Malware coders respond to advances in automated detection with what observers call a "low-tech" approach—their malicious packages wait for human input (like a mouse-click) before executing. This latest trend succeeds previous approaches that relied on sheer volume, obfuscation, or detection of virtual machines.
Iran's CERT says (with righteous dudgeon) that it's discovered a new targeted malware campaign, but Sophos for one is unimpressed: the code is primitive, easily thwarted, and not apparently targeted at anyone at all. Wired runs a summary of the ways in which Russian surveillance technology continues to dominate domestic collection in former Soviet republics.
Al Qaeda's networks continue to suffer from a crippling attack: they've been impaired for the last couple of weeks. India reveals details of a July exploit that exploited 10,000 official email addresses. Excel-based Sudoku proves infected with a form of malware spread by macros, and researchers wonder why such a retro approach has resurfaced.
Threatpost offers an interesting look at the crimeware black market and the ways in which its structure mirrors that of legitimate businesses. In that black market a new exploit kit—"Sweet Orange"—seems poised to surpass Blackhole as the sector leader.
In the US, Defense budget austerity inches closer to reality, and Secretary Panetta tells Department employees not to worry about unpaid furloughs—yet. The US Army's DCGS/Palantir controversy heats up as senior generals are rolled out to defend investment in DCGS. Observers see the Benghazi consulate attack as auguring a boom in private security contracts.