The zero-day PDF exploit found this week defeats Adobe Reader's sandbox protection. It's also priced at $50k on the black market, which analysts say puts it beyond the reach of anyone but wealthy nations and organizations. (Analysts are too optimistic: anyone who could afford, say, a Mustang GT500 or a Jazzercise franchise could buy the exploit.)
The Chinese government hacks Twitter accounts in advance of elections, but their activity is probably unrelated to Twitter's large password reset this week. Verizon researchers point out that data are most vulnerable during processing: data at rest and data in transit can be readily encrypted, not so data being processed.
Post mortems of the recently disclosed Coca Cola exploit reveal how well-intentioned corporate communications enabled more effective phishing. (Observers also note that US Securities and Exchange Commission rules mandating breach disclosure are too supple to be effective. Positive Technologies reports that Siemens control systems remain vulnerable to Stuxnet-like attack. Chevron reveals that Stuxnet also infected its systems.
Microsoft previews next week's Patch Tuesday: Windows 8 and Surface will both receive upgrades. Apple patches a critical flaw in QuickTime.
UNESCO warns that Internet censorship is rising. US Defense officials think Congress will avoid budget sequestration. Huawei says it's on the side of the angels, ready to help protect America against cyber espionage. Foxconn considers offshoring manufacturing to California and Texas.
Canada and the US agree to cross-border cyber cooperation. Australia abandons plans for comprehensive Internet controls. The US punishes Iranian Web censorship with more sanctions.