Another Chinese unit, for now going by the nom de guerre "Putter Panda," has been fingered by researchers investigating cyber attacks on US and European defense and aerospace sectors. Crowdstrike associates Putter Panda with Unit 61486 of the People Liberation Army's (PLA's) Third General Staff Department, and says the cyber espionage crew has been operating since 2007. Five members of sister Unit 61398 were indicted in the US; official US response to this freshly identified unit is awaited. One interesting sidelight: a brochure for a yoga studio in Toulouse, France, appears to have been one of Putter Panda's more effective spyware vectors.
Sino-US relations remain vexed as an incipient trade war brews and China officially decries American "bellyaching."
The World Cup runneth over with phishing spam, cyber attacks on sponsors, and a social media boycott campaign. The final issue of this hacktivist and criminal activity remains in doubt, but Anonymous seems to have staked its reputation on delivering at the very least serious cyber nuisance.
RSA researchers find a modular ZeuS alternative for sale on the cyber black market.
A new exploit kit, RIG, is delivering CryptoWall ransomware in the wild.
A "red button" flaw exposes smart televisions to exploitation.
Worries about ATM security have recently focused on the machines' lingering dependence on Windows XP, but two teenagers find a simpler vulnerability hiding in plain sight: they were able to compromise Bank of Montreal ATMs after finding an operator's manual freely available online. (They're not crooks; they informed the bank.)