October, 2013:

• The healthcare.gov website is ripe for attackers, experts say
• Kaspersky Lab CEO: Cyber crime costs worsen, $100B loss "multiplied many times"
• Legislation introduced to stop NSA's bulk collection of phone records
• Florida health department employees stole data, committed tax fraud
• Leak reveals NSA's access to Yahoo, Google data centers
• Microsoft urges users to upgrade from 12-year-old Windows XP
• Firefox 25 includes patches for critical memory bugs
• Shared password across accounts results in MongoHQ breach
• First P2P encryption solution gets PCI council seal of approval
• Cyber gang busted for operating TorRat banking malware
• Adobe breach impacts closer to 38 million customers
• Firm calls out consistent rise of "madware" in Google Play
• iOS apps vulnerable to HTTP Request Hijacking attacks
• Securing small to medium sized enterprises in the cloud
• On Cyber Monday, downed sites cost merchants $500K per hour, study finds
• Obama social media links, not accounts, compromised by SEA
• Two nurses' aides guilty for using patient data to commit tax fraud
• WordPress 3.7 makes security fixes automatic for users
• ATM malware Ploutus updated with English-language version
• Man indicted for alleged military data hack using ColdFusion flaws, SQL attacks
• Twelve-year-old hacks gov't websites, trades info with Anonymous
• Minneapolis medical assistant fired for accessing patient data
• NSA website goes down
• Mozilla addresses teenager's purported mobile Firefox OS malware
• Privacy experts debate worth of mass data collection
• Firefox add-on graphs who users interact with on the web
• Phishing email fools Missouri university staff, compromises thousands
• Phishing email lures users into giving up Apple ID
• DDoS mitigation firm notes dramatic increase in reflection attack style
• FBI arrests Connecticut man for Cisco fraud
• Scammers trick gamers on wait for Grand Theft Auto V for PC
• NIST debuts preliminary framework for securing critical infrastructure
• Internet users older than 50 years are vulnerable, according to study
• Industrial software flaw could allow manipulation of energy processes
• New Requirements for Endpoint Security
• Apple's iOS 7.0.3 addresses more passcode bypass flaws
• Missouri hospital fires physician's assistant for accessing patient information
• Maximizing your SIEM tool
• Future Proof Your InfoSecurity Program with Identity and Access Management (IAM)
• U.S. enterprises in path of data-hijacking Sazoora campaign, firm finds
• Cloud addiction: At what point does the elastic snap?
• Hacker group claims to have looted $100k via SQL injection attack
• Google launches Project Shield to defend sites against DDoS attacks
• Group leveraging Cutwail spam botnet opts for "Magnitude" over BlackHole exploit kit
• Laptops stolen, data of 700k California hospital patients compromised
• Wireless Security: Beyond the Basics
• The Threat of Unsecured Mobile Devices
• ACLU sues Justice Department to spur response on surveillance info request
• Despite Apple's claims, iMessage is vulnerable to decryption, says report
• NSA's call-records program "not surveillance," senator claims
• The 'must haves' to make the Framework for Cybersecurity useful
• Dick Cheney's wireless heart monitor was modified to curb hacking threat
• Teenage researcher develops first malware for mobile Firefox OS
• Obama nominates next Homeland Security head
• Alerts of "rising dead" still exploitable on EAS
• Huawei chairman: We've received no gov't surveillance requests for company data
• Student data from Denver elementary schools at risk after thumb drive stolen
• Report: NSA Director Keith Alexander plans spring retirement
• PR Newswire alerts customers to change passwords following breach
• Protecting Critical Infrastructure Against Advanced Cyber Threats
• Foreign attackers email phishy invoices to Mandiant CEO
• Web security is in fashion
• Dealing with Uncle Sam
• College networks hit with highest incidence of malware infections, firm finds
• Sacramento State server hack affects nearly 2,000 employees
• Vulnerability in vBulletin grants website admin privileges
• Hackers compromise certs to spread Nemim malware, which hijacks email and browser data
• The threat of financial fraud today
• NSA director lied about phone surveillance as terror deterrent
• Fixes for 51 Java bugs come with Oracle's Critical Patch Update
• Defense-in-Depth 2.0: Improving IT Agility and Optimizing Resources
• How to breeze through your next compliance audit
• Wisconsin hospital bills erroneously mailed to unauthorized persons
• Yahoo to introduce default SSL for webmail
• New malware enables attackers to take money directly from ATMs
• Dexter malware resurfaces in South Africa, costs banks millions
• Study: Millennials not encouraged to fill security workforce demand
• Eavesdropping on enterprise apps
• Scammers bug Nordstrom registers with $40 devices to skim card data
• KDMS Team defaces more websites using DNS attacks
• Attackers in Asia compromise data for nearly 150k in California
• Software firm breached, hacker reportedly behind data leak of 60K vendor accounts
• Adobe fixes "critical" bugs in Reader, Acrobat and RoboHelp publishing tool
• Google expands bug bounty program to include open source software
• Further arrests and charges in Silk Road takedown
• "Revenge porn" sites on radar of New York lawmakers
• Facebook phishing attack preys on users desiring to know profile viewers
• Google chairman tells CIOs: Android security trumps iPhone
• Nearly 50k patient credit cards compromised by insider
• Criminals move quickly to other exploit kits after arrest of BlackHole author
• Alleged Anonymous members indicted last Thursday led unassuming lives
• MasterCard joins FIDO Alliance march to standardize biometric auth, other password alternatives
• Bounty for Windows mitigation bypass earns researcher $100k
• BlackBerry signs private acquisition deal, realigns business
• Data breach bill dies as Canadian Parliament prorogues
• Peel Health Program hit with data breach
• Compromised websites possibly the result of DNS redirection attack
• Microsoft fixes 28 bugs, including zero-days, with Patch Tuesday release
• Study: The cost of cyber crime continues to rise
• Open source software is more secure than you think
• Not in Kansas anymore, thousands affected by Wichita website hack
• 13 suspected Anonymous members indicted for DDoS on high-profile sites
• Tutorial detailing how to compromise iPhone 5s made available
• "Gameover" trojan hides activity in encrypted SSL connections to defraud victims
• Insecure email puts more than a thousand NC patients at risk
• 2013 ebook on ID management
• Burglary compromises info of thousands at Calif. medical center
• In wake of Adobe breach, attackers may use insight to dig up zero-days
• Microsoft previews fixes for upcoming Patch Tuesday
• Hackers steal Adobe product source code and credit card data of three million customers
• FBI brings down Silk Road underground market
• The State of Cybercrime Today — Threats and Solutions
• Unauthorized user accesses medical records at Iowa-based health system
• Yahoo's new bug bounty policy rewards researchers up to $15K for "high risk" discoveries
• Government shutdown brings added risks to diminished workforce
• Malvertising: An attack that could be easily avoided
• Stolen laptop compromises hundreds of Wisconsin hospital patients
• Apple's Siri is helping users bypass iOS security
• Federal judge says Google must contend with lawsuit on its Gmail scanning practices
• Spammers forced to cough up $3 million to Facebook
• Researchers report XSS flaws to Yahoo, receive $25 store credit as bug bounty
• Case study: Class cloud - Rochester School Department and Dell
• Toeing the line...across sectors
• Encryption and explication
• Keeping every body safe: Medical devices
• Full-court press: The defensive approach to security
• Danger within: The inside threat
• Safe passage: Software development
• One cloud does not fit all
• Survival in the shadows
• Appreciate your log data
• News briefs: The latest on major DDoS and phishing attacks, and more
• Debate: The Computer Fraud and Abuse Act is out of date
• Threat of the month: Java exploits
• Are SMBs blindly spending on security solutions?
• Company news: New hires at Narus, Zscaler, and more
• Me and my job: Gregory Gong, managing partner, Wall Street IT Management
• Skills in demand: Security analytics specialists
• Access control has many dimensions
• EndaceProbe: High-speed packet recording for security monitoring