The Izz ad-Din al-Qassam Cyber Fighters announce that the third phase of their cyber jihad against the United States began yesterday and will continue through tomorrow, but so far no reports of denial-of-service attacks on banks have appeared. (But the "Iranian Cyber Army" did target a German school on Monday.)
Czech news agencies undergo a DDOS attack of apparently domestic origin. An Indonesian hacker breaches three Venezuelan government websites.
Oracle's Java travails continue: recent Java security upgrades have been bypassed in the wild by social engineering.
A time-stamp bug in sudo exposes systems to attack—unauthenticated users can execute commands for about five minutes without entering a password.
Truthout and the Nation discern the malign hand of new villains behind the PLA's attacks on news outlets: HBGary and the US Chamber of Commerce pioneered the PLA's tactics against progressive lobbyists, they charge.
Pwn2Own and Pwnium are underway in Vancouver, with many white hat hacking achievements expected. (Google makes its challenge harder with an eleventh-hour Chrome upgrade.)
A Varonis report reinforces the importance of physically securing (and encrypting) devices: half the companies studied had lost items holding significant information.
Symantec says, contra the lessons some take from Yahoo, remote work can be both productive and secure. FierceCIO offers tips on safe use of public Wi-Fi.
Two training programs address the cyber workforce: Warrior to Cyber Warrior (for transitioning military personnel) and UMBC's Cyber Academy.
The US Defense Science Board recommends a "segmented" approach to cyber security incorporating focused intelligence and deterrence.