The US Administration may be backing away from punitive strikes against the Syrian regime, but cyber-rioting, some state-sponsored, some whose inspiration and control are less clear, continues. It's mostly low-grade vandalism on both sides of the Syrian civil war. (One target is NASA, whose sites are defaced by anti-NSA messages; one wonders how much of the cyber odium the space agency attracts is due to it's being a four-letter agency just one letter removed from a three-letter agency.)
Tomorrow, of course, is the anniversary of the 9/11 attacks. opIsrael calls for Islamist cyber strikes against Israel (and others); enterprises everywhere would do well to be on their toes.
Websense reports "low-volume, high-payoff" attacks on financial services in Asia, particularly in the UAE, Pakistan, and Nepal.
Hackers are making more use of PHP SuperGlobal variables to compromise their targets, and security experts recommend blocking SuperGlobal parameters in requests. A web-based, DNS-amplification denial-of-service attack mode has been seen in the wild. (Malware commodification continues: this DDoS tool is offered on the black market for only $800.)
It's Patch Tuesday: watch for Office, Windows, and SharePoint fixes later in the day.
If you're interested in hacker culture, read "Topiary's" post-conviction reflections on his career.
FireEye has set terms for its $186M IPO. Active defense proponent CrowdStrike raises $30M in Series B funding. Icahn abandons his play for Dell. Google announces plans for comprehensive end-to-end encryption.
The US Review Group on Intelligence and Communications Technologies begins meetings on surveillance policy and solicits public input.