Industrial Safety and Security Source reports that people inside the US CIA told it, on deep background, that the data annihilation attack Iran reported last week was in fact a US-Israeli operation. No one else thinks this likely. Kaspersky has been unable to attribute the "Batchwiper/GrooveMonitor" attack to any agent, but neither it nor Symantec, AlienVault Labs, or SophosLabs believe it was the work of a nation-state.
The SpamSoldier Android Trojan has now been found in all major mobile networks. Symantec announces detection of new banking malware—Trojan.Stabuniq—in US banking systems. This Trojan appears to be collecting information from compromised systems in preparation for a major financial fraud campaign. Verizon denies it suffered a breach over the weekend, but the telecommunication company does say that a third-party marketing company (so far unnamed) may have leaked about 300,000 records.
The crimeware black market seems to have some new customers—national intelligence and security services. Some of the goods on offer appear to have originated, at least remotely if not proximately, within government agencies, and those agencies may be inclined to buy some of it back. This would obviously increase the difficulty of attack attribution.
Microsoft, Google, VMWare, and Oracle all release minor patches and upgrades to widely used products.
Organizations continue to lack BYOD policies, and employees continue to use their own devices. The trend is particularly notable in health care.
The US NSA's "Perfect Citizen" project is allegedly penetrating utility SCADA systems with a view to assessing their vulnerability.