China opens a campaign against Mongolian agencies and organizations. Designed to satisfy curiosity about what a joint US-Mongolian military exercise ("Khaan Quest 2014") augurs for US relations with Mongolia, the campaign seeks (as the Register puts it) "to see who [China's] friends are". It's noteworthy that intelligence about the campaign was developed by crowd-sourced, collaborative ThreatConnect.
Cyber vandals hit and deface a web-hosting service in Argentina. Google's Malaysia site is the latest victim of a DNS attack. Metasploit pages were defaced via a spoofed fax order to its registrar.
Two IE vulnerabilities (both patched by Microsoft) are being actively and successfully exploited in the wild. Security analysts offer dissections of both.
Forbes publishes a rundown of the Bash tactic, how it succeeds, and what it means for Linux security.
Low-grade cyber criminals continue their petty monetization of botnets. The crooks responsible for the recent Adobe hack offer another opsec lesson: they were themselves careless enough to expose stolen source code on an unprotected server.
It's worth noting that cyber threats can function much the way traditional disinformation operations do. See last night's bogus press release that Samsung had acquired Fingerprint Cards, and the effect it had on the markets.
US budget issues bite BAE employees. Trend Micro buys Taiwan's Broadweb. Analysts have more to say about Cisco's security market play.
In the US Congress, Rep. Sensenbrenner introduces a bill to curb NSA surveillance. NSA defenders complain about tepid Administration support.
CIA says it flagged Snowden as a risk in 2009.