WHID 2011-20: Hackers Get Access to New Jersey School Data System Entry Title: WHID 2011-20: Hackers Get Access to New Jersey School Data System WHID ID: 2011-20 Date Occurred: January 24, 2011 Attack Method: Brute Force Application Weakness: Insufficient Anti-automation Outcome: Session Hijacking Attacked Entity Field: Education Attacked Entity Geography: New Jersey Incident Description: Users of the 4chan online message board managed to get access to the online student information system used by a New Jersey school district after the school's administrative password was posted to 4chan last week. Mass Attack: No Reference: http://www.pcworld.com/businesscenter/article/217601/hackers_get_access_to_n ew_jersey_school_data_system.html Attack Source Geography: <http://wasc-whid.dabbledb.com/dabble/wasc-whid?view=62408&entry=64046> WHID 2011-19: Living Social Hacked (Update) Entry Title: WHID 2011-19: Living Social Hacked (Update) WHID ID: 2011-19 Date Occurred: January 19, 2011 Attack Method: Hidden Parameter Manipulation Application Weakness: Improper Input Handling Outcome: Monetary Loss Attacked Entity Field: Retail Attacked Entity Geography: Incident Description: Living Social doesn't do server side quantity validation (at least they didn't yesterday). Who cares you say? Well Amazon.com for one. Their latest offer of a $20 gift certificate for $10 has the explicit restriction of ONE per customer and no gifts. You see, Amazon actually only wants to discount their product for new customers or existing customers only on $20 of merchandise. If Amazon knew there was a way to buy say 100 vouchers and receive $2000 of Amazon merchandise for $1000, they would probably blow a gasket. Mass Attack: No Reference: http://www.deepgreencrystals.com/archives/2011/01/living-social-h.html Attack Source Geography: <http://wasc-whid.dabbledb.com/dabble/wasc-whid?view=62408&entry=64020> WHID 2011-18: French president recovers from Facebook hack Entry Title: WHID 2011-18: French president recovers from Facebook hack WHID ID: 2011-18 Date Occurred: January 24, 2011 Attack Method: Stolen Credentials Application Weakness: Insufficient Authentication Outcome: Disinformation Attacked Entity Field: Web 2.0 Attacked Entity Geography: Incident Description: The Facebook account of Nicolas Sarkozy was hacked over the weekend to post the false rumour that the French president would not seek re-election next year. Mass Attack: No Reference: http://www.theregister.co.uk/2011/01/24/french_pres_facebook_hack/ Attack Source Geography: Attacked System Technology: Facebook <http://wasc-whid.dabbledb.com/dabble/wasc-whid?view=62408&entry=64009> WHID 2011-17: DNS Hack Brings Down Google Bangladesh For Many Entry Title: WHID 2011-17: DNS Hack Brings Down Google Bangladesh For Many WHID ID: 2011-17 Date Occurred: January 10, 2011 Attack Method: DNS Hijacking Application Weakness: Application Misconfiguration Outcome: Defacement Attacked Entity Field: Search Engine Attacked Entity Geography: Bangladesh Incident Description: On Saturday, Google Bangladesh appeared to have been hacked. When some users went to the Google site, they saw a message from the TiGER-M@TE hacker group that the site was taken over. Reports came in at the Google Webmaster Help forum where we learned the issue was around DNS servers being taken over and some users who replied on those DNS servers were being taken from Google.com.bd to this hacked version. Mass Attack: No Reference: http://www.seroundtable.com/google-bangladesh-dns-hack-12773.html Attack Source Geography: <http://wasc-whid.dabbledb.com/dabble/wasc-whid?view=62408&entry=63998> WHID 2011-16: North Korea: South Korea Cyber Attack Accusation After Website Hacked Entry Title: WHID 2011-16: North Korea: South Korea Cyber Attack Accusation After Website Hacked WHID ID: 2011-16 Date Occurred: January 11, 2011 Attack Method: Unknown Application Weakness: Unknown Outcome: Defacement Attacked Entity Field: Government Attacked Entity Geography: North Korea Incident Description: Political Hacktivism. North Korea is accusing South Korean Internet users of hacking into one of its websites, calling the behavior a provocation aimed at undermining its national dignity. The North's government-run Uriminzokkiri website said Tuesday that South Korean Internet users recently deleted articles on the site and posted messages slandering the North's dignity. Mass Attack: No Reference: http://www.huffingtonpost.com/2011/01/11/north-korea-accuses-south_1_n_80743 6.html Attack Source Geography: South Korea <http://wasc-whid.dabbledb.com/dabble/wasc-whid?view=62408&entry=63987> WHID 2011-15: Hacker Code Lingered on Home Depot Website Entry Title: WHID 2011-15: Hacker Code Lingered on Home Depot Website WHID ID: 2011-15 Date Occurred: January 11, 2011 Attack Method: Unknown Application Weakness: Improper Output Handling Outcome: Planting of Malware Attacked Entity Field: Retail Attacked Entity Geography: Incident Description: An IT analyst has uncovered the lingering remnants of a 2009 breach of security on the website of the major retailer: secret code hidden on the website that redirected the user's browser to a site that served up malware. "Somebody managed to deface the site and inject that code, so that anyone visiting the site would have loaded the malicious code from this other site," explained Mike Menefee, founder of security website Infosec Island, which discovered the hack. Mass Attack: No Reference: http://www.foxnews.com/scitech/2011/01/11/home-depot-website-compromised/ Attack Source Geography: <http://wasc-whid.dabbledb.com/dabble/wasc-whid?view=62408&entry=63976> WHID 2011-14: Hacker Hits FOX23 School Closings Entry Title: WHID 2011-14: Hacker Hits FOX23 School Closings WHID ID: 2011-14 Date Occurred: January 11, 2011 Attack Method: Unknown Application Weakness: Unknown Outcome: Disinformation Attacked Entity Field: Media Attacked Entity Geography: Oklahoma, USA Incident Description: FOX23 distributes top secret information to school districts so they can post school closings to our website. Tuesday morning, that information fell into the wrong hands, and for five minutes students in Broken Arrow thought they had a day off school. This morning at 7:33 Broken Arrow mom Becki Santucci heard a ding in her purse. ³I got a text message saying Broken Arrow schools are closed.² The sender, ³FOX23. (It was) my email alert about school closings.² But school was not closed. Someone logged on to FOX23.com and posted the closing without anyone's permission. Mass Attack: No Reference: http://www.fox23.com/news/local/story/Hacker-Hits-FOX23-School-Closings/nJlT wic8fEqLIhxpEs2Vow.cspx Attack Source Geography: <http://wasc-whid.dabbledb.com/dabble/wasc-whid?view=62408&entry=63965> WHID 2011-13: Hackers deface IBM DeveloperWorks website Entry Title: WHID 2011-13: Hackers deface IBM DeveloperWorks website WHID ID: 2011-13 Date Occurred: January 11, 2011 Attack Method: Unknown Application Weakness: Unknown Outcome: Defacement Attacked Entity Field: Technology Attacked Entity Geography: USA Incident Description: An IBM site for developers was defaced over the weekend, with attackers replacing some of the web pages on the site with ones containing their own messages, IBM confirmed Monday. Mass Attack: No Reference: http://www.cio.co.uk/news/3256323/hackers-deface-ibm-developerworks-website/ Attack Source Geography: <http://wasc-whid.dabbledb.com/dabble/wasc-whid?view=62408&entry=63954> WHID 2011-12: Cyber Criminals Attack A Hundred Online Casino Sites Entry Title: WHID 2011-12: Cyber Criminals Attack A Hundred Online Casino Sites WHID ID: 2011-12 Date Occurred: January 13, 2011 Attack Method: Denial of Service Application Weakness: Insufficient Anti-automation Outcome: Monetary Loss Attacked Entity Field: Entertainment Attacked Entity Geography: South Korea Incident Description: A South Korean web hosting company that allegedly hosted an illegal gambling site is in trouble with authorities for organising a series of ³cyber attacks² on competing illegal online casinos in order to grab gambling business from rival gangsters. Between November 21st and December 15th, 2010, Lee, 32, head of the computer server company along with Park, 37, a hacker working for an Incheon based crime gang which owned the gambling site, organised distributed denial-of-service attacks (DDoS Mass Attack: No Reference: http://www.onlinepoker.net/poker-news/general-poker-news/cyber-criminals-att ack-online-casino-sites/9141 Attack Source Geography: South Korea <http://wasc-whid.dabbledb.com/dabble/wasc-whid?view=62408&entry=63943> WHID 2011-11: Educational, government and military sites hit by hackers Entry Title: WHID 2011-11: Educational, government and military sites hit by hackers WHID ID: 2011-11 Date Occurred: January 17, 2011 Attack Method: Known Vulnerability Application Weakness: Application Misconfiguration Outcome: Link Spam Attacked Entity Field: Hosting Providers Attacked Entity Geography: Utah Incident Description: A software security issue with a popular US-based web hosting provider is reportedly allowing hackers to secretly add dozens of web pages to military, educational, financial and government sites in a bid to promote so-called pharma retailing sites. Mass Attack: No Reference: http://www.infosecurity-magazine.com/view/15209/educational-government-and-m ilitary-sites-hit-by-hackers/ Attack Source Geography: Attacked System Technology: cPanel <http://wasc-whid.dabbledb.com/dabble/wasc-whid?view=62408&entry=63922>