The indirect road through security think tanks Deep Panda is taking to targets in Iraq (and elsewhere) is paved with Windows PowerShell, exploitation of which can be subtle and easily overlooked. The Chinese government dismisses allegations of its involvement in the campaign on the high-minded grounds of hacking's illegality, etc.
FireEye investigates disclosures of vulnerabilities in its security products NX, EX, AX, FX, and CM (and patches the same).
Passcape Software reports that a Windows Server DPAPI vulnerability could expose data to unauthorized decryption.
Adobe, Google, and Twitter patch quickly to fend off the Rosetta Flash attack (and other vendors are rapidly doing the same) but the risk remains a real one, so please take head of the fixes.
Microsoft's Patch Tuesday is called "light" ("OS administration teams will be busy, application administrators get the month off," summarized Help Net Security) but others are also patching this week, Adobe, Yahoo, WordPress, and FireEye among them.
As regulation tightens and exposure to litigation grows, corporate boards hustle to limit their cyber risk.
Stock analysts devote some attention to the cyber sector, offering an interesting perspective on how interested outsiders view the industry.
SIFMA's call for a government-industry cyber war council amounts to a plea for significantly enhanced cyber intelligence sharing and a more responsive active defense posture. But policy mavens receive it coolly, doubting that anything requiring "a meeting of eight undersecretaries" will achieve anything resembling responsiveness.
Microsoft, weary of its role as "the Internet's Dirty Harry," seeks partners in takedowns.