More reports from France point to the relatively long preparation involved in the relatively low-tech hack of TV5Monde.
Trustwave shares its discovery of "Punkey," a new point-of-sale malware variant. (Some details are appropriately redacted, given that the discovery occurred in the course of Trustwave's support of a US Secret Service investigation.)
Norse and Cylance independently warn of increased Iranian cyber operations.
Observers digest this week's US Government Accountability Office (GAO) report on commercial air vulnerability to hacking. Some concerns surround the Federal Aviation Administration's upgraded air traffic control system; others are prompted by increased flight deck connectivity. Hijacking flights by Wi-Fi is (for now) a bit of a stretch, but there's clearly a significantly expanded attack surface in airliners now entering service.
This and other threats prompt renewed discussion of cyber threat (and response) sharing. Several platforms are compared; the market continues to worry the intersection of IP, regulation, litigation, and technology. Recorded Future likens threat intelligence to a "judo move" in responsive defense. Fast Company reports an interesting design for anonymized cyber information sharing from start-up Trustar. The government can subpoena them all day long, but since Trustar doesn't hold their customers' encryption keys, they couldn't surrender customers' data even if they wanted to.
International meetings on privacy continue in the Hague. The US Congress continues to mull legislation affecting not only surveillance, but also privacy and incentives for businesses to report and share cyber threat intelligence.
Oracle stops patching Java 7. Issues surface with some April Microsoft patches.