The next salvo in the anti-US-banking campaign has apparently been fired: Capital One reports a denial-of-service attack, and Iran's Izz ad-Din al-Qassam Cyber Fighters claims responsibility.
Apache warns of critical configuration problems in its popular open-source CloudStack platform. A Stanford student demonstrates an HTML5 phishing exploit. Apple's fingerprint software is found to expose Windows passwords. A Japanese phone directory project exposes large amounts of personal data. Microsoft reports two threat trends: exploitation of key generators and malware designed to attack supply chains.
Anonymous apparently opens a campaign against the Estonian government, but attribution and even recognition of cyber attacks are notoriously difficult—was Ireland's Google outage a hack or a bug? (This may give pause to defense intellectuals constructing deterrent theories of offensive cyber capability.)
Possible US budget sequestration continues to trouble industry, and major integrators like Raytheon look to hedge with cyber. BAE and EADS will not merge—German objections were decisive. Microsoft announces a major shift in strategic direction away from software and toward devices and services. Cisco cuts ties with China's ZTE over dealings with Iran. Security analysts generally find warnings about ZTE and Huawei plausible, but the companies (and their government) vigorously deny espionage charges.
Stories exemplify three academic trends: online connections among students and potential employers, strong cyber curricula at community colleges, and the growth of executive master's programs with a cyber emphasis.
Businesses fear a cyber executive order will impose a checklist-security regime. The Philippines' Justice Department issues an unusual call for cyber vigilantism.