Several claims of zero-day vulnerabilities cropped up over the past week: a Chrome hole (Google doesn't believe it, and the researcher won't talk until he demos his exploit at an upcoming New Delhi conference), a Yahoo! Mail exploit (for sale on the black market), and SCADA vulnerabilities in systems by Siemens, GE, Kaskad, ABB/Rockwell, Eaton and Schneider Electric.
The US continues to deny charges of cyber espionage against the Elysee Palace, and some expert observers lend credence to the denial.
Symantec reports a database exploit is loose in the Middle East; Iranian security authorities call it old news. Other small hacks and scams surface; they amount to fresh warnings to use caution online. One is worth calling out: PASSTEAL malware is circulating in file-sharing sites where it masquerades as a key generator for paid applications.
The South Carolina breach looks more serious: attackers had at least two months' "unfettered access" to the state's tax system. US banks are warned to expect fallout from the 3.3 million bank accounts compromised in the exploit.
Huawei's reputation in the US Government as a security risk opens a market opportunity for other firms: Nokia and Siemens prepare a joint push for US Federal business. Various countries friendly to the US look to American companies to provide cyber expertise.
Lesser-known US universities—the University of Tulsa being exhibit A—become major sources of Federal cyber talent.
Australia's Defence Signals Directorate gives businesses advice on BYOD policy. Greek and British hackers face trial for cyber crimes.