The "Dark Seoul" attack on banks and media in South Korea was severe. Although by consensus "less sophisticated" than denial-of-service attacks by the Izz ad-Din al-Qassam Cyber Fighters against US banks (not themselves markedly sophisticated) Dark Seoul destroyed data and devices. Attribution remains unclear, but despite finding Chinese fingerprints in the attacks, analysts are shifting their suspicions back to North Korea.
Trend Micro and Sophos talk about how they detected and contained the attack. The relatively simple logic bomb evaded signature-based firewalls and anti-virus software to target a familiar Internet Explorer vulnerability. Security officers should draw at least two lessons: signature-based defenses are increasingly susceptible to bypass, and known vulnerabilities should be closed.
The US Department of Homeland Security warns of a newly discovered vulnerability in Siemens industrial control systems. It also warns of DHS-themed ransomware.
The TeamViewer spyware found in European networks seems directed against activists in Eastern Europe and the former Soviet republics. Toronto's TD Bank suffers a denial-of-service attack similar to those US banks sustained earlier this year.
Weaknesses in the UK's 123.Reg enabled some 300 incidents of domain theft last year.
Australian medical practices receive advice on cyber insurance. NASA's IG thinks the agency's IT security redundancies are too costly, but NASA tightens them anyway in the wake of insider breaches.
The US House of Representatives hears expert testimony that only serious deterrence can be expected to quell cyber attacks. The House also heard that Iran is a bigger cyber threat than either Russia or China.