Researchers at ProtectWise think they discern a shift in Chinese cyber espionage. More spearphishing, a focus on IT staff in targeted enterprises, and collection of code-signing certificates: these are taken as signs of preparation for supply chain attacks.
Intel has confirmed that "Spectre-like" chip vulnerabilities reported by C'T are real. There are eight of them, and Intel is working on fixes.
Australia's Commonwealth Bank gets a black eye from its loss of about 20 million customers' records.
Incapsula and others warn of "Kitty," a cryptominer that specializes in Monero.
Amazon and Google have, as expected, put an end to domain fronting, a feature widely used by services like Open Whisper's Signal to evade Internet censorship. Google began the process some weeks ago (pointing out that domain fronting had been an accidental and not a supported feature of their content-delivery system). Amazon shut the option down this week, telling Open Whisper that their use of Amazon's CloudFront would be suspended immediately if Open Whisper's Signal continued to use third-party domains without their permission.
US Cyber Command today was officially elevated to Combatant Command Status, putting it on a par with major military organizations like US Strategic Command. General Paul Nakasone got his fourth star as he assumed command of Cyber Command and duties as Director, National Security Agency. Nakasone replaced Admiral Michael Rogers, who now enters retirement.
Hackers who don't like the US state of Georgia's proposed anti-hacking law have protested by (wait for it) hacking sites in the Peach State.