An FBI report that "foreign hackers" (and for "foreign hackers" most observers are reading "Russian intelligence services") last month penetrated two US state election databases contributes to worries about election hacking. The affected states appear to be Illinois and Arizona. The SQL injection attacks used commonly available, off-the-shelf tools: SQLMap, DIRBuster, and Acunetix.
Offering some useful perspective, Motherboard points out that state election databases have not only been hacked before, but the information they contain is often made readily available by state officials themselves. Besides, the number of records taken was relatively small—about 200,000 in Illinois. What's troubling is not the breach itself, but the foreign involvement (and the foreign interest), the context provided by other hacks of political parties and campaigns, and the fears of data manipulation the incidents stoke.
The Trident zero-day affair raises similar questions. As Haaretz asks about the jailbreaking attempt against an Emirati dissident's iPhone, if a security service can do that, what's to stop them from electronically framing people for crimes? (Which seems to have already occurred in Turkey.) So too with manipulation of election data.
ISIS and al Qaeda internal discontents may be affecting jihadist information operations capabilities.
St. Jude Medical strongly disputes the pacemaker vulnerabilities disclosed in the course of short-selling by Muddy Waters Capital and MedSec. The device manufacturer says the exploits as described aren't possible.
The RIPPER ATM malware FireEye found in Thailand may use a rogue EVM chip.
Level 3 researchers describe the risk of IoT-based DDoS campaigns.