The latest round of attacks in South Asia cyberspace came to light at the end of last week as FireEye reported that hackers operating from Pakistan posed as journalists in a spearphishing campaign targeting Indian civil servants. The bait was purported news about their pay (referencing the Seventh Pay Commission); the payload was BreachRAT. The threat group is believed to have been active for several years in campaigns against the Indian government and Pakistani dissidents.
Continuing investigation of the Bangladesh Bank fraud suggests that the New York Federal Reserve Bank rejected thirty-five bogus transfer requests before releasing $81 million to the thieves. More observers are convinced that North Korea’s government is implicated in the theft.
Criminals are giving Android security a close look. Among other things, they’re looking at ways to exploit the UsageStatsManager API. And Github is serving as their collaborative R&D platform.
Russian IT security companies have developed monitoring apps that raise privacy concerns (but not within the Russian government).
The war against ISIS proceeds. Observers characterize US cyber operations against ISIS networks as obvious battlespace preparation. ISIS itself shows signs of autocannibalism as its leaders’ mutual mistrust grows.
In a gift to those who treasure anxiety, Carnegie-Mellon offers the ten riskiest emerging technologies: augmented reality, smart homes, enterprise 3D printing, networked dashboard telematics, smart medical devices, smart robots, smart sensors, commercial drones, driverless cars, and car communications.
Germany prepares to restrict BND surveillance. UK observers wonder if similar restriction of GCHQ are likely to have any effect.