Iran's cyber warfare director has been shot dead. As of this writing Iranian authorities have neither announced suspects nor called the shooting an assassination (which it manifestly is).
Hacktivists strike targets in India, Israel, Slovakia, and Canada. Palestinian-sympathizing AnonGhost claims the last three acts of cyber vandalism, but the attack on Canadian sites is an apparently motiveless outlier—the targets are baseball-related and the defacements carry no political message.
Django is vulnerable to compromise of session cookies, but there are no plans to patch the hole. Webroot offers interesting observations on the "vertical integration" of a criminal DDOS-for-hire-service operating in a "vibrant" corner of the black market. The ZeroAccess botnet remains highly profitable, with India accounting for a growing portion of its victims. Poor patching sustains WordPress vulnerabilities (as frustrated security experts preach patching to an apparently heedless choir).
US Intelligence Community leaders warn of the cyber dangers inherent in the current Government shutdown. DNI Clapper's confidence in the ability of financially pinched analysts to resist recruitment by hostile intelligence services is surprisingly shaky.
Insurers are urging their customers to adopt more sophistication cyber defenses. The financial sector similarly emphasizes the inadequacy of legacy, commodity antivirus and perimeter defenses. New EU penalties will soon render failure to secure enterprise networks costly.
Market analysts like Lockheed Martin's cyber capabilities. Northrop Grumman announces layoffs.
Triumfant reports that otherwise stealthy in-memory attacks betray their activity by creating processing delays.
Senatorial investigation of US surveillance policy raises allegations of geotracking and social network analysis.