FireEye researchers discover a watering hole campaign exploiting vulnerabilities in Microsoft Internet Explorer versions 9 and 10. No user interaction is required: visiting a compromised site triggers a drive-by download attack. Microsoft urged users late yesterday to upgrade to Internet Explorer version 11. The locus of the attacks is the domain belonging to the US veterans' organization, the Veterans of Foreign Wars. (Note: this is not, as some reports have it, a US military organization, but rather a large, non-governmental veterans' association.)
FireEye believes the campaign is linked to two earlier attacks, Deputy Dog and Ephemeral Hydra, both of which have been tentatively attributed to Chinese actors.
CERT Polska warns that home routers have been exploited to compromise bank accounts. SANS independently reports that a worm, "TheMoon," is infecting some vulnerable LinkSys routers. The purpose and attribution of this exploit remains unclear, but SANS advises updating router firmware. (Coincidentally, ASUS releases firmware updates that close five vulnerabilities in three of its router models.)
The Syrian Electronic Army hits another major media outlet, defacing Forbes' Twitter account. Forbes' writers who have their own Twitter feeds were also affected, suggesting a deeper vulnerability in Forbes' social media.
As NIST looks ahead to the first revisions of its just-published cyber security standards (the revisions will address privacy issues) observers consider the standards' implications for health care IT.
The "Day the Internet Fought Back" apparently fizzled.
Edward Snowden reportedly inveigled an NSA employee to share credentials with him, thus facilitating access to classified material.