Someone claiming to support ISIS (they call themselves the "CyberCaliphate," with a handle and a natty checkered shemagh that earlier appeared on compromised sites in Salisbury, Maryland, and Albuquerque, New Mexico) yesterday hacked social media accounts belonging to US Central Command (CENTCOM — based in Tampa but responsible for military operations in the Middle East).
CENTCOM, embarrassed, calls it "cybervandalism" and stresses that no operational systems or networks were compromised. Documents the hackers published purporting to be classified weren't: they seem simply gleaned from elsewhere on the Internet. The FBI's investigating, as it is earlier CypherCaliphate coup-counting against small market media sites.
Observers doubt ISIS directed the incident, but the hack exemplifies how movements ebb and flow, gathering and shedding casual and committed adherents in social media. Other observers note lessons: reduce attack surfaces and use two-factor authentication.
If you like to track Kim Jong Un's doings on North Korea's official news site, caveat inquirer: it's a watering hole with malware droppers disguised as retro Flash updaters.
Dell SecureWorks reports finding "Skeleton Key," malware that bypasses Active Directory and evades IDS detection.
Android malware morphs to affect Kindle's Fire OS (an Android fork).
ZeroFox describes a new catphish: Olga Redmon, meet Robin Sage.
Long-standing worries about the Internet-of-things take concrete shape in keylogging USB-chargers, banking Trojans on SCADA networks, home routers compromised for DDoS, and dodgy infusion pumps.
Boeing exits commercial cyber, optioning Narus licenses and reverse engineers to Symantec.
The Charlie Hebdo massacres prompt authorities to call for more surveillance.