March, 2015:

• China delays tech requirements seen as impeding competition
• IBM will invest $3 billion in new IoT unit
• Infostealer Laziok targets energy companies
• 30 percent of practitioners say they would pay cyber extortionists to retrieve their data
• Premera breach spawns class action suits
• Facebook tracks internet users without consent, breaking EU law
• Reddit subpoenaed for user info after Evolution shutdown
• Australia immigration dept. leaked 2014 G20 leaders' personal info
• The best defense is a good offense: The importance of securing your endpoints
• Uber log-in credentials surface on black market
• British Airways says rewards accounts hacked, locked down
• Documents on NSA's zero-day policy provide little insight, EFF says
• GitHub on DDoS alert, efforts to curb its largest attack continue
• Bitcoin blockchain exploitation could allow for malware spreading
• Shadow data: The monster that isn't just under your bed
• Puush urges users to change passwords after cyber attack
• Russia's FSB, Ministry of Internal Affairs tackle Tyupkin ATM threat
• PCI Council updates penetration testing guidance for merchants
• The power of the subconscious to protect against online fraud
• Yahoo releases transparency report for last half of 2014
• Botnet services attract scammers on Twitch seeking quick viewer boost
• Report: More than 15,000 vulnerabilities in nearly 4,000 applications reported in 2014
• Slack announces breach, unauthorized access to database
• British court dismisses Google appeal
• Citigroup report reveals poor disclosure track record at law firms
• Gov't offers $3 million reward for info on alleged Carder.su cybercriminals
• Router attack results in ads and porn being injected into websites
• PhishMe, Inc. secures $13 million in Series B funding
• The car alarm syndrome and the high cost of too many security alerts
• Orgs predict $53M risk, on average, from crypto key, digital cert attacks
• Speeding up breach detection
• Vulnerability found in popular hotel routers
• Indiana State Medical Association hard drives stolen, nearly 40K impacted
• Federal Reserve Bank of New York creates cybersecurity team
• Silk Road drug dealer sentenced to five years in prison
• Popular adult website XTube compromised, delivers malware
• GE, MACTek update products using vulnerable HART DTM library
• Data breach notification bill advances in U.S. House
• Why it's time to replace the tootsie pop approach to network security
• Amedisys notifies nearly 7,000 individuals of potential breach
• Protecting work info ranks low in mobile privacy survey
• Hanjuan Exploit Kit leveraged in malvertising campaign
• Ransomware holds New Jersey school district's network hostage
• California Senate Public Safety Committee advances stingray bill
• Protecting Cyber Networks Act introduced by House committee
• Fraudsters use Neverquest trojan to target Canadian banks
• Today's mobile security threats and tips to enable productivity without compromising data security
• Romanian man extradited to U.S. to face hacking charges
• The one-two punch of cybercrime: Who's leading the fight?
• Yahoo Trust 'UnConference' to convene after RSA Conference
• One in three of the top million websites are 'risky,' researchers find
• Android vulnerability leaves apps open to malicious overwriting
• Israel allegedly spied on U.S. communications for Iranian deal details
• Defeating the Pragmatic Adversary
• FTC announces new initiative aimed at tech research
• 'Privilege Gone Wild' report examines account management habits vs. concerns
• Twitch resets passwords following possible breach
• Key security insights for 2015
• Insider threat: The emerging policy landscape & best practices
• NYPD union website hacked
• Why enterprise IT and security teams should talk more
• Islamic State posts U.S. service members' information online
• NJRat making a comeback, researchers observe
• Legislators set to introduce student privacy bill
• 'PoSeidon' point-of-sale malware targets payment card information
• France unveils new terrorist surveillance law
• Vulnerability found in Hilton HHonors Awards system
• APTs: New, improved and smarter than ever
• Experts discover phishing campaign leveraging .gov TLD loophole
• U.S. representatives form payment technology caucus
• Developer liability, data proliferation at center of FTC report on IoT
• Drupal SQL injection vulnerability attacks persist, despite patch release
• St. Mary's Health breach affects thousands
• New Dridex variant spotted in tax rebate phish
• Malvertising has a big impact
• Recently patched Adobe Flash bug added to Nuclear Exploit Kit
• Kaspersky rebuffs Bloomberg's claims
• Threat group targeting Israel and Europe believed to be state-sponsored
• Researchers earn $442,500 at Pwn2Own 2015
• Russian hacker to be extradited to U.S. from Spain
• White House names former Facebook exec as first IT director
• This key unlocks the door to a network virtualization wonderland
• Privacy buffs say amended CISA bill can still further gov't surveillance
• Study: Mobile app security risk well-known, but enterprises lack proper usage policy
• Premera warned to fix security holes shortly before being breached
• OpenSSL Project issues 12 patches in Thursday update
• Obama Administration sets record for withholding FOIA requests
• Target close to settling class-action for $10M
• Black market Evolution disappears along with $12M in Bitcoin
• Sacred Heart Health System notifies 14K patients of breach
• NYPD officer arrested for hacking FBI databases
• Rogers victimized by ransomware
• What we can learn from $1 billion bank-robbing malware
• Cloud trends survey: 9 out of 10 orgs concerned about public cloud security
• Apps submitted to Google Play are now reviewed by 'experts'
• Court rules New York sheriff's office must turn over 'stingray' docs to NYCLU
• Google Project Zero exploit 'rowhammer' hardware bug
• Anonymous member deported from Canada
• FireEye scans popular Android and iOS apps, nearly 2K vulnerable to FREAK
• Apple releases Safari updates
• Report: committee approves rule change that expands FBI's hacking authority
• Lynx-sponsored fellowship aimed at women, minorities
• Judge dismisses suits against Paytime
• Premera Blue Cross breached, info on 11 million customers at risk
• Silk Road forum moderator pleads guilty in Manhattan
• Study: Americans taking steps to hide online activities from U.S. government
• iPad POS security
• Facebook received 14,274 U.S. gov't requests in 2014 H2
• Yahoo CISO Alex Stamos tweets 'on-demand' password defense
• IoT security: It's not to late to get it right!
• RSA hires Zulfikar Ramzan as CTO
• Kaspersky Lab provides updates on 'Crouching Yeti' threat group
• State Dept. system still down to exorcise attackers
• More than 150K patients impacted in Advantage Dental breach
• Facebook, Twitter update policies, take stronger stance on revenge porn
• Obama administration seeks additional authority to combat botnets
• Yahoo releases e2e encryption source code and launches 'on-demand' passwords
• Malware installed at California burger joint, payment cards at risk
• U.S. senator introduces bill aimed at federal breach notification standard
• Report: Authorities close to filing charges against JPMorgan hackers
• Western Union launches bug bounty program with Bugcrowd
• Driver sues Uber after breach
• Protect people, not machines
• Short, planned outage helps State Dept. banish hackers
• Private WHOIS data disclosed for hundreds of thousands of Google Apps domains
• 'TeslaCrypt' holds video game files hostage in ransomware first
• Attackers spread worm via Facebook, leverage cloud services
• Hacker threatens S. Korean nuclear power plants if ransom not paid
• Jamie Oliver website once again serving malware to visitors
• CISA passes Senate committee, raises privacy concerns
• University of Chicago data breach exposes employee and student data
• Cryptography Services launches security audit for OpenSSL
• Policy driven development: Bringing DevOps to InfoSec
• Experts debate whether 'right to be forgotten' should be adopted in the U.S.
• More than 600 cloud services still vulnerable to FREAK, data shows
• Evolving DNS attacks
• Report: 71 percent of orgs were successfully attacked in 2014
• Windows 7 users report issues installing Microsoft update
• Clinton emails uncrypted for 3 months, AP sues State for access
• Verizon: PCI requirement to test security systems a compliance weak point for orgs
• Adobe issues patches addressing 11 vulnerabilities in Flash Player
• Justice Department drops charges against government employee
• Chicago man convicted in ATM skimming spree that netted $5 million
• Former Mandiant chief architect to lead research team at Endgame
• Microsoft tries, again, to plug Stuxnet attack path
• Bain Capital acquires Blue Coat Systems for $2.4 billion
• Self-deleting malware targets home routers to gather information
• Canadian government investing to counter attacks
• Apple issues update for OS X and Apple TV
• March madness: The elite 8 of security threats
• Serious bug in Dropbox SDK for Android disclosed by IBM
• 2,400 unsafe mobile apps on employee devices in average large enterprise
• Study: Security pros felt more pressure to secure their organization in 2014 than year prior
• Russian man pleads guilty to wire fraud in online fraud scheme
• White House reveals $100M in grants to train tech workers
• Hillary Clinton says private email system was not breached
• IBM security expert panel: Fighting today's advanced attacks with behavioral-based prevention
• Top-secret documents indicate researchers attempted to break Apple security measures
• Microsoft issues 14 bulletins on Patch Tuesday, mitigates FREAK attacks
• Bug in WordPress plugin can be exploited to take full control of website
• Apple releases iOS 8.2, addresses 'FREAK' flaw
• How to extend threat protection to off-network employees
• Facebook login bug lets attackers hijack accounts on Mashable, other sites
• $1.1M fine issued to firm for violating Canada's anti-spam law
• New York private investigator pleads guilty to computer hacking charge
• Majority of WordPress users not backing up, survey indicates
• Researchers observe 'Animal Farm' group using variety of malware
• Disgruntled former employee pleads guitly to power supplies co. hack
• Analysts discover two POS malware families, PwnPOS and LogPOS
• DDoS attack takes down Femsplain.com
• NEXTEP, a POS systems provider, is investigating a possible breach
• Study: Fraud losses drop by $2 billion in 2014
• Xiaomi says Mi 4 smartphone tested for security issues was a fake
• FTC inks privacy collaboration deal with Dutch DPA
• Surfacing high-impact cyber threats via security intelligence
• 2015 insider threat ebook
• CIA to reorganize, create digital directorate
• Is online privacy dead?
• Study: Financial firms cite data security as top concern regarding cloud adoption
• Maine man seeks $5 million in latest Anthem lawsuit
• U.K. National Crime Agency arrests 56 alleged cybercriminals in week-long operation
• Financial cybercrime landscape changing, experts say
• Google counsel talks privacy, innovation
• Indictment reveals theft of one billion email addresses from ESPs, three charged
• Adobe's new bug bounty program rewards researchers with HackerOne rep scores
• Fraudsters use Apple Pay to purchase goods with stolen cards
• Pre-loaded malware found on Xiaomi Mi 4 device, among other issues
• Government amends policy on NSLs without thorough process in-place
• Clinton's use of private email spawns security, transparency debate
• Android 'Gazon' worm proliferates through texts, infects more than 4k phones
• Ramirez: FTC focus on data security, fraud, cross device tracking
• Greenwald says Snowden invoked changes toward privacy
• Chrome 41 update includes 51 security fixes
• Playing defense in ranks: Cybersecurity reimagined
• Experts find flaws in Mobile World Congress official app
• Mandarin Oriental Hotel Group is investigating a credit card breach
• Online Trust Alliance pens letter to Congress over federal data breach notification law
• D-Link issues firmware updates to address router vulnerabilities
• Angler EK hijacks domain registrant credentials to create malicious pages
• New SSL/TLS vulnerability, FREAK, puts secure communications at risk
• ACLU and EFF, among others, voice dissatisfaction with CISA bill
• Connecticut AG asks Lenovo for details on Superfish incident
• Tsukuba trojan aimed at Japanese banking customers
• Snowden considering return to U.S. for trial, lawyer says
• Alleged Anonymous hacker deported back to the U.S.
• GAO releases report on FAA security lapses, experts remain unconcerned
• Hillary Clinton used personal email for State business
• NEWS ALERT: New SSL/TLS vulnerability identified, dubbed 'FREAK'
• Obama criticizes Chinese cybersecurity regs
• Infections caused by prevalent financial trojans dropped 53 percent last year
• Spammers leverage DMARC to more successfully distribute ransomware
• Laptop stolen from employee contained data on Pioneer Bank customers
• Google pulls default encryption from Android partner phones
• Revenge porn site operators ordered to pay plaintiff $900,000
• In growing market for genetic data, privacy implications prove lasting
• Natural Grocers investigating unauthorized access to POS systems
• Proposed Consumer Privacy Bill of Rights Act doesn't go far enough, critics say
• Data at risk for about 50,000 current and former Uber drivers
• Attempts made to access Toys"R"Us reward program profiles
• Silent Circle to buy out Geeksphone, fully own Blackphone
• North Carolina credit union notification says laptop containing data missing
• IE exploit added to Angler EK, beats MemProtect mitigation
• A deeper dive into vulnerability management
• An unusual and innovative approach to Java security
• Is your organization prepared for targeted cyber attacks?
• Is this an evolution or a devolution?
• The whole package: Security certifications
• Closing the gate: Data leak prevention
• Malware on the move: Mobile malware
• The agency that stepped up: Federal Trade Commission
• Communicating security concepts
• How far have we come?
• Rethink your cybersecurity strategy
• News briefs: Barrett Brown sentenced, research from Qualys and Dell SecureWorks
• Debate: The financial industry really is better at cybersecurity than other industries.
• Threat of the month: Spear phishing
• Challenges of a splintered market: Cybersecurity spending
• Company news: New additions at ESET and Norse, ZeroFOX acquires Vulnr
• Me and my job: Bob West, chief trust officer, CipherCloud
• Skills in demand: Application security engineers