2. Estonia attacked via DDoS
Russian hackers were blamed for a politically motivated cyberattack on Estonian infrastructure. Comprised of nearly 130 unique DDoS attacks on Estonian websites, the attacks are believed to have been launched by Russians angry that Estonia's prime minister wanted to relocate a war memorial.
3. A Monster(.com) of an attack
Tens of thousands of users of Monster.com had their info stolen by a multi-layered attack on the website. Cyberattackers used credentials to access the site, then spread a trojan to capture data that was used to deliver spear phishing emails to job seekers, requesting financial details.
4. The Italian Job
Cyberattackers thought locally, using the MPACK web exploit toolkit, when creating a large-scale trojan attack that affected nearly 10,000 web pages. Called the Italian Job, because most of the pages were hosted in Italy, the trojan downloaded a keylogger designed to steal banking data.
5. Disabled firewall allows attack
Attackers infiltrated a server at the University of Colorado, Boulder, and exposed the personal information of 45,000 students. IT officials said the attackers were looking to use targeted PCs as part of a botnet, not purge sensitive information. The attack may have been stopped if a network firewall was enabled.
TOP 3 MOST IMPORTANT M&A'S:
1. Cisco acquires IronPort, US$830 million
The networking giant picks up a leading spam and spyware defense provider. The acquisition represents a paradigm shift that would resonate throughout the year. Securing the data has become the top-of-mind priority.
2. IBM buys Watchfire, undisclosed
Big Blue strikes another key security deal. The purchase of Watchfire not only extends IBM's governance and risk management strategy to include quality and compliance testing, but it also validates the application security sector.
3. Symantec buys Vontu, US$350 million
A number of data-leak prevention (DLP) providers fell into the hands of general security players. DLP solutions have become one of the hottest new technologies as businesses place greater focus on defending against the insider threat.
TOP 5 SAVVY CRIMINALS:
1. “Spam King” Robert Soloway faces 35 charges, including email fraud, identity theft and money laundering.
2. Leo Kuvayev, aka BadCow, a Russian/American spammer believed to be behind numerous phishing and mule-recruiting sites hosted on botnets.
3. James Brewer is accused of infecting over 10,000 computers with viruses.
4. Li Jun and three other 20-somethings stand accused of writing the notorious virus “Xiongmao Shaoxiang,” causing damage to millions of computer users.
5. Ervin Patrick Somba was arrested in Kenya for allegedly using the identities of 300 individuals to file false tax returns.
See original article on SC Magazine US
Roundup 2007: The year's top fives
By Staff Writers on Dec 21, 2007 11:43AM
TOP 5 CYBERATTACKS:
1. The Storm Worm
What began as an email-spawned trojan attack using fake news stories to lure victims became the most widespread cyber-assault in recent memory. Still replicating, and exploiting a number of patched vulnerabilities, the botnet-fueled, socially engineered attack may make next year's list as well.
Got a news tip for our journalists? Share it with us anonymously here.