The US White House continues to remediate the recent intrusion into an Executive Office of the President unclassified network — "suppressing abnormal behavior," is how reports describe the remediation. Network outages, the White House says, were the result of remediation, not hacking. Officials remain coy about attribution, but with much rumbling about "state-sponsorship." (Observers use the event as an opportunity to note that breach detection is at least as important as perimeter defense.)
South Sudan's official accusations that Huawei was engaged in malicious activity on some of their networks continue to receive attention. Other reports suggest that Sony Xperia phones are collecting user data and reporting them to servers located in China. India's concerns about the security of Xiaomi phones are compounded by a Taiwanese researcher's claims that Xiaomi servers are vulnerable to a recently discovered zero-day.
The US Department of Homeland Security amplifies warnings of malware targeting industrial control systems: apparently GE and Siemens systems (unsurprisingly, given their market share) are in the attackers' crosshairs.
As feared, Brazilian criminals have begun to hit US banks with bogus chip-and-PIN transactions.
Criminal carders are using a new, automated platform — "Voxis" — to monetize their haul by sending stolen charges to gateway processors.
CSO has a useful Drupal roundup. Dark Reading says patching seems unable to keep up with Shellshock exploits.
As banks push law firms to improve their cyber security, retailers increase cyber attack information sharing (and woof at credit unions over data breaches).
NIST releases SP800-150 (Cyber Threat Information Sharing) for comment.