Bangladeshi hacktivists continue their cyber riot against India.
A new Mac Trojan, "OSX/Leverage.A" (or "Leverage," for short) is installing backdoors and downloading the Syrian Electronic Army (SEA) logo. An app disguised as a picture, the Trojan's mode of transmission remains unclear, but it's appearing in "highly targeted" exploits. Attribution is also unclear—the SEA told Softpedia it's "not associated" with the attacks.
Microsoft, responding to reports of targeted attacks exploiting an IE vulnerability, issues a warning and workarounds.
Symantec reports its identification of a Chinese hacking crew, "Hidden Lynx," which appears to be either an organization of the Chinese government or a contractor that works exclusively for that government. They're associated with both Aurora and the Bit9 certificate hack; their preferred tools are the Moudoor backdoor Trojan (a tailored version of Gh0stRAT) and Naid (used against high-value targets). Hidden Lynx is most active in industrial espionage and there makes substantial use of waterhole attacks. There's some evidence they may be running some fraud operations on the side.
Other Chinese hackers, the patriotic hacktivists of "Honker Union," mark the 82nd anniversary of the Kwantung Army's invasion of Manchuria (September 19, 1931) by preparing a cyber riot against Japanese targets.
In industry news, the long-feared (and not unreasonably feared) post-Snowden international reaction against US IT firms has yet to materialize. Mandiant expands into Europe. Banks are called upon to help businesses by sharing DDoS data.
Brazil's president cancels a US state visit as Brazil seeks to disconnect its Internet from the US.