The Russian cyber mob that impersonated FinCERT now has a name, "Buhtrap," and a tally sheet: thirteen banks hit since August, with their biggest single take being 600 million rubles ($8.65 million). Other banking threats remain active. Carbanak is back, and Dridex is, too.
Various outlets say that FireEye has given the Indian government a report detailing extensive cyber espionage campaigns by actors based in Pakistan. Whether state-run (or inspired), hacktivist or criminal, or some mix of all of these is unclear from media reports. The campaign is said to involve distribution of Seedor malware through email attachments. The targets are reported to be Indian military and government personnel as well as Pakistani dissidents.
Stagefright may prove realistically exploitable, according to NorthBit, which describes a proof-of-concept attack the security company says could readily work in the wild. Google closed Stagefright in response to Zimperium research, but unpatched devices remain vulnerable.
AceDeceiver may affect non-jailbroken iPhones, but Wired puts the issue into perspective with a quotation from security researcher Jonathan Zdziarski. “In its current form, this isn’t dangerous except to the exceptionally stupid.”
Rowhammer, another vulnerability from the past, may also be riskier than long thought. Third I/O research suggests that bitflipping might indeed work against dual in-line memory modules.
Ready availability of cheap Steam stealers drives a long-running uptick in Steam gaming account hijacking.
Observers think the FBI is more worried about precedent than a single iPhone's contents in the dispute with Apple.