Threat analysts continue to track Russian-linked APT28 group and the Pawn Storm campaign.
Columbia University researchers demonstrate an "insidious" browser exploit.
Trend Micro reports finding fileless malware — Phasebot — active in the wild.
The Magneto payment platform (used by eBay) is patched, but unpatched sites remain at risk of exposing users to remote-code execution.
A Bloomberg outage affecting terminal availability for two hours Friday was not, Bloomberg says, due to hacking. It was, rather, a costly "combination of hardware and software failures" that delayed time-sensitive trading. Compare this incident with reviews of airliner vulnerabilities and the risk of cyber failure in offshore oil production, and consider the convergence of safety and security increased automation drives.
Reports suggest that Microsoft is "quietly" rolling out a revision to one of last Tuesday's patches.
In industry news, Raytheon will use its acquisition of Websense to form a cyber security joint venture Vista Equity Partners. It appears that the joint venture will target the civilian cyber market to the relative exclusion of Raytheon's traditional Defense customers.
Synopsys has announced its acquisition of Codenomicon (generally credited as co-discoverer of Heartbleed).
In the US, the Securities and Exchange Commission (SEC) discusses its emerging cyber security audit standards. The National Association of Insurance Commissioners issues standards for the insurance sector.
NSA Director Rogers unsurprisingly asserts that the laws of war apply in cyberspace, too. (One imagines laws that codify proportionality and discrimination will be most immediately applicable.)
Cyber security legislation continues its slow progress through the US Congress.