The Voice of America confirms analyst reports that the Aramco attack was the work of amateurs sponsored by Iran. The US Deputy Assistant Secretary of Defense for Cyber Policy says details of the attack were declassified to educate industry on the magnitude of the cyber threat. The ongoing DDoS campaign by the Cyber Fighters of Izz ad-din Al Qassam (also apparently the work of state-directed hacktivists) holds lessons for small and medium businesses; banks in particular are advised to improve security. Elsewhere in the Middle East, Israeli police disconnect their systems from civilian networks in response to intelligence of an imminent malware attack.
AVG releases a report on new ways cybercriminals monetize exploits, and the Russian cyber gangster who organized this month's banking wire fraud campaign posts a video boasting of his untouchability.
Researchers at Stanford and the University of Texas find SSL vulnerabilities in non-browser packages. Delta's e-ticketing is exploited to deliver malware. Dark Reading wonders why small and medium businesses still run Telnet (and advises them to stop). Finfisher and Loofzon, originally developed for legitimate intercept purposes, continue to morph into malware.
Adobe Shockwave and CyanogenMod are patched. SAP's Sybase also gets a patch, but this one fails to close ten critical vulnerabilities.
Signature-based anti-virus products show disappointing results. Canadian policymakers continue to grapple with critical infrastructure vulnerabilities. The US and India continue to negotiate common cyber interests. Some industry observers find US Congressional suspicion of Huawei quixotic; others implicate the telecom company in tech transfer to Iran.