30 December 2014

Pin It

List Top 13 Hacks Cyber Attacks of 2014

List Top 13 Hacks Cyber Attacks of 2014

Below is the list of top 13 hacks of year 2014

Apple’s iCloud services Hack –
A security hole in Apple’s cloud storage service was initially blamed for the Celebgate hack.
Stolen celebrity photos, alleged nude photos of Jennifer Lawrence, Kim Kardashian, and others were posted on the website 4chan after the hack

South Korea Gaming Hack –
Registration pages for gaming and gambling sites, as well as online ringtone downloads and movie ticket stores, were among the attackers’ targets.
70% population of South Korea affected by this.
South Korean police say it came from China

Sony Hack –
In late November, Sony Pictures Entertainment (SPE)   confirmed that it was the victim of a cyber-attack that destroyed systems and stole large quantities of personal and commercial data.
A group calling itself the “Guardians of Peace” claimed responsibility for the attack and subsequently issued threats against SPE, its employees, and theaters that distribute its movies.

The FBI has determined that the intrusion into SPE’s network consisted of the deployment of destructive malware and the theft of proprietary information as well as employees’ personally identifiable information and confidential communications.
The attacks also rendered thousands of SPE’s computers inoperable, forced SPE to take its entire computer network offline, and significantly disrupted the company’s business operations.

After discovering the intrusion into its network, SPE requested the FBI’s assistance. Since then, the FBI has been working closely with the company throughout the investigation. Sony has been a great partner in the investigation, and continues to work closely with the FBI. Sony reported this incident within hours, which is what the FBI hopes all companies will do when facing a cyber-attack. Sony’s quick reporting facilitated the investigators’ ability to do their jobs, and ultimately to identify the source of these attacks.

As a result of our investigation, and in close collaboration with other U.S. government departments and agencies, the FBI now has enough information to conclude that the North Korean government is responsible for these actions. While the need to protect sensitive sources and methods precludes us from sharing all of this information, our conclusion is based, in part, on the following:

Technical analysis of the data deletion malware used in this attack revealed links to other malware that the FBI knows North Korean actors previously developed. For example, there were similarities in specific lines of code, encryption algorithms, data deletion methods, and compromised networks.
The FBI also observed significant overlap between the infrastructure used in this attack and other malicious cyber activity the U.S. government has previously linked directly to North Korea. For example, the FBI discovered that several Internet protocol (IP) addresses associated with known North Korean infrastructure communicated with IP addresses that were hardcoded into the data deletion malware used in this attack.
Separately, the tools used in the SPE attack have similarities to a cyber-attack in March of last year against South Korean banks and media outlets, which was carried out by North Korea.

JP Morgan Chase Hack –
The data breach allowed hackers inside JPMorgan Chase
Over 83 million households and small businesses about 65 percent of all U.S. households were affected, including previous account holders.
But No financial damage was reported

Home Depot Hack in US –
Home Depot confirmed the biggest data breach in retailing history
Had compromised 56 million of its customers’ credit cards.
The data has popped up on black markets and, by one estimate, could be used to make $3 billion in illegal purchases.

Shellshock attack - Linux, Mac Attack –
First Shellshock botnet attacks Akamai, US DOD networks
Hack allowed hackers to gain access to vulnerable systems on Mac OS X and Linux computers

Wopbot a botnet that runs on Linux servers, the Bash Shellshock bug to auto-infect other servers,"
Wopbot has launched a distributed denial of service attack against servers hosted by content delivery network Akamai,
Millions of Apache webservers around the world could be at risk if their common gateway interface (CGI) scripts invoke Bash.

Heartbleed Hack –
A serious vulnerability in the popular OpenSSL cryptographic library has been discovered that allows attackers to steal information unnoticed is known as the Heartbleed.
The vulnerability allows anyone on the Internet to read the memory of systems that run vulnerable versions of OpenSSL, revealing the secret authentication and encryption keys to protect the traffic.
User names, passwords and the actual content of the communications can also be read.

Ebay Hack –
In May, eBay revealed that hackers had managed to steal personal records of 233 million users.
The hack took place between February and March, with usernames, passwords, phone numbers and physical addresses compromised.
Hackers stole eBay credentials and managed to gain access to sensitive data

P.F. Chang’s restaurant –
Customer payment information got hacked
After that thousands of newly stolen credit and debit cards went up for sale online on June 9th.
Hackers managed to hack P.F Chang’s point of sale machines and record credit and debit card data, which then found its way on to the black market.

Domino’s Pizza hack –
Hacking group Rex Mundi hacked customer records which included
Personal data, which included names, addresses, emails, phone numbers and even favourite pizza toppings

US Weather Systems Hack –
Chinese hackers broke into four websites belonging to the U.S. federal agency overseeing weather systems.
The U.S. National Oceanic and Atmospheric Administration carries weather data and satellite feeds to its websites. But those services were shut down by the agency for more than a week following the hack.

US Postal Service Hack –
Data of more than 800,000 employees has been compromised, including Social Security number and postal addresses.
Blamed – China

Snap chat hack –
Around 13 gigabytes of data including photos and videos were pilfered by hackers,
Later they appeared on 4chan site

Reality views by sm –

Tuesday, December 30, 2014

Tags – Top Hacks Year 2014


Destination Infinity December 30, 2014  

With so many hacks happening, and credit card information at risk, companies should not store credit card numbers in their servers. Customers can enter the details whenever they want to make a new purchase. Or, like in India, there should be an additional level of authentication for credit cards like a secret code, before a purchase is approved.

Insecurity of credit card details is another reason why we need to keep our credit limit, low.

Destination Infinity

Usha January 02, 2015  

We were affected by Home depot hack, after reading the news we called credit cared company because we had made one purchase from Home Depot but they didn't take any action, didn't advise to change the card...It took around 4 months to create duplicate copy of our card and get in the hands of the person living near NC mountains area. around 1500$ purchases were made, we got call about sudden costly transactions. It took very few hours to spend this amount. Our card was cancelled and new card was issued. Charges on card were cancelled.

Hope cyber security gets smarter and such hacks are stopped.

SM January 03, 2015  


it is good that charges on card were cancelled