Two unsurprising reminders about espionage nonetheless bear repeating. First, Rapid7 notes that intelligence services' cyberattacks operate at a "low, consistent hum," and that industries aligned with state interests are of greatest interest to other states. Second, the US Intelligence Community views "rogue insiders" as being at least as dangerous as external threats.
Flashpoint publishes a major study of how cybercriminal gangs communicate.
SurfWatch draws security lessons from the growing availability of source code and malware online—"Resenware," the joke ransomware a South Korean undergraduate put together serves as a cautionary example.
Tanium is again in the news in an unfortunate way: the company used a customer's network (a California hospital) to demo its security software without the customer's permission, potentially exposing sensitive data. Tanium's CEO acknowledges that mistakes were made, and also apologizes for his "hard-edged" manner. Triple-unicorn Tanium is preparing for an IPO.
Two intra-sector disputes continue to play out. In one, Google squabbles with Symantec over Google's revocation of trust in some Symantec certificates.
The other dispute involves what should count as adequate testing for security products. On one side is Cylance (with some quiet support from NSS Labs), which argues that traditional testing against known-bad signatures biases results in favor of signature-based and related legacy security products. On the other side are companies like Sophos and Carbon Black, who say that Cylance's preferred approach simply gooses test results in favor of Cylance. (Security testing is clearly more complex and contentious than the often-cited UL electrical safety model.)