Iranian hacktivists deface Oregon's Amity and Sutherlin municipal Websites.
Webroot reports finding a currently active malicious campaign that uses compromised legitimate websites to serve malware disguised as bogus "browser updates." The campaign appears centered in Russia.
Current malicious activity suggests the difficulty of building an effective cyber arms control regime. Lawful intercept tools have long circulated outside their intended market, and cyber weapons built by governments have also begun to appear in significant numbers on the black market. Note, for example, analysts' take on the traffic in zero-days. See too legitimate product announcements: how difficult is it to turn a parental control like mSpy to malign purpose?
Siemens patches an authentication bypass flaw in its SINAMICS S/G ICS software. Services victimized by the Pony botnet's theft of credentials reset passwords. Patch Tuesday arrives next week, and Microsoft is expected to issue a large number of fixes.
A SecurityWeek op-ed sees a shift in enterprise network security away from prevention and toward detection. Big data technology faces unresolved encryption and anonymization challenges.
In industry news, the combination of business and technical skill that makes a good CISO proves scarce. Vistronix buys Kimmich Software Systems, and Box acquires dLoop.
Venezuela tries with limited success to crack down on black-market currency trading (President Maduro cries "economic war" as citizens dump the Bolivar), blocking Internet sites that report prevailing rates.
Russian authorities will prosecute "Paunch" for the Blackhole exploit kit. Microsoft and European authorities take down the ZeroAccess botnet (but expect it to return).