Conflicts in Ukraine and Gaza turn, sadly, from cyber to kinetic phases, with much attendant loss and sorrow. We'll continue to monitor them, of course, for their reverberations in cyberspace.
Sino-American cyber tension continues unabated, as the US reiterates warnings that some Chinese actors — probably state-directed — are targeting smaller US agencies. Attribution is, as always, a challenge, and a UN report suggests a partial explanation for why this is so: many governments make heavy use of private companies for surveillance. Some of these organizations have also served as cyber mercenaries operating on behalf of corporations themselves, with competitors' intellectual property and operations as targets. China's leaders use the BRIC summit in Brazil to denounce American "one-sided" special pleading over international norms in cyberspace.
Ransomware remains a matter of concern, despite the (probably temporary) crippling of Cryptolocker. Lookout Mobile Security warns of the emergence of ScarePakage, which locks infected Android devices, displays a bogus FBI warning, and demands a $300 ransom.
Zscaler finds a more general problem with the Android ecosystem: its apps tend to ask for too many "intrusive" permissions. Trend Micro calls attention to another problem: there are about a million bogus apps targeting Android devices.
vBulletin discloses and patches an SQL injection vulnerability.
eBay acknowledges a business significant hit from the attack it sustained this spring.
Dell encryption and InstallShield crashes appear to be unintended side effects of Microsoft's July patches.
Gartner mulls the possibility of FireEye becoming a takeover target. IBM negotiates purchase of Aorata for $200M.