The Guardian investigates the Syrian Electronic Army (SEA). The UK newspaper, itself a victim of SEA Twitter account hijacking, reports the SEA is directed by the Assad regime, that it works to disrupt Syrian rebels' online activities, and that it both spreads the regime's "alternative narrative" of the civil war and punishes media outlets that won't. The SEA is said to operate principally from "secret locations" in Dubai, covered by Rami Makhlouf's business operations.
Twitter says the SEA's recent account hacks were accomplished through social engineering, and warns media companies to expect more.
Effects of the LivingSocial breach continue to expand, courtesy of careless password sharing and reuse. Banks in particular regard the breach as a threat to customers' security.
British bank Ramnit undergoes an attack Trusteer describes as sophisticated—HTML injection carefully crafted to mimic legitimate webpages with unusual plausibility.
Gaming software site SourceForge continues to be spoofed by sites that deliver crimeware payloads.
A firmware backdoor is found in D-Link and Vivotek IP cameras. Malicious pdfs are on the rise, and McAfee finds a vulnerability in Adobe Reader. Authorities in Mecklenburg Vorpommern decide it's easier to replace infected computers than clean them of the Conficker worm.
Peripherals are increasingly exploited in denial-of-service attacks. Tools to execute such attacks have become a staple of the crimeware black market. There are some indications that market is adopting Bitcoin as a difficult-to-trace currency.
Australia plans to upgrade cyber defenses. Mozilla tells Gamma International to cease and desist spoofing Firefox with FinSpy.