JPMorgan Chase underwent a denial-of-service attack yesterday—mobile access worked, but PC users were blocked. The Izz ad-Din al-Qassam Cyber Fighters are suspected.
Widely used SWFUploader exposes websites to content-spoofing and cross-scripting.
Hotmail went down yesterday, and its recovery continues. The causes are unclear, but the outage doesn't seem attributable to simple glitches in Outlook migration.
This week's big hack of celebrity personal information may be traceable to a free credit report site, which suggests that non-celebrities are equally (or more) vulnerable.
Microsoft issued its March patches yesterday, but was unable to fix two problems demonstrated at Pwn2Own and Pwnium. (The latest version of Chrome OS encouragingly escaped Pwnium unscathed, by the way.) Adobe also patched Flash yesterday.
Leaders of the US Intelligence Community appeared before Congress yesterday, and their testimony made the Sino-American cyber cold war chillier. While DNI Clapper called a "digital Pearl Harbor" unlikely (at least within the next two years), he and FBI Director Mueller rated cyber threats at least as serious as terrorism. NSA's General Alexander announced the creation of thirteen offensive teams whose mission would be cyber deterrence and retaliation. China is, of course, the adversary Congress has in mind, and that country's Foreign Ministry responds with calls for "constructive dialogue" on a mutually respectful basis.
In industry news, US budget austerity augurs a fresh round of mergers in defense and security. Help Net Security singles out the eleven most interesting products launched at RSA. Google offers an informational series, "Help for Hacked Sites."