Indonesian hacktivists claim responsibility for attacks on Australian sites. The Indonesian government gives that nation's telcos a week to inspect their records for evidence that they were complicit in alleged electronic surveillance by Australian intelligence.
Other Indonesian and Malaysian hacktivists deface Chinese government sites with unclear motives (ethnic resentments may be in play).
Former US DCI Michael Hayden says the Syrian Electronic Army is effectively a tool of Iran. (And a Syrian defector who hacked their servers before he departed the country says officers of Syria's Mukhabarat spend much of their workday surfing not-safe-for-work sites.)
Spam spoofing an AV vendor patch notification carries a Zeus payload. A Trojan recently discovered targeting SAP client apps seems partially based on Carberp code. Another old threat—Conficker—is still making its rounds.
Social engineers are probing bank call centers. New malicious spam impersonating WhatsApp carry a malicious payload that pulls infected machines into a botnet. McAfee detects new efforts to circumvent Android digital signature app validation.
CryptoLocker continues its malign spread, with over 12,000 new victims this week. High turnover in command-and-control servers helps it thrive: it rarely uses a server for more than a week.
Prolexic warns of rising distributed reflection denial-of-service attacks.
Increased military use of COTS technology prompts fresh concerns over supply chain cyber security.
The cyber insurance subsector's tentative growth is inhibited mainly by scanty threat data—more sharing is needed.
Pakistan's military says it has new software that renders its installations hack-proof (observers are reluctantly moved to skepticism).