Debate continues over the recent American Enterprise Institute warning of Iranian cyber offensives against US interests.
"Unnamed US officials" are telling journalists that intrusion into US State Department and White House networks was "far more intrusive and worrisome than has been publicly acknowledged." The hack is generally believed to have been the work of the Russian security services, although the White House itself continues to resist this attribution. (Tripwire's Melacon, commenting on the episode, notes that, whoever was in the networks, once they're there and have established persistence, it's tough to evict them.)
SourceDNA warns (via Ars Technica) that some 25,000 iOS apps are vulnerable to man-in-the-middle attacks. The vulnerability affects apps using any version of AFNetworking earlier than version 2.5.3.
Parties unknown are making a run at SIGAINT, a darknet service designed to provide journalists with private email. At least seventy bad Tor exit nodes have been established.
Open-source Wi-Fi security program wpa_supplicant is discovered to suffer from a buffer overflow vulnerability.
Websense employees are being phished in the wake of their company's acquisition by Raytheon. The poor usage and weak syntax will fool few of them, but the campaign is a good reminder of what bogus email looks like.
"Operation Green Rights" hacktivists, who claim Anonymous affiliation, disrupt the Thirty Meter Telescope website. The hacktivists don't want them building on Hawai'i's Mauna Kea.
The cyber sector continues to struggle with estimating data-breach financial losses.
BAE prepares to divest itself of units offering services to the US Intelligence Community.