Middle Eastern oil and gas companies continue to feel a cyber threat from Iran as that country allegedly kicks back against sanctions directed against its nuclear program. Iranian-connected Izz ad-Din al-Qassam Cyber Fighters continue their campaign against Western financial institutions: Ally Financial is the latest victim to report attacks. Finnish cyber company F-Secure accuses the US government of "hypocrisy" and threat inflation in its warnings of escalating state-sponsored cyber conflict.
Anonymous claims responsibility for an attack on HSBC. Researchers find thousands of popular Android apps expose users to man-in-the-middle attacks. TrustGo identifies a malicious Android app updater. Spammers show a newfound ability to spoof US government domains: GSA url-shorteners appear to be the source of the vulnerability. New Zealand's e-government initiatives are threatened by successful network intrusions and data breaches. The University of Michigan researchers warn that Maryland's online voter registration system is vulnerable to manipulation, but Maryland says it has the situation under control. Last week bogus British Airways e-tickets carried malware; this week KLM falls victim to a similar scam.
The FBI notes with concern the degree to which software designed for lawful intercept has found its way to criminals and hacktivists. Cyber security experts cast doubt upon the applicability of deterrence theory to cyber conflict. US Federal budget problems continue to worry security and IT firms; SIGNAL magazine advises small businesses on surviving sequestration.
Dark Reading discusses an overlooked source of cyber vulnerabilities: the IT policy exception. India and the EU increase their commitment to cyber law enforcement.