These by now are surely dog-bites-man stories, and fast on their way to becoming evergreens, but they remain worthy of attention. Forbes summarizes the activity of Iron Tiger, a Chinese cyber espionage operation discovered and named by Trend Micro. Iron Tiger's activity against US military targets is called "advanced, persistent, and ongoing." And as the US DNI claims that Russia is preparing a campaign against US industrial control networks, F-Secure reports that the Russian services have used Duke malware for espionage since at least 2008. (Duke is another dog-bites-man story: Russian security services are collaborating with criminal gangs to accomplish espionage goals.)
A large number of significant patches have been released, including fixes from Cisco, Apple, WordPress, ISC, and VMWare (and a hat tip to US-CERT for noting these).
The still immature cyber insurance market draws more attention, this week from lawyers noting that cyber policies, while they have an upside for businesses, also bring with them new risks.
In industry news, HP announces 30,000 layoffs. The company is looking for cost savings through automation and outsourcing.
FS-ISAC announces a cyber threat information sharing agreement with US Federal Reserve Banks.
The crypto wars proceed apace in US policy circles: Justice wants backdoors, but almost no one else seems to agree, and the White House is beginning to feel pro-encryption pressure.
US Federal CIOs see a "silver lining" in the OPM hack: it's easier to get resources. (The hundreds of millions whose data were exposed may see this as tarnished silver.)