Trend Micro identifies 26 likely targets in the imminently expected Gozi-Prinimalka cyber bank fraud wave. Among the largest are Bank of America, Chase, and Citibank. (Gozi-Prinimalka is not directly connected with DDoS attacks by the Izz ad-Din al-Qassam Cyber Fighters, the other ongoing cyber campaign against US banks.)
MiniFlame continues to affect targets in Lebanon; researchers continue to investigate possible connections with Flame and Duqu. Santander is found to have stored its banking customer passwords in cookies. Hackers make an unsuccessful run at Israeli news outlet Haaretz. Falun Gong activists say Chinese university Shanghai Jiaotong was behind recent attacks on the US White House. US-Cert publishes a summary of major vulnerabilities.
Facebook has disabled reverse telephone number lookup for those users not equipped with two-factor authentication.
Cyber Security Month is the occasion for many trend reports: customers hold banks responsible for online security, small businesses underestimate the threat of hacking, merchants struggle to secure pay card transactions, and organizations seem willing to accept the risks of cloud-based email. Kaspersky warns that 2013 will see a major escalation of global cyber conflict.
India is training half-a-million cyber security experts, a program that will affect the cyber labor market worldwide. Kaspersky announces a major push into SCADA security—the company plans to introduce a secure SCADA OS.
US state governments appear likely to join the Federal government in regulating cyber security for critical infrastructure. The US Senate readies another attempt at cyber security legislation. Germany and Canada conclude a data protection agreement.