Russia's cyber isolation of the Crimean battlespace continues even as kinetic operations slow, and cyber ops are now reported to extend to disruption of political communications in the Ukrainian capital. Russia claims that pro-Moscow militias operating in Crimea are not under Russian control, and so one should expect to see initial stages of a broader cyber offensive against Ukrainian infrastructure conducted beneath the fig leaf of a patriotic hacktivist cyber-riot.
Western observers speculate on the range of cyber responses available should governments (the US, UK, and Germany are most often mentioned) elect to oppose the Russian adventure actively—whatever decisions may be taken, none of the options are as easy as they appear. Russia seems vulnerable to manipulation of certain key markets, and those might offer scope for a cyber counter-campaign.
Since cyber operations are first cousin to information operations, a look at charges and countercharges is instructive—the US Embassy in Moscow "sets the record straight" in a particularly direct and useful communication. Security analysts look for signs of Uroburos malware deployed in support of Russian actions.
Red Hat announces discovery of a critical crypto-bug, "GnuTLS," that could render Red Hat, Ubuntu, and Debian Linux distributions vulnerable to eavesdropping.
Researchers demonstrate a "triple handshake" man-in-the-middle attack against sites and apps running TLS. The approach exploits vulnerabilities in session resumption and client authentication during renegotiation.
Bitcoin bank Poloniex joins Flexcoin and Mt. Gox among cybercrime victims.
In these last days of Windows XP, F-Secure warns that a zero-day is "inevitable."