Someone, Trend Micro reports, has established honeypots on gas gauge monitoring systems in seven countries. There's no obvious campaign in progress, beyond IoT probing. Those responsible are thought to be the Assad sock puppets of the Syrian Electronic Army, although Trend Micro acknowledges the possibility this being a false-flag operation, in which case the Mullah's sock puppets of the Iranian Dark Coders would be the leading suspects.
ICANN warns that an unknown "unauthorized person" has accessed its website's profile accounts.
A Chinese espionage group known as "TG-3390" or "Emissary Panda" has targeted at least fifty companies. Emissary Panda seems most interested in the aerospace sector, and has used watering holes and stolen credentials to accomplish its intrusions. Dell SecureWorks advises two-factor authentication as a defense against Emissary Panda's ministrations.
Recorded Future reports the availability in the wild of exploits for Android Stagefright vulnerabilities. Google takes these seriously enough to both patch the vulnerability and revise its patching policies. Analysts doubt, however, that monthly Nexus updates will do the trick for Android security.
Malvertising surges, with last week's Yahoo infestation suggesting that there are more Flash vulnerabilities out there. Observers complain that advertisers are doing a disservice by keeping Flash alive.
Onapsis notes three SAP pivots implicated in last year's USIS hack, probable ancestor of the OPM breach.
In industry news, Proofpoint buys the assets of Marble Security. Bulls slaver over story stocks.
NIST releases the SHA-3 crypto standard.
Experts continue to doubt the very possibility of a crypto golden key.