Some familiar threats resurface in new forms or places. BlackEnergy, says ICS-CERT, is exploiting a patched Siemens SIMATIC WinCC flaw. Blue Coat exposes the workings of Inception (and suggests there's a good chance the APT is the work of a "medium-sized nation-state"). Kaspersky revisits the related, and recently active, RedOctober espionage campaign.
Sony remains as much in the news as ever, and not in a good way. While probably not "unprecedented," the attack it sustained seems to have been quite difficult to parry. Attribution's still up in the air, but the US Department of Justice is working through its investigation and toward indictments. Observers continue to speculate about the cost of the attack ($100M?). Some of that damage will be hard-to-quantify reputational loss (one lesson we might all draw is to restrain the amount of acid wit we put into our emails — cyberspace isn't the Algonquin Roundtable). Sony has begun trying to stop downloads of leaked movies.
Several new vulnerabilities are disclosed, as is some potentially suspicious reconnaissance of D-Link devices.
Readers of Cylance's report on Operation Cleaver continue to worry about Iran turning off their lights. State-conducted offensive cyber operations remain a matter of concern (and the US Department of Justice seems to be playing a long game of deterrent lawfare in the Sony case, whether or not the attack came from North Korea). Bloomberg BusinessWeek calls out Russia for a 2008 cyber attack that enabled kinetic effects on Turkish pipelines.
In industry news, Belden's buying Tripwire for $710M.