US Secretary of Homeland Security Napolitano warns that US financial institutions are under sustained cyber attack. Iran denies involvement, and observers note the continuing difficulty of attribution. (The FBI is working on improved attribution techniques.)
South Carolina's data breach yields lessons in cyber security. Stolen credentials and spotty encryption were of course problems, but one lesson is the danger of communication failures between information security professionals and the executives they work for.
A new version of the Nuclear exploit kit takes black-market share from long-dominant Blackhole. Cyber gangs use hacker fora to recruit criminal talent. Security researchers name operators who permit open resolvers on their networks, thereby facilitating amplified denial-of-service attacks.
Cisco warns of a remote command execution vulnerability in Cisco Prime Data Center Network Manager. Java, patched or unpatched, continues to render systems vulnerable to compromise.
The deep packet inspection market is expected to reach $2B by 2016. We've heard much talk of NSA's interest in big data, but how big, exactly, does NSA think its data will get? A yottabyte, equivalent, says an analyst, to nine billion years of Blu-Ray movies. US agencies and companies continue to struggle with a tight cyber labor market—the talent is tough to vet.
Huawei seeks a rapprochement with its industry critics as the Chinese government continues to deny US espionage charges. Russia clamps down on its Internet and accuses the US of cyber-saber-rattling. Hacking back is a much-discussed defensive strategy, but anyone thinking of doing it should consult a lawyer first.