Singapore's presidential site suffered search function abuse, not defacement, Trend Micro reports.
Ecuador's telecommunications minister claims an unknown but "first-world" country attempted to sabotage this past February's presidential elections.
At least two hacker groups exploit the Microsoft Office TIFF vulnerability. (Mitigations are available, but there's no fix ready for Patch Tuesday.)
Nginix ("a lightweight Apache alternative") access and error logs default to world-readable—change this during installation, and in general be aware (and beware) of default settings in any product or system. Note also what independent researcher Paul McMillan reports he found after crawling the IPv4 address space: all manner of industrial control and supply chain systems are exposed to the Internet without so much as a password to protect them.
Effects of the recent Adobe hack appear to be spreading, as is an unrelated malicious iframe campaign first spotted in India back in May. In the US, Healthcare.gov has more issues than are easily summarized, but HHS can rest easier on at least one of them: Kaspersky reports the targeted denial-of-service tool found this week is unlikely to work.
Gartner warns cyber attack jitters lead enterprises to depart from proven risk-based security tactics. Cyber defenses remain over-reliant on expensive engineering labor.
Two big cyber drills are scheduled for next week: the British financial sector will be tested on Tuesday, the North American power grid on Wednesday.
Fear of surveillance leads to fears of market headwinds for British and US tech companies.
Researchers get to work on TrueCrypt and Gotcha authentication.