ABCDEFGHIJKLMNOPQRSTUVWXYZ
1
IDDateAuthorTargetDescriptionAttackTarget ClassAttack ClassCountryLinkTags
2
101/09/2015Lizard Squad
UK's National Crime Agency
http://www.nationalcrimeagency.gov.uk		The Lizard Squad takes down the official website of UK's National Crime Agency (nationalcrimeagency.gov.uk).DDoSLaw EnforcementCCUK
http://arstechnica.com/security/2015/09/lizard-squad-launches-ddos-against-uk-law-enforcement-agency/Lizard Squad, UK's National Crime Agency, nationalcrimeagency.gov.uk,
3
201/09/2015Rocket Kitten
(linked to Iran ?)		Several individuals authors of an anti-Iran security research paperTrend Micro and Clearsky Security publish a joint, detailed paper in which they document the actions of Rocket Kitten, an APT they believe to be linked to the Iranian government.Targeted AttackSeveral IndividualsCE>1http://news.softpedia.com/news/rocket-kitten-hacking-group-linked-to-iranian-government-by-security-researchers-490919.shtmlRocket Kitten, Iran, Trend Micro, Clearsky Security,
4
301/09/2015?Marion BowmanMarion Bowman, a top former FBI lawyer and U.S. counterintelligence official, reveals that hackers allegedly from China penetrated his home computer last spring.Targeted AttackSingle IndividualCEUShttp://www.newsweek.com/china-hackers-fbi-marion-bowman-367451Marion Bowman,
5
401/09/2015?Hawaii First Federal Credit UnionHawaii First Federal Credit Union notifies an undisclosed number of customers that an unauthorized individual may have gained access to an employee's email account, and could have accessed personal information.Account HijackingFinanceCCUShttp://www.scmagazine.com/hawaii-credit-union-notifies-customers-of-employee-email-breach/article/436785/Hawaii First Federal Credit Union,
6
502/09/2015@n0w1337Greater Manchester Police
http://www.gmp.police.uk		The website of Greater Manchester Police in the UK (gmp.police.uk) is hit by two DDoS attacks. A Twitter account going by the handle @n0w1337 claims responsibility for the attack.DDoSLaw EnforcementCCUKhttp://www.infosecurity-magazine.com/news/manchester-uks-website-knocked/Greater Manchester Police, gmp.police.uk, @n0w1337,
7
602/09/2015@n0w1337Manchester Airport
http://www.manchesterairport.co.uk		In the same wave of attacks, the same attacker also claims responsibility for taking down the website of Manchester Airport (manchesterairport.co.uk).DDoSAirportCCUKhttp://home.bt.com/news/uk-news/greater-manchester-police-website-targeted-by-hacker-11364001567404Manchester Airport, @n0w1337,
8
702/09/2015? (Author Unknown but charged)ReverbNationReverbNation, an online platform that assists >3M musicians in building their careers, experienced a breach in 2014, and notifies an undisclosed number of users and asking them to change their passwords.UnknownIndustry: MusicCCUShttp://www.scmagazine.com/2014-breach-prompts-reverbnation-to-notify-customers/article/436757/Reverbnation,
9
802/09/2015?Several banksCSIS team reports a new variant of the Carbanak trojan using a new communications protocolTargeted AttackFinanceCC>1http://news.softpedia.com/news/carbanak-banking-trojan-returns-with-a-new-series-of-attacks-491015.shtmlCSIS Team, Carbanak,
10
902/09/2015?Wayne County Board of Education
http://boe.wayn.k12.wv.us		Hackers claiming to be part of Islamic State deface the Wayne County Board of Education website (boe.wayn.k12.wv.us)DefacementEducationHUShttp://www.statejournal.com/story/29943796/hacker-claiming-to-be-part-of-islamic-state-hacks-wayne-county-wv-board-of-education-website-redirects-visitors-to-site-promoting-terrorism Wayne County Board of Education, boe.wayn.k12.wv.us,
11
1002/09/2015?Parking sign installed at Lille’s Boulevard Louis XVIA French hacker defaces an electronic parking sign with offensive content.DefacementParking SignCCFRhttps://www.hackread.com/hacked-electronic-signpost-france/Lille’s Boulevard Louis XVI,
12
1103/09/2015?uk.match.comIn an attack similar to the one that happened last month on PlentyOfFish, Malwarebytes reveals that the UK version of online dating site Match.com (uk.match.com) is caught serving malvertising.
MalvertisingDatingCCUKhttps://blog.malwarebytes.org/malvertising-2/2015/09/malvertising-found-on-dating-site-matchdotcom/PlentyOfFish, Malwarebytes, Match.com, uk.match.com
,
13
1203/09/2015@n0w1337Essex Police
http://www.essex.police.uk		The same attacker who took down the Manchester Police earlier this month, also takes down the website of the Essex Police.DDoSLaw EnforcementCCUKhttp://www.theregister.co.uk/2015/09/04/essex_police_ddos/@n0w1337, Essex Police, essex.police.uk,
14
1303/09/2015ConnectingFriend
KheXan rOot		http://www.askmebazaar.comTwo hackers dubbed ConnectingFriend and KheXan rOot hack askmebazaar.com and dump 2,105 user records.SQLiIndustry: E-CommerceCCINhttp://pastebin.com/eEN0NVuMConnectingFriend, KheXan rOot, askmebazaar.com,
15
1404/09/2015?Mozilla's Bugzilla bug tracking systemMozilla reveals that an attacker was able to stole security-sensitive vulnerability information from the Mozilla's Bugzilla bug tracking system and probably used it to attack Firefox users. The attacker may have had access since September 2013.Account HijackingOrg: SoftwareCCUShttp://arstechnica.com/security/2015/09/mozilla-data-stolen-from-hacked-bug-database-was-used-to-attack-firefox/Mozilla, Bugzilla, Firefox,
16
1504/09/2015?http://weendviolence.com/California-based violence prevention education organization We End Violence discovers a potential intrusion into its Agent of Change application server that could have exposed personal information, and, so far, 79,000 California State University students have been impacted.UnknownOrg: EducationCCUShttp://www.scmagazine.com/we-end-violence-announces-breach-california-university-impacted/article/437776/We End Violence, Agent of Change,
17
1604/09/2015Smitt3nzhttp://malapelli.com
http://thotamarriagelines.com
http://mudirajpelli.com
http://www.madigapelli.com
http://www.svmarriageslinks.com
http://ssamb.com
http://www.srirasthu.in
http://www.vivahamytri.com
http://www.goudpelli.com		Rubber AKA @smitt3nz hacks 9 dating websites in a row and dumps a total of 7,764 usernames and clear text passwords.SQLiDatingCC>1http://siph0n.in/exploits.php?id=4033Rubber, @smitt3nz, malapelli.com, thotamarriagelines.com, mudirajpelli.com, madigapelli.com, svmarriageslinks.com, ssamb.com, srirasthu.in, vivahamytri.com, goudpelli.com,
18
1704/09/2015F3PN
53 South African web sitesA hacker called F3PN successfully hack 53 South African Web sitesDefacement>1CCZAhttp://www.balancingact-africa.com/news/en/issue-no-156/web-and-mobile-data/hacker-targets-south/enF3PN,
19
1805/09/2015?The University of South Wales Facebook PageThe University of South Wales (UNSW), one of Australia’s top universities has images of a porn star and other inappropriate content shared on its Facebook page.Account HijackingEducationCCAUhttps://au.news.yahoo.com/nsw/a/29443937/university-facebook-page-flooded-with-soft-porn-in-embarrassing-hack/University of South Wales, UNSW, Facebook,
20
1905/09/201513chmod37http://toko.proumedia.co.idA hacker called 13chmod37 hacks toko.proumedia.co.id and dumps 1,570 usernames and clear text passwords.SQLiIndustry: E-CommerceCCIDhttp://pastebin.com/YPVyHdjB13chmod37, toko.proumedia.co.id,
21
2008/09/2015?The Pentagon
(United States Department of Defense)		Hackers infiltrated the Pentagon food court's computer system, compromising the bank data of an unknown number of employees.Targeted AttackGovernmentCEUShttp://www.washingtonexaminer.com/pentagon-food-court-computers-hacked-exposing-employees-bank-information/article/2571606Pentagon, United States Department of Defense,
22
2109/09/2015DD4BCSeveral UK corporations and institutionsAccording to an Akamai study, a number of large UK corporations and institutions, such as Lloyds Bank and BAE systems, have reported a “marked increase” in Distributed Denial of Service (DDoS) attacks from the Bitcoin extortionist group DD4BC (114 attacks since April 2015).DDoS>1CCUKhttp://arstechnica.com/business/2015/09/uk-banks-corporations-are-being-blackmailed-by-bitcoin-cyberextortionists/DD4BC,
23
2209/09/2015TurlaGovernments, embassies, military groups, educational facilities, researchers and the pharmaceutical industry.Kaspersky reveals to have discovered a sophisticated hacking group, dubbed Turla, which has gone far beyond standard techniques used to disguise spying and cybercrime campaigns by exploiting weaknesses in global satellite systems.Targeted Attack>1CC
CE		>1http://www.zdnet.com/article/tracking-turla-hackers-abuse-satellite-signals-high-in-the-sky/Kaspersky, Turla,
24
2309/09/2015H4nterAsezhttp://macare.in/H4nterAsez hacks macare.in and dumps 2,000+ usernames and clear text passwords.SQLiHealthcareCCINhttp://webcache.googleusercontent.com/search?q=cache:OQOtGarRny8J:pastebin.com/4A93qstA+&cd=1&hl=en&ct=clnk&gl=usH4nterAsez, macare.in,
25
2410/09/2015?Excellus BlueCross BlueShieldHealth insurance company Excellus declares that hackers broke into its servers and may have obtained the personal details of 10.5 million people. The information belongs to customers who lived in or sought treatment in the upstate New York area. The breach, initially occurred on December 23, 2013. exposed the personal information of 7 million Excellus Blue Cross Blue Shield (BCBS) customers and 3.5 million Lifetime Health Care customers.Targeted AttackHealthcareCCUShttp://www.theregister.co.uk/2015/09/10/excellus_breach/Excellus, Excellus Blue Cross Blue Shield, BCBS, Lifetime Health Care customers.,
26
2510/09/2015North KoreaSouth KoreaFireEye researchers discovers a campaign led by attackers from North Korea, exploiting a zero day vulnerability (CVE-2015-6585) in Hangul, a word processor popular with the South Korea's government. The backdoor is called Hangman.Targeted AttackGovernmentCEKRhttp://www.theregister.co.uk/2015/09/10/north_korea_exploits_zero_day_in_seouls_favourite_word_doc/FireEye, North Korea, CVE-2015-6585, Hangul, South Korea, Hangman,
27
2610/09/2015?Oakland Family ServicesOakland Family Services, reveals the details of a security breach that could have affected 16,000 clients in the area. An unknown person gained access to the email account of an employee in July, which resulted in the potential viewing of protected health information.Account HijackingOrg: Non-ProfitCCUShttp://www.scmagazine.com/oakland-family-services-notifies-16k-clients-of-information-breach/article/438995/Oakland Family Services,
28
2710/09/2015Cyber-71Dhaka UniversityThe Dhaka University website is defaced by hacker called Cyber-71.DefacementEducationCCBDhttp://bdnews24.com/bangladesh/2015/09/11/dhaka-university-website-still-down-authorities-claim-hacker-markedDhaka University, Cyber-71,
29
2811/09/2015ISILUK ministerial emailsThe Telegraph reveals that Jihadists in Syria hack into UK ministerial email accounts in a sophisticated espionage operation uncovered by GCHQTargeted AttackGovernmentCEUKhttp://www.telegraph.co.uk/news/politics/11859005/Cabinet-ministers-email-hacked-by-Isil-spies.htmlISIL, ISIS, ,
30
2911/09/2015?U.S. Department of EnergyFederal Records obtained by USA TODAY show that attackers successfully compromised U.S. Department of Energy computer systems more than 150 times between 2010 and 2014.Targeted AttackGovernmentCEUShttp://www.usatoday.com/story/news/2015/09/09/cyber-attacks-doe-energy/71929786/U.S. Department of Energy, USA TODAY,
31
3011/09/2015Mr.Blackhttp://asankadr.azA hacker called Mr.Black hacks asankadr.az (a recruitment web site) and dumps 2,447 usernames and hashed passwords.SQLiIndustry: RecruitingCCAZhttp://webcache.googleusercontent.com/search?q=cache:iO4ApriCHQ4J:pastebin.com/Kaw9gV4R+&cd=1&hl=en&ct=clnk&gl=usMr.Black, asankadr.az,
32
3111/09/2015?Penrith High SchoolA small group of students from Penrith High School have allegedly used a teacher's login credentials to access a Department of Education computer system that contains students' assessment marks.Account HijackingEducationCCUShttp://www.zdnet.com/article/western-sydney-students-access-department-computer-system/Penrith High School,
33
3213/09/2015?Kremlin’s official website
http://kremlin.ru		The Kremlin’s official website falls under a massive DDoS Attack. The attack is carried out simultaneously with another attack that reportedly targeted the website of the Russian Electoral Commission. Both of the attacks are made on national Election Day.DDoSGovernmentCCRUhttps://www.rt.com/politics/315338-hacker-attack-kremlin-website/Kremlin,
34
3313/09/2015r3dm0v3http://cromotransfer.com.br/r3dm0v3 hacks cromotransfer.com.br and dumps 6,529 usernames and clear text passwords.SQLiIndustry: E-CommerceCCBRhttp://pastebin.com/JSSe18nLr3dm0v3, cromotransfer.com.br,
35
3413/09/2015KyfxKumoh National Institute of TechnologyA hacker called Kyfx hacks a subdomain of the Kumoh National Institute of Technology and dumps 1,448 usernames and clear text passwords.SQLiEducationCCKRhttp://pastebin.com/6SCzVT98
Kyfx, Kumoh National Institute of Technology
,
36
3514/09/2015?>1Malwarebytes publishes the analysis of a recently detected malvertising attack that affected many ad networks and ran uninterrupted for almost three weeks.Malvertising>1CC>1https://blog.malwarebytes.org/malvertising-2/2015/09/large-malvertising-campaign-goes-almost-undetected/Malvertising, Malwarebytes,
37
3615/09/2015?Cisco RoutersFireEye unveils the details of a campaign involving the stealthy modification of a router's firmware image that can be used to maintain persistence within a victim's network. The campaign is called SYNful Knock and has hit at least 79 devices in 19 countries.Malicious Router Images Implant>1CE>1http://arstechnica.com/security/2015/09/malicious-cisco-router-backdoor-found-on-79-more-devices-25-in-the-us/FireEye, Cisco, SYNful Knock,
38
3715/09/2015?Cryptome.orgThe creator of digital library and whistle-blowing site Cryptome.org, John Young, revokes his PGP key pairs after learning they were compromised.UnknownOrg: Digital LibraryCEUShttp://www.theregister.co.uk/2015/09/16/cryptome_revokes_pgp_keys_after_mysterious_compromise/Cryptome.org, John Young,
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100