Release of alleged information on US FBI and Department of Homeland Security personnel continues. The pro-Palestinian hacktivist-who-prefers-to-remain anonymous still remains anonymous for now, but a screen name worthy of Carlos Danger augurs his eventual betrayal by a libido ostentandi.
SecureList has an account of AdWind, a complex, cross-platform backdoor currently afflicting banks in Singapore and elsewhere. Also known as "AlienSpy," it's being sold openly as a subscription service in Internet black markets.
The "Poseidon Group," Brazilian in origin and speaking both Portuguese and English, presents what observers see as a novel twist on extortion. Operating as an APT group, they prospect vulnerable enterprises for sensitive data, approach their victim ("in well-dressed suits," notes Dark Reading, emphasizing Poseidon's white-collar self-presentation), point out their security issues, and urge the victim to hire them for security services. Victims who balk find that (1) their data move over to Poseidon's "market forecasting" business, which sells sensitive information, and (2) that Poseidon, having established persistence in the network, is in no hurry to leave.
In patch news, Avast fixes issues Google discovered with Avast's SafeZone browser security tool. Oracle closes some Java vulnerabilities to DLL hijacking, and Apple updates iOS 9.
A depressed equities market drags down share prices, and cyber stocks suffer along with the rest. Digital Shadows attracts $14M in Series B funding. Infoblox buys IID (for talent and data) and Kingston acquires encrypted flash-drive shop IronKey.
In the US, Wassenaar renegotiation gains Congressional support. NSA's reorganization continues apace. Congress deliberates encryption (deliberately).