The claimed hacking of an airliner's flight systems — specifically engine controls (claimed by either the FBI, journalists, or the alleged hacker himself — there are lot of claims circulating) continues to dominate our sector's news. Boeing doesn't believe it happened (because Boeing thinks it couldn't have happened as described) and most observers are dubious. Ars Technica reasonably poses its take as a dilemma: either the researcher exaggerated his stunt, or the researcher did something breathtakingly reckless.
The affair prompts reflection on hacking of both the "stunt" and "ethical" varieties, with application to whistleblowing breach disclosures, gray- (and white-) hat vulnerability disclosures, etc.
Panda Security says it's detected a threat to different transportation mode — oil tankers: "Operation Oil Tanker," a.k.a. "the Phantom Menace."
Allegations surface that Germany's BND snooped on Austrian, French, and Dutch targets in cooperation with the US NSA.
Penn State continues to recover from a persistent attack on its engineering school. The objective may have been intellectual property. Observers put the cost of remediation at $2.85M ($485K for outside help, the rest for replacing compromised hardware).
In the US, the St. Louis Federal Reserve discloses that it suffered a DNS breach, apparently a criminal as opposed to state-sponsored attack.
IEEE issues standards for medical device security. Malware appears in a cardiac catheterization lab, researchers describe how an artificial pancreas might be hacked, and a Pittsburgh medical center suffers a data breach.
Cisco's not buying FireEye (yet, anyway), so it gets plenty of advice on what it should buy instead.