Symantec reports finding Chinese-developed ransomlock malware that changes Windows login credentials. F-Secure discovers a new feature in some low-grade Android malware: SMTP connection.
The Ramnit Trojan continues to affect Steam gamers, and a guest post at the Internet Storm Center outlines how "your browser knows all your secrets." This week's problems with Tumblr turn out not to have been due to an attack after all: it was an internal software issue, now fixed.
The US FBI cries io triumphe over Anonymous and Anonymous cries bull#%t back. Both cries have some truth, but since Anonymous has for some time seemed capable of little more than cybervandalism of relatively soft targets (apologies to Mole Valley, Surrey), the FBI probably has the stronger case.
Akamai offers perspective on DDoS as misdirection.
The Daily Caller runs a piece worth reading post-Quantum Dawn (and post Icahn Apple tweets) on how hackers could disrupt financial markets. Cyber business risks prompt a small but significant rush for cyber insurance.
PCI 3.0 standards seek to drive improved security, but many observers see little more than cover for card brands.
More NSA surveillance revelations arouse Congressional discomfort and international reaction. Such reaction is particularly strong in Brazil (after the UK's detention of Miranda) and Germany (where it's become an election issue, and also prompted the government to warn that Windows 8 might contain NSA backdoors). Some non-Congressional observers think NSA's groping through a tough challenge with basic good intent. The Director of National Intelligence has launched a transparency blog.