ICS-CERT releases updates on BlackEnergy and the associated attacks on Ukraine's power grid. There's general agreement that the episode exposes an unpleasantly high degree of vulnerability in utilities. New standards for critical infrastructure protection are under development.
Two security companies are dealing with flaws in their products. Malwarebytes works to patch its Anti-Malware product for man-in-the-middle and privilege-escalation vulnerabilities Google researchers discovered. Google researchers have also called out Comodo's "Chromodo" secure browser for disabling same-origin policy and hijacking DNS sessions.
Check Point releases its research into a code validation bypass flaw in eBay. eBay has said the vulnerability amounts to little and won't be patched. Check Point disagrees.
Open Effect and the University of Toronto's Citizen Lab release a study of fitness wearables. Locational privacy seems the major issue among their findings.
A data breach at Landry's and Golden Nugget, corporate parents of US restaurant chains Bubba Gump Shrimp, Saltgrass Steak, and McCormick & Schmick's, exposed customer pay cards used at its locations between May and December of last year.
Some 5200 online Neiman Marcus customer accounts were accessed by hackers late last year.
The US and the EU, after letting Safe Harbor lapse over the weekend, have agreed to a new data transfer agreement, "Privacy Shield."
The EU moves to restrict anonymous Bitcoin transactions.
The proposed 2017 US Defense budget contains some $7 billion in cyber spending.
AnonSec hacktivists say they've hacked NASA, looking for signs of its complicity in a "chem-trail" conspiracy. NASA says AnonSec's claims are overblown.