Russian security services are suspected of blocking opposition online publications, and of ongoing cyber espionage against Western financial institutions.
ISIS continues to threaten cyber attacks against Western institutions, although the only hack of any (albeit minor) note is the defacement of a Nashville music site with an "I-love-jihad" message. Sure, the Caliphate messaging's there (and offering minor corroboration of NSA Director Rogers's claim that ISIS information operations are "resonating with [some] Americans") but attributing such skiddish cyber vandalism to ISIS is a little like concluding a teenager wearing a Che t-shirt is a duly enlisted member of the Venceremos Brigade.
Speaking of skids, Indonesia's Gantengers Crew struts its mad skilz with some vandalism of Kenya's presidential website.
Incapsula reports discovering a "40,000-node botnet exploiting poorly-configured Ubiquiti routers." The botmasters, whom some observers characterize as an Anonymous faction, others as LizardSquad rivals, are apparently offering denial-of-service-for-hire. (In a separate story, HackRead publishes an interesting but depressing menu of cyber crime products and services available on the black market.) Other observers note that, whether Anonymous is legion or not, unsecured routers certainly seem to be.
CrowdStrike announced discovery of a buffer-overflow vulnerability affecting popular virtual machine platforms. The flaw in the open-source QEMU hypervisor, which CrowdStrike is calling "VENOM," could permit breakout from an exploited VM.
Patch Tuesday produced a large crop of Microsoft fixes as well as critical security updates from Mozilla and Adobe, so expect system administrators to be busy.
M&A stories (and one rumor) appear in industry news today.