Four of the five US banks threatened by the Izz ad-Din al-Qassam Cyber Fighters experienced minor disruptions, but on the whole the promised offensive has so far proved a fizzle.
A familiar Windows scam migrates to Macs in the form of VKMusic 4 for Mac, an SMS fraud Trojan. Older versions of Joomla and WordPress are hit by IFrame injection attacks.
In California, Medi-Cal admits it inadvertently posted 14,000 Social Security numbers online last month. Darwinare, the still-at-large hacker who broke into the Australian Defence Force Academy with an SQL injection attack, is back online piously boasting of how shockingly easy his caper was.
Two criminal economy developments are worth noting. "Project Blitzkrieg," the online job board recruiting hackers for financial fraud, appears to be for real, and to be having some success scouting talent. And the Citadel Trojan kit is being withdrawn from many underground markets—its controllers are restricting sales to their "circle of trust."
Dell and FireEye conclude a strategic partnership as FireEye launches a "Certified Service Provider" sales channel. In-Q-Tel, the CIA's venture capital unit, invests in Tyfone, a mobile cloud security start-up. Raytheon, building up its encryption capabilities, buys SafeNet's Government Solutions unit.
Government Security News ponders hacking back, and wonders if "playground justice" has a future in cyberspace. The US National Institute of Standards and Technology invites feedback on its proposed rectification of information security names: contact them by January 15 to comment on their new comprehensive glossary. The EU commits to "digital freedom."