A commercially available tool is found to enable cybercriminals to automatically register Tumblr accounts. (Criminal markets again mimic legitimate ones: where labor is scarce or expensive, automation fills the niche.)
CryptoLocker has a competitor in the ransomware black economy: a new (as yet unnamed) pay-to-install service for cyber gangs relies on Russian peer-to-peer payment services and does without the high-profile command-and-control infrastructure that so often betrays malware users. On the bright side, AV tools detect the ransomware at a high rate.
Security analysts don't think much of Gmail's new image download default: Ars Technica sniffs that "marketers, stalkers, and debt collectors" will welcome the new policy.
Details emerge on how a privilege-escalation exploit currently circulating in the wild breaks out of Adobe sandboxing.
Bitcoin is enjoying a speculative bubble, and therefore attracts corresponding attention from malware developers.
Google patches an Android flaw that has exposed users to SMS-based denial-of-service attacks.
mHealth 13 symposiasts warn of medical system vulnerabilities. Pacemakers are the most lurid example, but other classes of devices also present concerns.
Bots, both good and evil, now drive some 61% of Web traffic, says Incapsula.
The World Federation of Exchanges forms a new cyber group to help protect securities markets; Nasdaq OMX's CISO, Mark Graff, will lead the effort.
European countries push to develop national (not EU) cyber capabilities. The UK and Netherlands seem particularly ambitious.
In the US, Defense R&D lead Reginald Brothers describes cyber research priorities and the cyber industry's role. The CyberWire has the full interview.