Anonymous hacktivists claim another attack on North Korean Websites. They also announce the beginning of "OpPetrol," a campaign directed initially against the Saudi government but promised to affect a total of twelve countries. OpPetrol appears to have yielded a few Saudi email login credentials, but not much else. Its instigators are exercised over the pricing of oil in dollars as opposed to a "Muslim" currency. Elsewhere in the hacktivist underworld a "jihadi Geek Squad" works to deliver effective crypto to al Qaeda.
Microsoft warns against the Febipos Trojan, first observed in Brazil, that exploits Chrome and Firefox to hijack Facebook profiles. Researchers at Rutgers University discover another threat to Facebook, this one exploiting expired Hotmail accounts.
The US military's reliance on international hardware—notably telecommunications equipment and semiconductors—is said to pose an unacceptably high supply chain risk, both in terms of embedded threats and issues of wartime availability. Huawei again denies engaging in cyber espionage.
The cyber underground economy continues to evolve along lines that parallel legitimate consumer e-commerce. Denial-of-service tools may be purchased via PayPal, and zero-day exploits are freely advertised (the US Government is said to be the largest purchaser of zero-days).
New York State announces formation of a cyber security advisory council; its members include Good Harbor's Richard Clark and CrowdStrike's Shawn Henry. USA Today sees a strong flow of venture capital into cyber start-ups.
Information on last week's ATM bank robbery indictments continues to appear. Observers agree the crime was enabled by weak endpoint security.