Normal Middle Eastern and South Asian cyber rioting aside, the major international story as the week begins involves continuing exploitation of Internet Explorer vulnerabilities. One campaign in particular, "DeputyDog," is particularly active in Japan and China. It's apparently using some of the same hosting infrastructure that enabled February's attack on Bit9.
An iOS7 lockscreen flaw enables hackers to exploit stolen iPhones to make free phone calls (free to the crooks—the phones' legitimate owners are stuck with the tab). Germany's Chaos Computer Club claims to have defeated the iPhone 5s fingerprint sensor (reward pending other researchers' verification of the claim). Apple issues some fixes as it works on others.
The cyber criminal economy continues to advance in sophistication (market for infected botnets, DYI DoS) without giving up its low-end commodities (fake followers, adware). Australia has become an important transit point for cyber crime. "Chop-shop" electronics show the (severe) limitations of static approaches to supply-chain security like certification.
CSO runs a good brief account of what makes SCADA security particularly challenging. The US Energy Department announces contracts for grid security R&D.
In industry news, European insurers awaken to the cyber protection market. FireEye rang NASDAQ's opening bell Friday; its IPO beats expectations. BlackBerry announces disappointing earnings and major layoffs as a much-anticipated product launch is deferred. Huawei spurns US and expands in Europe.
The EU considers a common privacy law. The US Presidential surveillance panel is widely criticized (we think prematurely) as tame and supine. LinkedIn faces a class-action privacy lawsuit.