Macs again prove vulnerable to malware as a new variant of the OSX/Imuler Trojan targets supporters of the Dalai Lama. Pdfs were among the attack vectors. An Egyptian hacker releases personal information apparently from stolen Adobe files; Adobe is investigating. Skype warns that hackers can hijack accounts knowing just a user's email address. Cloudflare and Facebook users are currently being phished.
Anonymous attacked the Organization for Security and Co-operation in Europe (OSCE) last week in retaliation for allegedly slack OSCE monitoring of Ukrainian elections. No attribution yet in the cyber espionage campaign being waged against Israel and the Palestinian Authority. Attribution continues to be one of the thornier problems surrounding cyber war. US Defense Secretary Panetta claims the US has solid attribution capabilities, but Russian cyber expert Kaspersky thinks not.
Microsoft issued its November patches yesterday: four remote code execution vulnerabilities are rated "critical."
Researchers say bring-your-own-device (BYOD) practices and unstructured data constitute major enterprise vulnerabilities. Other research indicates that DDoS attacks are as poorly mitigated as they are common.
The cyber labor market in the US's Washington-Baltimore corridor becomes "fratricide on the Parkway" as government and industry compete hard for the same scarce talent. Lockheed Martin wins an $800M Defense cyber range contract.
Lockheed continues to warn of supply chain vulnerability, and NIST releases an IT supply chain risk assessment guide.
China pressures foreign companies to assist with Internet surveillance and censorship. The major lesson of the Petraeus imbroglio seems to involve privacy: email accounts people thought were anonymous...aren't.