The "stoner(s)" who went after US DCI Brennan's personal email account (and some others), and call themselves "Cracka[s] with Attitude," cloak themselves with more pro-Palestinian slacktivism. This move seems as much a mark of hubris (or dawning defensiveness) as commitment. In any case they say they've got more documents to release. Opinion about those released so far remains mixed: some data dumped strike observers as real, some as bogus, some as undetermined. But the FBI is investigating, and things seem unlikely to end well for the Cracka. In the meantime we receive a vivid object lesson in the risks associated with third-party social engineering.
The Neutrino exploit kit infests thousands of Magneto-created websites, threatening databases via Flash exploitation.
British online retailers sustain a distributed denial-of-service campaign. The attackers are seeking to extort ransom, payable in Bitcoin, from their victims.
Researchers find signs that the taken-down Dridex botnet may be reforming. Fox-IT draws a lesson about attribution: it's valuable because criminals behind botnets and exploit kits are often connected, and so rolling up the right gangs can solve multiple problems.
Oracle issues its critical patches for October.
Marsh LLC notes a surge in cyber insurance, and a study by Zurich and Advisen concludes that IT departments continue to dominate cyber risk management. These findings suggest that actuarial data gaps and problems in risk communication persist. A new company, PivotPoint, tells MarketWatch it addresses both issues.
In other industry news, Cytegic and illusive networks [sic] both announce new funding. Raytheon buys Foreground.