The AXA Loyaltybuild cyber crimewave (Ireland's the epicenter, but it's spread through Europe) now affects some 500,000 consumers.
Facebook works to keep itself free of collateral damage from the Adobe attack, and (predictably) spoofed Facebook password-reset emails are serving malware.
In the US, coverage of Healthcare.gov's rollout has concentrated on what might be called the network's self-jamming features. But reports now appear of potential security and privacy issues in the system. (Paradoxically Healthcare.gov seems to be suffering an unusually low level of cyber attacks, although disclosure is, as always and everywhere, spotty and unsystematic.)
CryptoLocker vector Upatre seems to be filling Blackhole's vacated niche in the criminal ecosystem. In more evidence that every feature of legitimate markets eventually appears in criminal markets, CryptoLocker's masters stand up a customer support site.
Other criminals combine Zeus and Sinowal Trojans in a suite designed to evade defensive software.
Complex systems exhibit complex vulnerabilities: see BIOS attacks and attack surfaces presented by the small, usually overlooked operating systems contolling parts of smartphones.
Complex IT procurement rules remain an unsolved problem for governments. Attack intelligence sharing remains an unsolved problem for everyone.
CIO tells us which "hot security start-ups to watch." Cisco's bad quarterly results prompt serious reflection on headwinds government surveillance has apparently imposed on US companies. Customers may shift to Chinese firms, but absent better supply-chain security, this hardly seems a promising solution.
The North American power-grid cyber exercise continues. Walking Shark 2 concludes, and preliminary reactions to the UK financial wargame appear.