BAE security researchers have warned that the thieves behind the $81 million cyber theft from the Bangladesh Bank probably also compromised SWIFT, the platform used internationally to manage financial transactions. SWIFT said yesterday it plans to issue a fix sometime today. BAE believes the attackers modified Alliance Access client software to modify a database that logged bank transactions, thereby covering the attackers’ tracks.
The controllers of GozNym, the “two-headed” Trojan IBM warned against earlier this month, have shifted focus from North America to Europe, targeting one Portuguese and several Polish banks.
A new strain of PowerShell-abusing malware is out. Trend Micro reports that “FAREIT” is spreading through spam emails (carried either in an attached Office document’s malicious macro or in a corrupted pdf) and is harvesting banking credentials.
Combat testing has revealed exploitable vulnerabilities in the US Army’s mobile tactical network. Fixes are promised.
The US is increasingly open about cyber operations against ISIS. Intrusion into and monitoring of jihadist networks has prepared the battlespace for effective spoofing and disruption of ISIS messaging.
Observers await word of what US and Russian officials are agreeing to in discussions of cyber warfare.
SecureWorks’ IPO last week is widely viewed as “lackluster.” Investors are looking for profit; they’re less likely to buy the story.
Many observers doubt the FBI’s “grey hat” explanation of how it accessed the San Bernardino jihadist’s iPhone.
The US Justice Department no longer needs Apple’s help unlocking an iPhone in a New York trial: someone gave them the passcode.