The New York Times and other victims of this week's Syrian Electronic Army (SEA) attack restore service. Analysts draw some lessons from the phishing-enabled campaign: choose domain registrars carefully (although nota bene: MelbourneIT has a strong security reputation), use registry locks (they helped soften the blow to Twitter), and don't neglect either DNSSEC or domain monitoring.
FireEye reminds us that the SEA has also hit international communications websites True Caller and Viber as well as media outlets. Other Internet brands (especially banks) are at risk of similar attack.
Krebs and Motherboard believe they've fingered some members of the SEA, which the SEA (whoever they are) denies. And at least one hacktivist, possibly American, has been working against the SEA to disrupt the Assad regime's infrastructure.
The Syrian civil war, amid its grief and tragedy, offers an object lesson in asymmetric warfare, a lesson likely to grow sharper should US-led punitive combat materialize over the next few weeks. Assad has considerable support in Iran and (to a lesser extent) Russia, both of which are capable of augmenting his regime's offensive cyber capabilities.
Several interesting exploits circulate in the wild. One affords another example of malware evolution: Kehilos is using legitimate blacklisting services to vet potential bots.
ITWorld declares secure email dead, but a great spike in Tor usage shows that demand for private, anonymous, and secure online communication remains unsatisfied.
French prosecutors open an investigation of PRISM. The US Secret Service traces recent high-profile retail POS crimes to an overseas cybergang.