Red October's masters appear to be shutting down their infrastructure. Command-and-control servers are coming down; Kaspersky thinks they're coming down for good.
Iran's cyber agency FETA again denies that country's involvement in denial-of-service campaigns against US banks. FETA's head claims his organization has traced the attacks to Britain and Italy. Elsewhere in the Middle East observers of the Syrian civil war begin to think Russia is supporting the Assad regime with cyber attacks against the opposition.
Australia sustains a minor cyber crime wave, affecting mostly universities and advocacy groups. One attack, however, is a useful reminder that even small enterprises can be targets: a baby-care advice site is a victim.
More Java exploits surface, including parasitic attacks that deliver malware in the form of fake Java patches. Security analysts argue that deactivating Java should be an enterprise's default position. Others offer advice on disentangling Java from related software tools.
Another large healthcare IT breach, this one affecting 6000 Utah Medicaid patients, is traced to a lost, unsecured USB device. New remote-access Trojans (RATs) cloak their traffic in apparently innocent headers. Password cracking tools rapidly increase in speed and power.
Huawei reiterates its contention that US Government security concerns are a fig leaf for protectionism. Google invests in cryptographic alternatives to passwords.
If you missed last week's story on the model employee who outsourced his development work to China, IT World has a follow-up. (The fellow's known only as "Bob." The story would be perfect if his surname were "Dobbs.")