Anonymous commemorated Guy Fawkes yesterday with a wave of attacks on firms and agencies worldwide. The hacktivists' claims are still being sorted out, but Symantec, VMWare, Telecom Italia, and the UK Ministry of Defense appear to be among the victims.
Co-located virtual machines are found vulnerable to a side-channel attack that steals crypto keys. More VMWare ESX source code is leaked online. North Carolina State researchers find an Android smishing (phishing via SMS) vulnerability. Malware targeting Android (and, surprisingly, Nokia's practically abandoned Symbian OS) becomes more prevalent.
More commentary on belated disclosures of compromises: Coca Cola and Chesapeake Energy concealed successful hacks from investors (apparently at law enforcement's request). Oddly, companies are surprised that laid-off employees would steal data as they're shown the door. The US elections today prompt observers to warn about cyber voting fraud and various election-related phishing capers (and other observers sensibly point out that voting fraud is as old as voting).
Mozilla's Firefox will henceforth enforce HTTPS more stringently. Sophos warns of a vulnerability in its security software and plans to issue a patch later this month.
Australia bucks global trends toward increased BYOD adoption. Canada's Communications Security Establishment says "Made in Canada" is no panacea for network security. A surprising entry into the cyber marketplace occurs in Maryland as armored car company Dunbar announces its expansion into cyber security services. Virtualization and cloud migration feature in IT cost-cutting case studies.
US cyber policy moves closer to public-private collaboration. Germany revives its controversial Internet monitoring effort.