Hacktivists target media and government Websites in Syria, Saudi Arabia, and Venezuela. Forbes describes its response and recovery from last week's attack by the Syrian Electronic Army.
The circle of victims mired in an IE10 zero-day exploit—a watering-hole campaign now known as "Snowman" and widely believed to be a Chinese operation—continues to ripple outward. Snowman's principal targets appear to be US and French military and aerospace organizations. Security experts compete to give advice on staying out of watering holes.
Crowdfunding platform Kickstarter has been hacked, as unknown attackers make off with usernames, email addresses, phone numbers and passwords. The passwords are encrypted, but of course passwords can be guessed, so users are advised to change them immediately.
The Linksys vulnerability currently being exploited by "TheMoon" worm is a Home Network Administration Protocol (HNAP) bug. Linksys has a firmware patch in the works.
Russian cybergangs, evidently undeterred by risks like those on display in recent looting of Silk Road 2.0's Bitcoins, are moving to virtual currencies—only "n00bs" says the Register, use actual money any more.
2000 credentials of British retailer Tesco's customers are compromised, apparently through cross-referencing with other sites—a lesson not only in the risks of reusing credentials, but on the problems with passwords generally.
Password issues are driving both M&A and R&D. Google acquires SlickLogin for its acoustic authentication technology. ZSS-Research proposes "geographic" passwords as an easy-to-remember but hard-to-guess alternative to legacy approaches.
Iranian hacking of the US Navy may be worse than hitherto believed.