ABCDEFGHIJKLMNOPQRSTUVWXYZ
1
DateAuthorTargetDescriptionAttackTarget ClassAttack ClassCountryLinkTags
2
101/11/2015Coldzer0VbulletinA hacker called Coldzer0 claims to have hacked Vbulletin.com and to have obtained the details of 479895 users.Unknown 0-dayIndustry: SoftwareCCUShttps://theadminzone.com/threads/vbulletin-com-forums-hacked.136961/page-5#post-1017399Coldzer0, Vbulletin,
3
201/11/2015Coldzer0FoxIt SoftwareColdzer0 also claims to have hacked the FoxIt Forum using the same 0-day.Unknown 0-dayIndustry: SoftwareCCUShttp://www.databreaches.net/vbulletin-foxit-software-forums-hacked-by-coldzer0-hundreds-of-thousands-of-users-info-stolen/FoxIt, Coldzer0,
4
301/11/2015?Salt Lake City School DistrictThe Salt Lake City School District is struck by a DDoS attack that takes down the district's website, phone system and online administrative tools.DDoSEducationCCUShttp://www.scmagazine.com/salt-lake-schools-hit-with-ddos-attack/article/451480/Salt Lake City School District,
5
402/11/2015AnonsecIsrael Missile Defense Association
http://imda.org.il/		The Anonsec collective hacks the Israel Missile Defense Association (imda.org.il) and dumps 2161 usernames and hashed passwordsSQLiOrg: MilitaryHILhttp://pastebin.com/qaqADFTHAonsec, Israel Missile Defense Association, imda.org.il,
6
503/11/2015Smitt3nz AKA Rubberchromeplay.comSmitt3nz AKA Rubber hacks chromeplay.com and dumps the records of 9000 users.SQLiOnline ServicesCCUKhttp://siph0n.in/exploits.php?id=4159Smitt3nz, Rubber, chromeplay.com,
7
603/11/2015Armada CollectiveProtonmailA collective called Armada Collective takes down Protonmail, a Swiss provider of end-to-end encrypted email. The company pays a ransom of 15 BTC (6000 USD) but is taken down again after paying.DDoSIndustry: Email Service ProviderCCCHhttp://arstechnica.com/security/2015/11/crypto-e-mail-service-pays-6000-ransom-gets-taken-out-by-ddos-anyway/Protonmail, Armada Collective,
8
703/11/2015Pro-Palestine ActivistsHa'aretz Twitter AccountPro-Palestine activists Hacked Ha’aretz Newspaper’s Twitter Account and Posted: “Our martyrs’ mothers will drink your soldier’s blood.”Account HijackingNewsHILhttps://www.hackread.com/pro-palestinian-hackers-hack-haaretz-twitter/Ha'aretz, Twitter,
9
803/11/2015Smitt3nz AKA Rubberhttp://library.killersites.comSmitt3nz AKA Rubber hacks library.killersites.com and dumps the records of 1596 users.SQLiOnline ServicesCCUShttp://siph0n.in/exploits.php?id=4173Smitt3nz, Rubber, library.killersite.com,
10
904/11/2015Islamic Revolutionary Guards CorpObama Administration OfficialsThe Wall Street Journal reveals that the email and social media accounts of Obama administration officials were recently hacked by members of Iran's Revolutionary Guard.Targeted AttackGovernmentCEUShttp://www.esecurityplanet.com/network-security/u.s.-government-officials-hacked-by-iranian-revolutionary-guard.htmlIran, Islamic Revolutionary Guard,
11
1004/11/2015Armada CollectiveVFEmailVFEmail is taken down by a DDoS attack. The attackers demand a ransom of 5 BTC
(1700 USD)		DDoSIndustry: Email Service ProviderCCUShttp://havokmon.blogspot.co.uk/2015/11/teenage-script-kiddies-armada.htmlVFEmail, Armada Collective,
12
1104/11/2015?ZohoZoho is subject to a DDoS attack. The attack starts on November the 4th and affects the company for one week.DDoSIndustry: Email Service ProviderCCUShttps://www.zoho.com/service-updates/blog/zoho-services-under-criminal-attack.htmlZoho,
13
1204/11/2015?TouchnoteThe U.K.-based app for photo postcard service Touchnote notifies its registered customers that the company has been hacked and some personal information has possibly been compromised.UnknownIndustry: SoftwareCCUKhttp://www.scmagazine.com/touchnote-photo-site-breached-names-addresses-taken/article/452401/Touchnote,
14
1304/11/2015?ShowTix4UShowTix4U, a Nevada based online ticket sales service used heavily in Central Wisconsin says it has had a data breach.UnknownOnline ServicesCCUShttp://www.wsaw.com/home/headlines/ShowTix4U-ticket-website-customers-warned-following-data-breach--340023262.htmlShowTix4U,
15
1405/11/2015?HushmailHushmail experiences two unscheduled service outages resulting from distributed denial-of-service (DDoS) attacks.DDoSIndustry: Email Service ProviderCCCAhttps://help.hushmail.com/entries/107539976Hushmail,
16
1505/11/2015?RunboxRunbox is subject to Distributed Denial of Service (DDoS) attacks. Even in this case the attackers demand a ransom to stop the waves of attack.DDoSIndustry: Email Service ProviderCCNOhttps://blog.runbox.com/2015/11/ddos-attacks-on-runbox/Runbox,
17
1605/11/2015?Four Winds Casino ResortFour Winds Casino Resort reveals to have discovered a bank-card-stealing malware in its payment systems. Four properties are affected between October 2014 and October 21, 2015. PoS MalwareIndustry: Hotel and ResortCCUShttp://www.theregister.co.uk/2015/11/05/michigan_casino_credit_card_hack/Four Winds Casino Resort,
18
1705/11/2015Crackas With Attitude
(CWA)		FBI Deputy Director Mark GiulianoThe same teen hackers who infiltrated the email account of CIA Director John Brennan claim to have hacked an email account of FBI Deputy Director Mark Giuliano.Account HijackingSingle IndividualsCCUShttp://www.scmagazine.com/crackas-with-attitude-say-theyre-at-it-again-claim-hack-of-fbi-deputys-email/article/452037/Crackas With Attitude, CWA, CIA, John Brennan, FBI, Mark Giuliano,
19
1806/11/2015CocaineSecuritySwedbankSwedbank is taken down by a DDoS attack A hacker called CocaineSecurity claims to have received a ransom.DDoSFinanceCCSEhttp://www.theregister.co.uk/2015/11/06/swedbank_hit_by_ddos_attack/
https://twitter.com/CocaineSecurity/status/662973175400148992		Swedbank, CocaineSecurity,
20
1906/11/2015Armada CollectiveNeomailboxNeomailbox is taken down by a DDoS attack carried on by the Armada Collective, who also asks for a ransom.DDoSIndustry: Email Service ProviderCCCHhttp://www.neomailbox.com/about/news/305-ddos-attackNeomailbox, Armada Collective,
21
2006/11/2015AnonymousKu Klux Klan
Hacking collective Anonymous has released the identities of 1000 KKK members online.UnknownOrganization: PoliticsHUShttp://www.zdnet.com/article/anonymous-exposes-identities-of-1000-kkk-members/Anonymous, Ku Klux Klan,
22
2106/11/2015?XAT
http://xat.com		The UK social networking Xat (xat.com) is hacked and notifies the users that its database has been acquired by the attackers.Account HijackingSocial NetworkCCUKhttp://www.databreaches.net/uk-social-networking-site-xat-hacked-user-database-acquired-by-hackers/Xat,
23
2206/11/2015Eggfatherhttp://www.islandermania.comEggfather hacks islandermania.com and dumps 8,525 usernames and hashed passwords.SQLiOnline ForumCCUShttp://siph0n.in/exploits.php?id=4182
islandermania.com, Eggfather
,
24
23Eggfatherhttp://www.lonestarspeedzone.com
Eggfather hacks lonestarspeedzone.com and dumps 1,939 usernames and hashed passwords.SQLiOnline ForumCCUShttp://siph0n.in/exploits.php?id=4181
lonestarspeedzone.com, Eggfather
,
25
24Eggfatherhttp://pixarra.com/Eggfather hacks pixarra.com and dumps 8,525 usernames and hashed passwords.SQLiIndustry: SoftwareCCUShttp://siph0n.in/exploits.php?id=4180
pixarra.com, Eggfather
,
26
25Eggfatherhttp://www.sikhawareness.com/Eggfather hacks pixarra.com and dumps 4,520 usernames and hashed passwords.SQLiOnline ForumCCUShttp://siph0n.in/exploits.php?id=4178
sikhawareness.com, Eggfather
,
27
2608/11/2015?Fastmail
FastMail is hit by a DDoS attack that briefly make some services unavailable. A further attack is executed on Monday, 9 Nov. Both attacks are accompanied by an extortion demand that threaten further attacks if the company does not pay the attacker 20 Bitcoin (approximately US$7500).
DDoSIndustry: Email Service ProviderCCAUhttp://blog.fastmail.com/2015/11/11/ddos-attack-may-lead-to-potential-service-disruption-this-week/
Fastmail,
28
2708/11/2015?Brazilian ArmyThe Brazilian Army's servers are hacked, resulting in personal details (National Insurance Numbers and passwords) of about 7,000 officers getting leaked. The attack appears to have been prompted as retaliation against the supposedly inappropriate conduct of an Army team during a "capture the flag" (CTF) cybersecurity competition at the government's Center for Cyber Defence.UnknownMilitaryCCBRhttp://www.zdnet.com/article/brazilian-army-gets-hacked/Brazilian Army,
29
2808/11/2015Crackas With Attitude
(CWA)		Joint Automated Booking System
(JABS)		Crackas With Attitude (CWA), the hackers who breached CIA director John Brennan's personal email account claims to have gained access to a law enforcement arrest database, known as the Joint Automated Booking System (JABS).
UnknownLaw EnforcementHUShttp://www.wired.com/2015/11/cia-email-hackers-return-with-major-law-enforcement-breach/#slide-1Crackas With Attitude, CWA, CIA, John Brennan, Joint Automated Booking System, JABS,
30
2908/11/2015KelvinSecTeamhttp://aviacion.mil.veKelvinSecTeam hacks the website of the Aviacion Militar Bolivariana (aviacion.mil.ve) and dumps 1,997 records.UnknownMilitaryHVEhttp://pastebin.com/RzuxwLxFKelvinSecTeam, Aviacion Militar Bolivarian, aviacion.mil.ve,,
31
3009/11/2015?UK Parliament Computer NetworkThe Times reveal that, in May, cybercriminals were able to break into parliament’s computer network, hijacked computers holding sensitive information and presented a ransom demand to Chi Onwurah, MP and shadow digital minister.MalwareGovernmentCCUKhttp://www.thetimes.co.uk/tto/news/uk/article4608292.eceChi Onwurah,
32
3109/11/2015HRG (His Royal Gingerness)Norwich International Airport
https://www.norwichairport.co.uk		A hacker calling himself HRG (or His Royal Gingerness) hacks the Norwich International Airport's website (norwichairport.co.uk) and obtains the details of people registered on the website's media centre.SQLiAirportCCUKhttp://www.bbc.co.uk/news/uk-england-norfolk-34769924Norwich International Airport, HRG, His Royal Gingerness, norwichairport.co.uk,
33
3210/11/2015OrionComcastComcast resets 200k cleartext passwords, after a hacker known as Orion claims to have stolen the database and puts it on sale on the dark web. Nearly 590,000 users could have been compromised.Zimbra 0-dayIndustry: TelcoCCUShttp://www.theregister.co.uk/2015/11/11/comcast_passwords_leak/Comcast, Orion, Zimbra,
34
3310/11/2015?SpotifyNewsweek reveals that over one thousand email addresses and passwords from the musing streaming app Spotify were leaked following a hack.UnknownIndustry: MusicCCSEhttp://www.newsweek.com/hundreds-spotify-accounts-leaked-apparent-hack-last-week-392696Spotify, Newsweek,
35
3410/11/2015TAFE QueenslandTAFE Queensland has experienced a breach that has seen the personal details of thousands of the state's TAFE students exposed.UnknownEducationCCAUhttp://www.zdnet.com/article/queensland-tafe-student-data-exposed-in-hack/TAFE Queensland,
36
3510/11/2015?http://fantasy.premierleague.comMalwarebytes reveals the details of a malvertising campaign targeting the website of fantasy.premierleague.com, potentially redirecting the users to a page hosting the Nuclear Exploit Kit.MalvertisingOnline GamingCCUKhttps://blog.malwarebytes.org/malvertising-2/2015/11/official-premier-league-fantasy-website-site-pushes-malvertising/Malwarebytes, fantasy.premierleague.com, Nuclear Exploit Kit,
37
3610/11/2015?Korea Advanced Institute of Science Technology
KAIST		More than a dozen students and faculty at the Korea Advanced Institute of Science Technology (KAIST) have their credit card information stolen by a hacker who attempted to make payments in Japan.UnknownEducationCCKRhttps://www.koreatimes.co.kr/www/news/nation/2015/11/116_190866.htmlKAIST, Korea Advanced Institute of Science Technology ,
38
3710/11/2015BravewandererBrigham Young University
byu.edu		A hacker called bravewanderer hacks the Brigham Young University (byu.edu) and dumps 11,894 records.UnknownEducationCCUShttp://pastebin.com/ctusqA92Bravewanderer, Brigham Young University, byu.edu,
39
3810/11/2015Eggfatherhttp://engineerboards.comEggfather hacks engineerboards.com and dumps 21,304 usernames and hashed passwords.SQLiOnline ForumCCUShttp://siph0n.in/exploits.php?id=4195Eggfather, engineerboards.com,
40
3910/11/2015Eggfatherhttp://www.c4forums.comEggfather hacks c4forums.com and dumps 15,276 usernames and hashed passwords.SQLiOnline ForumCCUShttp://siph0n.in/exploits.php?id=4194Eggfather, c4forums.com,
41
4010/11/2015Eggfatherhttp://forum.chumpcar.comEggfather hacks forum.chumpcar.com and dumps 15,276 usernames and hashed passwords.SQLiOnline ForumCCUShttp://siph0n.in/exploits.php?id=4193Eggfather, forum.chumpcar.com,
42
4110/11/2015Eggfatherhttp://www.mwcboard.com/Eggfather hacks mwcboard.com and dumps 15,276 usernames and hashed passwords.SQLiOnline ForumCCUShttp://siph0n.in/exploits.php?id=4192Eggfather, mwcboard.com,
43
4211/11/2015?Securus TechnologiesAn anonymous hacker leaks a vast collection containing metadata of over 70 million records of phone calls placed by prisoners to at least 37 US states and links to actual recordings for each call. The calls, allegedly leaked from Securus Technologies, span a nearly two-and-a-half year period, beginning in December 2011 and ending in the spring of 2014.UnknownIndustry: TechnologyCCUShttps://theintercept.com/2015/11/11/securus-hack-prison-phone-company-exposes-thousands-of-calls-lawyers-and-clients/Securus Technologies,
44
4311/11/2015?AmmyyThe installer of the remote desktop software Ammyy is compromised and distributes the tools used by the Buhtrap gang to spy on and control their victims’ computers.MalwareIndustry: SoftwareCCRUhttp://www.welivesecurity.com/2015/11/11/operation-buhtrap-malware-distributed-via-ammyy-com/Ammyy, Buhtrap,
45
4411/11/2015Fallaga TeamJewish Free School
http://www.jfs.brent.sch.uk/		The Tunisian Fallaga Team defaces the website of Europe’s largest Jewish school, JFS, posting a message that calls for an end to Islamophobia and aggression against Muslims.DefacementEducationHUKhttps://www.rt.com/uk/321597-islamist-hackers-jewish-school/Jewish Free School, jfs.brent.sch.uk, Fallaga Team,
46
4511/11/2015Fruityhaxhttp://laptopmania.co.uk/A hacker called Fruityhax hacks laptopmania.co.uk and dumps 1500 usernames and hashed passwords.SQLiIndustry: E-CommerceCCUKhttp://siph0n.in/exploits.php?id=4197Fruityhax, laptopmania.co.uk,
47
4611/11/2015?The Training Room
http://thetrainingroom.com/		An unknown hacker hacks thetrainingroom.com and dumps 1,141 records with usernames and hashed passwords.SQLiEducationCCUShttp://pastebin.com/sWa06kV0Thetrainingroom.com,
48
4712/11/2015AnonymousUnknown IndividualHalifax police forced to re-open investigation in a sexual assault case after Anonymous exposes the identity of the alleged culprit.UnknownSingle IndividualHCAhttps://www.hackread.com/anonymous-exposes-identity-of-alleged-halifax-rapist/Anonymous, Halifax,
49
4813/11/2015?https://grahamcluley.comThe website of the security blogger Graham Cluley (https://grahamcluley.com) is taken down by a DDoS attack.DDoSNewsCCUKhttps://grahamcluley.com/2015/11/cluley-ddos-attack/Graham Cluley, grahamcluley.com,
50
4914/11/2015?Tor NetworkReports emerge of possible DDOS attacks being directed at Tor exit nodesDDoSTor NetworkCCN/Ahttps://www.deepdotweb.com/2015/11/14/possible-large-scale-ddos-attacks-on-tor-exit-nodesTor Network,
51
5015/11/2015?Fashion to Figure
http://www.fashiontofigure.com		Fashion to Figure notifies customers of a breach involving malware inserted on their web host’s serverMalwareIndustry: RetailCCUShttp://www.databreaches.net/fashion-to-figure-notifying-customers-of-payment-card-compromise/Fashion to Figure, fashiontofigure.com,
52
5115/11/2015?Noble House Hotels and ResortsLuxury hotel chain Noble House Hotels and Resorts notifies customers of a breach in six properties they uncovered in the wake of reports by customers of fraudulent charges on payment cards.MalwareIndustry: Hotel and ResortCCUShttp://www.databreaches.net/noble-house-hotels-and-resorts-notifies-customers-at-six-luxury-hotels-of-payment-card-breach/Noble House Hotel and Resorts,
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100