Operation Aurora is the name given to an attack that involved many large companies.  The attack was first announced by Google on January 12, 2010 in a blog post.  I am most interested in how these breaches were accomplished and have gathered details from the URLs listed at the end of this post.

• Employee visited malicious URL (Unknown how URL was delivered)

• Malicious site exploited an 0day in Internet Explorer (http://osvdb.org/61697)

• Among other things it dropped a backdoor that used SSL to secure connection

http://googleblog.blogspot.com/2010/01/new-approach-to-china.html

http://www.wired.com/threatlevel/2010/01/operation-aurora/

http://en.wikipedia.org/wiki/Operation_Aurora