Corporate Hacks

2013: Target, Adobe, NYT

Ashley Madison (2015)

  • 26-04-2017: Ashley Madison blackmailers threaten to create Cheater’s Gallery exposing members who don’t pay up.  [Graham Cluley]  [HardOCP]
  • 29-12-2016: Five unexpected lessons from the Ashley Madison breach.  [Ars Technica]
  • 11-09-2015: Flaws found in Ashley Madison password protection.  [BBC News]
  • 08-09-2015: Ashley Madison made dumb security mistakes, researcher says.  [The Register]
  • 01-09-2015: What if 'deuszu' ISN'T the Ashley Madison hacker?  [The Register]
  • 31-08-2015: Spy agencies mining Ashley Madison data for blackmail material.  [Stuff]
  • 28-08-2015: Ashley Madison founder steps down.  [BBC News]
  • 28-08-2015: Huge surge in spam emails since Ashley Madison hack.  [NZ Herald]
  • 27-08-2015: EFF: Ashley Madison abusing DMCA “to put genie back in the bottle”.  [Ars Technica]
  • 26-08-2015: Ashley Madison "delete tool" detailed in latest analysis.  [BBC News]
  • 26-08-2015: Who hacked Ashley Madison?  [Krebs]  [The Register]  [HardOCP]
  • 26-08-2015: Lessons learned from cracking 4,000 Ashley Madison passwords.  [Ars Technica]
  • 25-08-2015: Ashley Madison hit with $500 million in lawsuits.  [Wired]
  • 25-08-2015: Military investigated Ashley Madison customer over adultery.  [Wired]
  • 24-08-2015: Leaked Ashley Madison emails suggest execs hacked competitors.  [Krebs]  [BBC News]  [Gizmodo]  [Wired]  [Graham Cluley]  [HardOCP]  [ZDNet]  [The Register]
  • 24-08-2015: $500k bounty for Ashley Madison hackers.  [Krebs]  [Graham Cluley]  [Ars Technica]  [Wired]  [Engadget]  [HardOCP]  [The Independent]  [The Register]
  • 24-08-2015: John McAfee: Ashley Madison "Was an inside job".  [Gizmodo]
  • 22-08-2015: Ashley Madison hackers vow more attacks  [Stuff]
  • 22-08-2015: The Ashley Madison hack should scare you.  [Engadget]
  • 22-08-2015: Ashley Madison hackers leave footprints that may help investigators.  [Ars Technica]
  • 21-08-2015: Impact Team hackers break silence.  [Gizmodo]  [Stuff]
  • 21-08-2015: Extortionists target Ashley Madison users.  [Krebs]
  • 21-08-2015: Second Ashley Madison dump prompts more inside-job speculation.  [The Register]
  • 21-08-2015: Ashley Madison hack exposes -- wait for it -- a lousy business.  [Wired]
  • 21-08-2015: Ashley Madison hackers bash the site's security practices.  [Engadget]  [Motherboard: part 1part 2]
  • 20-08-2015: Ashley Madison is sending out bogus DMCA takedown notices.  [Gizmodo]
  • 20-08-2015: Map shows gender breakdown of Ashley Madison users across the world.  [Gizmodo]  [CartoDB]  [NZ Herald]
  • 20-08-2015: 2nd dump from Ashley Madison hack twice the size, includes CEO e-mail.  [Ars Technica]  [Wired]  [BBC News]  [Stuff]  [Gizmodo]  [The Register]  [Engadget]
  • 20-08-2015: The Pentagon is investigating the Ashley Madison hack.  [Gizmodo]
  • 20-08-2015: Ashley Madison: Who are the hackers behind the attack?  [BBC News]
  • 20-08-2015: The Ashley Madison files – are people really this stupid?  [The Register]
  • 20-08-2015: Owner of Ashley Madison website confirms some authentic data leaked.  [Stuff]  [The Register]
  • 19-08-2015: Check if your data was leaked in the Ashley Madison hack.  [Lifehacker]
  • 19-08-2015: The Ashley Madison hack is only the beginning.  [Gizmodo]  [BBC News]
  • 19-08-2015: How to search the Ashley Madison dump.  [Wired]  [Engadget]
  • 19-08-2015: Ashley Madison hack is not only real, it’s worse than we thought.  [Ars Technica]  [Gawker]  [NZ Herald]
  • 19-08-2015: What's in the Ashley Madison dump?  [BBC News]
  • 18-08-2015: Ashley Madison's leaked database available for download.  [Graham Cluley]  [The Register]  [Stuff]  [Ars Technica]  [Engadget]  [Gizmodo]  [Wired]  [BBC News]  [Krebs]  [HardOCP]  [ExtremeTech]

OPM (2015)

  • 17-08-2015: That massive IRS hack was way more massive than we thought.  [Gizmodo]  [WSJ]  [The Register]
  • 23-07-2015: Obama administration decides not to blame China publicly for OPM hack.  [Ars Technica]
  • 21-07-2015: How the Army screwed over targets of biggest government hack ever.  [Gizmodo]  [The Intercept]
  • 13-07-2015: Why the OPM hack will be a national security threat for decades to come.  [Gizmodo]
  • 11-07-2015: OPM got hacked and all I got was this stupid e-mail.  [Ars Technica]
  • 10-07-2015: OPM director resigns after news that hack affected 21.5 million people.  [Ars Technica]  [BBC News]  [THG]  [Gizmodo]  [Graham Cluley]
  • 09-07-2015: The largest government hack ever is way bigger than we thought.  [Gizmodo]  [Engadget]
  • 05-07-2015: Hillary Clinton accuses China of hacking efforts.  [Stuff]  [Graham Cluley]
  • 01-07-2015: OPM data hack.  [Schneier]
  • 29-06-2015: In wake of hack, no Federal background checks.  [HardOCP]  [ABC News]
  • 26-06-2015: OPM data breach: National Intelligence head looks to Beijing.  [The Register]  [HardOCP]  [cNet]
  • 23-06-2015: Hackers may have personal data of 18 million US Government workers.  [Gizmodo]
  • 22-05-2015: “EPIC” fail -- how OPM hackers tapped the mother lode of espionage data.  [Ars Technica]
  • 19-06-2015: Investigators connect massive federal hack to China.  [Engadget]
  • 18-06-2015: OPM’s database for sale? Nope, it came from another US .Gov.  [Krebs]
  • 15-06-2015: Catching up on the OPM breach.  [Krebs]  [The Register]
  • 12-06-2015: Hack of government employee records discovered by product demo.  [Ars Technica]
  • 12-06-2015: Background info on US spies, military stolen by hackers.  [Engadget]
  • 12-06-2015: How much info did hackers steal on US spies? Try all of it.  [The Register]
  • 11-06-2015: Hack on Federal database lost 4.1M social security numbers, personal info.  [DailyTech]  [Engadget]  [Gizmodo]  [HardOCP]  [reCode]
  • 09-06-2015: Why the “biggest government hack ever” got past the feds.  [Ars Technica]
  • 06-06-2015: Data hacked from federal government dates back to 1985 - US official.  [Stuff]
  • 05-06-2015: Chinese hackers accused of two more huge security breaches.  [Gizmodo]
  • 05-06-2015: Chinese hackers accused of making off with millions of US government employees' information.  [Stuff]  [DailyTech]
  • 05-06-2015: Hackers steal files on 4 million US govt workers.  [The Register]  [BBC News]  [Engadget]

Sony Pictures (2014)

  • 29-07-2016: Sony Pictures sued over hack - again.  [Gizmodo]
  • 24-02-2016: The Sony hackers were causing mayhem years before they hit the company.  [Wired]
    • 25-02-2016: Hackers that took down Sony are still on the attack.  [Stuff]
  • 30-12-2014: FBI maintains that North Korea hacked Sony as detractors mount.  [Engadget]
  • 30-12-2014: Sony hacked by ex-employee?  [HardOCP]  [Politico]  [Ars Technica]  [Schneier]  [Politico]  [Stuff]
  • 30-12-2014: Infosec bods blame disgruntled insiders for savage Sony hack.  [The Register]
  • 30-12-2014: Sony hackers 'shared' stolen employee login data.  [BBC News]
  • 30-12-2014: US investigators suspect North Korea hired hackers for Sony 'The Interview' cyberattack.  [Stuff]
  • 29-12-2014: The Interview and the aftermath.  [Engadget]
  • 29-12-2014: Will The Interview change how Hollywood does business?  [Stuff]
  • 26-12-2014: Alternate theory on Sony Hack points to Russian hackers, not North Korea.  [BoingBoing]  [NYT]
  • 25-12-2014: The Interview: 2014's most infamous film isn't great, but it's important.  [Engadget]
  • 24-12-2014: FBI warned of a Sony-style hack in a report last year.  [Engadget]
  • 24-12-2014: Meet the Sony hack truthers.  [Gizmodo]
  • 24-12-2014: Microsoft, Google back The Interview, North Korea vows attacks on America.  [DailyTech]
  • 24-12-2014: North Korea did not hack Sony, says security researcher.  [BoingBoing]  [The Daily Beast]
  • 24-12-2014: Did North Korea really attack Sony?  [Schneier]
  • 23-12-2014: US lawmaker asks Sony for details on data breach.  [HardOCP]  [Network World]
  • 23-12-2014: The case for North Korea’s role in Sony hack.  [Krebs]
  • 23-12-2014: If North Korea did hack Sony, it’s a whole new kind of cyberterrorism.  [Wired]
  • 23-12-2014: The Sony hack: a bitter multi-motive pill to chew.  [DC Knowledge]
  • 23-12-2014: Sony threatens to sue Twitter over tweets containing leaked emails.  [Wired]  [THG]  [ReadWriteWeb]  [Ars Technica]
  • 22-12-2014: North Korea and cyberterrorists won big in Sony hack, researcher says.  [Ars Technica]
  • 22-12-2014: How to explain the Sony hack to your relatives.  [Gizmodo]
  • 22-12-2014: China condemns cyberattacks, but says no proof North Korea hacked Sony.  [Reuters]  [Gizmodo]
  • 22-12-2014: Reacting to the Sony hack.  [Schneier]  [BoingBoing]
  • 21-12-2014: 'Google catches us in an invisible web of our personal data without telling us'.  [The Register]
  • 20-12-2014: I work at Sony Pictures -- this is what it was like after we got hacked.  [Fortune]
  • 20-12-2014: FBI: North Korea responsible for Sony hack.  [Stuff]  [BoingBoing]  [Krebs]  [BoingBoing]  [The Register]  [FBI]  [The Verge]  [TrustedReviews]  [Ars Technica]  [Engadget]  [Gizmodo]
    • 20-12-2014: NORKS: FBI's Sony Pictures' hacking allegations are 'groundless slander'.  [The Register]
    • 20-12-2014: North Korea proposes joint Sony hack inquiry with US.  [BBC News]  [Engadget]  [BBC News]  [HardOCP]  [PCWorld]
    • 20-12-2014: US asks China to help rein in Korean hackers.  [NYT]  [The Register]
    • 21-12-2014: North Korea denies hacking Sony.  [Stuff]
    • 21-12-2014: Obama doesn't believe the Sony hack was an act of war.  [Engadget]  [HardOCP]  [CIO]  [Stuff]
    • 22-12-2014: China tells US it opposes cyber attacks.  [BBC News]
    • 22-12-2014: North Korea threatens to target White House following Sony attacks.  [Gizmodo]  [BBC News]  [HardOCP]  [The Guardian]
    • 23-12-2014: Experts are still divided on whether North Korea is behind Sony attack.  [Wired]
  • 20-12-2014: A look at North Korea's cyberwar capabilities.  [NZ Herald]
  • 19-12-2014: How North Korea could have pulled off Sony Pictures hack.  [CBS]
  • 19-12-2014: Hackers used sophisticated SMB worm tool to attack Sony.  [Security Week]
    • 20-12-2014: Malware believed to hit Sony studio contained a cocktail of badness.  [Ars Technica]
  • 19-12-2014: Sony Pictures hack is Hollywood's 'Snowden moment' say infosec bods.  [The Register]
    • 20-12-2014: Leaked Sony IT evaluations: "there is no overall strategy".  [Gizmodo]
  • 19-12-2014: Lessons from the Sony hack.  [Schneier]
  • 19-12-2014: Timeline of the Sony Pictures Entertainment hack.  [NZ Herald]
  • 19-12-2014: Obama on hack: "Sony made a mistake" in killing The Interview.  [BoingBoing]  [BBC News]  [Ars Technica]  [Wired]  [NZ Herald]  [Engadget]  [Gizmodo]
    • 20-12-2014: Sony exec fires back at President Obama.  [CNN]
  • 19-12-2014: What is FBI evidence for North Korea hack attack?  [BBC News]
  • 19-12-2014: Sony hackers got in with stole admin credentials.  [Gizmodo]
  • 18-12-2014: Sloppy security hygiene made Sony Pictures ripe for hacking.  [Ars Technica]
  • 18-12-2014: State-sponsored or not, Sony Pictures malware “bomb” used slapdash code.  [Ars Technica]
  • 18-12-2014: US government fingers North Korea as the Sony hackers.  [Ars Technica]  [Stuff]  [HardOCP]  [ABC News]  [Engadget]  [NYT]  [Hollywood Reporter]  [ReadWriteWeb]  [Graham Cluley]
    • 18-12-2014: The evidence that North Korea hacked Sony is flimsy.  [Wired]
    • 18-12-2014: Whodunnit? The mystery of the Sony Pictures hack.  [BBC News]  [ExtremeTech]
    • 18-12-2014: Why the Sony hack is unlikely to be the work of North Korea.  [Marc Rogers]
  • 17-12-2014: Sony Pictures employees now working in an office “from ten years ago”.  [TechCrunch]
  • 17-12-2014: Report: North Korea may be behind Sony Pictures hack after all.  [Gizmodo]  [ABC News]
  • 17-12-2014: NY premiere of The Interview cancelled after hackers' terrorist threats.  [The Register]  [Graham Cluley]
  • 17-12-2014: Sony hack: A guide to the cyber attack on Hollywood.  [BBC News]
  • 16-12-2014: Former employees are suing Sony over ‘epic nightmare’ hack.  [Wired]  [The Register]
  • 16-12-2014: Sony Pictures hackers threaten violence against moviegoers: “Remember the 9/11".  [BoingBoing]  [Fusion]  [Ars Technica]  [Engadget]  [Gizmodo]  [BBC News]  [Stuff]
  • 15-12-2014: Sony Leak: the secret meetings that set Hollywood's anti-piracy war plan.  [Gizmodo]
  • 15-12-2014: 13 revelations from the Sony hack.  [HardOCP]  [cNet]
  • 15-12-2014: Hackers won't release Sony workers' personal info if they object.  [Engadget]  [reCode]  [Gizmodo]
  • 15-12-2014: Hackers promise “Christmas present” Sony Pictures won’t like.  [Ars Technica]  [Wired]
    • 16-12-2014: Sony hackers dump more hunks of stolen data, promise another 'Christmas gift'.  [The Register]  [NZ Herald]
  • 15-12-2014: Sony to media: stop publishing our stolen stuff or we'll get nasty.  [The Register]  [BBC News]  [Krebs]  [Graham Cluley]  [ReadWriteWeb]  [TrustedReviews]  [Stuff]
    • 16-12-2014: Is it ethically okay for journalists to mine hacked Sony emails for stories?  [BoingBoing]  [Poynter]
    • 16-12-2014: Sony hacks: Sorkin says media are 'morally treasonous'.  [BBC News]
  • 14-12-2014: Sony left personal data for millions unprotected.  [Gawker]
  • 13-12-2014: Sony Pictures hack sophisticated enough to enter government websites.  [MobileBurn]
  • 12-12-2014: Sony execs knew about extensive IT flaws two months before leaks.  [Gizmodo]  [reCode]
  • 12-12-2014: Sony was hacked in February and chose to stay silent.  [Gawker]  [HardOCP]
  • 12-12-2014: Report: Sony hacking its own leaked data to stop it being downloaded.  [Gizmodo]  [reCode]  [The Register]
  • 12-12-2014: I'm a Sony Pictures employee.  [Gizmodo]
  • 11-12-2014: Comments on the Sony hack.  [Schneier]
  • 11-12-2014: Sony attempts attack to prevent access of stole data.  [ReadWriteWeb]  [ExtremeTech]
    • 11-12-2014: Amazon denies Sony used AWS for DDoS counter-attacks.  [HardOCP]  [ZDNet]
  • 10-12-2014: Sony is reportedly using hacker methods to take its stolen data offline.  [Engadget]
  • 10-12-2014: Sony pictures hack: the whole story.  [Engadget]
  • 10-12-2014: Sony attackers also stole certificates to sign malware.  [Ars Technica]
  • 09-12-2014: The Sony hacks are terrifying.  [Gizmodo]
  • 09-12-2014: Why Sony keeps getting hacked.  [Gizmodo]
  • 09-12-2014: Leaked emails reveal that hackers demanded money from Sony Pictures before attack.  [Graham Cluley]
    • 10-12-2014: Sony hackers apparently demand studio pull ‘The Interview’.  [HardOCP]  [Variety]
  • 08-12-2014: Sony Pictures attackers demand: “Stop the terrorist film!”  [Ars Technica]  [TrustedReviews]  [NZ Herald]
  • 08-12-2014: Kaspersky drops details on Sony hacker malware.  [The Register]
  • 07-12-2014: Sony leak traced to Bangkok hotel.  [Gizmodo]
  • 07-12-2014: Sony cyberattack was 'unprecedented'.  [Stuff]  [Gizmodo]
    • 10-12-2014: "Unprecedented” cyberattack no excuse for Sony breach, pros say.  [Ars Technica]
    • 10-12-2014: Imagine you’re the CEO of a big company that has just been hacked…  [Graham Cluley]
  • 05-12-2014: Version of malware that took out Sony Pictures seen “in wild” in July.  [Ars Technica]
  • 05-12-2014: Hacker threatening Sony employees' families.  [HardOCP]  [Variety]  [Ars Technica]  [The Register]  [Engadget]  [Stuff]  [Gizmodo]
  • 05-12-2014: Sony Pictures' nightmare week: what now?  [BBC News]
  • 04-12-2014: Sony hack reportedly includes 47,000 SSNs, celebrity data.  [The Hollywood Reporter]  [Engadget]  [Gizmodo]  [The Register]
    • 09-12-2014: Sony hack snowballs as movie scripts, celebrity phone numbers leaked.  [Engadget]  [Gizmodo]  [Stuff]
    • 11-12-2014: Sony Pictures top lawyer’s emails exposed in latest leak.  [Gizmodo]
  • 04-12-2014: Sony kept thousands of passwords in a folder named "Password".  [Gizmodo]
  • 04-12-2014: Sony Pictures megahack: security bods pull out probes, analyse badness.  [The Register]
  • 04-12-2014: North Korea denies Sony hack.  [Gizmodo]  [HardOCP]  [Reuters]  [The Register]  [DC Knowledge]
  • 04-12-2014: The Sony hack gets even worse as thousands of passwords leak.  [Gizmodo]
  • 04-12-2014: Are we safe from Sony hack's malware?  [Stuff]
  • 04-12-2014: Sony Pictures and FBI investigating attack by hackers.  [NYT]
  • 04-12-2014: Inside the “wiper” malware that brought Sony Pictures to its knees.  [Ars Technica]
  • 04-12-2014: Sony denies North Korea hack report.  [Stuff]
  • 03-12-2014: Sony got hacked hard: what we know and don’t know so far.  [Wired]
  • 03-12-2014: The Sony Pictures hack was even worse than everyone thought.  [Gizmodo]  [BuzzFeed]  [Fusion]
  • 03-12-2014: Sony to officially name North Korea as source of hack attack.  [reCode]
  • 03-12-2014: ISPs must take responsibility for Sony movie leaks.  [HardOCP]  [TorrentFreak]
  • 03-12-2014: Experts doubt North Korea hacked Sony.  [Stuff]
  • 02-12-2014: Sony Pictures hack gets uglier; North Korea won’t deny responsibility.  [Ars Technica]
  • 02-12-2014: FBI investigates hack into Sony Pictures corporate network.  [DC Knowledge]
  • 02-12-2014: Sony breach may have exposed employee healthcare, salary data.  [Krebs]  [Gizmodo]  [Fusion]  [HardOCP]
  • 02-12-2014: North Korea refuses to deny Sony Pictures cyber-attack.  [BBC News]
  • 02-12-2014: North Korea anger over film may have sparked cyber attack.  [BBC News]
  • 02-12-2014: FBI malware warning after Sony attack.  [Stuff]  [Reuters]  [ReadWriteWeb]  [The Register]  [Engadget]  [Gizmodo]  [THG]
  • 01-12-2014: FBI investigating hack at Sony Pictures Entertainment.  [BBC News]
  • 01-12-2014: Did North Korea hack Sony? It seems hard to believe.  [Graham Cluley]
  • 30-11-2014: Did Nork hackers cripple Sony Pictures' network? Probe underway – report.  [The Register]  [Ars Technica]
  • 29-11-2014: Unreleased Sony movies leak online following studio hack.  [Engadget]  [Variety]  [Stuff]
  • 28-11-2014: Sony employees face 'weeks of pen and paper' after crippling network hack.  [The Register]
  • 25-11-2014: Hack of Sony Pictures indicates employees were pirating Blu-rays.  [DailyTech]
  • 24-11-2014: Sony Pictures hacked, entire computer system reportedly unusable.  [TNW]  [TrustedReviews]  [HardOCP]  [Deadline]  [The Register]  [Engadget]

Home Depot (2014)

  • 27-11-2014: Home Depot hacker hosing cost a wallet-draining $43m so far.  [The Register]
  • 12-11-2014: Target, Home Depot and UPS attacks: need to rethink point-of-sale security.  [The Register]
  • 09-11-2014: Home Depot lost 53 million emails, blames Windows, buys execs new Macs.  [DailyTech]
  • 07-11-2014: Home Depot: hackers stole 53M email addreses.  [Krebs]  [Gizmodo]  [WSJ]  [HardOCP]  [Home Depot]  [Engadget]  [The Register]
  • 23-09-2014: Home Depot’s former security architect had history of techno-sabotage.  [Ars Technica]  [Graham Cluley]
  • 20-09-2014: Home Depot ignored its own cybersecurity team since 2008.  [HardOCP]  [The Verge]  [NYT]  [Ars Technica]  [Gizmodo]
  • 18-09-2014: Home Depot: 56M cards impacted, malware contained.  [Krebs]  [DailyTech]
  • 18-09-2014: In Home Depot breach, investigation focuses on self-checkout lanes.  [Krebs]
  • 08-09-2014: In wake of confirmed breach at Home Depot, banks see spike in PIN debit card fraud.  [Krebs]
  • 08-09-2014: Appalling negligence: decade-old Windows XPe holes led to Home Depot hack.  [DailyTech]
  • 08-09-2014: Home Depot confirms hack: as many as 60 million cards stolen.  [Gizmodo]  [BoingBoing]  [Reuters]  [BBC News]
  • 07-09-2014: Home Depot hit by same malware as Target.  [Krebs]  [Lifehacker]  [Gizmodo]
  • 04-09-2014: Fears grow of Home Depot data breach, exposing customers’ payment details.  [Graham Cluley]
  • 03-09-2014: Data: nearly all US Home Depot stores hit.  [Krebs]
  • 02-09-2014: Banks: credit card breach at Home Depot.  [Krebs]  [BGR]


Target (2013)
  • 21-09-2015: Inside Target, days after the 2013 breach.   [Krebs]
  • 06-05-2014: The Target breach, by the numbers.  [Krebs]
  • 05-05-2014: Target’s CEO gets the chop, after retailer suffers massive data breach.  [Graham Cluley]  [DailyTech]  [BGR]
  • 29-04-2014: How Target's huge hacking could finally make credit cards secure.  [Wired]
  • 25-02-2014: Card backlog extends pain from Target breach.  [Krebs]
  • 14-02-2014: Target warned of vulnerabilities before data breach.  [WSJ]
  • 12-02-2014: Email attack on vendor set up breach at Target.  [HardOCP]  [Krebs]
  • 05-02-2014: Target hackers broke in via HVAC company.  [Krebs]  [Ars Technica]  [Gizmodo]  [DailyTech]
    • 06-02-2014: Company behind Target data breach exposed.  [GottaBeMobile]
    • 07-02-2014: HVAC vendor confirms link to massive Target data breach.  [Gizmodo]
  • 04-02-2014: Target breach went on longer than thought.  [WSJ]
  • 04-02-2014: These guys battled BlackPOS at a retailer.  [Krebs]
  • 03-02-2014: Target works on security-heavy credit cards, after breach.  [cNet]
  • 30-01-2014: Target hack not possible without some old-school theft.  [BGR]
  • 29-01-2014: New clues in Target breach.  [Krebs]
  • 23-01-2014: Experts: Target hackers will be tough to find.  [NZ Herald]
  • 18-01-2014: How the Target credit card data breach worked.  [GottaBeMobile]  [BGR]
  • 17-01-2014: Target's holiday hack apology email looks like another hack.  [Gizmodo]
  • 17-01-2014: Target got hacked hard in 2005 -- here's why they let it happen again.  [Wired]
  • 17-01-2014: Target data hack only the beginning of massive, sophisticated attack.  [BGR]
  • 16-01-2014: Looks like Russians were behind the Target attack.  [Gizmodo]  [WSJ]
  • 16-01-2014: U.S. government warns merchants on methods used by Target hackers.  [Reuters]
  • 16-01-2014: Target will testify before Congress over massive holiday data breach.  [The Verge]
  • 15-01-2014: A first look at the Target intrusion malware.  [Krebs: part 1part 2]
  • 14-01-2014: RAM-scraping malware could have been installed on Target’s tills.  [Graham Cluley]
  • 13-01-2014: Target confirms PoS malware was used in attack.  [SecurityWeek]
  • 10-01-2014: Names, emails, phone numbers on up to 70 million customers stolen.  [Krebs]  [BGR]  [Ars Technica]  [Gizmodo]  [re/code]  [cNet]  [HardOCP]  [NBC News]  [THG]
  • 27-12-2013: Target confirms that encrypted PINs were swiped in Black Friday hack.  [Gizmodo]  [The Verge]  [BGR]  [THG]  [GottaBeMobile]  [Engadget]  [HardOCP]  [USA Today]
  • 25-12-2013: Reuters: Target hackers got encrypted bank PINs as well.  [BGR]
    • 26-12-2013: Target denial of stolen PINs.  [Gizmodo]
  • 24-12-2013: Who's selling credit cards from Target?  [Krebs]
  • 24-12-2013: Target warns customers of scams after massive data breach.  [Fox News]
  • 23-12-2013: Target discusses breach with state attorneys.  [WSJ]
  • 22-12-2013: Non-US cards used at Target fetch premium.  [Krebs]
  • 20-12-2013: Cards stolen in Target breach flood underground markets.  [Krebs]
  • 19-12-2013: 40 million at risk after Target card heist.  [BBC News]  [Lifehacker]

Adobe (2013)
  • 27-11-2013: 38m Adobe users unaware of major data breach .  [IT Brief]
  • 12-11-2013: Cryptographic blunders revealed by Adobe's password leak.  [Schneier]
  • 12-11-2013: How Adobe’s messy password breach can spill to sites like diapers.com.  [Ars Technica]
  • 11-11-2013: Facebook warns users after Adobe breach.  [Krebs]  [Engadget]  [BBC News]
  • 11-11-2013: Adobe user data found online after hack.  [Stuff]
  • 07-11-2013: How to check if your Adobe account details were hacked.  [Gizmodo]  [Cynic]
  • 07-11-2013: Number of Adobe accounts hacked now up to 150 million.  [PetaPixel]
  • 06-11-2013: Adobe's security breach shows why two-factor authentication is the answer.  [ReadWriteWeb]
  • 06-11-2013: The worst passwords stolen in Adobe hack.  [Stuff]  [HardOCP]  [BBC News]
  • 04-11-2013: Anatomy of a password disaster - Adobe's giant-sized cryptographic blunder.  [Sophos]

NYT (2013)
  • 29-04-2013: Chinese cyber-spook crew back in business, say security watchers.  [The Register]
  • 13-03-2013: White House asks China to stop hacking, pretty please.  [Ars Technica]  [NYT]
  • 01-03-2013: Sinkholes reveal more Chinese-based business and piggybacking crims.  [The Register]
  • 28-02-2013: US hackers attacked military websites, says China's defence ministry.  [BBC News]  [ReadWriteWeb]  [HardOCP]  [Reuters]  [BGR]
  • 22-02-2013: Why we're not in a cyberwar with China.  [ReadWriteWeb]
  • 27-02-2013: Overseas hackers have been snatching more than 1TB of data per day.  [Gizmodo]  [The Verge]
    • PDF attached below: Mandiant_APT1_Report.pdf
    • ZIP attached below: Mandiant_APT1_Report_Appendix.zip
  • 21-02-2013: More on Chinese cyberattacks.  [Schneier]  [Mandiant]
  • 21-02-2013: How Anonymous accidentally helped expose two Chinese hackers.  [Ars Technica]
  • 20-02-2013: Security firm releases screen capture video of alleged Chinese military hackers at work.  [TNW]  [Gizmodo]
  • 20-02-2013: Is there nothing we can do to stop Chinese hackers?  [ReadWriteWeb]
  • 20-02-2013: US cyber attacks traced to Chinese army.  [Stuff]  [Wired]  [Gizmodo]  [Gizmodo]
  • 06-02-2013: Rupert Murdoch admits the WSJ is still being hacked.  [Gizmodo]  [TNW]
  • 04-02-2013: Add the DoE to list of agencies nailed by hackers.  [Gizmodo]  [Stuff]  [HardOCP]  [Reuters]
    • 05-02-2013: US DoE: which bright spark just hacked us?  [The Register]
  • 02-02-2013: Washington talks cybersecurity after Chinese attacks.  [Politico]
  • 01-02-2013: Eric Schmidt unloads on China in new book.  [WSJ]  [BBC News]  [The Register]
  • 01-02-2013: Washington Post also broadly infiltrated by Chinese hackers in 2012.  [Krebs]
  • 01-02-2013: Symantec: don't blame us for NYT hacks.  [The Register]
  • 01-02-2013: Chinese hacking of US media becoming a widespread phenomenon.  [Ars Technica]


Sony PSN (2011)

  • 25-01-2013: Sony fined £250,000 ($400,000) for 2011 PSN breach.  [THG]
  • 24-10-2012: Judge: Sony didn't promise "perfect security", isn't liable for PSN hack.  [Ars Technica]  [The Register]
  • 16-08-2012: Sony claims PSN attack is a hoax, not a hack.  [The Register]
  • 08-06-2011: Attacks on Sony, others show it's open hacking season.  [CNET]
  • 06-06-2011: A brief Sony password analysis.  [Troy Hunt]
  • 04-06-2011: Sony hacked for what seems to be the umpteenth time.  [WSJ ATD]
  • 02-06-2011: Sony hacked yet again, plaintext passwords, e-mails, DoB posted.  [Ars Technica]
  • 02-06-2011: PSN fully restored in US, Europe after hacker attack.  [CBS News]
  • 30-05-2011: Full PSN services, including PS Store, return this week.  [PS Blog]  [The Register]
  • 24-05-2011: Bringing great shame to their family: Sony hacked yet again.  [DailyTech]
  • 19-05-2011: Sony's Stringer calls hacker attack 'hiccup' in company's online strategy.  [Bloomberg]  [BBC News]
  • 17-05-2011: Sony defends response time to hacker breach.  [Reuters]
  • 17-05-2011: Sony execs: we're still investigating privacy breach, putting new security system in place.  [BGR]
  • 16-05-2011: PSN coming back online.  [Trusted Reviews]
  • 15-05-2011: Sony PSN back online, just not everywhere.  [PCMag]  [PCWorld]  [DailyTech]  [BGR]  [PC World]
  • 15-05-2011: PSN outage the worst outage ever?  [GottaBeMobile]
  • 15-05-2011: Sony network said to have been invaded by hackers using Amazon.com server.  [Bloomberg]
  • 14-05-2011: Sony's PSN is back up -- will anyone be back?  [WSJ ATD]
  • 14-05-2011: Sony slowly begins to bring PSN back online.  [WSJ ATD]
  • 14-05-2011: Sony yet to fully secure its networks.  [HardOCP]  [PHL17]
  • 13-05-2011: Interview with me about the Sony hack.  [Schneier]
  • 09-05-2011: Billion-dollar PSN outage may not e fully remedied until May 31.  [Ars Technica]
  • 09-05-2011: Sony may have headed off planned weekend attack.  [CNET News]
  • 08-05-2011: Sony's sorry saga snowballs.  [The Register]
  • 07-05-2011: Sony misses promised PSN Qriocity restoration date, begs for more patience.  [Engadget]
  • 06-05-2011: Sony breach could flood market with millions of cheap stolen credit cards.  [The Consumerist]
  • 06-05-2011: As Sony says it's turning a corner, talk of another attack looms.  [WSJ ATD]
  • 06-05-2011: Hackers claim they're about to have their way with Sony one more time.  [DailyTech]
  • 06-05-2011: Hacker group Anonymous denies Sony attack.  [BBC]
  • 05-05-2011: Sony CEO apologises for data breach.  [WSJ ATD]  [BGR]
  • 05-05-2011: Sony continues to slog from pit of shame.  [The Register]
  • 05-05-2011: Exclusive: third attack against Sony planned.  [CNET News]  [Gizmodo]
  • 05-05-2011: Anonymous members deny community was involved in Sony breach.  [DailyTech]
  • 05-05-2011: Anonymous claims it took no credit card numbers from Sony.  [WSJ ATD]
  • 05-05-2011: 'Anonymous' denies involvement in Sony cyberattacks.  [BGR]  [Wired]
  • 05-05-2011: Anonymous: Sony is incompetent (and we don't steal credit cards).  [Ars Technica]
  • 05-05-2011: Anonymous denies involvement in PSN credit card theft.  [GamesBeat]
  • 04-05-2011: Sony implicates Anonymous in attach; group denies involvement.  [WSJ ATD]
  • 04-05-2011: Security expert: Sony knew its software was obsolete months before PSN breach.  [The Consumerist]
  • 04-05-2011: Sony calls in data Sherlocks to unpick megahack disaster.  [The Register]
  • 04-05-2011: They knew for six days: PSN hack timeline.  [Kotaku]
  • 04-05-2011: Sony says "Anonymous" set stage for data theft.  [Reuters]  [Yahoo]
  • 04-05-2011: House hearing blasts Sony's "half-hearted, half-baked" hack response.  [Ars Technica]  [Kotaku]
  • 04-05-2011: Sony: Anonymous provided cover for PSN attack.  [Ars Technica]  [The Register]
  • 04-05-2011: Sony hack probe uncovers 'Anonymous' calling card.  [Wired]
  • 04-05-2011: Bombshell: Sony tells congress 77 million accounts were compromised, implicates Anonymouse.  [DailyTech]  [Engadget]
  • 03-05-2011: Sony says working with security firms on breach.  [Reuters]
  • 03-05-2011: Sony confirms SOE security breach, 25 million accounts compromised.  [BGR]
  • 02-05-2011: Sony suffered an additional security breach, 24M accounts compromised .  [AnandTech]
  • 02-05-2011: Sony says 25 million more accounts hacked.  [Yahoo]
  • 02-05-2011: Sony Online loses 12700 CC account numbers, 24.6 million accounts compromised.  [Joystiq]
  • 02-05-2011: Sony's been hacked again; Everquest and other games are offline.  [WSJ ATD]
  • 02-05-2011: Sony says PSN passwords had been put through crypto hash.  [Electronista]
  • 02-05-2011: Sony attacked again, 12700 non-US CC numbers feared stolen.  [Ars Technica]
  • 02-05-2011: Sony suffers another major security breach.  [BGR]
  • 02-05-2011: Sony to reboot PSN in new data center.  [DC Knowledge]
  • 01-05-2011: Sony gives more PSN attack details, details "Welcome Back" packages.  [Ars Technica]
  • 29-04-2011: FBI investigating PSN hack; Sony looking into compensating users.  [Ars Technica]
  • 28-04-2011: Sony: some PSN data encrypted, hardware moving to new location.  [Ars Technica]
  • 27-04-2011: Ars readers report credit card fraud, blame Sony.  [Ars Technica]
  • 27-04-2011: PlayStation Network hacked, data stolen: how badly is Sony hurt?  [Ars Technica]
  • 26-04-2011: Sony admits utter PSN failure: your personal data has been stolen.  [Ars Technica]
  • 25-04-2011: PSN update: Sony isn't sure your credit card data is safe.  [Ars Technica]
  • 25-04-2011: PSN down due to "external intrusion," no news on fix, credit card security.  [Ars Technica
  • 09-04-2011: Anonymous plans Sony boycott on April 16.  [PC Magazine]
  • 08-04-2011: Source: Anonymous attacks on Sony annoying, not much more.  [Ars Technica]
  • 07-04-2011: Anonymous suspends PSN attack.  [HardOCP]  [Joystiq]
  • 07-04-2011: Anonymous goes after Sony, makes it personal... very personal.  [Ars Technica]


RSA (2011)

  • 26-02-2013: What RSA learned from its security breach.  [WSJ]
  • 22-05-2012: RSA SecurID software token cloning: a new how-to.  [Ars Technica]
  • 29-03-2012: NSA's top spook blames China for RSA hack.   [The Register]
  • 28-02-2012: Hacking breach made us stronger says RSA.  [The Register]
  • 27-02-2012: Seven questions for RSA security head Art Coviello.  [WSJ ATD]
  • 17-02-2012: Dan Kaminsky on the RSA key vulnerability.  [BoingBoing]  [Dan Kaminsky]
  • 24-10-2011: Who else was hit by the RSA attackers?  [Krebs]  [Schneier]
  • 11-10-2011: RSA: nation state double-teamed on SecurID attack.  [ZDNet UK]  [Ars Technica]
  • 30-08-2011: Details of the RSA hack.  [Schneier]
  • 07-06-2011: Security 'tokens' take hit.  [WSJ]
  • 06-06-2011: RSA finally comes clean: SecurID is compromised.  [Ars Technica]
  • 28-05-2011: Lockheed Martin confirms it came under attack.  [WSJ ATD]  [Schneier]
    • 28-05-2011: Lockheed says thwarted "tenacious" cyber attack.  [Reuters]
    • 28-05-2011: Report: major weapons makers see networks breached by hackers.  [CNET]
    • 29-05-2011: US defence firm Lockheed Martin hit by cyber attack.  [BBC News]
    • 29-05-2011: RSA SecurID hackers may have accessed Lockheed Martin trade secrets, cafeteria menus.  [Engadget]
    • 29-05-2011: Lockeed Martin confirms it came under attack.  [CNET]
    • 07-06-2011: RSA offers new SecurIDs in the wake of Lockheed Martin cyber attack.  [DailyTech]
    • 07-06-2011: RSA admits SecurID tokens have been compromised, leaves big companies unprotected.  [ExtremeTech]
    • 07-06-2011: RSA agrees to replace security tokens after admitting compromise.  [Wired]
    • 09-06-2011: Read the NSA's advice on coping with the SecurID attacks.  [WSJ ATD]
    • 10-06-2011: RSA appoints security officer amidst blistering criticism.  [The Register]
  • 04-04-2011: RSA explains how attackers breached its systems.  [The Register]
  • 03-04-2011: The RSA hack: how they did it.  [HardOCP]  [NYT]
  • 24-03-2011: RSA won't talk?  Assume SecurID is broken.  [The Register]
  • 21-03-2011: RSA Security, Inc hacked.  [Schneier]

HBGary (2011)

  • 20-04-2011: HBGary's open letter: full of denials that don't hold water.  [Ars Technica]
  • 05-04-2011: 'Paranoia meter' is HBGary's plot to find the Pentagon's next WikiLeaker.  [WSJ ATD]
  • 22-03-2011: Anonymouse and ex-Anonymous hackers wage a war of identification.  [Forbes]
  • 18-03-2011: Inside Anonymous' secret war room.  [Gizmodo]  [Gawker]
  • 17-03-2011: Congress asks to review DoD and NSA contracts with HBGary.  [Wired]
  • 17-03-2011: HBGary's nemesis is a 16 year-old schoolgirl.  [The Register]  [Forbes]
  • 01-03-2011: Democrats push for Congressional investigation of HBGary Federal.  [Ars Technica]
  • 01-03-2011: HBGary Federal CEO resigns over Anonymous hack.  [The Register]
  • 28-02-2011: Anonymous vs HBGary.  [Schneier]
  • 25-02-2011: HBGary and the future of the IT security industry.  [Schneier]  [Threat Post]
  • 25-02-2011: Anonymous vs HBGary: the aftermath.  [Ars Technica]
  • 20-02-2011: Sock-puppets and HBGary.  [The Register]
    • The HBGary email that should concern us all.  [Daily Kos]
  • 19-02-2011: Black ops: how HBGary wrote backdoors for the government.  [Ars Technica]
  • 16-02-2011: Anonymous speaks: the inside story of the HBGary attack.  [Ars Technica]
  • 15-02-2011: Spy games: inside the convoluted plot to bring down WikiLeaks.  [Ars Technica]
  • 10-02-2011: How one man tracked down Anonymous -- and paid a heavy price.  [Ars Technica]
Ċ
Robert Larsen,
7 Dec 2014, 13:11
ċ
Mandiant_APT1_Report_Appendix.zip
(1311k)
Robert Larsen,
7 Dec 2014, 13:11