Ransomware concerns grow as this form of cybercrime becomes more vicious and widespread. F-Secure thinks the Reveton gang alone victimized 5 million people worldwide, with losses running above $800M. Norton declares India Asia-Pacific ransomware central, with an 8% rise in cost per victim over the past year. The figures are high enough to strain credibility, but clearly the problem is large and growing.
July's US Department of Energy data breach appears twice as large as originally reported: over 100,000 people were affected.
NETGEAR ReadyNAS storage is vulnerable to command injection attack. Troublesome Android ad network Vulna makes itself less troublesome (under pressure from FireEye). Malicious spam spoofing Xerox WorkCentre Pro messages has been seen in the wild.
Network Solutions reports more DNS issues and says it's working to overcome service interruptions.
Security researchers find application–layer denial–of–service attacks becoming more common.
Huawei's security evangelism receives scrutiny from the business press. One interesting note—the Chinese firm may use the US–UK special relationship to enter the US market via the UK.
Other industry and policy news centers on the tension between a security-driven desire for IT autarchy and a law-enforcement-driven desire for transnational cooperation. Where you come down seems to depend upon which you fear more: states or gangs. Thus Europe and the US find themselves at loggerheads over surveillance as experts call for closer information sharing, and US DNI Clapper deprecates Le Monde's sensationalism as US Representative Wolf seeks sensational punishment for Chinese cyberespionage.