RSA Security finds a large VPN service catering to Chinese APT actors. RSA calls the service "Terracotta" and claims that, while it runs some legitimate services, hacked Windows servers constitute most of its network. Deep Panda is said to be a customer.
The Etowah County Sherriff becomes the latest Mississippi basin victim of a Middle Eastern hacktivist. Kurdish hacker MuhmadEmad, known for anti-ISIS activities, goes after his northeastern Alabama target in an apparent protest against Turkish airstrikes against the Kurdish Peshmerga. (Etowah's Sherriff of course has nothing to do with any air campaign; he's simply a poorly protected target of opportunity.)
Anonymous downs several Taiwanese government websites because they object to a revised Kuomintang-sponsored high school curriculum Anonymous sees as wrongly emphasizing Taiwanese identity.
The recently upgraded RIG exploit kit is reported to have scored at least a million and a half infestations. SpiderLabs takes a look at RIG's architecture.
Community networking platform dubizzle, widely used in the Middle East, suffers a breach. Users are advised to protect themselves.
A Mac zero-day, effective against fully patched instances of OS X, is being actively exploited in the wild. The privilege-escalation bug derives from error-logging features recently added to OS X 10.10.
Those worried about transportation hacking can add electronic skateboards to the list of proven targets.
Yahoo finds and removes malvertising from its network. The malicious ads (discovered by Malwarebytes) had been active for nearly a week.
Observers wonder why big defense contractors exit cyber markets.
German suspends bloggers' treason inquiry.