BB&T and Fifth Third join PNC as victims of Iranian hackers' latest distributed denial-of-service campaign against US banks. Local reports suggest the disruptions may become wider yet. In South Asia, Bangladeshi hacktivists (and defacement specialists) of the "3xp1r3 Cyber Army" hit many Indian sites. Belgium's Federal Police Service suffers a similar but unrelated attack.
An elaborate online hoax attributed to anti-coal activists temporarily cost Australian mining company Whitehaven Coal $314M in market cap. A bogus "Facebook Security Team" is phishing for user credentials. Facebook's Employee Secure Transfer service is also found to be vulnerable to third-party password reset. Windows RT is successfully jailbroken, and Yahoo Mail has an XSS vulnerability that permits account hijacking.
Internet Explorer's recent zero-day exploit is more clearly tied to China's Elderwood, as Tibetan and Uighur autonomy advocates are targeted. Microsoft's patches, expected later today, will not address these vulnerabilities. The company continues to advise users to apply its recently defeated temporary fix pending a permanent solution.
The US Los Alamos National Laboratory, citing security concerns, has divested itself of hardware containing Chinese-manufactured switches.
Symantec says its PGP vulnerability actually amounts to very little. The Omnicell health care IT breach that recently affected the University of Michigan has spread to South Jersey Healthcare and Sentara Healthcare.
Northrop Grumman, SAIC, and ManTech all say they're pursuing the US Department of Homeland Security continuous monitoring contract. The US Secret Service says its use of QinetiQ North America's Cyveillance services poses no real privacy issues.