Security Brief: Hacks and More Hacks
The main events of the week between January 18 – January 24
Most of the topics we’ve covered this week have been related to hacks. Several major companies, high-profile Twitter accounts, and government organizations fell victim to cybercriminals.So let’s start with the major companies. The list includes Facebook, Apple and Microsoft. Apparently, all three are the victims of a watering hole attack that leveraged a Java vulnerability.
It’s uncertain how Microsoft’s computers became infected with malware, but in the case of Facebook and Apple, the culprit was the iPhone Dev SDK developer forum, whose representatives admitted that their site was compromised.
Zendesk, the popular customer service, was also hacked. The breach affected three of the company’s customers: Twitter, Tumblr and Pinterest.
As far as Twitter hacks are concerned, we’ve had quite a few this week. The victims were Jeep, Burger King, Donald Trump, Top Gear’s Jeremy Clarkson, and a major Anonymous Operations account.
Donald Trump and Jeremy Clarkson were the most vocal after the incident. Trump said they were looking for the lowlife and Clarkson threatened to “kill” the one who hacked his Twitter account.
Anonymous continued OpLastResort by breaching the systems of the US Department of State (state.gov) and investment firm George K. Baum and Company. They also breached the website of the National Association of Federal Agents.
China has once again taken center stage this week. The country has been accused on numerous occasions of conducting cyber espionage operations, but the report released on Monday by Mandiant provides some evidence to support such claims.
The study details a campaign dubbed APT1, believed to be run by China’s People’s Liberation Army (PLA).
China has denied the accusations, arguing that the report doesn’t contain any facts, while some experts have criticized Mandiant.
In the meantime, another US-based organization reported being hacked by Chinese hackers. The Aspen Institute was notified by the FBI that its email communications had been monitored for a period of two months.
Other companies that reported being hacked this week are EDUCAUSE and New York-based Central Hudson Gas & Electric Corporation.
Here are other interesting stories, in case you’ve missed them:
The sentencing of Sabu has been postponed without any explanation.
Izz ad-Din al-Qassam Cyber Fighters warn that they will soon resume Operation Ababil.
Jeremy Hammond has released a statement from solitary confinement.
Vulnerability allows anyone to bypass the lock code on iPhones and iPads (video included).
HOT RIGHT NOW