The Sochi Olympics open at week's end, and mainstream media issue alarmist warnings that Russian security services will hack every spectator's devices. A bit breathless, but wariness and pessimism are surely justified (as they are, to a lesser extent, wherever one travels).
Reports circulate that Britain's GCHQ counterattacked Anonymous with a denial-of-service campaign. This week's earlier reports that GCHQ and NSA hacked a Belgian academic cryptographer are undermined by the purported victim, who calls de Standaard's evidence inconclusive and its conclusions premature.
The Target breach took longer to contain than previously thought. Stolen card data are turning up in the hands of Eastern European criminals (some of whose governments may, allege FireEye and Damballa, be offering the gangs protection). US retailers lament before the Senate that the cyber criminals seem to have the upper hand. Target, meanwhile, works on a more secure pay card.
Coders in Belarus claim to have written portions of the US Affordable Health Care Act (a.k.a. Obamacare) site. Questioned about whether this indicates vulnerability, US officials deny contractors used Belarusian software. (Observers claim, however, that some US Government IT contractors have outsourced portions of other projects to coders in former Soviet republics.)
Prolexic claims denial-of-service attacks can be used to manipulate stock prices.
Researchers demonstrate IFrame injection attacks via PNG image metadata.
Adobe issues an emergency Flash patch.
IBM, Microsoft, UCLA, and MIT researchers report crypto breakthroughs.
US Representative Sensenbrenner says Congress will curtail bulk metadata collection.
Colombia investigates allegations of army surveillance of FARC talks.