HP acknowledges finding a backdoor in its StoreVirtual products. A patch is coming by July 17.
Microsoft notes that a privilege escalation vulnerability patched Tuesday is being exploited in the wild. Many hint a Google researcher's disclosure of the vulnerability was more helpful to attackers than defenders. Kaspersky dissects exploitation of a patched IE vulnerability.
Naked Security explains the implications of the Android Master Key vulnerability.
SANS reports an apparent compromise of a .nl registrar. (Compare Dark Reading's security animadversions concerning coming generic top-level domains.
Amid the many reports of sophisticated cyber crime "masterminds," "ninjas," and so on, it's good to be reminded (h/t CIO) that cyber criminals (like most other criminals) are more often boneheads than geniuses.
Governments and international organizations continue to take stock of their cyber threat posture. Both NATO and the UK express guarded concern. Facebook's Mark Zuckerberg advises the rest of us that privacy is an obsolete norm (and Venezuela's Prison Minister advises people to avoid surveillance by getting off Facebook).
Analysts claim threats lurking in hardware are the coming big problem, a matter one thinks might surface at the current Sino-American cyber talks. These conversations have been marked by a determination to remain trading partners even as the parties swap accusations of theft (from the US) and spying (from China).
Japan's cyber agencies face a challenge that's becoming widespread—a need to deskill high-end cyber jobs.
Russian defectors offer perspective on what Snowden's been undergoing in Moscow, and why it matters for US security.