Symantec
Six weeks of Anonymous theatrics around Symantec's 2006 source code, stolen from a third-party regulatory review in India and dumped after a failed ransom negotiation. The third-party-material-handling problem reframed.
The FBI conference call
A week ago Anonymous-aligned operators posted a recording of an 18-minute FBI/Met Police conference call about ongoing Anonymous prosecutions. Not a sophisticated attack — a procedural failure in routine collaboration infrastructure.
Megaupload
Three days after the Megaupload takedown and one day after the largest coordinated Anonymous DDoS that has yet been run against US law-enforcement infrastructure. The political theatre of the takedown — and the consequence for cloud-storage customers.
Stratfor
Christmas Eve was spent watching the Stratfor compromise develop in real time, which is not how I had planned to spend the weekend. The same five technical errors keep recurring; this is what 2011 has actually been.
LulzSec
Fifty days after the Fox.com leak, LulzSec announced their disbanding via Twitter. Writing the campaign down now while it is still fresh — the operational tempo, the targets, and what it does to the cost-of-breach calculus.
Sony PSN
Just over two weeks since the PlayStation Network went dark. Seventy-seven million PSN accounts plus another twenty-four million Sony Online Entertainment accounts disclosed. The communications-failure pattern that runs across every breach response.
HBGary Federal
There is no part of the HBGary Federal hack that should have worked. SQL injection on a custom CMS, unsalted MD5, password reuse into Google Apps administration, and an unsalted social-engineering message to a sysadmin at rootkit.com.
Operation Tunisia
Sixteen days after Ben Ali fled. The Tunisian Internet Agency's HTTP login-page injection, the Greasemonkey userscript that countered it, Facebook's forced-HTTPS push, and what comes next as Egypt enters its third day of internet blackout.
Anonymous, Operation Payback, and the new political-DDoS
Anonymous-affiliated DDoS attacks against organisations responding to WikiLeaks have produced substantial operational disruption. The political-DDoS category continues evolving.