Hacktivists continue to push against Israeli assets to protest fighting in Gaza. A Turkish hacker makes his protest against a UN organization, hacking the subdomain of the United Nations Civil Society Participation.
Sucuri warns that vulnerabilities in the MailPoet WordPress plug-in are being massively exploited, and that sites running Joomla and Magneto are affected as well. Some 50,000 sites are said to be affected. MailPoet is the entry point, but the exploit can and has spread by cross contamination to sites that haven't enabled the plug-in.
Facebook scams grow more dangerous, and now lead to exploit kits. For example, the recent "Mom Makes $8,000/Month From Home" grift takes the unwary to a third-party site with an iframe for the Nuclear exploit kit. The visiting device is scanned, and then, when a vulnerability is found, the Ascesso Trojan is installed.
Canvas fingerprinting, the hard-to-block tracking technology discovered on pornographic and political sites, continues to draw scrutiny from security and privacy analysts.
Huawei's E355 modem is vulnerable, US-CERT reports, to cross-scripting attacks.
Hackers break into a European Central Bank database in an extortion attempt.
Daimler agrees: yes, cars are in principle vulnerable to cyber attack.
A study on the cyber-crime-as-a-service economy finds its impact very large, exceeding $400B in losses worldwide annually.
The EU mulls sanctions against Russia, working through (1) mistrust of US surveillance and (2) European dependence on Russian energy.
The US charges six for hacking StubHub. A Dutch court rules that country's intelligence services may receive NSA-collected bulk data.