South Korean prosecutors investigate another apparent data breach at Korea Hydro & Nuclear Power Corporation.
Reports of increased cyber activity targeting (separately) both Israel and Iran circulate.
The New York Stock Exchange releases results of its investigation of last week's outage: it was a configuration issue tied to a new timestamp rollout. The incident prompts reflection on the inherent vulnerability complex software poses to the enterprises that develop and use it — Popular Science likens network outages to "new natural disasters." (For those interested in thrashing through a priori possibilities to significant but specious judgments of causation, see the PBS NewsHour piece on the outage. The comments are worth a look.)
In the US, OPM Director Archuleta's resignation Friday hasn't stopped growing concern over the scope of the breach her agency sustained. Crowdstrike (in which Google, by the way, is rumored to be making a large investment) outlines grounds for the near-universal, albeit unofficial, conclusion that Chinese intelligence services were responsible for the hack. Others point out the very large costs — personal, national, etc. — the breach will exact. (Few have noted yet what will be increasingly disturbing over the next few weeks: SF-86s contain personally identifiable information not just on people considered for clearances, but on family members and associates as well.)
Flash and Chrome zero-days associated with the Hacking Team breach are being patched. Many wonder if venerable (useful, but venerable) Flash is ultimately worth patching.
Cyber standards of care continue to evolve in insurance markets and the plaintiff's bar.