CryptoLocker continues to wreak damage as it strikes a New Hampshire town hall, effectively wiping out eight years of files. Unfortunately it's not the only ransomware kit out there, and it may not be the worst: two competitors, PrisonLocker and PowerLocker, have been observed in criminal markets, and others are thought to be under development.
Follow-up phishing is underway in two recent pay card breaches, JP Morgan Chase and Target.
Last week's denial-of-service attacks on online gaming services didn't involve data theft, but a new World-of-Warcraft attack does: a Trojanized Curse client steals player login credentials.
Webroot sees a spike in Zeus vectors spoofing Bitdefender anti-virus software.
Guccifer returns with more celebrity hacks. Romanian intelligence services say they'll get him.
Yahoo reports it's removed the malware from its ad servers. While the infection lasted, it reportedly infected 27k users per hour, mostly in Europe, and mostly via PCs.
Citing regional governments' (particularly Iran's) heavy use of covert cyber operations, the Center for Strategic and International Studies publishes a report identifying the Arabian Gulf as a major flashpoint for cyber conflict.
Cyber mergers and acquisitions continue, although none as big as FireEye's acquisition of Mandiant last week. Blue Coat has bought Norman Shark, and Palo Alto Networks has picked up Morta Security. Analysts see the latter as a riposte to FireEye. VUPEN lists a number of zero-days for sale (and helpfully notes where they fit into the Wassenaar export control regime).
The US FAA's aviation safety data-sharing program needs better anonymous sharing.