Iranian hackers continue their DDoS campaign against US banks: BB&T is the latest victim. MiniFlame, apparently a Western espionage tool (InformationWeek thinks it's a US "cyberweapon") was discovered by accident during an investigation of a Flame command-and-control server, which leads observers to wonder how much other espionage malware is out there. (Flame watches Middle Eastern targets, they observe. What's watching North Korea?)
Rapid7 discovers a zero-day information disclosure vulnerability in Novell ZENWorks. Microsoft finds Nitol botnet code in Chinese free malware sites. Researchers demonstrate that pacemakers can be hacked to deliver lethal shocks, and analysts agree that the state of medical device security is "not encouraging."
Adobe and Apple both issue security upgrades.
Gartner predicts the Big Data will drive $232B in IT spending through 2016. Cyber Security Hall of Famer Whitfield Diffie offers the contrarian opinion that a degree of crime is good for the Internet. (He also likens security to reliability: neither is likely to be built in from the bottom up.)
Recent official concern over cyber security should make stock markets bullish on cyber equities, but instead a soft European market and US budget uncertainty have dragged share prices lower. The White House appears to have cleared Huawei of espionage, but concerns about that company and ZTE persist.
Canada's Harper government announces plans to double cyber security spending. Northrop Grumman opens a cyber range in Australia. Australia considers mandating breach disclosure. The Netherlands debates new cyber crime legislation. Volokh conspiracy blawgers wrap up their discussion of active defense.