Symantec reports that the Republic of Korea's manufacturing sector is under heavy attack by a threat actor using the backdoor Trojan Duuzer. The campaign's goal appears to be intellectual property theft, and its controllers use quite a bit of stick-and-rudder in their command and control practices. They also show considerable familiarity with defenses.
Symantec also warns of another campaign, "Chikdos," that's been infecting MySQL servers and using them in large-scale distributed denial-of-service attacks.
New breaches are disclosed. The free web hosting service 000webhost has sustained a breach of a database on its main server. Optimal Payments, a British mobile payment firm, is investigating reports that some customers' data have been compromised and exposed online. Also in the UK, energy company British Gas warns 2200 customers that their passwords may have been stolen.
Analysts estimate the damage from the TalkTalk breach. While the company's claims that the incident wasn't as bad as feared gain some traction, the damage seems far from negligible.
In industry news, Intel Security sells off some of its product lines as it repositions itself in the market. HP will split, as planned, this Sunday.
Observers react to the passage of CISA in the US. Where they stand depends largely on whether their concerns are on risks to privacy (thumbs down) or on the possibility that more information sharing will restore advantages to the defenders (thumbs up).
Breach lawsuits increasing frequency suggest that if industry can't set cyber standards of care, the plaintiff's bar will fill the void.