Target's data breach proves almost twice as bad as hitherto believed. The retailer, after investigation, now discloses that the names, email addresses, and telephone numbers of up to 70M customers were stolen.
Ransomware remains a dangerous threat in the hands of aggressive criminals, and no enterprise should fail to protect itself through, among other measures, effective data backup. New ransomware variants may be expected to appear, but security managers should proceed with circumspection before they jump into expensive countermeasures specifically tailored to criminal forum chatter.
The underground marketplace shows signs of trending toward accounting data boutiques selling information culled by do-it-yourself crimeware services.
The Internet Storm Center sniffs the rise of an unknown botnet in "pretty massive" PHP RFI scans.
With backing from a Palantir co-founder, Radius Intelligence positions itself to compete with Dun and Bradstreet in the (small) business intelligence market.
OWASP cancels its co-marketing agreement with RSA. Allegations of RSA collusion in weak crypto (denied by RSA) continue to affect its upcoming conference: eleven speakers, panelists, or trainers have withdrawn. (But note: this hasn't necessarily translated to an exhibitor boycott.)
Dell says it's open to layoffs. IBM creates a unit to monetize Watson. Intel discusses the McAfee brand's retirement.
US President Obama meets Congressional leaders and suggests he's open to unspecified changes in NSA surveillance. NSA's deputy director says the agency would welcome a public advocate in FISA court.
The US GAO finds inconsistency in federal agency breach reports (and questions the utility of the one-hour reporting rule).