In news of international cyber conflict, F-Secure continues to track the NanHaiShu Trojan, implicated in collecting against China’s opponents in the dispute over rights to the South China Sea.
Recorded Future adds to the accumulation of circumstantial evidence pointing to Cozy Bear and Fancy Bear as the actors behind the Democratic National Committee hack and related operations against political networks. Cozy and Fancy Bear are closely tied, respectively, to Russia’s FSB and GRU. There’s much dudgeon in the US over foreign attempts to influence November’s elections.
Critics charge that this involves disingenuous reading of US intelligence operations, with NSA watcher James Bamford charging in a Reuters op-ed that the US is “the only country ever to launch an actual cyberwar,” a contention that would probably be disputed in Estonia, Georgia, and Ukraine, to name three places. (Bamford is of course referring to Stuxnet’s use against Iranian uranium separation centrifuges.)
ISIS works to assert itself over Boko Haram’s leadership in Nigeria. Time magazine publishes a shortform guide to terrorist groups vying for jihadi mindshare.
Researchers describe an exploit they’re calling “HEIST” (“HTTP Encrypted Information can be Stolen Through TCP-Windows”). An attack (demonstrated as a proof-of-concept but not yet, insofar as is known, encountered in the wild) doesn’t require a man-in-the-middle position to execute.
A new Android RAT hits users in China and Japan. Panda Banker is observed in Brazil.
In industry news, two sector leaders, FireEye and Fortinet, are said to respond to poor results with layoffs (FireEye’s announced, Fortinet’s rumored).