

Hunting Magazine Data Hack

January 2, 2014 – The hacker known as L3pRec0N has allegedly hacked the website of Bear Hunting Magazine. The hacker claims to have hacked the database of the website and leaked credit card information. The attack is part of the OpHuntTheHunter campaign led by animal activists protesting the hunting of wildlife for sport.

Anonymous Announces Upcoming Campaign Against The U.S.

December 31, 2013 – Members of the Anonymous collective have released a video announcing, “a special project” which is planned to launch on January 1st, 2014. The campaign is targeting the United States, however, Anonymous has clarified the campaign, “will not be about hacks, leaks, or occupying specific locations of a special city.” At the time of this writing no attacks related to this campaign have been reported.

Israeli Bank Websites Taken Down By Anonymous Tunisia

December 31, 2013 – Hacker group, Anonymous Tunisia, a sub-group of Anonymous, is reported to have taken down 11 Israeli Bank websites via distributed denial-of-service attacks. According to the hackers the attacks are in support of Palestine. In a message by Anonymous Tunisia they said, “This is just the beginning, this is just phase 1. There is a lot (more) to come.” It is unclear what the next target will be for the hackers, however, they have announced that the second phase of the attack will be launched soon. At the time of this writing several of the websites have been restored.


December 31, 2013 – Boston Restaurant Group Computer System Hacked
Boston Restaurant group, Briar Group is informing its patrons that their computer system was hacked and credit card data may have been accessed by the attacker. The group started an investigation after learning that their visitors were victims of credit card data theft. The breach is said to have occurred between October 2013 and early November 2013. In a statement released by the group, “We have been working closely with law enforcement officials and are providing them with all available information to support their effort to identify the criminals who undertook this act." Representatives of the group have apologized for the security breach and are urging customers to monitor their credit card statements for any fraudulent charges.

Hacker Defaces Eight Nepal Government Websites

December 31, 2013 – The hacker known as DR.SHA6H has breached and defaced a total of eight websites belonging to the government of Nepal. The targeted websites includes the National Development Volunteer Service, the Department of Cottage and Small Industries, the Nepal Law Commission, the National ID Management Center, a district office, and some county educational offices. DR.SHA6H, has been defacing various high-profile websites in an effort to raise awareness of the situation in Syria, urging other countries to intervene. At the time of this writing most of the websites have been taken offline.

Colorado Medicaid Data Breach

December 31, 2013 – Information belonging to at least 1,918 Colorado Medicaid patients was breached after a temporary employee from an outside contractor sent the information to his or her own personal email address. According to The Colorado Department of Health Care Policy and Financing, the information may have been intended for the employee's use in another business. The information which was sent included patient names, date of births, addresses, telephone numbers, health conditions, and Medicaid identification numbers. Affected patients are being notified by mail, as the department continues its investigation of the incident.

Anonymous Leaks Email And Credit Card Credentials Of Officials

December 30, 2013 – Earlier this month members of the Anonymous collective stated their intent of hacking the websites of SeaWorld and the World Association of Zoos and Aquariums as part of OpKillingBay, the Anonymous led initiative protesting the killing of dolphins and orcas in Taiji, Japan. In this recent attack, the hacker group has leaked the credit card data of SeaWorld's board members along with their private emails, as well as the email information belonging to members of the World Association of Zoos and Aquariums. According to Anonymous the organizations were targeted due to their enabling of the killings in Taiji Japan. At the time of this writing the post containing the sensitive information has been removed.

United Nations Population Fund Websites Defaced

December 30, 2013 – Syrian hacker Dr.SHA6H has breached and defaced websites belonging to the United Nations' Population Fund (UNFPA). The websites targeted by the hacker belong to the United Nations' websites of El Salvador and the Republic of Mali. According to the message left by the hacker he is, “...unhappy with the fact that other countries don't intervene to help Syria.” In particular he has named the US, but claims the message is for the entire world. Over the past year, DR. SHA6H has breached several websites belonging to governments across the world. At the time of this writing the websites are still defaced.

Venezuela, Turkey, Indonesia And Saudi Arabia Government Sites Hacked

December 30, 2013 – The Bangladesh Grey Hackers hacking group have breached websites belonging to the governments of Venezuela, Indonesia, Vietnam, Saudi Arabia and Turkey. According to the hackers they are protesting, “the killing of innocent Muslims around the world.” The group has defaced the main domain and several subdomains of the Ciara Foundation and the Permanent Secretariat of the National Council of Universities in Venezuela. The group has also hacked the websites of Kien Giang Customs Department in Vietnam, the municipal council of the Saudi Arabian city of Zulifi, a religious organization in Turkey, as well as the subdomain of the Polewali Mandar Regenecy's site in Indonesia. At the time of writing most of the websites have been restored.

Ukrainian Journalist Attacked, Anonymous Retaliates

December 30, 2013 – Members of the Anonymous collective are claiming to have hacked two websites of the Ukrainian government in retaliation for the attack on Tetiana Chornovol, a Ukrainian civic activist and journalist who was brutally beaten on December 25th. Reports state Chornovol was dragged by a group of men from her car outside Kiev and beaten.. On Thursday, the U.S. Embassy in Kiev condemned the attack in a statement calling for an investigation, “which unlike previous such incidents must result in those responsible being held fully accountable under the law.” The hacktivists did not name the sites that they allegedly attacked.

Prime Minister Of Bangladesh Website Targeted By Anonymous

December 30, 2013 – The Anonymous hacker group has resumed the anti-government campaign dubbed, Operation Bangladesh, and over the past few hours have targeted at least three government websites in Bangladesh. The hacktivists have launched distributed denial-of-service attacks against the websites of the Prime Minister's Office, the Election Commission Bangladesh, and the country's government portal. At the time of this writing, the website of the Election Commission appears to be functioning properly, however, the government portal and the Prime Minister's website are still inaccessible. While hacktivists are protesting in cyberspace, Bangladesh opposition supporters are preparing for mass marches in protest against the controversial upcoming elections.

Russian Hacker Attempts To Sell Access To BBC Server

December 30, 2013 – A Russian hacker has managed to gain access to a BBC server and has attempted to sell the access to other cybercriminals. A Russian hacker by the handle name, “Hash” and “Rev0lver” was found attempting to sell access to the BBC server on Christmas day. Researches have found no evidence that led to a deal or that data was stolen from the BBC server. At the time of this writing the BBC security team has reportedly fixed the issue in question.

LulzSec Leaks Data From Ministry Of Interior

December 27, 2013 – Members of the LulzSec hacking group have targeted the network of the Peruvian Ministry of Interior. The hackers published various files, including documents, e-mails and screenshots, which appear to be classified. LulzSec Peru has stated the attack was aimed at demonstrating the vulnerabilities in the governments computer systems. The Ministry of Interior has released a statement confirming that the attackers had access to emails sent and received by authorities, however there is no evidence that the contents of the leaked files is accurate.

Malware Distributed Via Fake Retail Emails

December 27, 2013 – Authorities are warning customers of Costco, Walmart and Best Buy, of fake emails being sent out to distribute a variant of the Kuluoz malware. In each case, the scam email notifies recipients that if they fail to reply within one week, they will get their money back, however, a certain percentage will be deducted. The links from these emails do not point to a form, rather, they lead unsuspecting users to compromised websites used by the cybercriminals. Authorities are asking those effected to update their antivirus solutions and avoid opening any email they do not recognize.

Brazilian Government Site Hacked

December 27, 2013 – The website of Brazil's Igarape do Meio municipality has been hacked by the DK Brazil HackTeam, a group affiliated with Anonymous. As part of the campaign dubbed, OpWorldCup, the hackers targeted the government website in protest against the upcoming 2014 FIFA World Cup, which will be hosted by Brazil. Visitors of the website are redirected to a defacement page that displays a short message and video called, "Expect us on 2014 FIFA's Cup." The hackers have not deleted any information from the website aside from the logs. Reports suggest the hackers have also defaced the subdomain of the Sao Paolo website as well.

English Defence League Database Erased By Hackers

December 27, 2013 – The hacker, ZHC_GAZ, is claiming to have attacked and erased the database of the English Defence League (EDL) in the UK. The English Defence League is a far-right nationalist movement opposing what they consider to be the spread of Islam, Sharia law and Islamic extremism in the United Kingdom. At the time of this writing the website is currently offline.

Anonymous Claims Attack On Dolphin Quest

December 26, 2013 – Members of the Anonymous collective are claiming to have breached the website of Dolphin Quest Theme Park. Following the breach, the hackers leaked part of the site's database. Dolphin Quest is a popular tourist attraction with locations in Hawaii, the Bahamas, and Bermuda in which tourists can swim with dophins. The attack is part of the ongoing OpKillingBay, which is protesting the killing of dolphins in Taiji, Japan. The hacking collective is also threatening to attack the website of Sea World, who according to Anonymous is enabling the killings of dolphins and orcas in Taiji. At the time of this writing Dolphin Quest is yet to formally acknowledge the data leak.

Bangladesh Ministry Of Civil Aviation And Tourism Database Leaked

December 26, 2013 – The hacker group, AnonSecHackers has hacked the website of Bangladesh's Ministry of Civil Aviation and Tourism. The hackers have also posted information from the site's database on the Internet. This is the second reported attack this week on Bangladeshi cyberspace; earlier this week we reported that hackers were also able to breach and leak the data of Bangladesh's state owned petroleum company. At the moment the hackers have not stated the reason for the attack on the Ministry's website.

Iran Revolutionary Guard Corps Hack Opposition Websites

December 26, 2013 – The Islamic Revolutionary Guard Corps (IRGC) of Iran's Kerman province have hacked nine websites and portals of anti-regime forces. According to reports the nine websites targeted are: Nedaye Sabze Azadi, Sabzname, Norouz, SizProxy, Ostaban, Nogam, Degarvage, Iran Opinion, and Symail. On December 4th the IRGC also arrested 16 cyber-activists accused of having ties to foreigners, cooperating with Western news networks and helping to update and design websites to educate anti-regime reporters.

New Malware Targets Syrian Activists

December 26, 2013 – A new malware campaign is targeting Syrian activists, journalists, and non-government organizations, in which the attackers are employing a variety of tactics, including a new OS X Trojan which could be part of a “false flag” operation. The malware is mailed out to users in Syria and despite heavy media speculation, researchers say, there is no connection between the Trojan and the Syrian Electronic Army. Researchers have stated, “the groups behind these attacks are using a wider variety of tools to compromise their targets, including several remote-access Trojans and the OS X malware. Opposition groups continue to be targeted with phishing and malware attacks by pro-Assad hackers...”

Anonymous Announces Holiday Operations

December 24, 2013 – Hacker group Anonymous is gearing up for the festive season as it plans to launch three global operations over the holidays. The operations are: SolsticeSolidarity, a UK-led effort which started on December 21 aiming to build social media presence for donations, OpRingMyBell a US-led effort which is planned for December 25, to boycott and antagonize the Salvation Army for its discrimination of LBGT individuals, and OpSafeWinter planned for December 26, a global effort to raise awareness and donations for the homeless.

South African Department of Health Website Hacked

December 24, 2013 – The hacktivist group, Moroccan Islamic Union-Mail (MIUM), has hacked and defaced the website of the South African National Department of Health. The hackers left a short message offering condolences to the people of South Africa for the death of Nelson Mandela, as well as asking South Africans to support the Polisario Front in Morocco. The Polisario Front is a Sahrawi rebel national liberation movement working to end the Moroccan occupation of Western Sahara. This is not the first time the website has been hacked, a few days ago the hacker known as Dr.Silnt HiLL uploaded a defacement and last month another Moroccan hacker group, Moroccan Agent Secret, defaced the page as well. At the time of this writing the website is offline.

Hackers Try New Ways to Use Stolen Card Data

December 24, 2013 – Last week we reported on a massive data breach affecting more than 40 million Target customers, now it is being reported that hackers have begun using a new technique which can slow down the detection of card misuse. Compromised cards are being marketed online with information on the state, city, and zip code of the Target store in which they were used. Experts say the location information will allow buyers of stolen data to use spoofed versions of the cards issued to people in their immediate vicinity. One expert elaborated, “This lets crooks who want to use the cards for in-store fraud avoid any knee-jerk fraud defenses in which a financial institution might block transactions that occur outside the legitimate card-holder's immediate geographic region.” This is the first time security experts have observed hyper-localized selling of stolen credit and debit card information following a retail breach. Researchers also stated, “whoever is behind this breach appears to have a tremendous amount of not only technical, but also retail operations and payment industry knowledge.”

OpGreenRights Targets Three Italian Energy Companies

December 24, 2013 – The Anonymous subgroup, OpGreenRights, has claimed they have attacked three Italian energy companies, as part of the ongoing OpGreenRights campaign. The group has allegedly stolen and released account details of Italian electricity companies, ENEL, ENI, and SAIPEM. According to a video released by the hacker group, OpGreenRights was initiated when several of the Arctic-30 activists were arrested by Russian security forces on September 18. In the video the hackers state that OpGreenRights was, “designed to target high-level communication assets of the Russian Federation worldwide.” This new attack is one of several over the past few weeks which targeted the oil industry in Angola, Kenya, and Mexico.

Bangladeshi Petroleum Company Hacked

December 23, 2013 – The official website of Padma Oil Company Limited (, the largest and oldest petroleum company in Bangladesh, has been hacked and defaced by the hacker known as z3r0c0000l. This is not the first time an attack has been launched on the state-owned company's website; in 2011 the website was hacked by Algerians, by Pakistanis in 2012, and last month by a group of Indian hackers. Once z3r0c0000l had defaced the website, another hacker group called, Gllok Hackers, posted their own defacement page on the websites homepage. It is still not certain if the hackers are finding new vulnerabilities on the website, or if webmasters are restoring the website without fixing the vulnerabilities. At the time of this writing the website is still defaced.

Anonymous Attacks Cambodian Government Websites

December 23, 2013 – Over the weekend, hackers of Anonymous Cambodia, launched distributed denial-of-service attacks against over two dozen government and government related websites. The attacks occurred just as thousands of people marched on the streets of Cambodia's capital, Phonom Penh, demanding new elections, and asking the prime minster to step down. According to a report the targeted websites belong to various ministries, the police, educational institutions, and other organizations with ties to the government. At the time of this writing all websites have been restored to their full working conditions.

Mauritania's Ministry of Justice Hacked and Defaced

December 23, 2013 –Mauritania Hacker team have breached and defaced the website of Mauritania Ministry of Justice ( The hackers defaced the website leaving a simple message, which reads, “Hacked by Mauritania HaCker Team.” No reason for the attack has been given. At the time of this writing the website is still down.

High School Students Hacking Computers To Change Grades

December 20, 2013 –According to a new report, at least a dozen students of the Corona del Mar High School in Newport Beach, California, are suspected of hacking in to school computer systems in an effort to change grades and gain access to tests. It is believed that the students were helped by a private tutor who showed students how to use a keylogger. Both the students and the tutor have been identified by local authorities, and could face criminal charges. At the time of this writing authorities are asking the public for help in identifying the tutor, Timothy Lance Lai, whose whereabouts are currently unknown.

Anonymous Compromises Several Serves As Part Of OpUkraine

December 20, 2013 –Hacker group, Anonymous, is claiming to have compromised several servers belonging to the Ukrainian government. The Anonymous led campaign, OpUkraine, is protesting the, 'brutal crackdown on journalists and media...' by Ukrainian President, Viktor Yanukovych. According to a report, over 50 journalists were targeted and injured at a demonstration by Ukrainian special forces. In retaliation for Ukraine's crackdown on pro-EU protesters and journalists, Anonymous has asked that financial support to the police and government be halted.

Cybercriminals Using German Copyright Scandal To Distribute Malware

December 20, 2013 –According to a new report, earlier this month, a German law firm began sending out threatening letters, on the behalf of copyright holders, to German users who had been surfing a popular adult website. Researchers now say they are leveraging this story to distribute malware. The case is controversial because it is uncertain how the German law firm obtained the information on the websites visitors. The report goes on to say that cybercriminals have started sending out fake emails in an effort to trick users into downloading a piece of the malware. The fake notifications inform the recipients that they will face fines and even imprisonment for unlawfully streaming copyrighted content, and instruct the users to download the attachment for more information. Once the file infects the device, the threat downloads additional pieces of malware. The German firm is aware of the fake emails and has posted a notice on its website to warn users.

Dutch Politician Targeted By Hackers

December 20, 2013 –Controversial Dutch politician, MP Geert Wilder, is in the cross-hairs of hackers who are targeting the politician after he released an anti-Islam sticker that said, “Islam is a lie. Mohammed is a crook. The Quran is poison.” Anonymous-affiliated hackers have already set their sights on Wilder's website, '' and are apparently planning on launching a distributed denial-of-service attack against it. The hackers have also posted a link to a web-based DDoS tool that anyone can access to launch an attack against the politicians website. At the time of writing Wilders' website appears to be working properly. Many Dutch officials have come forward to condemn the offensive sticker.

Target Admits 40 Million Payment Cards Compromised

December 19, 2013 –Retail giant, Target has released a statement saying they just learned that the payment card details of almost 40 million customers from all over the United States have been stolen in a data breach. People who have made purchases at Target stores between November 27 – December 15 are impacted. Target has confirmed that names, credit and debit card numbers, card expiration dates, and CVVs have been stolen. Target has began providing customers with advice on what to do to protect themselves from potential misuse of their payment card information. The retailer is also working with law enforcement, including the US Secret Service, and financial institutions. As of now there is no mention of identity protection services being offered to customers, instead Target recommends customers periodically obtain credit reports from Equifax, Experian, or TransUnion.

Hackers Threaten To Sell Bank Details Of Customers

December 19, 2013 –According to a report coming out of Israel, a group of hackers are attempting to blackmail three Israeli banks. The group claims to have stolen the details of some 3.7 million customers, and are threatening to sell the information on the underground market unless the banking institutions pay them. The three banks being targeted are said to be, Yahav, Discount Bank, and First International Bank of Israel. The hackers claim to have obtained the information with the aid of a massive Botnet that stole the credit card details and passwords from the computers of Israeli users. The banking institutions have alerted the authorities, but have decline to comment on the allegations. Unnamed officials are claiming that the threat is not considered serious.

ZeuS Trojan Targets BTC China Customers

December 19, 2013 –Researchers have identified a new version of the ZeuS malware, dubbed Gameover designed to target BTC China and other Bitcoin exchanges. According to researchers, the malware waits for the owners of infected computers to visit the website of BTC China, once they do the malware steals their usernames, passwords, and hijacks their accounts. Researchers note that the Trojan steals the credentials and then suspends the session temporarily and a fake window is injected into the session instructing the user to enter their one-time password for security measures. Cybercriminals are increasingly using Bitcoins to launder their criminal proceeds, using the crypto-currency as the middleman for laundering funds without leaving any tracks.

Airline Spam Used To Distribute Malware

December 19, 2013 –According to a new report, cybercriminals have launched a new campaign in which they send emails purporting to be from an airline company. Researchers say the notifications appear to come from airline companies such as, American Airlines, US Airways, Delta Airways, and British Airways. The email usually informs the recipients that an electronic ticket has been purchased on their behalf, however the file attached is not a e-ticket, rather a variant of the Kuluoz malware. This particular malware is designed to download and execute other pieces of malware, such as ZeroAccess or fake antiviruses. The spam messages are distributed with the aid of the Cutwail botnet, which experts believe cybercriminals may have started using due to the large number of people traveling during this period. Researchers have also stated the new Kuluoz malware comes with a new feature, where once the computer is infected, the malware beings collecting system information, including installing antivirus solutions on the device.

Sister Operation To OpKillingBay Announced

December 18, 2013 –Hacker group, R00ts3curity, has announced a sister operation to #OpKillingBay, the Anonymous led campaign protesting the slaughter of dolphins and orcas in Taiji, Japan. The hackers announced the sub operation to #OpKillingBay, via video threatening Peruvian officials that they will "leak and destroy every server" for allowing the slaughter of dolphins in Peru. It is being reported that dolphins off of Peru's Pacific coast are being killed for the sole purpose of use as shark bait. At the time of this writing no attacks have been launched on Peruvian cyberspace. Anonymous has also released its intended target list for the continuation of #OpKillingBay. Anonymous has encouraged its followers to deface and launch distributed denial-of-service attacks on websites such as SeaWorld, World Association of Zoos and Aquariums, and the International Marine Animal Trainers' Association. At the time of this writing no known attacks have been reported.

People's Bank Of China Website Attacked

December 18, 2013 –The People's Bank of China (PBOC), China's central bank, is planning to ban payment companies from working with Bitcoin exchanges, according to a report. In response hackers have launched a distributed denial-of-service attack against the financial institution's website. According to some Chinese media outlets, it is believed that Bitcoin investors may have been behind the attack. Central bank officials have said they are working to get the website back online, however at the time of writing, the website, is still inaccessible. Since the emergence of the ban the price of Bitcoin has dropped considerably.

New Trojan Targets ATMs

December 18, 2013 –According to a new report, researchers have come across a new Trojan designed to steal information from ATMs. The trojan is called 'Trojan.Skimer.18' and targets the devices developed by one of the world's largest ATM manufactures. The malware is loaded onto targeted machines via an infected application, once the ATM is infected the 'Trojan.Skimer.18' creates a log file. Then, when a card holder uses the ATM, it reads the data, namely the payment card number, expiration date, and the card verification value (CVV). Researchers also say the malware is capable of capturing the encrypted PIN of the individual as well. The attacker then simply enters a number associated with a specific command in order to display the statistics of the collected data. Researchers point out that the Trojan is similar to others designed to target ATMs.

Anonymous Re-launch OpGabon

December 18, 2013 –Anonymous has released a video announcing the re-launch of OpGabon. The, Anonymous led campaign, is seeking to draw media attention to the ritual killings occurring in Gabon. The re-launch of the campaign comes as Gabon prepares for the upcoming municipal elections, which according to Anonymous, has led to an increase in the number of ritual killings in the country. Anonymous will be planning distributed denial-of-service attacks against a large number of Gabonese websites, such as Gabonese President Ali Bongo's personal website, the Gabonese Department of Defense, and the Gabonese Department of Justice websites.

Royal Bank Of Scotland Suffers DDoS

December 17, 2013 –The online services of the Royal Bank of Scotland have suffered two outages; one due to a distributed denial-of-service attack, and another due to undisclosed technical issues. Soon after the outages, the banking institution issued a message to users alerting them about the possibility of phishing attacks. Once the outages were over, RBS customers began to receive phishing emails designed to have them give their personal information to the cybercriminals. The emails carried subject lines such as, 'Security Precaution' stating to the user that they must 'Activate My Card' in order for their card to be restored to normal working condition. However, once the user clicks on the activation link they are taken to a hijacked website belonging to a company in Poland. The website has been set up to host a legitimate looking RBS phishing page, where victims are asked to enter their credit card online services username, PIN, password, email address and email password. Once the information is entered the victim is taken to a genuine RBS website. Google has already flagged the malicious page, however it is likely that the cybercriminals are using multiple compromised websites in their scheme.

Hackers Use Government Officials Credit Cards For Donations

December 17, 2013 –The hacker group, TeamBeserk, has announced a new campaign called, OpBeserkChristmas, which will make donations to the less fortunate with the credit cards of government officials, employees and corporations. The hackers have claimed that they will use the stolen payment card information to donate gifts, including toys, blankets, tablets, computers and other items to homeless shelters and children's centers from all over the world. They have allegedly already made a donation to a children's shelter in San Antonio, Texas, at the expense of a Texas judge. According to reports some of the stolen information comes from the systems of Edwards County, Texas, however the hackers are refusing to name any of the other systems they've stolen from.

Cedar Rapids, Iowa High School Website Hacked & Defaced

December 17, 2013 –According to a report, unidentified hackers, have breached the website of Washington High School in Cedar Rapids, Iowa. The hackers have defaced several pages with racists messages. In one reported post, the hackers invited the websites visitors to take part in a 'KKK Klan Appreciation Day' on Christmas Eve. The content was quickly taken down by website administrators; representatives of the school district say they are uncertain who is behind the attack, but they are working to find out how the attackers managed to breach the website. Due to the offensive content authorities have also been called in to investigate the incident.

Las Vegas Hotel & Casino Website Breached

December 17, 2013 –The hacker, zVapor, is claiming he hacked the website of, a website providing a guide to Las Vegas hotels and casinos. The hacker stated that a SQL Injection vulnerability in the Board section of the website allowed him to compromise the database server. The hacker leaked all user information from the target server. The database dump contains user names, hashed passwords, e-mail addresses, country and other personal details. The hacker has also published the personal information of the site administrator. The vulnerability has been fixed, however individuals who have signed up for the website are being advised to change their user name and passwords.

University of North Carolina Data Breached

December 16, 2013 – According to a report, the University of North Carolina at Chapel Hill is investigating a personal information data breath that affects more than 6,000 people. According to school officials the files containing information such as names, social security numbers and dates of birth of some current and former employees, vendors and students were accidentally made public. Officials also learned last month that some of these files were accessible on the Internet. Less than two weeks later the files were no longer online anymore. Officials believe some safeguards that protect such files had been accidentally disabled this past summer while a computer was undergoing maintenance. School officials have begun notifying people whose information was affected.

Leak In Response To Hezbollah Commander Assassination

December 16, 2013 – The hacking group known as Islamic Cybe Resistance Group has leaked information allegedly related to Al-Qaeda, Israel and Saudi Arabia. The personal details of 2,014 people working for the Israeli army and 1,000 members of the Saudi army have been leaked online. The published information includes names, email addresses, phone numbers, addresses and military ranks. The hackers also claim they have access to 7 GB of information from the Saudi Binladin Group, which they claim is a major financial supporter of Al-Qaeda. The hackers have obtained 5 million 'secret documents' from the company's internal communications, however, to date only 2,200 documents have been leaked. The attack comes in response to the assassination of Hezbollah commander, Hassan Lakkis, in Beirut. The message left by the hackers claims they will avenge the assassination of Lakkis and warns Al-Qaueda and Mossad that their next operation will be 'much more damaging.' The leaks, as well as the attacks, are dedicated to the children of Lakkis.

Moroccan Hackers Deface Ministry of Finance Website

December 16, 2013 – The hacker group known as Moroccan Ghosts has hacked the official website of the Nigerian Federal Ministry of Finance. The hackers left a message on the defaced page explaining the reason for the attack on Nigerian cyberspace, stating, “Moroccan Ghosts! Website Hacked ! Coz you support the Algerian Front of Polisario ! Dedicated to All Moroccans..” The Polisario Front is a Sahrawi rebel national liberation movement working for the independence of Western Sahara from Morocco. This is the second attack on a high profile Nigerian government website by Moroccan Ghosts. At the time of this writing the official website has been fixed and is operating normally.

Official Website of Bangladesh Police Attacked By Hackers

December 16, 2013 – The hacker group know as, Izzah Hackers, was able to launch a successful distributed denial-of-service attack on the official website of the Bangladeshi police. The attack is part of the ongoing Anonymous campaign, OpBangladesh a response to Bangladeshi police arresting and killing protesters in Bangladesh. The attack comes as unrest in Bangladesh continues after the execution of top opposition leader, Abdul Quader Molla. Molla was the assistant secretary general of the Bangladesh Jamaat-e-Islami party. At the time of this writing the website is still down and has been down for over 20 hours. Izzah Hackers are also planning more attacks on websites from Bangladesh, Burma, and Myanmar.

Russian Hackers Steal Details of 54 Million Turkish Citizens

December 16, 2013 – According to a new report, Russian hackers may have stolen the personal details of around 54 million Turkish citizens. A general manager of a research company has revealed that the ID numbers, addresses, and father's names of 54 million voters has been stolen from political parties. Turkey's Supreme Election committee has been sharing the information with political organizations. It is also reported that some of these organizations didn't have protections in place to stop the hackers, making it even easier to steal the data. A recent report from Turkey's State Audit Board also revealed that some government institutions share citizen's personal information online with other organizations without ensuring the content is properly protected.

Anonymous Announces OpFoxBlackout

December 13, 2013 – Hacker group AnonymousFL_US has announced a new operation targeting Fox News. According to a message from AnonymousFL_US the attack is in response to Fox News' “right wing propaganda, racist over tones, and a lack of respect for the truth.” The hackers are calling upon other Anonymous members to join in the attack, as they plan to hijack 'their news feed with our own message and take down their site and replace it with information and links to various #Anonymous #Ops and our own message for the people.” At the time of this writing their is no proposed date for the planned attack.

Anonymous Attacks Japanese-American Embassy Phone Lines

December 13, 2013 – Members of the AnonymousOpsUSA hacking group launched a distributed denial-of-service attack on the phone lines of the Japanese/American Embassy in Washington, D.C. Yesterday. Plans for the attack were first seen earlier this week when AnonymousOpsUSA posted the main office phone number of the Embassy. The motivation behind the attack is in support of OpKillingBay, the operation by Anonymous protesting the killing of dolphins and orcas in the town of Taiji, Japan. AnonymousOpsUSA also stated they will be attacking the phone lines of the White House Tuesday, December 17.

Real Estate Website Hacked by TeamHackArgentino

December 13, 2013 – The hacker group TeamHackArgentino, a subgroup of Anonymous Argentina, has hacked and defaced the Interior Administrations website of Argentinian real estate company, Sergio Villella. According to a message from the hacker known as HackerArgentino the group has hacked the 'database of tenants and guarantors'. The group has also left a message on the website stating, 'No more Corruption in my country, more security please.' At the time of this writing the website is still displaying the defacement message.

Four Embassies In Japan Targeted As Part Of OpKillingBay

December 13, 2013 – The websites of the Taiwanese, Indonesian, Argentinian, and Russian embassies in Japan are all down due to a distributed denial-of-service attack by members of the hacker group, Anonymous. The attacks are part of the on going OpKillingBay operation by Anonymous. At the time of this writing several websites are still down.

Cyber Criminals Using Database Cloud Services

December 12, 2013 – A new botnet has been discovered that is using database-as-a-service platforms to steal commercial online banking credentials. Researchers are calling it a warning sign for possible future targeted attacks on databases by outside attackers. It is being reported at least 370 machines have been infected within the last five days via the banking Trojan. According to researchers the malware will begin targeting internal enterprise databases very soon and infection is “inevitable, and comprise of a portion of workstations within a network should be considered an inherent condition.” The research concludes that any enterprise database platforms running in the cloud, can be vulnerable to cloud-borne attacks.

Syrian Ministry Of Health Website Taken Down

December 12, 2013 – According to the hacking group known as An0ymousLulz, the Syrian Ministry of Health website was brought down by a distributed denial-of-service attack. The motivation of the attack is said to be in support of the Syrian revolution and part of the greater OpSyria campaign. The Ministry of Health is responsible for supervising the health sector in the Syrian Arabic Republic, as well as providing Syrians with health directories, statistics, and drug and nutrition information. At the time of this writing the website is restored and functioning properly.

30 Government Websites Hacked in India

December 12, 2013 – More than 30 government websites in the Indian state of Rajasthan have been hacked and defaced by Pakistani hacker, H4x0r HuSsY. The defacement message reads, “Proved to be Hell For India! I might Opt Out of the Cyber World As I don't get much time. But Here's a Peace Message. To All Indian Hackers etc etc U Gotta Look at my Zone-H Archive Whenever you have Intentions of hacking (.PK) Sites." At the time of this writing several of the websites have been taken down.

Nepal College Website Hacked By Anonymous Afghanistan

December 12, 2013 – The website of the Namuna College of Fashion Technology in Nepal has been hacked and defaced by Anonymous Afghanistan. At the time of this writing the website is still defaced with the message, “Hacked by Anonymous Afghanistan” with the name of the attacker, Zishan Rider, telling the website Administrator to patch the vulnerability.

Canada Spying For The US

December 11, 2013 – According to a newly released document, the Communications Security Establishment Canada (CSEC) has worked with the NSA in "approximately 20 high-priority countries", some of which are trade partners to the U.S. The document also claims that, "CSEC shares with the NSA their unique geographic access to areas which are unavailable to the U.S.” Former NSA official turned whistle-blower, Thomas Drake, said it comes as no surprise that the two agencies are working together. The relationship between the two intelligence agencies is described as being close and co-operative with both sides looking to expand and strengthen.

NSA Tracking Targets With Google Cookies

December 11, 2013 – According to a new report the NSA and GCHQ, are using 'cookies' which advertising networks place on computers to identify people browsing the Internet. In particular the intelligence agencies are using the part of the Google-specific tracking cookie known as "PREF." Though the cookies do not contain personal information, they can uniquely identify a person's browser using the numeric codes that enable Web sites. According to leaked documents the cookies are used to 'enable remote exploitation.' This technique is used to let the NSA hone in on individuals already under suspicion and suggests that the agency is using these tracking techniques to help identify targets for offensive hacking operations.

LA Gay & Lesbian Center Hacked

December 11, 2013 – The Los Angeles Gay & Lesbian Center is notifying 59,000 people that their personal information was compromised in a hack of their computer systems. The stolen information includes names, contact information, payment card details, medical or health care information, dates of birth, social security numbers and health insurance account numbers. A piece of malware was loaded onto the Center's systems and was stealing information between September 17 and November 8. Authorities are currently investigating the incident.

RootSecurity Announces Support Of OpKillingBay

December 11, 2013 – Members of the RootSecurity hacking group have posted a video announcing their support of the OpKillingBay campaign. OpKillingBay is the Anonymous operation that is protesting the killing of dolphins and orcas in the Japanese town of Taiji. The hackers said in the video, “We will kill servers and leak every database we can get our hands on until you realize the wrong you're doing, we are done playing around, it is time for the games to stop.” So far they have leaked information from three Japanese websites, however the sites have nothing to do with dolphins.

Black Hole Found In The Internet

December 10, 2013 – In 2008 two security researchers at the DefCon hacker conference demonstrated a massive security vulnerability in the worldwide internet traffic routing system. The vulnerability is so severe that it may allow intelligence agencies, corporate spies, or cyber criminals to intercept massive amounts of data. At the time of the conference no real threat came from it, however earlier this year someone began using their technique to hijack internet traffic headed to government agencies, corporate offices and other recipients in the U.S. This traffic was redirected to Belarus and Iceland before sending it on its way to its legitimate destinations. It has not been determined who is behind the hijacking or their motivation.

TeamBerserk Announces Return

December 10, 2013 – The hacking group known as TeamBerserk have announced they are returning to hacking. After several months of inactivity, the hackers released a statement saying, “After many days at port, days filled with rum, women and lulz – which have recovered us. We have again united for an explosive several weeks of exploitation, mayhem and LoLz.” To mark their return, the hackers have leaked 23 documents they allegedly stole from Edwards County, Texas Judge Souli Shanklin. They are also claiming to have breached Shanklin's Amazon account.

Alleged Skynet Botnet Creator Arrested In Germany

December 10, 2013 – The German Criminal Police Office has reported that they have arrested the cyber criminals responsible for creating the Skynet Botnet. Skynet is a variant of the infamous Zeus malware. When the Skynet Botnet infects a system it downloads Bitcoin miners, exploits computational resources of the victim's system and uses them in the mining process. According to a press release from the German police they have arrested two individuals suspected of illegally generating Bitcoins worth nearly $1 million using the malware. It is not yet clear whether or not the Skynet servers were taken down by the German police.

United Nations Ethiopia Site Defaced

December 10, 2013 – The Turkish hacking group known as Ayyildiz Tim are claiming to have breached and defaced the United Nations in Ethiopia website. The defacement message says that the hackers will start a virtual war with anyone that is against their country or religion. At the time of this writing the site is still defaced. In addition, the hackers also defaced several other sites from Italy, Brazil, Thailand, Vietnam and Honduras. Many of these sites are also still defaced.

French Government Spoofing Google Domain Certificates

December 9, 2013 – Google has reported that France's cyber defense division, ANSSI, has been detected creating unauthorized digital certificates for several Google domains. An intermediate certificate authority (CA) issued the certificates, which links back to ANSSI. Google wrote, "Intermediate CA certificates carry the full authority of the CA, so anyone who has one can use it to create a certificate for any website they wish to impersonate." ANSSI released a statement that revealed the intermediate CA is really its own infrastructure management trust administration. In the statement, ANSSI claims that the fake certificates were a result of "human error, which was made during a process aimed at strengthening overall IT security." ANSSI went on to say, "The mistake has had no consequences on the overall network security, either for the French administration or the general public." Google says that this incident is an example for the need for its Certificate Transparency project, which is aimed at fixing flaws in the SSL certificate system that could result in man-in-the-middle attacks and website spoofing.

Radio Free Europe Hit With DDoS Attack

December 9, 2013 – The Radio Free Europe/Radio Liberty website was hit with a distributed denial-of-service attack as it was providing coverage of the ongoing protests in Kiev, Ukrain. Radio Free Europe is a media organization with over 700 journalists in 21 countries. The website was down for about three hours before it was fully restored. No suspects have been identified in this attack. At the same time, Anonymous hackers have been launching DDoS attacks against government websites in support of the protesters. The Anonymous targets included the website of the presidency, the main government portal and the site of the Ministry of Internal Affairs.

20 Million Hotel Reservations Leaked By Chinese Hackers

December 9, 2013 – The Chinese hacking group known as the Harbors of Evil Goods are claiming to have breached the systems of CNWisdom, China's largest wireless Internet service provider for hotels. As part of the breach, the hackers have leaked the details of around 20 million hotel reservations. The leaked information includes phone numbers, email addresses and physical addresses. CNWisdom is saying that the data may not have been from their systems, since some of the information is from hotels that are not their customers.

Syrian Hacker Targets Indian Government Sites

December 9, 2013 – The Syrian hacker known as Dr. SHA6H is claiming to have hacked and defaced eleven websites belonging to the government of the Indian state of Kerala. The defacement message is a protest against the Syrian regime's actions of murder and destruction. Dr. SHA6H wrote, "Is there an international interest with Bashar al-Assad? Or economic interest, or is [it] a political interest? We want answers [from] all the countries of the world, there are children dying, women [abused] and houses destroyed." At the time of this writing all of the sites have been taken offline.

Anonymous Threatening Twitter

December 6, 2013 – Earlier this week it was reported that Twitter had suspended several Anonymous related accounts. In response to this action by Twitter, members of the Anonymous collective have issued a statement. The statement begins, "You have the ability to suspend Twitter accounts . . . We have the power to suspend websites." The hacktivists are calling for Twitter to reinstate the @Anon_Central account, which has been used to distribute news about attacks and plans for future attacks. If the account is not reinstated the hacktivists promise that things will "get very messy." They said, "If the suspended Twitter account @Anon_Central is not returned, you may have to fix a database leak." The statement was signed, "Team AnonymousOpsUSA & various LulzSec entitites."

TeslaTeam Targets Government Sites

December 6, 2013 – The Serbian hacking group, TeslaTeam, has targeted government websites belonging to various different countries. In each of the attacks the hackers have leveraged SQL vulnerabilities to breach the sites. The most recently affected sites include the Albanian Ministry of Economy, Trade and Energy, Ghana's Ministry of Finance and Economic Planning and the Court of Bosnia. None of the sites have been defaced, but the hackers have stolen and leaked data from the targeted database servers. The stolen data includes user names and passwords.

RedHack Demands Release Of Hacker By Turkish Government

December 6, 2013 – Members of the RedHack hacking group have posted a video aimed at the Turkish government, demanding the release of suspected hacker Taylan Kulacoglu. Authorities believe that Kolacoglu is the leader of RedHack, however the other members deny the man has any affiliation with their group. In the video the hackers said, "People practicing their right to freedom of speech and freedom of assembly is threatened with arbitrary arrests and prison. Law has lost its legitimacy and that’s why dictator PM Erdogan openly wages war against people who criticizes his ill-fated politics of divide and rule. We can only win against these evil policies if we can unite and fight." The video did not specify any planned attacks or protests.

Anonymous Responds To Tunisian Internet Censorship

December 6, 2013 – Members of the Anonymous collective have posted a new video with a message for the Tunisian government. The Tunisian government is currently considering implementing a new law that would censor what people post to the Internet. The hacktivists said, "The fact that the Tunisian government is trying to get away with stealing the People’s privacy has shocked us and has driven us to take more precautions. This censorship signifies the comeback of years of oppression and tyranny. To the Tunisian government, We are watching you from very close. We know about the financial , technological and human resources provided by the government. We know that they are financed by the taxpayers and are intended for launching a new dictatorship in the country and the Tunisian cyberspace. We do not tolerate these acts!"

JPMorgan Chase Customer Info Compromised In Server Hack

December 5, 2013 – It is being reported that the personal information of almost 465,000 JPMorgan Chase customers may have been stolen in a breach of the web servers that host the website. The breach of the UCard website occurred in July, but was not detected until the middle of September. JPMorgan is saying that there is no evidence that sensitive information has been stolen. They also said that no money was stolen in the attack. JPMorgan is only just now notifying customers because their internal investigation was ongoing since September. The bank has not revealed any information about their investigation. The 465,000 people impacted represents 2% of the 25 million UCard customers.

Customer Information Stolen In Maple Grove Farms Hack

December 5, 2013 – A warning has been issued by B&G Foods North America, which owns the Maple Grove Farms brand, advising customers that their personal and financial information may have been compromised by an attack on the Maple Grove Farms of Vermont website. The stolen information includes names, addresses, phone numbers and payment card numbers. According to B&G Foods, additional technical security measures have now been implemented to prevent future attacks.

Anonymous Threatens Moroccan Government

December 5, 2013 – The Moroccan government is scheduled to sentence the "kissing teens" on December 6. The teens were arrested when one posted a picture of the other two kissing on Facebook. Members of the Anonymous collective have issued a warning to the Moroccan government saying that they are "ready to take action" if the sentence is deemed too harsh. The hacktivists said, "Regardless of the sentence though, Morocco will remain a focus for the Anonymous collective, for human rights violations and corruption heinous and unchecked." To prove that they are serious the hacktivists leaked data that they claim was stolen from a "prominent Moroccan financial institution."

Oregon Cities Hacked By Iranian Hacker

December 5, 2013 – The Iranian hacker known as hossein19123 has hacked and defaced the websites of City of Amity and Sutherlin City, Oregon. The hacker is a known member of the Ashiyane Digital Security Team hacking group. The defacement message on both sites reads, "Your Box Own3z By hossein19123! Ashiyane Digital Security Team! Greats All Ashiyane. Defacers! We are love Iran." At the time of this writing both sites were still displaying the defacement.

Twitter Suspends Over 30 Anonymous Accounts

December 4, 2013 – Twitter has suspended over 30 accounts related to the Anonymous movement. It appears this is a response to a campaign of abuse against feminist campaigners. Anonymous members believe that journalists Caroline Criado-Perez, Hannah Curtis and Caitlin Moran are responsible for the suspensions. One Anonymous member said, "(They) appear to have some direct line to Twitter to get accounts suspended sooner." Criado-Perez responded, "I certainly don't have the power to ban accounts, but I do report accounts that send threats and harass me. Sometimes they get suspended and sometimes they don't."

Two Million Stolen Facebook, Twitter Logins Found

December 4, 2013 – Researchers have discovered a Netherlands-based Pony Botnet Controller Server with almost two million user names and passwords of Facebook, Twitter, Google and Yahoo users. The researchers were able to hack into the Pony Botnet's admin area, which is where they found the stolen information. It is not known how exactly the credentials were originally obtained. The countries with the most stolen credentials were the Netherlands, Thailand, Germany, Singapore and Indonesia. The United States accounted for less than 2,000 stolen logins.

UK Council For Graduate Education Site Hacked And Defaced

December 4, 2013 – The hacker known as smitt3nz has hacked and defaced the website of the UK Council for Graduate Education. The defacement message reads, "So your security wasn't that tight . . . Gr33tz; smitt3nz." The hacker also leaked data stolen from the Council's database. The leaked data includes email addresses and clear text passwords of over 600 users.

Angola Government Sites Taken Down By Anonymous

December 4, 2013 – Members of the Anonymous collective have launched distributed denial-of-service attacks against all Angola government websites. This is a protest against officials accused of being involved in the killing of two political activists last year. The hacktivists have published a list of 70 websites that are targets. At one point earlier today, most of the websites were inaccessible, however most of them were quickly restored and are currently available.

96,000 Bitcoins Stolen From Sheep Marketplace

December 3, 2013 – It is being reported that 96,000 bitcoins have been stolen from the Tor-based underground marketplace, Sheep Marketplace. The site, a replacement for Silk Road, has shut down as a result of the theft. Sheep Marketplace's operators say that only 5,400 bitcoins were stolen, however other sources are reporting much higher amounts. The highest estimate is that a total of 96,000 were stolen, which is valued at almost $100 million. Sheep Marketplace is saying that a vendor found a bug in the site's systems that allowed the theft without being detected. Others, though, say that the site is actually a scam and the owners actually stole the money.

Wisconsin Man Sentenced To 2-Years Probation For Anonymous Attack

December 3, 2013 – Eric Rosol, 38, of Wisconsin has been sentenced to two years federal probation for taking part in the distributed denial-of-service attack against the website of Koch Industries in February 2011. Rosol had pleaded guilty to one misdemeanor count of accessing a protected computer. He is also ordered to pay $183,000 in restitution. Rosol was one of many people that participated in the Anonymous-led attack against Koch Industries. Authorities were able to identify him, even though he only participated in the attack for a little over one minute.

Anonymous Honduras Protests Election Fraud With Hacks

December 3, 2013 – Members of the Anonymous Honduras hacking collective have hacked and defaced several high-profile websites in Honduras. These attacks are a protest against the alleged election fraud that took place during Honduras' presidential election. The targeted sites include a state-owned tourism agency, the Department of Culture, Arts and Sports, the Secretary for Security, Interpol Honduras, the National Police, the Supreme Electoral Tribunal, the Innovation and Unity Party and the Superintendent of Public Private Partnership. The defacement messages accuse officials of manipulating the media, and they urge all citizens to collect evidence of election fraud.

706 Domains Seized For Selling Counterfeit Items

December 3, 2013 – The United States Immigration and Customs Enforcement's (ICE) Homeland Security Investigations (HSI) has partnered with law enforcement agencies from all over the world to seize Internet domain names used to sell counterfeit merchandise. The operation is known as "Project Cyber Monday IV", and has led to a total of 706 domain names being seized. The United States has seized a total of 297 domains and European agencies have seized 393 sites. Hong Kong Customs has taken down another 16 domains. Acting Director of ICE, John Sandweg said, "Working with our international partners on operations like this shows the true global impact of IP crime. Counterfeiters take advantage of the holiday season and sell cheap fakes to unsuspecting consumers everywhere. Consumers need to protect themselves, their families and their personal financial information from the criminal networks operating these bogus sites."

Malware Infects UW Medical Center, 90,000 Patients Impacted

December 2, 2013 – The University of Washington Medical Center is warning patients that their personal details may have been compromised. An employee opened an email attachment that contained malware that has led to almost 90,000 people being impacted by a data breach. The information breached includes names, medical record numbers, dates of service, dates of birth and social security numbers. The FBI is currently investigating the incident.

Israel And Saudi Arabia Working Together To Create Stuxnet-like Malware

December 2, 2013 – It is being reported that Israel and Saudi Arabia are planning to create a piece of malware that will be capable of sabotaging Iran's nuclear program. The aim of the malware is not only to sabotage Iran's nuclear program, but also to gather intelligence. The report says that the countries will be investing about $1 million in the project. The malware is being described as similar to Stuxnet, but more destructive.

70,000 Users Impacted By Vodafone Iceland Hack

December 2, 2013 – The Turkish hacker known as Maxney is claiming to have hacked the systems of Vodafone Iceland. Several of the company's domains have been defaced and details of over 70,000 customers have been leaked. The leaked information includes SMS messages, user names, user IDs, encrypted and clear text passwords, email addresses, financial information and social security numbers. Vodafone took down their website as soon as the defacements were discovered. The company said that they have brought in the country's "most talented professionals in data and network security issues" to investigate the incident.

Anonymous Hacks Venezuelan Government Sites

December 2, 2013 – Members of the Anonymous Venezuela and Anonymous Argentina collectives have hacked and defaced several Venezuelan government websites. The hacktivists left a defacement message that translates to, "This post is dedicated to all Venezuelans. We will not allow this corrupt government to dominate our way of thinking. We are prepared to face them. We will not allow Cuba to dominate our country." Some of the impacted websites have been restored, but several are still defaced. At least 10 government owned sites have been affected.

Report Warns US Army of SEA Attack

November 27, 2013 – A report has been issued by the TRADOC G-2 Intelligence Support Activity's (TRISA) Complex Operation Environment and Threat Integration Directorate (CTID) that warns the United States Army of possible cyberattacks being launched by the Syrian Electronic Army (SEA) hacking group. The report says, "The SEA is clearly a force of disruption, and the long-term implications of its continued presence might very well remain what they are today - primarily a nuisance - or the implications might become more serious if the SEA's message gains greater influence." In addition, the report provides details on past SEA attacks and techniques used by the group.

Time's Person Of The Year Poll Hacked

November 27, 2013 – Two hackers known as Gains and Marek have found a way to bypass the authentication of Time Magazine's Person of the Year poll, and have automatically cast a large number of votes for Miley Cyrus. Voters are supposed to sign in with their Facebook or Twitter accounts, however the hackers developed scripts that allow them to vote on any Facebook user's behalf, without their knowledge. After putting the automating voting script in place, Cyrus went from 15th place to first. Edward Snowden is currently in second place and seems to have a lot of support from Anonymous members. This poll has been hacked before, in 2012 hackers rigged the system to make North Korean leader Kim Jong-un the lead vote getter. Ultimately, Time's editors will select the winner of the award.

Teen Arrested For Hack Of Sachem, NY School District

November 27, 2013 – A seventeen year old has been arrested for illegally downloading information from the computer systems of the Sachem school district in Long Island, NY. Matthew Calicchio, a student at Sachem North High School, has pleaded not guilty to the charge of computer trespass. The records of thousands of students were illegally downloaded and posted online between July and November 2013. Sachem representatives say that they are confident that their systems were not hacked from the outside. Calicchio has been released on bail and is scheduled to appear in court on December 9th.

Anonymous Korea Plans Protest For December 25th

November 27, 2013 – Members of the Anonymous Korea collective have announced a plan for its own Million Mask March on December 25, 2013. The hacktivists are asking people to join them in an anti-government protest in the Chung Gye Square in Seoul. In the video announcing the protest, the hacktivists say, "We have been deprived of things which they have promised to give. Let us remind the government that fairness, justice and freedom are more than words."

New OpKillingBay Targets Announced By Anonymous

November 26, 2013 – Members of the Anonymous collective have announced that they are extending the list of targets for OpKillingBay. The goal of the operation is to raise awareness of the slaughtering of dolphins in Japan by any means necessary, including cyberattacks, letters and messages on social media networks. The newest targets announced include Sea Life Park in Hawaii, MarineLand in Canada, Hotel Dolphin Resort in Japan, the Dolphinarium in Dubai, Ocean Park in Hong Kong and the Georgia Aquarium in the United States. The hacktivists said, "We are trying to be as transparent and open as we can be in hopes of getting more willing Anons, Hacktivist & Activist to help us out. This should be a global effort. United together to stop this [expletive] inhumane massacre and needless captivity."

Australian Crime Stoppers Site Hacked

November 26, 2013 – Members of the Indonesian BlackSinChan hacking group are claiming to have breached Australia's Crime Stoppers website. The hackers posted what they claim to be encrypted passwords and emails attached to members of various police forces. The attack was "payback for Spying (on) Indonesia!" Crime Stoppers Australia deputy chairman Peter Price said, "We don't know what some of these passwords are - we have never seen them." He did admit that, "Yes, the website was hacked and yes, they published information on the Internet, which was not of any critical relevance." The Crime Stoppers' website has been taken down for 24 hours as a precaution.

Central Bank Of India Website Defaced

November 26, 2013 – Members of the Pakistan Cyber Army and Team MaDLeeTs hacking groups have hacked and defaced a section of the Central Bank of India's website. The attack is a response to Indian hackers targeted several Pakistani sites to commemorate the November 26, 2008 Mumbai attacks. The Pakistani hackers wrote, "This attempt is in response to the Pakistani websites hacked by 'Indian Cyber Army'. We told you before too. We are sleeping but NOT dead!" The Central Bank of India took down the defaced page as soon as it was discovered.

$1 Million In Bitcoins Stolen From BIPS

November 26, 2013 – Bitcoin Payment Solutions (BIPS), a Danish bitcoin exchange, had more than $1 million in bitcoins stolen in a recent hack. In response, BIPS has temporarily shut down its consumer wallet initiative, while they re-architect the security model to prevent future attacks. The company issued a press release saying, "All existing users will be asked to transfer bitcoins to other wallet solutions, and users affected by the security breach will be contacted." This is at least the third bitcoin exchange hack this month.

New York State Government Sub-Domain Defaced

November 25, 2013 – The Indonesian hacker known as Jje Incovers is claiming to have hacked and defaced a sub-domain of a New York State Government information portal. The affected domain belongs to the Hudson River Valley Greenway, which now displays a defacement page. The defacement message says, "Hacked by Jje Invcovers, I'm single Attacker !! - SANJUNGAN JIWA!!" No reason was given as to why this sub-domain was targeted. At the time of this writing the sub-domain has been taken off-line.

Anonymous Leaks Documents On Italy's Lombardy Region Governor

November 25, 2013 – As part of Operation Italy, members of the Anonymous collective have leaked documents belonging to Roberto Maroni, the current governor of Italy's Lombardy region, and former Interior Minister. The hacktivists say that Maroni is "one big corrupted son of a gun." The leak contains a 368Mb archive file that contains almost 500 documents, including a copy of Maroni's passport. Anonymous posted a message with the leaked information saying, "Tell us about your secret affairs with Aiello mafia and all the other nasty things people will find out today without your NOBLE consent. Drink expensive wine, drive expensive car pay no TAX and enjoy life while Lombardy suffers from all kinds of criminal wars and corruption." The hacktivists plan on targeting the presidents of several Italian regions, including Sicily, Tuscany, Campania and Puglia.

370 Israeli Websites Hacked By Tunisian Hacker

November 25, 2013 – The Tunisian hacker known as CapoO_TunisiAnoO is claiming to have breached and defaced 370 Israeli websites. The attacks are a show of support for Palestine. The sites had several different defacement messages, but all had the same theme. One message read, "Israel, we love to smell your fear! Hacked By CapoO_TunisiAnoO 'Tunisien Elite Hacker' Greets to All Hackers that support Gaza case! Message: This is only the beginning . . . To Catch Me, You Must Be Faster Than Lightning. To Trace Me, You Must Be the Smartest People!" The affected sites belong to private businesses in Israel.

Australian National University Hacked By Indonesian Hackers

November 25, 2013 – The Indonesian hacking group known as Gantengers Crew has hacked and defaced a sub-domain of Australian National University. The hackers say this attack is in response to Australian spying against the Indonesian government. The sub-domain belongs to the University's Deepening Histories of Place Project. The defacement message reads, "Hacked by Gantengers Crew! We Are Gantengers Crew." The hackers say they will continue targeting Australian government owned websites until an official apology is issued. At the time of this writing the site is still defaced.

Malware Targeting Apache Tomcat Servers

November 22, 2013 – Servers running Apache Tomcat are being targeted by a back door worm that acts as a Java Servelet, but instead of creating a web page, it acts like an IRC bot that receives commands from the attacker. The malware is designed to scan and infect other Tomcat servers, so users visiting the pages from the compromised server are not in any danger. Researchers believe that the purpose of the attacker is to create DDoS attacks from the compromised servers. The command and control servers have been located in Taiwan and Luxembourg.

Flaws In Google Password Recovery Allow Hackers To Hijack Accounts

November 22, 2013 – Researchers have discovered several vulnerabilities in Google's password recovery process that could have been leveraged by hackers to hijack accounts. Three types of flaws could be exploited: cross-site request forgery (CSRF), cross-site scripting (XSS) and a flow bypass. The researchers showed how combining the vulnerabilities with a realistic looking phishing email could lead to user accounts being hijacked. Ten days after being notified, Google announced that they have fixed the vulnerabilities.

Over 40 Chinese Government Sites Defaced

November 22, 2013 – Members of the Code Newbie hacking group have hacked and defaced over 40 sub-domains belonging to China's Fifth Agricultural Construction Division. The hackers, who are from Indonesia and Malaysia, say that they defaced the sites to simply test their security. The defacement pages were added to the "Images" folder of each sub-domain. Shortly after the hacks were discovered the sub-domains were taken down and fixed. However, the administrators did not patch the vulnerabilities that the hackers used, allowing the hackers to deface the sites a second time once they were back online.

Syrian Secret Police Hacked By Refugee Hackers

November 22, 2013 – A leading member of a Syrian youth opposition movement is claiming to have breached a Syrian government and secret police database. The hacker said, "It was easy to look at the secret police's systems, which were left wide open to public view. The information they held was scary." According to the hacker, the databases contained records of the web traffic for much of the Syrian population, which allowed him to identify the IP addresses of the secret police. "What we found was that agents would watch pornography whilst at work," he said.

GitHub User Accounts Hacked

November 21, 2013 – A brute force attack was launched against GitHub accounts earlier this week. Failed login attempts were seen coming from China, Venezuela, Indonesia, Ecuador and other countries. GitHub has said that some users who use weak passwords have been compromised. GitHub released a statement saying, "While we aggressively rate-limit login attempts and passwords are stored properly, this incident has involved the use of nearly 40K unique IP addresses. These addresses were used to slowly brute force weak passwords or passwords used on multiple sites. We are working on additional rate-limiting measures to address this." Users will be kept posted in case source code or sensitive information is found to have been stolen.

Pakistani Hacker Defaces Indian Radio Site

November 21, 2013 – The Pakistani hacker known as BLACK H3ART has breached and defaced the website of All India Radio Allahabad. The defacement message reads, "Before today I was only giving warning to you Indians but now you have crossed your limits by interfering in our land and killing our men on border now see how we destroy your cyberspace and your country . . . Pakistan Zindabad ALLAH HO AKBAR!!!" The hacker also referenced several other Pakistani, Syrian and Iranian hackers. At the time of this writing the defacement page was still displayed.

Australian Federal Police and Reserve Bank Of Australia Hit with DDoS Attacks

November 21, 2013 – Members of the Anonymous Indonesia collective launched distributed denial-of-service attacks against the websites of the Australian Federal Police (AFP) and the Reserve Bank of Australia (RBA). The attacks were part of the protest against the Australian spying on Indonesian government officials. The AFP says that no sensitive information was hosted on the affected site. "Activities such as hacking, creating or propagating malicious viruses or participating in DDoS attacks are not harmless fun. They can result in serious long-term consequences for individuals, such as criminal convictions or jail time," an AFP spokesman said. A RBA spokesperson said, "There has been no outage but the Bank's website has been experiencing access delays fro some users. The bank's website and systems remain secure." At the time of this writing both websites are operating normally.

Anonymous Defends Moroccan "Kissing Teens"

November 21, 2013 – Members of the Anonymous collective have launched a new campaign in protest of the arrest by Moroccan authorities of two teenagers kissing and their friend who took the photo. The three teens face charges of violating public decency for sharing the photo on Facebook. The hacktivists have hacked Morocco's Department of Water, which is a branch of the Moroccan Ministry of Energy, Mines, Water and Environment. Anonymous issued a statement saying, "Drop the charges against these teenagers. pull back from the brink of the unbelievable two year sentence they could be facing for simply expressing affection for each other and we will also back down." If authorities do not take the warning, the hacktivists say they will "rip through government servers, leaking and deleting." Sample data from the hack of the Department of Water was also released, which included personnel files, bank transfer details and passwords.

Anonymous Declares Global Cyberwar Against US Government

November 20, 2013 – Members of the Anonymous collective have posted a new video declaring "global cyberwar" against the US government. The hackers say they have been driven to this war due to the NSA spying, the Trans-Pacific Partnership and the "unjustified" sentencing of Jeremy Hammond. In the video the hackers say, "We ask the people to be aware, let the war be handled by us." They say that they don't want their supporters to launch any real-world or online protests because that hasn't been effective before.

Dating Website Hack Exposes 42 Million Plaintext Passwords

November 20, 2013 – Earlier this year, the dating website Cupid Media suffered a breach that exposed users' names, email addresses and plaintext passwords for 42 million accounts. The stolen information was found on the same servers that contain tens of millions of records stolen in separate hacks of sites including Adobe, PR Newswire and the Naitonal White Collar Crime Center. A review of the Cupid Media user information showed that more than 1.9 million accounts used the password 123456, and another 1.2 million used 111111. The company says they have notified all affected users, and are in the process of double-checking that all affected accounts have had their passwords reset.

Syrian Ministry Of Electricity Website Hacked

November 20, 2013 – The Bangladeshi hacker known as Albaze Ever is claiming to have breached and defaced the Syrian Arab Republic's Ministry of Electricity website. The defacement message left said, "Hacked by Albaze Ever! Bangladesh Grey Hat Hackers. . . too bad as we have hacked Syrian Ministry of Electricity!" The hacker did not give any reason for the attack. The site was restored, but hacked a second time by an Iraqi hacker known as Abu Abid. Abu Abid left a message in Arabic. At the time of this writing the site has been restored and is operating normally.

OpKillingBay Expands To Target SeaWorld, FedEx And Other Organizations

November 20, 2013 – Members of the Anonymous collective recently launched OpKillingBay, which initially was focused on disrupting Japanese government websites in protest of the killing of whales and orcas in Taiji, Japan. The hacktivists are now expanding the operation to target other organizaitons that are also "responsible for the slaughtering in Taiji, not just the Japanese government." Some of the new targets include the International Marine Animal Trainers Association, the World Association of Zoos and Aquariums, SeaWorld, FedEx and Japan Air. The hackers say that SeaWorld and other aquariums are the "main culprits" because they buy the animals from Taiji and that FedEx, Japan Air and other companies "make a profit from transporting them." The hackers released a statement saying, "They need to know and the public needs to know this is not (expletive) alright. We need to cut off the supply chain and it starts with those airlines who are complicit."

E! Online Hacked By Serbian Hacking Group

November 19, 2013 – Members of the Serbian hacking group, Tesla Team, are claiming to have breached a sub-domain of The E! site provides entertainment news and gossip. The hackers say they leveraged a SQL injection vulnerability in the website. A database containing lists of user names, passwords and phone numbers was posted by the hackers. Tesla Team is the group that recently breached the Vevo website.

AnonGhost Defaces Hillside, Illinois Police Department Site

November 19, 2013 – Members of the AnonGhost hacking group have breached and defaced the website of the Hillside, Illinois Police Department. The hackers left a defacement message against the "governments of the world." There was also an audio message left on the site that criticizes NATO's role in Muslim countries. At the time of this writing the site has been restored and is operating normally.

Website Of Franklin County, Ohio Hacked And Defaced

November 19, 2013 – The official website of Franklin County, Ohio has been hacked and defaced by the hacker known as /Nullroot. The hacker added the defacement page to the site, no other pages were impacted. The defacement message left reads, "Greetings to everyone at /Nullroot. We are coming back #2013!" The hacker did not leave any reason for the hack. At the time of this writing the site is still defaced.

LulzSec Peru Breaches Peru's National Police

November 19, 2013 – Members of the LulzSec Peru hacking group have hacked and defaced the website of Peru's national police. The hackers left a defacement message in Spanish that translates to, "Welcome to the new page of the National Police of Peru (a.k.a. the Delinquent Police of Peru)." Law enforcement is being targeted because the hackers feel they are "useless, corrupt, inefficient and delinquents." The hackers also accuse the authorities of taking bribes without "the slightest sense of shame." At the time of this writing the site has been restored and is operating normally.

FBI Says Anonymous Has Been Hacking Government Systems For The Past Year

November 18, 2013 – The Federal Bureau of Investigation has issued a memo that says members of the Anonymous collective have breached US government computers and stolen sensitive information in a campaign that began a year ago. According to the memo, the hackers leveraged a vulnerability in Adobe Systems' software to launch a series of hacks, then left back doors to return to several of the machines. The hacks affected computers at the Department of Energy, the US Army, the Department of Health and Human Services, the US Sentencing Commission and several other departments. Authorities believe these attacks are still active. Investigators are continuing to gather information on the scope of the campaign. It is believed the stolen data includes personal information on at least 104,000 employees, contractors, family members and others associated with the Department of Energy, along with information on almost 2,000 bank accounts. The FBI wrote, "It is unknown exactly how many systems have been compromised, but it is a widespread problem that should be addressed."

8 NASA Subdomains Hacked And Defaced

November 18, 2013 – Members of the M4STER 1T4L!4N H@CKERS TE4m are claiming to have breached and defaced eight subdomains of NASA's Ames Research Center. No motivation for the attacks was given. The defacement message simply says, "Hacked By M4STER 1T4L!4N H@CKERS TE4M." At the time of this writing the sites are off-line. This is a new hacking group and their normal techniques and targets are not yet known.

Anonymous Targets Russian Sites In Support Of Greenpeace Activists

November 18, 2013 – Members of the Anonymous collective have launched distributed denial-of-service attacks against several Russian websites in a protest against the arrests of 30 Greenpeace activists. The targeted sites include the Ministry of Foreign Affairs, the Embassy of Russia in the United States, the General Consulate of Russia in the United States and energy company Gazprom. The Greenpeace activists are charged with piracy and hooliganism and face up to 15 years in prison. Anonymous released a statement saying, "Anonymous has . . . decided to respond with Operation Green Rights. The operation is designed to target high level communication assets of the Russian Federation world wide." The hacktivists have said that if Russia doesn't release the activists the attacks will intensify.

German Web Hosting Provider Hit With Large DDoS Attack

November 18, 2013 – The German web hosting provider, Hetzner, has suffered a distributed denial-of-service attack. According to the company the first wave of the attack lasted approximately 12 hours, but resumed again a few hours later. The second wave of the attack began last night, there has been no word from Hetzner about the attack being over. They did say, "It appears the attack switches targets." At one point, the attack was running at about 60 Gbps.

Anonymous "Will Destroy" Trans-Pacific Partnership Agreement

November 15, 2013 – Members of the Anonymous collective have issued a statement saying they will do everything in their power to destroy the proposed Trans-Pacific Partnership (TPP) agreement. TPP is a proposed law that is far stronger than the controversial SOPA or ACTA. The hacktivists said, "The TPP would restrict the world's access to knowledge and destroy the Internet as we know it. We will rise up and take back the Internet, reclaim what is ours for the good of the Earth and its people." They did not reveal any targets or dates of attacks.

Anonymous Member Arrested For Singapore Hacks

November 15, 2013 – James Raj, 35, a Singaporean hacker was arrested for hacking the website of the Ang Mo Kio town council. Raj, an admitted member of the Anonymous collective, is accused of defacing the site with the Anonymous logo and a message against Singapore's new Internet laws. The new laws were introduced in June of this year. There has been a great deal of criticism and anger among online communities and bloggers, with many believing these laws are an attempt to sideline online voice and freedom of expression. Serving Malware

November 15, 2013 –, the popular humor website, is serving malware that has infected visitor's computers. The malware is spreading via drive-by-downloads. It is not known how many systems have become infected by visiting the site. The hackers delivered the exploit with a malicious piece of javascript that's embedded into the website. The javascript causes users to send a request to This malicious domain contains an iframe pointing to another malicious site, which then sends malicious PDFs, Java, HTML and javascript files into the victim's browser. Cracked says that they have resolved the problem.

Moroccan Government Site Hacked By Anonymous Arabe

November 15, 2013 – CThe hacker known as kjfido, a known member of the Anonymous Arabe hacking group, is claiming to have hacked and defaced the website of the Moroccan province of El Jadida. The defacement message read, "Hacked by Anonymous Arabe, why we did this? Ask yourself ! Don't close your eyes . . . 'Anonymous Arabe is Everywhere' we hacked your website because its security failed. We are the leaders of the world that act in the shadow. Anonymous Arabe. We do not forgive. We do not forget. Expect us." At the time of this writing the site has been restored and is operating normally.

MacRumors Hacker Says They Won't Use Stolen Passwords

November 14, 2013 – The hacker known as Lol, a member of the group that hacked MacRumors Forum and stole user names and passwords of over 860,000 users, has said that they will not use the stolen information to compromise the accounts of people that use the same login credentials on other sites. The hacker provided information that was not publicly available to prove that he indeed was involved in the breach. MacRumors Editorial Director Arnold Kim confirmed that the information was real. Lol said in a posted statement, "We're not logging in to your gmails, apple accounts, or even your yahoo accounts (unless we target you specifically for some unrelated reason). We're not terrorists. Stop worrying, and stop blaming it on Macrumors when it was your own fault for reusing passwords in the first place." According to the hacker, the breach of MacRumors was simply to test their skills. Lol continued by saying, "Consider the 'malicious' attack friendly. The situation could have been catastrophically worse if some fame-driven idiot was the culprit and the database were to be leaked to the public." Targeted 16 Times By Hackers

November 14, 2013 – An official from the Department of Homeland Security told the House Homeland Security Committee that there have been 16 reports of cyberattacks on the website. At least one of these attacks was a distributed denial-of-service, which failed to disrupt the site. An unnamed DHS official has said that the 16 attempts are likely only the documented ones. Security experts agree that the Department of Health and Human Services has most likely only reported significant attacks that could put sensitive information at risk. No details were provided regarding the other attacks, or if any of them caused damage.

Leader Of Anonymous Philippines Arrested

November 14, 2013 – Rodel Plasabas, also known as Reaper, anonymousbutuan and Anon Reaper, has been arrested by officers of the Philippines' National Bureau of Investigation. Plasabas is accused of being involved in attacks against 40 government websites that occurred earlier this month. It is believed that Plasabas is the leader of the Anonymous Philippines collective. An initial investigation turned up evidence of him being involved in online conversations about hacking websites. Officials plan on prosecuting him under the e-Commerce Act.

Anonymous Japan Launches OpKillingBay

November 14, 2013 – Members of the Anonymous Japan collective have launched a new operation, known as OpKillingBay, as a protest against the killing of dolphins and orcas in Taiji, Japan. The operation will focus on attacking Japanese government websites. The hacktivists have announced plans for distributed denial-of-service attacks against the sites of the Ministry of Foreign Affairs and the Prime Minister's office. "An estimated 20,000 dolphins will be slaughtered in Taiji this year alone. If after reading that you still don't care enough to help stop the slaughter then you deserve the same fate as the Dolphins," the hacktivists said in their announcement.

MacRumors Hacked, Data For 860,000 Users Exposed

November 13, 2013 – MacRumors editors have announced that the news website has been breached. It is believed that the hackers have stolen cryptographically protected passwords belonging to all 860,000 users. Editorial Director Arnold Kim posted a statement saying, "In situations like this, it's best to assume that your MacRumors Forum username, e-mail address and (hashed) password is now known." The hacker compromised a moderator account and escalated their privileges with the goal of stealing user login credentials. MacRumors is still investigating how the hacker was able to compromise the privileged account. Kim wrote, "We're not sure how the original moderator's password was obtained, but it seems like they just logged in with it. We are looking into it further to see if there was another exploit, but there hasn't been any evidence of it yet."

Anonymous Hacked British Parliament During Million Mask March

November 13, 2013 – Members of the Anonymous collective are claiming to have hacked the British Parliament during the Million Mask March protests on November 5th. The hackers claim that they used a publicly available password for Parliament's Wi-Fi network to access the network. Once connected the hackers claim to have hijacked several computers and iPads. They are also claiming to have accessed email servers from which they stole user login details. Representatives from Parliament confirm that heavier traffic was seen on November 5th, but Parliament's secure network and applications were not breached.

TeslaTeam Hacks

November 13, 2013 –, a joint venture music video website owned by Universal Music Group, Google, Sony Music Entertainment and Abu Dhabi Media, has been breached by the Serbian hacking group, Tesla Team. The hackers leveraged a SQL injection vulnerability in one of the sub-domains of the website that allowed them access to the Vevo database. The hackers claim that the database contains emails and passwords of admins and other users. Details of the vulnerability were published in a hacker's forum in 2012.

Brazilian Government Sites Serving Fake Flash Player

November 13, 2013 – Over 60 Brazilian government websites have been breached and are now serving malware disguised as Adobe Flash Player. Visitors to the breached sites are redirected to a page designed to look like the official Adobe Flash Player download page. Instead of downloading Flash Player, victims are given a Trojan downloader, which downloads a piece of Banking malware. The fake webpage is in Portuguese, indicating that these attacks are targeting Brazilian users.

Over 200,000 Banking Trojans Found In Last Quarter

November 12, 2013 – A recent report shows that the number of online banking Trojans has risen to over 200,000 for the third quarter of 2013, compared to 132,000 in the third quarter of 2012. The most targeted countries were the United States (23%), Brazil (16%), Japan (12%), India (6%) and Australia (3%). The most popular malware spread by spam were ZeuS variants. The report also showed that most mobile threats target the Android platform, however it seems that cybercriminals are beginning to use more malicious applications that are able to target multiple operating systems.

5 Arrested For Hack Of Singapore Prime Minister Website

November 12, 2013 – Five Singapore men have been arrested for allegedly hacking the websites of Singapore's President and Prime Minister. Muhammad Fitri Abu Kasim, 24, Daniel Ryan Salleh, 25, Mohamad Fadzly Aziz, 21, Muhammad Redzwan Baskin, 26 and Muhammad Qamarul Arifin Sa'adon, 22 have been released on bail, but if found guilty will face jail terms of up to three years or fines of up to $2,000. A Home Affairs Ministry spokesperson said, "Such acts can compromise the operation of critical services, cause alarm, damage and harm, and have serious security, economic and social consequences for Singapore and Singaporeans." Three of the suspects are related, while the other two are friends.

Japanese Anti-Nuclear Groups Hit With DoS Attacks

November 12, 2013 – Over 30 Japanese anti-nuclear groups have been hit with millions of spam emails over the past two months in a denial-of-service email campaign. The groups include Women's Active Museum on War and Peace, the Metropolitan Coalition Against Nukes and Fukushima Genpatsu Kokusodan, an organization dedicated to filing complaints about the Fukushima nuclear plant. Some of the emails read, "Unless we kill all of the anti-nuclear believers, world peace will never be achieved."

AXA Insurance Site Defaced By Anonymous Gabon

November 12, 2013 – The website of AXA Gabon has been breached and defaced by members of the Anonymous Gabon collective. The hackers say that this attack is part of Operation Gabon, which is a protest against the Gabonese government. The defacement message said, "With the rise on ritual killings in Gabon and a highly projected increase within the Gabonese economy for the financial & life insurance market, the AXA group has found a perfect position in Gabon with the help of Ali Bongo." At the time of this writing the website has been restored and is operating normally.

Syrian Electronic Army Hacks

November 11, 2013 – In August of this year, published an article that claimed to identify the leader of the Syrian Electronic Army (SEA). In response to this article, which SEA members say is false and identifies innocent people, the hackers have breached the website and deleted the article. The hackers posted a message saying, "Your website was hacked by the Syrian Electronic Army. This time we just deleted the article that you claimed in it that you exposed 'Th3Pro' identity. But you didn’t. You published names of innocent people instead." SEA gained access to the Vice site by breaching several email accounts, including one belonging to the website developer. Two hours after the breach, the site was restored and the article was posted again.

Anonymous Leaks Italian Government Documents

November 11, 2013 – Members of Anonymous are claiming to have hacked the personal computer and mobile devices of Giuseppe Scopelliti, an Italian politician and the elected president of Calabria. The hacktivists leaked over 1,000 documents from this hack, which included information related to the mafia, drugs and corruption. The files also include emails that allegedly belong to Scopelliti and other members of his staff. A message was posted with the leaked documents saying, "This is just a beginning. People of Italia do have the right to know what the government is involved in, especially when it comes to mafia wars and corruption in the region." The hackers said their next targets are the leaders of regions such as Lombardia, Sicilia, Toscana, Campania and Puglia. All of these attacks are part of OpItaly.

21 Brazilian Military Sites Hacked By BMPoC

November 11, 2013 – Members of the BMPoC hacking group are claiming to have hacked and defaced twenty-one sub-domains of Brazil's military. The same defacement message appeared on all the sites reading, "The giant awoke and took a rank again durmir again ..Brazil has to stop all at once.Come on Brazil! Our government is now just right? HAHA of course not! I dont just login to facebook and waste time, I know what I do!" The affected sites belong to departments of the Brazilian military's aeronautical directorate including, the aeronautical hospital, aeronautical academy, aeronautical health center and aeronautical training institute. At the time of this writing all of the sites were still displaying the defacement page.

Indonesia Hackers Not Listening To Warning From Anonymous Australia

November 11, 2013 – Last week members of the Anonymous Australia collective issued a warning to Indonesian hackers that were attacking "innocent websites." Anonymous Australia warned the Indonesian hackers to only target government sites or there would be consequences. After a day during which the hackers only attacked Australian government websites, the Indonesians have once again started attacking innocent businesses. It appears that the hackers had difficulty hacking government sites, so they went back to focusing on the individual businesses. Anonymous Australia has issued a "final warning", if the Indonesian hackers do not listen then they will have to face the "wrath of their fellow legion." Targeted By New DoS Attack Tool

November 8, 2013 – Researchers have discovered a new denial-of-service attack tool targeting The tool has not yet succeeded in taking the site down, however it may be making the site inaccessible for some visitors. According to the researchers the program being used to create the attack displays a message saying, "This program continually displays alternate page of the ObamaCare website . . .The purpose is to overload the ObamaCare website, to deny service to users and perhaps overload and crash the system." It appears that the motivation behind this attack is a protest against policies, legal rulings and government actions.

Singapore Prime Minister's Website Hacked By Anonymous

November 8, 2013 – Members of the Anonymous collective have hacked and defaced the website of Singapore Prime Minister Lee Hsien Loong. According to Singapore's Infocomm Development Authority (IDA), the attack exploited a cross-site scripting vulnerability in the search subpage of the website. The defacement message said, "Anonymous SG was here . . . It's great to be Singaporean today." The IDA released a statement saying, "The PMO main website is still working, and we will restore the compromised pages as soon as possible. The matter is under investigation."

Australia's Security Intelligence Organization Site Taken Down By Indonesian Hackers

November 8, 2013 – Indonesian hackers are taking credit for briefly taking down the website of the Australian Security Intelligence Organization (ASIO). The site was only down for 2 - 3 minutes and did not cause any real damage. Earlier this week Anonymous Australia warned Indonesian hackers to only target Australian government sites and leave innocent businesses alone. Anonymous Australia sees this attack as a sign the hackers are listening to their warning. This attack and the earlier attacks against Australian websites are a protest against Australia's spying on Indonesia.

India's Zee TV Hacked By Pakistanis

November 8, 2013 – Members of the Pakistani Cyber Experts hacking group have hacked and defaced three websites belonging to India's Zee TV. The affected sites are Zee TV USA, Zee TV South Africa and Zee TV Canada. The defacement message on each site is a protest against the Indian occupation of Kashmir. The hackers write, "Kashmir does not want militarized governance. They just want freedom! Freedom from the evil of the Indian Military!" At the time of this writing, only Zee TV Canada is still defaced, the other sites are restored and operating normally.

Over $1 Million In Bitcoins Stolen In Hack Of Bitcoin Wallet

November 7, 2013 – The Bitcoin wallet has announced that a total of 4,100 Bitcoins, the equivalent of about $1.1 million, was stolen as a result of two hacks. At this time says it can not pay user balances. The hackers compromised old email accounts in order to breach the hosting account. The hackers were able to bypass the two-factor authentication mechanism by exploiting a server-side vulnerability. Bitcoin back-end code was also stolen and sent to a compromised server. Users of the service are instructed to contact to request a refund.

Anonymous Ukraine Targets NATO With DDoS Attack

November 7, 2013 – Members of the Anonymous Ukraine collective have launched a distributed denial-of-service attack against the website of NATO's Cooperative Cyber Defence Centre of Excellence (CCDCOE). The attack was a response to NATO's hacking of a number of Ukrainian government websites. The hackers posted a statement saying, "On Monday NATO CCDCOE hacked a number of Ukrainian websites including Medical Department of Security Service of Ukraine and Ukraine's Prosecutor General's Office. It's payback time! We've just tango down NATO CCDCOE!" Earlier this week it was determined that NATO was not responsible for the attacks against the Ukrainian government, hackers simply put the CCDCOE logo on pages that were defaced. The CCDCOE website was down for about two hours before being restored.

Anonymous Australia Calls On Indonesian Hackers To Leave Innocents Alone

November 7, 2013 – Earlier this week, Indonesian hackers attacked hundreds of Australian websites in response to news that the Australian government had been spying on Indonesia. Many of the organizations affected by these attacks belonged to Australian businesses that have nothing to do with the government. Members of Anonymous Australia have posted a statement addressed to the Indonesian hackers saying, "Innocent businesses should not be attacked. We all bound together in an effort to bring down tyrant governments to shape our world as a better place. We bid you, as a fellow brother to focus on your main target - governments and spy agencies and leave the innocent bystanders out of this." Anonymous Australia warned that if the Indonesian hackers ignore this request that they will "feel the full wrath of their fellow legion."

Philippine National Police Regional Offices Hacked

November 7, 2013 – Members of the hacking groups Phantom Hackers PH and Pinoy Vendeta have hacked two websites of the Philippine National Police Regional Office 1, and two websites of the Philippine National Police Regional Office 3. The hackers left defacement messages on the sites saying the police have falsely accused people of hacking websites. One of the messages reads, "Don't be so desperate on hunting and shutting down Anonymous Philippines by picking anyone and accusing them of anything." At the time of this writing, only one of the sites has been fully restored.

5 Hackers Added To FBI's Cyber's Most Wanted List

November 6, 2013 – The US Federal Bureau of Investigation has updated it's Cyber's Most Wanted List to include five new hackers, bringing the total to 17 fugitives urgently wanted for computer and data-related crimes. One of the hackers is Andrey Nabilevich Taame, a Russian wanted for involvement with the DNSChanger malware that infected over four million PCs between 2007 and 2011. Two Pakistani hackers, Farhan Arshad and Noor Aziz Uddin, are wanted for hacking business telephone systems and making calls that resulted in $50 million in losses. An El Salvadoran hacker, Carlos Enrique Perez-Melara, is charged with running a spyware-for-hire scheme out of San Diego, before fleeing back to El Salvador. The final addition to the list is Russian, Alexsey Belan, who allegedly remotely accessed the computer networks of three US-based companies in 2012 and 2013 and stole sensitive data as well as employees' identities. FBI spokesman Richard McFeely said, "Throughout its history, the FBI has depended on the public's help and support to bring criminals to justice. That was true in the gangster era, and it's just as true in the cyber era."

Microsoft Warns Of Targeted Attacks

November 6, 2013 – Microsoft issued a warning about a vulnerability in its software that could be exploited by hackers. The vulnerability could be leveraged to allow remote code execution, giving the attacker the same user rights as the current user. In the warning, Microsoft said it is "aware of targeted attacks that attempt to exploit this vulnerability in Microsoft Office products." The vulnerability affects Microsoft Windows Vista, Windows Server 2008, Microsoft Office 2003 -2010 and Microsoft Lync. The flaw is currently being investigated and Microsoft stated, "Upon completion of this investigation, Microsoft will take the appropriate action to help protect our customers. This may include providing a security update through our monthly release process or providing an out-of-cycle security update, depending on customer needs."

Twitter Vulnerability Allows Hackers To Read DMs

November 6, 2013 – A cross-site request forgery (CSRF) vulnerability was discovered in Twitter's "add mobile device feature". This feature allows users to control their account via SMS. The CSRF vulnerability could be leveraged to gain access to a user's direct messages and post tweets from any account. Twitter fixed the vulnerability the same day they received notification about it from security researchers.

Philippines Disaster Information Project Site Breached

November 6, 2013 – The website for the Philippines' Disaster Information for Nationwide Awareness (DINA) Project has been breached. The hackers changed the configuration on the site so that visitors are redirected to an adult site. The redirection only occurs if someone visits the site from a mobile device. The attack happened just as the National Disaster Risk Reduction and Management Council (NDRRMC) was preparing to launch the DINA Project. No one has taken credit for the attack at this time. The NDRRMC is urging visitors to only use desktop computers and laptops until the problem is fixed.

Harbor Freight Tools Breached

November 5, 2013 – Customers of Harbor Freight Tools have been notified that some of their financial information may have been breached after the company's payment processing system was hacked. Eric Smidt, Harbor Freight Tools' President, said that only customers who made transactions between May 6, 2013 and June 30, 2013 are affected. In most cases credit card numbers, expiration dates and CVVs were exposed. They believe that the cybercriminals obtained cardholder names in only 1% of the transactions. The company has sent out notifications letters to impacted customers and have posted notices in all of their stores and on their website. The investigation into the incident is on-going.

Guilford County, NC Sheriff's Office Site Hacked

November 5, 2013 – Officials from the Guilford County, NC Sheriff's office have confirmed that their website has been hacked. Google has been warning visitors that the "site may be hacked" for the past several weeks. Representatives of the Sheriff's office say that the site has been reinstalled from a clean backup and is now functioning normally. It is believed that the hackers exploited a vulnerability in GoDaddy's system, not a security hole in the website itself.

Smart Calendar App, Sunrise, Hacked

November 5, 2013 – The smart calendar app, Sunrise, has advised their users that the service was hacked over the weekend. Sunrise CEO Pierre Valade sent an email to users saying that they have already taken steps to protect user information. The company says that LinkedIn, Foursquare and Producteev data is safe as those services were not compromised. Also, user emails and passwords are safe as these were all encrypted. Valade does advise users that if they connected iCloud to their account, they should reset their passwords and reconnect the app with Apple's cloud and storage service. In addition, Valade said that no credit card or banking information was compromised.

Romanian Telecom, AdNet, Breached

November 5, 2013 – AdNet Telecom, a major Romanian telecommunications provider, has been breached by the Saudi Arabian hacker known as King of Control. Two sites belonging to AdNet have been compromised: the company's main domain and a domain dedicated to web hosting services. Both sites were initially taken offline, but have now been restored. Security experts have confirmed that this was not a case of DNS hijacking. AdNet has not issued any statement at this time.

Celebs, Execs And Lawmakers Among 850,000 Users Compromised By Limo Company Hack

November 4, 2013 – The hackers responsible for the Adobe and PR Newswire hacks appear to be behind the breach of CorporateCarOnline, which provides software management solutions for limousine companies. The breach resulted in 850,000 user records being stolen. The system stores personal and financial details from reservations, several of which belong to celebrities, executives and lawmakers. The stolen information includes names, addresses, credit card numbers and expiration dates. Some of the affected individuals include LeBron James, Aaron Rodgers, Tom Hanks, Donald Trump, Senator Mark Udall, Senator Tom Daschle and US Representatives Joe Garcia, Gus Bilirakis, Jim Matheson, Lynn Westmoreland and Joe Baca. The stolen file was found on the same server on which the Adobe and PR Newswire files were found. CorporateCarOnline has confirmed that the information has been stolen, but has provided no other details.

Chinese Chamber Of Commerce Data Leaked By Hackers

November 4, 2013 – The hacking group known as Raptor Swag is claiming to have hacked the website of China's Chamber of Commerce. The hackers have released a 7.4Mb file that contains allegedly stolen data from the Chamber of Commerce. A message was released with the data saying, "China is silly. They toss around images of their powerful army and their unstoppable government, yet . . . they do not sufficiently secure their systems from basic attacks." The hackers claim to have hacked a total of 71 Chinese government websites. The members of Raptor Swag are a group of people that used to hack as part of the Anonymous collective, but decided to create their own group because Anonymous "put a restriction on what we feel matters most - self amusement."

"NATO" Defaces Ukrainian Government Sites

November 4, 2013 – Four Ukrainian government websites have been defaced with a message reading, "Website has been suspended. Security policy of the website does not meet the requirements of NATO Cooperative Cyber Defence Centre of Excellence. Steadfast Jazz 2013." The CCDCOE has said that NATO has absolutely nothing to do with this or any other website hacks. Experts believe that this hack is related to Anonymous Ukraine's Operation Independence, which is targeting high-profile websites of the European Union, Ukraine, Poland and Russia.

Singapore Government Preparing For Anonymous Attacks

November 4, 2013 – Several days ago, Anonymous members announced that they would be targeting the Singapore government in protest of the implementation of the Internet licensing framework, which they see as a form of censorship. Since that time several government sites have gone offline, but the Infocomm Development Authority (IDA) has said that the down times are a result of planned maintenance, not Anonymous. The IDA said that they are taking the Anonymous threats very seriously, and government agencies are enhancing their IT security. At this time the only hack reported was of the Straits Times newspaper last week.

TeamBerserk To Stop Hacking Activities

November 1, 2013 – Members of the TeamBerserk hacking group have announced that they will stop their hacking activities, at least for a while. TeamBerserk is known for several hacks including the US Office of Personnel Management, Interactive Data, the Chinese University of Hong Kong, New Mexico ISP Plateau, Loretto Telecom and California-based ISP Sebastian. The hackers posted a message saying, "TeamBerserk is going dark for a while until further notice. MechAnimA has just got out of jail. Gutts and MechAnimA will be working on some other projects together. D0n and other members are too busy with their personal affairs at the moment to be active." There is no concern among team members about law enforcement identifying them, with the hackers saying that the authorities are "not even close."

Finland Accuses China And Russia Of Cyber Espionage

November 1, 2013 – Finland's government communications have been targeted in a four-year long cyber espionage operation, according to the Ministry of Foreign Affairs. Although officials have not assigned blame, China and Russia have been accused by other sources of being behind the operation. The data breaches were first discovered in the spring of this year. The espionage campaign appears to have targeted communications between Finnish and European Union officials. An investigation into the attack is on-going.

Anonymous Targeting Singapore Government

November 1, 2013 – Members of the Anonymous collective have announced that a new campaign targeting the government of Singapore has begun. The first attack of the operation was against The Straits Times', a major Singapore newspaper, website. The hacktivists said the reason for this operation is to show the government that it can't ignore its citizens' problems, and to protest the Internet licensing framework. The hacktivists said in a statement, "No one has the right to tell an individual what he can or cannot read or write. This is a basic fundamental of democracy and we will use everything in our resources to protect it at all costs. We demand you reconsider the regulations of your framework or we will be forced to go to war with you." The main target for this operation will be the Infocomm Development Authority of Singapore, which is in charge of the development and growth of Singapore's information and communications sector.

Indian Television Channel Defaced By Pakistani Hackers

November 1, 2013 – Members of the Pakistani Haxors Crew (PHC) are claiming to have hacked and defaced several websites belonging to Jaya TV, one of India's largest television channels. PHC has a history of protesting against "Indian oppression and Indian occupation." PHC left a message on the defaced sites saying, "Islam Zindabad, Long Live Muslims, Pakistan Zindabad. We are PHC. We Just Want Justice & Peace." At the time of this writing, some of the sites were still displaying the defacement message. Full Of Security Vulnerabilities

October 31, 2013 – Security experts have been studying the new website since it's launch on October 1st. The results of these studies has been the discovery of several security vulnerabilities. Experts have found that hackers can easily access user names, password reset codes, email addresses and security questions, without needing any kind of authentication. A memo from September 27th, prior to the site launch, to Center for Medicare and Medicaid Services Administrator Marilyn Tavenner says, "From a security perspective, the aspects of the system that were not tested due to the ongoing development, exposed a level of uncertainty that can be deemed as a high risk . . . the security contractor has not been able to test all of the security controls in one complete version of the system." Several security holes have already been fixed, but several remain that increase the risk of personal information being leaked.

TurkHackTeam Celebrates Turkish Republic Day With 500 Hacks

October 31, 2013 – Members of the TurkHackTeam hacking group claim to have hacked and defaced 500 websites in celebration of Turkish Republic Day. The defacement message on the sites reads, "We will continue and do everything in our power to end the lives of sites that are against the republic of Turkey . . .We wish Turks all around a happy republic day. Tolerance can be endless, but hardiness is limited." The affected sites were from several countries and included hospitals, schools, software houses, real estate businesses and financial institutions. At the time of this writing most of the sites were still defaced or taken offline.

Anonymous Ukraine Launches OpIndependence

October 31, 2013 – Members of the Anonymous Ukraine collective have announced the beginning of OpIndependence, a campaign to promote Ukraine's independence from the European Union, NATO and Russia. The hacktivists posted a message saying, "Ukrainian citizens realize that signing the Association Agreement with the European Union, scheduled in November, will lead to the collapse of Ukrainian economy in the near future. We express our support to the people of our country. We want Ukrainian government and EU leadership to understand that people of Ukraine do not want their country to become a raw material donor to Europe." As part of this operation a distributed denial-of-service attack has been launched against the European Investment Bank website. Other targets of attacks include Poland's Chief Sanitary Inspectorate, Russian portal and Poland's Zieloni RP party.

Three Italian Educational Institutions Defaced

October 31, 2013 – The hacker known as Ammar Liverpool is taking credit for the breaching and defacement of three Italian educational institution websites. All of the sites are hosted on government domains. The affected websites belong to the State High School Eleonora Pimentel Fonseca, the Comprehensive Institute Russo-Montale and the Comprehensive Institute Capaccio-Paestum. Experts are assuming that the hacker was able to compromise the hosting server, which would provide easy access to deface these sites. At the time of this writing, the sites are still defaced.

Twitter Vulnerabilities Allow Arbitrary File Uploads

October 30, 2013 – Security researchers have discovered vulnerabilities in Twitter that could be leveraged by hackers to upload arbitrary files to Twitter's systems. The first vulnerability was discovered on, which is a site that allows developers to create applications that integrate with Twitter. The vulnerability allows users to bypass security checks and upload any type of files to the server. Hackers could exploit this to turn the Twitter server into a command and control server since it is a trusted domain. The second vulnerability that was discovered allowed attackers to redirect users to arbitrary websites. Both vulnerabilities have now been fixed by Twitter.

Anonymous Focusing On Syrian Government

October 30, 2013 – Members of the Anonymous collective are continuing their OpSyria campaign and are focused on breaching Syrian government systems. The hacktivists say that they consider all Syrian government systems targets. They posted a statement saying, "Finding documents regarding the use of chemical weapons is a top priority but the hacks are a great way for us to show the Syrian Regime, 'Hey. We're still watching you - and we're going to keep doing this until your people realize that they are our ally.'" Anonymous said that they have several people working full time looking for vulnerabilities in Syrian government websites. The hacktivists want to make sure the Syrian government understands, "We are already inside your databases."

Interpol Indonesia Taken Down As Part Of OpThrowBack

October 30, 2013 – The hacker known as Fu7ion is claiming to have taken down the website of Interpol Indonesia. Fu7ion is a member of the Anonymous collective and said that this attack was a part of OpThrowBack. The hacker used a SYN flood to overwhelm the website's servers. The official start of OpThrowBack is scheduled for tomorrow. At the time of this writing, the website is still down.

Miami Dolphins Cheerleaders Site Hacked

October 30, 2013 – The website of the Miami Dolphins cheerleaders has been hacked. Visitors to the site from mobile devices were being redirected to an adult website. Dolphins representatives said that they rushed to fix the issue as soon as they were aware of it. The team has launched an investigation to find who is responsible for the attack. At the time of this writing the site is operating normally.

Syrian Electronic Army Hacks Obama's Social Media Accounts

October 29, 2013 – Members of the Syrian Electronic Army (SEA) have hacked President Barack Obama's Twitter and Facebook accounts. The hackers were able to compromise the accounts by taking advantage of a URL shortening service used for the social media accounts by Organizing for Action, Obama's campaign organization. SEA changed all of the links from Obama's messages to lead to a 24 minute video called "Syria facing terrorism." The hackers said, "We are watching you, Obama Bin Laden. Thank you Obama for redirecting people to the SEA website." They continued, "Obama doesn't have any ethical issues with spying on the world, so we took it upon ourselves to return the favor." The hackers hacked a total of eight email accounts which gave them access to Blue State Digital, a media strategy and technology firm that handled the Obama campaign between 2008 and 2012, and ShortSwitch, the URL shortening service used by Organizing for Action. Once SEA had access to the Blue State Digital and ShortSwitch accounts, they were able to redirected certain links to any website.

Anonymous Plans DDoS Attacks On "High Profile" Sites

October 29, 2013 – Members of the Anonymous collective have announced a new operation called Operation Throwback. OpThrowback will be attacks "to strike back against the oppressors of our freedom." The operation will consist of distributed denial-of-service attacks against high profile websites. They are planning attacks on the sites of the FBI, the NSA, Verizon, Microsoft and AT&T on October 31. The hackers say they will be testing their "firepower" today against the American Nazi Party website.

At Least 38 Million Adobe Users Affected By This Month's Hack

October 29, 2013 – More information is being reported about the hacking of Adobe's systems earlier this month. The attack led to the source code for several Adobe products being stolen, along with user information. Adobe initially said information of 2.9 million customers was stolen, but now they are admitting that the number is much higher. Heather Edell, Adobe spokesperson said, "So far, our investigation has confirmed that the attackers obtained access to Adobe IDs and encrypted passwords for approximately 38 million active users." The company also confirmed that some of the source code for Photoshop was stolen in addition to the source code for Acrobat, Reader and ColdFusion. Edell also said, "We also have reset the passwords for all Adobe IDs with valid, encrypted passwords that we believe were involved in the incident."

UK Man Arrested For Hacking US Government Networks

October 29, 2013 – Lauri Love, 28, of Stradishall, England has been arrested and charged with hacking computer networks belonging to the United States and other countries. Authorities from the US are charging Love with the hacking of systems belonging to the Army, the Missile Defense Agency, the Environmental Protection Agency and NASA, causing millions of dollars in damages. US Attorney Paul Fishman said, "Lauri Love and conspirators hacked into thousands of networks. . . As part of their alleged scheme, they stole military data and personal identifying information belonging to servicemen and women. Such conduct endangers the security of our country and is an affront to those who serve." Love is charged with one count of accessing a US department or agency computer without authorization and one count of conspiracy to access a US department or agency computer without authorization. The sentence for these charges could be five years in prison for each count.

Obama Campaign Site Hacked By Syrian Electronic Army

October 28, 2013 – It appears that over the weekend a website for President Barack Obama's campaign donations was hacked and was redirecting visitors to the Syrian Electronic Army (SEA) website. The hacked site is, which is actually an old site used to collect donations. A different site is currently used by the Obama campaign, SEA has made no statement about this hack and it is unclear if they truly are the ones behind it. At the time of this writing the site is operating normally and no longer redirects.

Buffer Hacked, Spam Sent From User Accounts

October 28, 2013 – Buffer, the service that allows users to schedule posts on various social media websites, was hacked over the weekend. The hackers used the access to send spam messages via the social media accounts of Buffer users. Buffer disabled all postings once the breach was discovered. No information was stolen during the hack, and no social media accounts were actually compromised. Facebook is reporting that a total of 30,000 users who have their Facebook accounts linked to Buffer have been impacted by the spam problem. That represents 6.3% of Buffer users on Facebook. Buffer CEO Joel Gascoigne posted a message saying, "We have added encryption of OAuth access tokens and we have changed all API calls to use an added security parameter. Service has resumed with increased security since the incidents." Several security experts have been brought in to investigate the source of the breach.

Turkish Hackers Deface Alexza Pharmaceuticals

October 28, 2013 – Members of the Ayyidiz Tim Turkish hacking group are claiming to have breached the website of Alexza Pharmaceuticals. Alexza is based in California and develops products for the treatment of central nervous system conditions. The Alexza website has been defaced with a message of protest against anyone that insults Islam. The defacement message also had statements of support for Muslims in Turkestan and in Arakan. At the time of this writing the site is still defaced.

Canadian 12-Year Old Admits To Hacking For Anonymous

October 28, 2013 – A 12-year old Canadian boy has pleaded guilty to hacking multiple government and police websites for the Anonymous collective. The boy said he traded the stolen information to members of Anonymous in exchange for video games. Some of the sites he admitted to hacking include the Montreal police, the Quebec Institute of Public Health and the Chilean government. His attacks included distributed denial-of-service, site defacements and stealing user information. According to court documents, it is estimated that the boy did $60,000 worth of damage.

Civil Air Patrol Domain Defaced By Malaysian Hackers

October 25, 2013 – The Malaysian hacking group known as KamiSecTeam is claiming to have breached and defaced the website of the Northern Region Civil Air Patrol of the United States Air Force. The Civil Air Patrol is an auxiliary of the US Air Force that performs 90% of continental US inland search and rescue missions. The hackers defaced the page with the KamiSecTeam logo, but did not give a reason for the attack. At the time of this writing, the site has been restored and is functioning normally.

Anonymous Leaks 80 Mb From Syrian Patent Office

October 25, 2013 – Members of the Anonymous collective have leaked 80Mb of documents and images from the Syrian Patent Office, as a part of OpSyria. It appears that the documents that were leaked do not contain any sensitive information. The documents include memos, information on patents, legislation, brochures and various registration forms. The hackers left a message saying, "Greetings from Anonymous. Lately we've been on a roll, having fun looting everything we can get our hands on. . . we continue to pile on our personal collection of Bashar's property." According to the hackers, they are working in concentrated and effective teams to ensure their operations are carried out "swiftly and properly."

Anti-Virus Company, ESET, Defaced By MrDOx

October 25, 2013 – Four Spanish domains of the anit-virus company ESET have been breached and defaced by the Panamanian hacker known as MrDOx. The defacement on all of the sites said, "D3fac3D By MrDOx." The pages also include a link to the hacker's Twitter handle. The hacker made no mention of the reason for the hack. At the time of this writing all four of the domains and the official ESET domain for Spain were taken offline.

Tunisian Hackers Breach Site Of African Petroleum Producers' Association

October 25, 2013 – Members of the Tunisian hacking group known as Fallaga Team Tunisia have breached and defaced the website of the African Petroleum Producers' Association (APPA). A defacement message was left, saying, "Hacked by TN_X2X,, Fallaga Team Tunisia Hackers. TN_X2X and we will be back." The APPA is an intergovernmental organization with eighteen member countries including Algeria, Angola, Benin, Cameroon, Chad, Democratic Republic of Congo, Congo, Cote d'Ivoire, Egypt, Gabon, Ghana, Equatorial Guinea, South Africa, Libya, Mauritania, Niger, Nigeria and Sudan. It is unclear if the hackers accessed any sensitive information. At the time of this writing the site has been restored and is functioning normally.

64% Of Energy Companies Face Brute Force Attacks

October 24, 2013 – A recently released report shows that 64% of energy companies were targeted by brute force attacks during a six-month study. Energy companies are a prime target for hackers because of the dependence the population and businesses have on the availability of energy resources. Sixty-one percent of energy companies reported being targeted in malware/botnet infiltration attacks. In comparison, only 34% of companies in the total study experienced brute force attacks and 13% of all companies are targeted by malware/botnet infiltration attacks.

Anonymous Hacks Syria's Higher Commission For Scientific Research

October 24, 2013 – Members of the Anonymous collective have breached and leaked data from Syria's Higher Commission for Scientific Research systems. The hackers say that the breach and data leak are part of OpSyria. The leaked information includes database structure details, user names, hashed passwords, network map data and emails. The breach was of an FTP server, and the hackers say they also have access to Syrian government emails. A message was posted along with the leaked data saying, "Assad, we hope we've made ourselves clear. We REFUSE to tolerate your actions of gassing your own innocent people in a despotic and run-down capital where one cannot walk across the street without taking gunfire. If the Western World won't take action to show you where you went wrong, we certainly will."

Russian Government Targeted By Anonymous

October 24, 2013 – Members of the Anonymous collective have launched a distributed denial-of-service attack against the online portal of the Government of Russia. The hackers say that the attack is a protest against the arrests of Greenpeace activists. A message was posted saying, "This TangoDown is in support of jailed GreenPeace activists who staged a protest against oil exploration in the Arctic Ocean last month." At the time of this writing the website is functioning normally.

North Korea Accused Of Using Free-To-Play Video Games As Cyberweapons

October 24, 2013 – South Korea's National Police are warning online gamers that free-to-play video games are being used by North Korea to infect players with malware that will collect user data and could be used to launch cyberattacks. The Washington Post reports that North Korea has already employed this method to infect 100,000 South Korean computers that were used to launch cyberattacks against Sourth Korea's Incheon International Airport last year. Last year's attack was traced back to North Korea's Reconnaissance General Bureau. Previous North Korean attacks have targeted South Korean television, financial institutions and air and marine traffic controls.

US Department Of State Website Hacked

October 23, 2013 – The Indonesian hacker known as Dbuzz has hacked and defaced the official blog of a US Department of State website that deals with US embassies, consulates and diplomatic missions from across the world. The hacker left a message saying, "Hacked by Dbuzz! Secure Your Box. Cheers To: Black Angels - pH4THOrMOn - Pak RT!" The website provides information regarding US embassies and diplomatic missions in Africa, Europe and Asia. At the time of this writing the blog site is restored and operating normally. Dbuzz is also claiming to have hacked and defaced the Department of State's Our Planet subdomain. The same defacement message appeared on this site. The site is currently offline.

RedHack Leaks Documents From Turkey's Minister For EU Affairs

October 23, 2013 – Members of the RedHack hacking group have posted documents about the candidacy of Egemen Bagis, current minister for EU Affairs and chief negotiator for the Istanbul Metropolitan Municipality. The leaked files include information on Bagis' income, communications with foreign officials, daily activities and official meetings. A total of 18 documents have been published, and the hackers say they will post 18 documents per day over the "upcoming period."

Anonymous Breaches Ukraine's Ministry Of Foreign Affairs, Leak Information

October 23, 2013 – Members of the Anonymous collective are claiming to have hacked the systems of Ukraine's Ministry of Foreign Affairs. The hackers say they were able to breach the systems by hacking a Ukrainian telecom company, EuroTraceTelcom. A large number of documents have been leaked, mostly concerning Ukraine relations with Azerbaijan. The hackers explained, "We started our release from Ukraine Embassy to Azerbaijan because we are very much concerned about state of affairs in UKR AZERI relations in terms of oil and gas trade and we know that much of it has to do with former Prime Minister of Ukraine - Tymoshenko."

OpSerbia Set For November 28, 2013

October 23, 2013 – A newly formed hacking group known as Pentagon Security Team has announced that Operation Serbia will take place on November 28, 2013. The hacking group appears to be made up of Albanian professional hackers from other known hacking groups. OpSerbia is a protest against war crimes carried out by the Serbian Army and government during the war between Kosovo and Bosnia. The hackers say they are also protesting corruption in Serbian government.

Verizon Portal Vulnerability Reveals Users' SMS History

October 22, 2013 – Researchers have discovered a privacy vulnerability on Verizon Wireless's customer portal, which allows anyone to download users' SMS history and numbers of people the user communicated with. The vulnerability is a simple URL exploit that allows any subscriber to extract data using the "Download to SpreadSheet" function. This vulnerability could potentially expose tens of millions of Verizon users' contact lists and texting history. Verizon has not issued a statement about this issue.

Hackers Steal $100,000 From California ISP Users

October 22, 2013 – The hacking group, TeamBerserk, is claiming to have stolen $100,000 by using user names and passwords stolen from California ISP Sebastian. The user names and passwords were used to access the users' bank accounts. The hackers detailed how they used a SQL injection attack against Sebastian to access the customers' database and then using the stolen information were able to access the victims' Gmail accounts, linked PayPal accounts and bank accounts.

International Atomic Energy Agency Infected With Malware

October 22, 2013 – The International Atomic Energy Agency (IAEA) has issued a statement saying that some of its computers have been infected by malicious software. IAEA spokesman Serge Gas said, "No data from the IAEA network has been affected." It is not clear how the malware entered their systems. Initially they looked into if a third-party technician or visitor could have used a USB drive to insert the malware. Gas said, "The (IAEA) secretariat does not believe that the USB devices themselves were infected or that they could spread the malware further." Details of the malware were not disclosed.

Paraguay's National Police Site Defaced

October 22, 2013 – The hacker known as TuNoVaTo has breached and defaced the website of Paraguay's National Police. The hacker let a message on the site saying, "Sorry Admin, you have a security breach. My Crime: Curiosity. Do not accuse me for this, this is just your fault, not mine. Sovereignty is the right of the people to elect their government, its laws and it is respected! Capitalist Government Corrupt! The Revolution has come to stay!" Earlier this year, TuNoVaTo hacked Paraguay's National Secretariat for Housing and Habitat and National Institute of Food and Nutrition.

Syrian Electronic Army Hacks Major Qatar Websites

October 21, 2013 – The Syrian Electronic Army (SEA) has hacked several major Qatar based websites including Google, Facebook, Aljazeera, government and military sites. All of the sites use the .qa extension and the domains are managed by Qatar's Ministry of Information and Communication. It appears that SEA gained access to the Qatar Domain Registrar and modified the DNS entries to redirect the websites to servers controlled by the hackers. When attempting to visit one of the affected sites, the user is redirected to a defacement page that has a picture of Syrian President Bashar al-Assad and the SEA logo.

UK's Daily Mail Hacked By TeaM MADLEETS

October 21, 2013 – The Pakistani hacking group known as TeaM MADLEETS has hacked and defaced the official discussion forum of the UK's Daily Mail website. TeaM MADLEETS member 1337 was the individual that performed the attack. 1337 left a message on the defaced page saying, "Struck by 1337! Daily Mail Stamped by Pakistani Leets! Security is just an illusion . . . We are TeaM MADLEETS!" The Daily Mail uses vBulletin, and it appears that a vulnerability in the software is what allowed the breach to occur.

Over-X Breaches Algeria's Ministry Of Housing And Urban Development

October 21, 2013 – The Algerian hacker known as Over-X is claiming to have hacked and defaced Algeria's Ministry of Housing and Urban Development website. On the defacement page the hacker left a message of protest against the government, and accused several officials of taking bribes. Specifically, Over-X is unhappy with the current lack of housing and jobs. Last week, Over-X hacked fifteen Red Bull websites.

Armenia's National Security Service Hacked By Azerbaijani Hackers

October 21, 2013 – Members of the Azerbaijani hacking group Anti-Armenia Team are claiming responsibility for hacking and defacing several Armenian websites, including Armenia's National Security Service. The hackers have leaked over 1,100 documents stolen from the National Security Service. The documents are all written in Armenian, but it appears that some are identification documents. At the time of this writing most of the websites have been restored and are operating normally.

Red Bull Sites Hacked And Defaced

October 18, 2013 – The Algerian hacker known as Over-X has breached and defaced fifteen domains belonging to Red Bull. The defaced pages simple say, "Hacked by HCN." The hacker also left a link to his Facebook page on the sites. The affected sites include,,,, and The main Red Bull website was not impacted by the attack. At the time of this writing some of the sites are still displaying the defacement.

Russian Financial Institutions Hit With DDoS Attacks

October 18, 2013 – Several major Russian financial institution websites have been hit with distributed denial-of-service attacks. The targeted institutions include Russia's central bank, VTB, Alfa Bank and Sberbank. Artyom Sychyov, the deputy head of the Central Bank's cyber security department released a statement noting that the attack on his bank was well organized, but not very powerful. Experts believe that the attacks are an attempt to weaken the trust in Russia's banking sector.

Torrent Sites Blocked In Italy

October 18, 2013 – The Pirate Bay and four other file sharing sites will be blocked in Italy due to a recent court order. The court ruled that the sites must be blocked by ISPs due to massive illegal downloading of music, films and other copyrighted digital content. This is the second time in five years that an Italian court has ordered ISPs to block The Pirate Bay. The first block was repealed in 2008, but it was re-instituted in 2010. In early 2013, The Pirate Bay came back online with a different domain name. The other sites blocked by the ruling are,, and Italy's finance police issued a statement saying, "Sharing copyrighted content through the Internet still leads to heavy losses for the legal market and leads to a loss of tax revenue."

Anonymous Targeting Moroccan Government After Teens Arrested

October 18, 2013 – Members of the Anonymous collective have said they will be targeting the Moroccan government in response to the arrest of three teenagers. The teenagers were arrested for posting a picture of two of the teens kissing on Facebook, the third teen arrested took the picture. The Moroccan government arrested the teens for violating public decency laws. The hacktivists said, "This senseless attack on an innocent expression of young love in a country notorious for the domestic abuse of women is a sick and twisted mirror image of what the Moroccan government should be focusing on instead." The hacktivists claim to have already hacked and leaked information from the Department of Water. The leaked information includes login credentials, bank transfer details and personnel files. The Anonymous members say they will be monitoring the situation until the November 22nd trial.

PR Newswire Admits Being Hacked

October 17, 2013 – The press release distribution service, PR Newswire has admitted that they suffered a hacking attack earlier this year. The hackers stole usernames and encrypted passwords belonging to customers that used the service. The stolen information was found on the same server where the source code for several Adobe products was recently found. The stolen information appears to belong to users from India, Europe, Africa and the Middle East. PR Newswire issued a statement saying, "PR Newswire has protocols and redundancies in place that are designed to minimize the risk of distributing fraudulent press releases, including both technological and human safeguards prior to issuing any release." The company has started an investigation and it is in the process of notifying impacted customers.

California State University Breached

October 17, 2013 – Unidentified hackers have breached the systems of the California State University at Sacramento. Information related to 1,800 employees was compromised by the attack. The employee information includes social security numbers and driver's license numbers. At this time appears that the information has yet to be used in any malicious way. The University has started to notify the employees affected by the breach.

Google Video Domain Defaced By H4x0r HuSsY

October 17, 2013 – The official Google Video Cost Rica domain has been hacked and defaced by the hacker known as H4x0r HuSsY. A message was left on the defaced page saying, "Struck by H4x0r HuSsY, We Are Here To F*** You Once More . . . We are TeaM MADLEETS!" This same hacker has hacked several Google domains in Malaysia and Burundi in the past. At the time of this writing the site has been restored and is operating normally.

Anonymous Peru Launches Attack On Peruvian Association Of Authors And Composers

October 17, 2013 – Members of the Anonymous Peru hacking collective have launched a distributed denial-of-service attack against the website of the Peruvian Association of Authors and Composers (APDAYC). The APDAYC is an organization that represents authors from Peru and other countries, and grants licenses for the use of musical works. The hackers said they attacked the site due to the "APDAYC president's huge salary, the unlawful distribution of royalties and abusive charges for music." The APDAYC has said that the accusations are not true and the hackers are just spreading misinformation. At the time of this writing the site seems to be working properly.

Source Of Malicious Internet Traffic Changing

October 16, 2013 – A recent report published by Akamai showed that there was significant changes in the sources of attacks worldwide on the Internet in the second quarter of 2013. The most surprising change is the increase in attack traffic from Indonesia, going from 21% in the first quarter to 38% in the second. The growth was so significant it put Indonesia ahead of China in the number one spot. The top 10 source countries for attacks grew to account for 89% of overall attack traffic, up from 82% in the first quarter. The top countries are Indonesia, China, the United States, Taiwan, Turkey, India, Russia, Brazil, Romania and South Korea.

Ship Tracking System Susceptible To Hacker Attacks

October 16, 2013 – The Automatic Identification System (AIS), which is used to track over 400,000 ships, has been found to be vulnerable to hacker attacks. AIS is installed on commercial ships that are over 300 metric tons, and all passenger ships. The system uses GPS to exchange a ship's position, course and other information with other nearby ships and offshore installations. The vulnerabilities found would allow hackers to take over the communications of the ships, disable the AIS, create fake ships and even create fake SOS or collision alerts. According to experts these vulnerabilities will not be easy or cheap to fix.

Anonymous Leaks Files From Poland's Ministry Of Economy

October 16, 2013 – Members of the Anonymous collective have leaked a large number of files they claim were stolen from Poland's Ministry of Economy. The hackers posted a message saying, "Basically, it's Ministry of Economy that got pwnd . . .In this particular release we deliver Belarus office of this notorious organization which is engaged in industrial espionage through its offices located at Embassies of Poland worldwide." The leaked files include emails, memos and copies of passports and other identification documents belonging to citizens of Moldova and Ukraine. The hackers say that this is just a small preview of the information they sole, and they'll be leaking information from each of the offices one at a time.

Anonymous Venezuela Breaches Military And Government Sites

October 16, 2013 – Members of the Anonymous Venezuela hacking collective have breached and defaced several websites belonging to the Venezuelan military and government. The targeted websites include the Bolivarian Military Technical Academy, the Directorate General of Military Counterintelligence, the Ministry of the Environment, the Municipal Police of Vargas and the Aragua Police. The hackers said that these attacks are a protest against the Venezuelan government. The same hackers also attacked the website of the University of Falcon. On the University's site a web-based DDoS tool was placed, that's built to attack the Currency Administration Commission website.

Anonymous Planning Twitter Storm For Today

October 15, 2013 – Members of the Anonymous collective are organizing a Twitter storm protest for today at 5pm EST. The protest is a part of OpMaryville, which is a campaign to bring pressure to Maryville, Missouri authorities that have dropped charges against two boys accused of molesting a 14-year-old girl. The hacktivists posted a video saying, "Raise Awareness in social media, put pressure on Attorney General Chris Koster to launch an investigation into the lack of charges against Matthew Barnett (despite a confession and evidence of guilt)." A physical protest is also being planned for October 22 at the Nodaway County Courthouse in Maryville.

Israeli Job Portal Hacked, Over 3,000 User Accounts Leaked

October 15, 2013 – The Iranian hacker known as Dr.3v1l is claiming to have hacked an Israeli job search portal and leaked login account information of 3,349 Israeli citizens. Dr.3v1l is a known member of the Black_Devils BOys hacking group. The hacker left a message along with the leaked information saying, "Hacked 3349 accounts Leaked by Dr.3v1l REASON: #AntiMason." The leaked information includes email addresses and clear text passwords.

Pakistani Hackers Deface Major Indian Telecom Website

October 15, 2013 – Members of the Pakistani hacking group known as P4K-M4D-HUNT3R-Z have breached and defaced two websites belonging to Hathway, a major Indian telecommunications company. The same defacement message was left on both sites, "Boxed By Exploiter-Z, Anon Cop, Ch3rn0by1. P4K-M4D-HUNT3R-Z Arrived. Indian ISP Owned." The same group of hackers also defaced BSNL, another Indian telecommunications company, yesterday.

RedHack Defaces Union Of Turkish Public Enterprises Site

October 15, 2013 – Members of the RedHack hacking group have hacked and defaced the website of the Union of Turkish Public Enterprises. RedHack is known for their many attacks against the Turkish government. The defaced page lists the names of people that have died during recent protests in Turkey. In addition, there is a warning message saying that RedHack will continue targeting government sites as a protest against violence. At the time of this writing, the website has been restored and is operating normally.

GitHub Suffers Large DDoS Attack

October 14, 2013 – Earlier today, GitHub was unavailable due to a large distributed denial-of-service attack. A statement was released by GitHub saying, "We have confirmed . . . (is) undergoing a large DDoS attack and are working to mitigate the attack." This is the fourth attack on GitHub in October alone. The site was under attack for the first 3 days of the month. At the time of this writing, GitHub has mitigated the attack and the site is back up, but hasn't confirmed that all attacks have stopped. The site was down for less than 20 minutes.

KDMS Team Changes DNS Of BitDefender and ESET

October 14, 2013 – The Palestinian hacking group known as KDMS Team has continued to hijack websites by changing DNS records. This time the hackers defaced the websites of BitDefender and anti-virus firm, ESET. Both sites are registered with, which also is the registrar for all of the other KDMS Team attacks. The message left on the sites is the same message that has been left on the other sites hijacked by the hackers last week. BitDefender issued a statement saying, "We've contacted and they fixed the issue. All BitDefender customers are and were 100% protected."

Anonymous Leaks 3,700 Documents From Greek Government

October 14, 2013 – Members of the Anonymous collective have leaked over 3,700 documents as part of OpGoldenDawn. The leaked documents were stolen from the A3 Directorate for Southeastern European Countries from Greece's Ministry of Foreign Affairs and the Organization for Security and Co-operation in Europe (OSCE). The hacktivists made the following statement, "Today we deliver the first sucker punch in a series of jaw breaking leaks, to reveal the truth about the Greece government involvement in conspiracy to spy on us with the help of its ENISA and OSCE cybercrime units." Supporters of the operation are encouraged to make copies of the classified documents and post them all over the Internet so that they can't be removed by "government cleaners." The Anonymous members say that more leaks will be coming in the future.

AnonGhost Hacks 65 Israeli Websites

October 14, 2013 – Members of the AnonGhost hacking group are claiming to have breached and defaced 65 Israeli websites as part of Operation Troll Israel. The hackers left a message on the sites saying that on November 20, 2013 they will be attacking Israeli cyberspace. The message also said, "We are AnonGhost and we are everywhere! There is no Israel in this map, no one recognize you because it is Palestine. We are coming soon." The affected sites were private businesses including car dealerships, electronic stores, virtual education institutions, real estate operators, web development companies and private medical centers.

Metasploit And Rapid7 Defaced By KDMS Team

October 11, 2013 – The Palestinian hacking group known as KDMS Team has defaced the websites of Metasploit and Rapid7. The hackers left a message on the Metasploit site saying, "After whatsapp, avira, alexa, avg and other sites we was thinking about quitting hacking and disappear again! But we said: there is some sites must be hacked. You are one of our targets. Therefore we are here." The purpose behind the attacks is to get out pro-Palestine messages. The defacement message continued, "There is a land called Palestine on the earth. This land has been stolen by Zionists." Rapid7 has released a statement saying that the websites were hijacked through the registrar. A Rapid7 representative said, "The attackers have the ability to change ANY domain." is owned by the same company that owns Network Solutions, which is the registrar that was compromised earlier this week by KDMS Team.

Hackers Steal Personal Information Of 145,000 Monterey County Residents

October 11, 2013 – Officials from Monterey County, California have announced that hackers breached a computer that contained personal details of 145,000 residents. The attack actually occurred in March 2013, but the details of the attack have just come out. The residents that could be affected are people who received social services assistance between 2002 and 2009. The information that may have been stolen includes names, social security numbers, dates of birth and addresses. State social services officials notified the county about the breach immediately after it happened. The investigation conducted by the county wasn't able to determine if the hackers actually stole the information. Elliott Robinson, director of the county Department of Social Services said, "We deeply regret that this incident occurred and are disappointed that hackers would break into a computer system needed to serve those most in need."

China Targets Mongolia With Espionage Campaign

October 11, 2013 – Researchers have discovered a new cyber espionage campaign targeting Mongolia. It appears that China is behind the campaign and are attempting to learn about Mongolia's relations with the European Union, the United States, South Korea and Japan. Targets are not only Mongolian organizations, but also ones that have economic, diplomatic or military relations with the country. A malicious document is being sent that appears to contain an official unclassified announcement about the Khaan Quest 2014 joint US and Mongolia military exercise. When the document is opened it exploits an old Microsoft Word vulnerability and malware is loaded onto the victim's computer. The infected computer then communicates with a command and control server located in Hong Kong. The malware being used is the same that was used by the Chinese hacker group known as APT1 or Comment Crew.

Pakistani Hackers Deface Google Malaysia

October 11, 2013 – The Pakistani hacking group known as TeaM MADLEETS has defaced the home page of Google Malaysia. The message left on the page reads, "Google Malaysia STAMPED by PAKISTANI LEETS." The hackers used a DNS hijacking attack to accomplish the defacement. A member of the hacking group posted a separate message saying, "We don't hack any country . . . as a result of any kind of hate, We don't hate anyone . . . Whatever the reason is we can't explain except we love all of you." At the time of this writing, the site has been restored and is operating normally.

City Of Mansfield, OH Site Hacked By Dr. SHA6H

October 10, 2013 – The Syrian hacker known as Dr. SHA6H is claiming to have hacked and defaced the website of the City of Mansfield, OH. The hack was done in "support of a free Syria." A message was left on the defaced site saying, "Three years in a row and there is no solution to the blood in Syria? . . . What action from government and human rights organizations!" Dr. SHA6H has hacked several other high profile websites in an effort to bring attention to the situation in Syria. At the time of this writing the website has been restored and is operating normally.

Registrars Ordered To Shutdown Torrent Sites By UK Police

October 10, 2013 – The Intellectual Property Crime Unit (IPCU) of the City of London Police have ordered registrars to suspend domain names of many torrent service sites including MisterTorrent, ExtraTorrent and SumoTorrent. easyDNS is one registrar that has not followed the order saying it sees the request as an abuse of power. The IPCU did not contact the Torrent site owners, instead they sent a letter to their domain registrars, informing them that their clients' activities are breaching copyright law.

UK Hands Down 5 Year+ Sentence for Phishing

October 10, 2013 – Olukunle Babatunde, 27, has plead guilty to conspiracy to defraud UK financial institutions and their customers out of an estimated $1.2M. Babatunde was sentenced to 5 years and 6 months in prison. He is one of two criminals that were arrested for using phishing emails to trick unsuspecting banking customers into disclosing their confidential information. With over 700 victim accounts impacted, the UK courts handed down a sentence meant to deter others from using phishing tactics.

Turkish Government Website Distributing Malware

October 10, 2013 – A website belonging to Turkey's Ministry of National Education has been hacked and set up to serve malware disguised as a DivX plugin. A page has been created that looks like Facebook, where visitors are asked to download a DivX plugin in order to view a video. Once downloaded, the user's computer automatically joins a botnet operated by cybercriminals. At the time of this writing, the malicious page is still on the website.

NSA Wants More Internet Surveillance On Wall Street

October 9, 2013 – General Keith Alexander, Director of the National Security Agency, said, "You have to have the rules set up so you can defend Wall Street." Alexander put forward a scenario where the NSA needs to be in a position to detect "a cyber packet that's about to destroy Wall Street." Experts say that the idea that a single packet could wipe out Wall Street is not realistic. Alexander went on to say that the NSA should not have to wait until an attack happens to take action. The NSA wants to use the same mass-information harvesting systems they currently use on undersea cables, phone calls and Internet activity on the financial information moving in and out of banks, credit unions, investment advisors and stock exchanges. Two years ago, Alexander met with financial industry executives and talked about installing monitoring equipment directly onto the banking networks. It was reported that the executives rejected the proposal.

Cyberattack Resolution Cost And Frequency Rising

October 9, 2013 – According to a study done by the Ponemon Institute, this is the fourth consecutive year in which the cost, frequency and time to resolve cyberattacks continue to rise. The study shows that the average annualized cost of cybercrime incurred per organization was $11.56 million. This is a 78% increase over four years ago, and a 26% increase over last year. Organizations are spending 130% more time working to resolve cyberattacks compared to four years ago, with the average time to resolve an attack being 32 days. Distributed denial-of-service attacks, insider attacks and web-based attacks are the most costly, accounting for over 55% of cybercrime costs. Financial services, energy, defense and utilities sectors have higher cybercrime related costs than retail, consumer products and hospitality.

State of California Website Breached And Defaced

October 9, 2013 – The Filipino hacker known as Shadow Haxor is claiming to have breached and defaced the website of the California Employment Training Panel (EPT). The hacker gained access to the EPT systems by leveraging a ColdFusion vulnerability. The site's homepage was defaced, and the hacker added an additional defacement page that simply reads, "Shadow_Haxor." At the time of this writing, the site is not available.

Anonymous Sends Message To Greece's Golden Dawn

October 9, 2013 – Members of the Anonymous collective have posted a video speaking to the people of Greece and directly to Greece's extremist right-wing party, Golden Dawn. The hacktivists say in the video, "The first part of this message is for . . . Golden Dawn, the one responsible for the death of Pavlov Fyssas . . . We are opposed to such extreme ideologies, and certainly we do not dream to live in such a world. . . Golden Dawn, your website has passed to our possession. All your base belong to Us!" The second part of the message is addressed to the people of Greece and Cyprus and calls on them to "wake up" to what is going on in their country. The video ends with them saying, "Too late to expect us any more, we are already here."

KDMS Team Hacks Avira, AVG, Alexa And WhatsApp

October 8, 2013 – The hacking group known as KDMS Team has followed up their attack on the LeaseWeb website with the defacement of popular sites Avira, AVG, Alex and WhatsApp. All of these sites are registered with Network Solutions. It seems that the hackers compromised the domain provider and changed the DNS data instead of attacking each individual website. At the time of this writing the Avira site still shows the defacement, while the other sites have been taken offline.

Hacker, Paunch, Arrested by Russian Officials

October 8, 2013 – The author of the Blackhole exploit and other well-known exploit kits has been arrested in Russia. The hacker known as 'Paunch' has been detained and no additional details have been released by Russian officials. Paunch, the leader of the Russian Crimeware Gang, has evaded law enforcement for years by using sophisticated measures online to maintain the privacy of his identity. The capture of Paunch is an indication that law enforcement agencies are improving their methods of tracking and capturing elite hackers.

Fall Out from Adobe Breach Continues

October 8, 2013 – New concerns are emerging as details of source code for various Adobe software products have been confirmed to have been stolen. Acrobat, ColdFusion, ColdFusion Builder and other Adobe software products have all been impacted by last week's reported compromise. With access to this source code for up-to two months time--prior to the discovery of the breach--security analysts worry that code modification and release may introduce new zero-day threats. Additionally, the black market resale of the source code may fetch as much as $50,000 per buyer, a significant financial driver for the cyber criminals behind the Adobe breach.

Estimated 8 Out of 10 Global Users Infected by Trojans

October 8, 2013 – A recent report shows that Trojans make up three-quarters of all new malware and infections globally. Trojans are so effective for hackers due to their ability to be continuously modified, allowing it to escape detection by anti-virus software and gateways. The top three countries with infected systems are China (52.4%), Turkey (43.6%) and Peru (42.1%). The lowest infection rates exist in continental Europe with the UK having the lowest overall infection rate at 24.5%.

Leading Hosting Provider, LeaseWeb, Hacked

October 7, 2013 – One of the world's largest hosting providers, LeaseWeb, was hacked by the Palestinian hacking group KDMS Team. The home page of the LeaseWeb website was replaced with an Anonymous Palestine page with the title, "You Got Pwned." The page was up for a few hours before it was restored. KDMS Team posted another message saying, "We owned all of your hosted sites." LeaseWeb issued a statement saying, "No customer data compromised. We continue to investigate."

Wichita City Vendor Site Hacked And Defaced

October 7, 2013 – The vendors' sub domain of the Wichita City, Kansas website has been hacked and defaced by a hacker known as Agent Corporatio. The sub domain that was breached is for businesses to sign up as vendors to the city. Vendor information was leaked including names, user names, vendor ids, vendor names, mixed clear text and encrypted passwords, email addresses, phone numbers and some bank information. Agent Corporatio is a known member of the Turkish Ajan hacking group.

Tom Sawyer Software Breached, Information Leaked

October 7, 2013 – The hacker known as Nairb is claiming to have breached the systems of Tom Sawyer Software. Tom Sawyer Software provides software and services for the development of scalable and flexible data visualization applications. Nairb says that he did not deface the company's website, but he did leak vendor information. The hacker said, "The dump consists of the partially decrypted auth file and company/userlist file in main folder with mostly complete dump of main db and partial of staging db. 2 pieces to da puzzle." The leak contains over 60,000 records that contain user names, email addresses, password hashes, contact information and other account details. There has been no statement given by Tom Sawyer Software at this time.

Anonymous Hacks Latvia's State Employment Agency

October 7, 2013 – The hacker known as W1n5t0n, a member of the Anonymous collective, claimed to have hacked Latvia's State Employment Agency. W1n5t0n says he has leaked the information of over 3,000 users. The leaked information includes user names, email addresses and passwords. Most of the passwords are in clear text, putting the users in danger of having their accounts hijacked. The hacker did not give a reason for targeting the State Employment Agency.

13 Anonymous Members Indicted For Operation Payback

October 4, 2013 – Thirteen members of the Anonymous collective have been indicted by a US Grand jury for allegedly participating in Operation Payback. Operation Payback was an action by Anonymous where a number of websites were hit with distributed denial-of-service attacks in response to the shutdown of The Pirate Bay, the Swedish file-sharing website used to illegally download copyrighted material. The attacks were against the websites of the Recording Industry Association of America, Visa, Mastercard, Bank of America and several others. Those charged were Dennis Owen Collins, Jeremy Leroy Heller, Chen Zhiwei, Joshua Phy, Ryan Russel Gubele, Robert Audubon Whitfield, Anthony Tadros, Geoffrey Kenneth Commander, Austen Stamm, Timothy Robert McLain, Wade Carl Williams and Thomas Bell. The men range in age from 21 to 65 and live in 13 different states. The suspects are charged with conspiracy to intentionally cause damage to protected computers. According to court records the suspects conspired to coordinate DDoS attacks in Internet Chat Relay channels. The attacks caused an estimated $5,000 in damages and affected at least 10 protected computers.

Adobe Systems Breached, 2.9 Million Customer Logins Stolen

October 4, 2013 – Adobe Systems, Inc. has issued a notification to their users that the company has suffered a "massive and sophisticated cyber attack." Adobe believes that the attackers took information relating to 2.9 million customers, including customer names, email addresses, encrypted passwords, encrypted credit or debit card numbers, expiration dates and other information relating to customer orders. In addition to the customer data being accessed, it appears that source code for numerous Adobe products was also accessed. Law enforcement is currently investigating. Chief Security Officer of Adobe, Brad Arkin said, "We value the trust of our customers. We will work aggressively to prevent these types of events from occurring in the future. Again, we deeply regret any inconvenience this may cause you."

Anonymous Plans Monsanto Protest

October 4, 2013 – Members of the Anonymous Americalatina collective are planning an online protest against Monsanto for October 12, 2013. The operation will include distributed denial-of-service attacks and website defacements. The hacktivists are demanding that Monsanto stop contaminating the global food chain, intimidating small farmers, using destructive herbicides and pesticides and bribing officials. In a video announcing the operation, Anonymous says, "Anonymous urges all concerned citizens to stand up for these farmers, fight for the future of your own food, protest, organize, spread info to your friends! Say no to toxic chemicals in your food! Say no to GMO! Say no to Monsanto!"

Afghan Cyber Army Defaces Syrian Investment Agency

October 4, 2013 – Members of the Afghan Cyber Army have hacked and defaced the website of the Syrian Investment Agency. According to the hackers, the attack is a show of support for their "brothers in Syria who fight for freedom." The defacement page includes a picture of Bashar al-Assad with a message saying, "Hold your sword and fight those who have transgressed. With your machine gun enter the battlefield." At the time of this writing the site is still defaced.

Online Black Market, Silk Road, Seized By FBI

October 3, 2013 – Silk Road, the deep web bitcoin-based black market has been shut down by the Federal Bureau of Investigation. In addition, the owner of the site, Ross William Ulbricht, 29, was arrested on charges of narcotics trafficking, computer hacking and money laundering. Silk Road could only be accessed using a secure Tor browser allowing users to purchase illicit goods anonymously using Bitcoins. The FBI released a statement saying, "The government's investigation has revealed that, during its two and a half years in operation, Silk Road has been used by several thousand drug dealers and other unlawful vendors to distribute hundreds of kilograms of illegal drugs and other illicit goods and services to well over 100,000 buyers and to launder hundreds of millions of dollars deriving from these unlawful transactions."

Syrian Electronic Army Attacks GlobalPost Again

October 3, 2013 – For the second time in less than a week, the Syrian Electronic Army (SEA) has hacked the website of the GlobalPost news service. SEA is claiming to have deleted the website, issuing a statement saying, "We hope that you guys enjoy your time looking at your deleted website." GlobalPost released a statement saying, "GlobalPost has apparently been hacked by the Syrian Electronic Army. We are working hard to restore out site as soon as possible." At the time of this writing, the site has been restored. It is unclear if GlobalPost fixed the vulnerabilities that allowed SEA to breach the site.

Bitcoin Forum Breached

October 3, 2013 –, a popular Bitcoin discussion forum has been breached by the hacking group known as The Hole Seekers. The hackers defaced the website with an animated page that played music and displayed rockets and explosions. The site has been taken down as a security precaution and will remain down until investigations into the hack are completed. The administrator of the site, Theymos, said, "There's a good chance that the attackers could have executed arbitrary PHP code and therefore could have accessed the database, but I'm not sure yet how difficult this would be." Users of the forum have been advised to change their passwords.

Iranian Cyber Warfare Chief Killed

October 3, 2013 – It is being reported that Mojtaba Ahmadi, the commander of Iran's Cyber War Headquarters has been killed. His body was found with two bullet wounds to the heart. Iran's "The Telegraph" reported that witnesses saw two people on a motorcycle assassinate Ahmadi with a pistol from close range. The Iranian Revolutionary Guard Corps has issued a statement denying the media reports that Ahmadi was assassinated. They said that "one of its workers," whose name they haven't revealed, has been involved in an "incident." But they reiterated that there has been no assassination. They are now investigating the incident and the intentions of the attackers.

100 Gbps DDoS Attack Reported

October 2, 2013 – It is being reported that an unnamed company has suffered a distributed denial-of-service attack that reached 100Gbps. No amplification techniques were used during the attack, meaning that the attackers have 100 Gb bandwidth available to them. The attack lasted for 9 hours before it was able to be successfully mitigated. The attack on Spamhaus in March 2013, which is considered the largest ever reported, reached 120 Gbps, but it used a DNS amplification technique to reach that level.

AnonGhost Breaches Baseball Canada Website

October 2, 2013 – Members of the AnonGhost hacking group are claiming to have hacked and defaced the website of Baseball Canada. The main domain and fifteen subdomains have been defaced. The defacement page contains a message reading, "Your website has been hacked by AnonGhost. We hacked your website because its security failed." This hack is unusual for the AnonGhost group, normally their hacks are related to anti-Israel messages. At the time of this writing the website has still not been restored.

LulzSec Peru Defaces Ministry Of Women And Vulnerable Populations

October 2, 2013 – Members of the LulzSec Peru hacking collective have hacked and defaced the website of Peru's Ministry of Women and Vulnerable Populations. The site's index page has been replaced with the LulzSec logo and a message reading, "Hacked by LulzSecPeru." No statement has been issued by the Ministry at this time. At the time of this writing the site has been restored and is operating normally. LulzSec Peru has a history of defacing several sites belonging to the Peruvian government and other South American governments.

50 Security Vulnerabilities Fixed In Chrome

October 2, 2013 – Google has fixed a total of 50 security vulnerabilities in the latest version of Chrome. The vulnerabilities include ten high-impact and six medium-impact flaws. Eleven security researchers have been credited with finding the vulnerabilities and were awarded a total of $19,000 for their work. Some of the researchers also worked with Google during the development of Chrome 30.

Syrian Electronic Army Hacks US News Agency

October 1, 2013 – The Syrian Electronic Army (SEA) hacking group has hacked the website and Twiiter account of the US based news agency, GlobalPost. SEA posted a tweet using the hacked account saying, "Think twice before you publish untrusted information about Syrian Electronic Army." GlobalPost Editor Kyle Kim sent out a tweet saying, "We've been hacked." The GlobalPost website was taken down soon after it was breached. The hackers said they attacked GlobalPost because it published "innocent peoples' names in their article and said that they are SEA members."

AnonGhost Returns With Hack Of Israeli Defense Contractor

October 1, 2013 – After just recently announcing that they were disbanding, the AnonGhost hacking group has reappeared taking credit for hacking the website of Israeli Defense Contractor Israel Product Research Co. LTD. (ISPRA). ISPRA develops, manufactures and markets non lethal devices for riot control, crowd management, anti terror equipment and police gear. The hackers left a message on the site saying, "We are AnonGhost and we are everywhere! There is no Israel in this map, no one recognize you because it is Palestine." At the time of this writing the site has been restored and is operating normally.

European Cyber Security Month Starts Today

October 1, 2013 – Today marks the beginning of the first official European Cyber Security Month. Throughout the month, 40 private and public stakeholders from 25 European nations will take part in cyber security activities designed to raise awareness. Activities will include workshops, lectures, fairs, online and outdoor campaigns, meetings and contests. Executive Director of ENISA, Udo Helmbrecht said, "Cyber security is about the possibility to live your digital life. We encourage you to get involved in the campaign: online security requires your active participation!"

Anonymous Defaced Site Of Indian Higher Education

October 1, 2013 – Members of the Anonymous Kashmir collective have hacked and defaced the website of the Board of Higher Secondary Education Delhi. The site's index page and a subdomain have been defaced with the message, "Congratulations India! Your brutality continues in Kashmir. . . You killed Kashmiri youth in hundreds just to prove that there are still militants in Kashmir." At the time of this writing the site is still showing the defacement.