A timeline of security related events
WannaCry Ransomware targets computers running the Microsoft Windows. WannaCry encrypts victims files and demands ransom payments in the Bitcoin cryptocurrency.
Tesco Bank Breach
9,000 customers of Tesco Bank had £2.5m stolen from their accounts.
The Sony Pictures Entertainment Hack
The Sony Pictures Entertainment hack resulted in the release of confidential data including the personal information of its employees and their families. The data was comprised of employee e-mail, salaries, copies of (previously) unreleased Sony films, and other information. The hackers called "Guardians of Peace" claimed to have performed the attack. The hackers demanded that Sony cancel the release of the film "The Interview". It is believed that the attack was sponsored or executed by North Korea, however, there is still some speculation around the source of the attack.
POODLE (Padding Oracle On Downgraded Legacy Encryption)
The POODLE attack forces/tricks encrypted communications between clients and servers from using secure protocols like TLS to downgrade to older insecure protocols (SSL 3.0). A POODLE attack can potentially allow the interception of “secure” traffic. All major browsers have patched the vulnerability. The patch issued disabled SSL 3.0 to prevent the POODLE attack.
A serious bug disclosed on September 24th, 2014 in the Bashcommand-line. This bug affected a substantial amount of Unix based systems on the internet. Attackers can exploit this vulnerability to gain unauthorized access to a system, and can execute commands at their will. Attackers exploited the Shellshock vulnerability within hours of disclosure. Many vulnerable systems were compromised and used in botnets to execute large distributed denial-of-service (ddos) attacks and also ran vulnerability scanners. The Shellshock vulnerability is similar to the Heartbleed vulnerability in severity.
Home Depot Credit Card Breach
Home Depot broke the world record for the number of credit cards stolen. A total of 56 million customer credit cards, debit cards, and email address accounts were exposed. The breach was performed using a similar variant of the point of sale (POS) Malware used for the Target breach.
Windows XP Support Ended
Support for the Microsoft Windows XP Operating System was ended, which also means no more security updates or bug fixes will be released.
Heartbleed is a vulnerability disclosed on April 2014, in the OpenSSL cryptographic library. The vulnerability allows data to be intercepted that is typically protected from SSL/TLS. SSL/TLS provides security and privacy over the Internet for applications such as web, email, instant messaging (IM) and some virtual private networks (VPNs). This vulnerability allows anyone on the Internet to read the memory of systems using vulnerable versions of the OpenSSL software. This puts the secret/private keys at risk, which are used to encrypt the traffic/communications.
Exploiting this vulnerability allows attackers to eavesdrop on secure communications, steal data from services and users,and allows attackers to impersonate services and users.
WARNING: anyone who has not generated new private keys after the the patch was issued, still has the potential to be exploited since the attacker may have already obtained your private keys while your server was vulnerable.
Target Credit Card Breach
Target broke the world record for the number of stolen credit cards. 40 million credit and debit cards were stolen. 70 million records including names, addresses, email address, and phone numbers of Target shoppers were also stolen.
Discovered in June 2010, and is often considered the first known event of Cyber Warfare. Stuxnet is a computer worm that
was designed to attack PLCs or programmable logic controllers. PLCs are used for automating machinery, power plants,
waste treatment facilities, automobiles, pumps, and centrifuges. Stuxnet used 4 zero days in the Microsoft Windows
operating system to target the Siemens boxes/software controlling Iranian centrifuges (can be used to enrich
uranium/nuclear fuel). The worm caused one-fifth of the Iranian centrifuges to spin past their rated capacity,
Stuxnet is typically introduced to the target environment through USB flash drives, and then propagates across the network scanning for the “specific” Siemens box it was programmed to target. If the “specific” Siemens box it was looking for was not detected, it will remain dormant on the PC and will just infect any non-infected flash drives plugged into the PC. If the “specific” Siemens box was detected the Stuxtnet worm will execute the attack on that Siemens box(a PLC).