Saudi security officials have confirmed that the Kingdom has been hit by the MuddyWaters espionage campaign described last week by Palo Alto Networks. There is no attribution, yet.
North Korea, exploiting its (rare) diplomatic relationship with India, has used Indian infrastructure for money-making cybercrime on behalf of Pyongyang. The DPRK's Lazarus Group is changing its tactics, concentrating on mobile targets. A purge of DPRK intelligence is also in progress.
Cryptocurrencies continue to draw hackers and frauds. Tether, a company offering US-dollar-backed cryptocoin, said that it had been looted of more than $30 million. It's working on recovery. And Confido, a start-up Ethereum platform offering blockchain-based payment and shipment tracking services, disappeared after collecting $375 thousand in an Initial Coin Offering.
Lonely business leaders, Kaspersky says, are increasingly susceptible to catphishing, whispering corporate secrets to fictitious personae pitching online woo. (CISOs: add dating sites to your risk calculi.)
Rewards points accounts are increasingly attractive to Russian hackers, who cash them in for "five-star holidays." (Britons appear to be the most-looted rewards-points accumulators.)
Malicious flashlight apps for Android devices served banking malware from Google Play.
Only three non-shopping days until Black Friday. RiskIQ Says about one in twenty-five Black Friday shopping apps for sale in various "official app stores" are malicious. But consumers are undeterred, with few signs of caution or restraint on the horizon this week. They also appear largely indifferent to the creepy potential for exploitation connected toys offer.
Amazon is offering a new, secure cloud service for intelligence agencies.