Adware-associated firms Superfish and Comodo attract odium for their products' alleged enabling of man-in-the-middle attacks. Lenovo, still controlling reputational damage, swears it will never, ever pre-install adware (like Superfish's, anyway) again. AV vendors like Bitdefender roll out countermeasures.
Trend Micro continues to track Arid Viper around Gaza (amid some questions about individual attribution Forbes reports that remind all that real lives can be at stake).
Gemalto says its investigation reveals that a SIM card hack "probably happened," but that it didn't lead to "massive theft of SIM encryption keys." In any case, the company says only 2G devices would be affected, 3G and 4G remaining secure. Gemalto competitor G&D basically concurs.
Fallout from earlier cyber capers continues. Anthem says almost 9M non-customers may have been affected by its breach (the FBI is said to be closing in on a suspect), Target puts the cost of its PoS breach at $162M, and Gartner declares the Sony incident a "new breed of attack."
Ars Technica reports an Atlantic Council characterization of the Internet's dismal future: it's deteriorating from a rough neighborhood to a "failed state:" if you're looking for a movie metaphor, don't think Dirty Harry, think Snake Plissken.
Mozilla issues a set of patches.
Google, hoping to speed vulnerability disclosure (an important form of cyber intelligence-sharing, many think) makes Pwnium a year-round rolling program.
Congratulations to Europol and industry partners Symantec, AnubisNetworks, and Microsoft for their Ramnit botnet takedown.
The FBI puts a $3M bounty on alleged GameOverZeus master Evgeniy Bogachev.