An unusual feature of recent denial-of-service attacks on gaming sites has been their abuse of the Network Time Protocol (NTP). Similar in effect to DNS-amplification attacks, successfully executed NTP attacks may herald a shift in hacker tactics toward this formerly seldom-used technique.
Consumers continue to feel the effects of Target's payment card breach. Financial institutions work to soften the blow, and other retailers upgrade their point-of-sale systems.
A motive for the Yahoo! malvertising campaign may have emerged: BitCoin mining. A different malvertising attack has hit South Africa, as visitors to the Mail and Guardian site are redirected to a server in the Netherlands, and thence into the hands of criminals.
IntelCrawler identifies a new class of botnet spying on smartphone users. "XXXX.apk" illicitly gathers location information and (perhaps) details on connections to home networks. Other researchers find smartphone personal banking apps "leaky."
Ransomware spoofs a warning from New Zealand police and demands payment in Ukash.
The SnapChat leak turns out to have been inadequately redacted by the professed white hats who published it. Other researchers find they can extract a surprising amount of information (those working on anonymization, take note).
Researchers find, and Siemens fixes, zero-days in Siemens switches.
Defense intellectuals turn their attention to cyber conflict and the prospects of deterrence.
The US President is thought likely to adopt his surveillance review panel's recommendations on curbing surveillance of allied leaders. EU suspicions of economic espionage rise.
The Australian teenager who discovered Victoria's Metlink vulnerability was rewarded with police attention.