T-Mobile is reportedly preparing to warn subscribers of a significant data compromise originating in a third-party supplier's network.
Another Java exploit strikes, this time in Yahoo!'s advertising servers.
SnapChat continues to repair the damage done by mishandled telephone numbers, and prepares various security upgrades. Observers see the episode as a case of a familiar tendency in start-ups: prioritizing growth over security.
The OpenSSL defacement turns out not to have been a hypervisor hack after all. Skype confirms that the Syrian Electronic Army's webpage defacements did not involve any data compromise; Microsoft tweets advice on recognizing phishing.
China's online payment platform Alipay is notifying customers (and apologizing to them) over a three-year-old data breach.
Online gaming continues to suffer security issues. Steam and Origin suffered denial-of-service attacks last week, and a breach at the World Poker Tour Amateur Poker League compromised player data (many players had US Government e-mail addresses). (The United Nations Office on Drugs and Crime notes that online gaming and micropayment platforms are increasingly favored by cyber-criminals laundering money.)
Bruce Schneier, formerly of BT, now CTO of Co3 Systems, cautions that the Internet of Things is "wildly insecure, and often upatchable."
FireEye's acquisition of Mandiant caused the buyer's share price to pop last week. Forbes sees the enhanced company as combining cloud– and SaaS–based security with incident response.
The US Congress seems unlikely to enact intelligence legislation soon, but the President is preparing to announce various reforms, including a "public advocate" position in the Foreign Intelligence Surveillance Court.