April, 2014:

• Possibly the first Android worm, spreading through SMS, found in wild
• Firefox 29 fixes several critical flaws, including memory safety bugs
• 'Storm' crimeware attack campaigns hit Windows XP users in China
• Intruder attacks 4chan to expose posting habits of disliked user
• Apple swiftly addresses major flaw that left developer, employee data exposed
• With cyberstalking, alleged Anonymous member now faces 44 charges
• Multiple factors influence gov't decision to disclose vulnerabilities
• Index: 200 million records stolen in Q1 breaches
• Vendor fired for risking data on 15K Boston Medical Center patients
• Barrett Brown pleads guilty to threatening federal agent
• Phishing emails claim to contain attorney info, deliver Zeus instead
• Target names CIO, will switch to chip and PIN cards
• After investigating Mail incident, AOL confirms breach
• Phishing campaign uses VoIP to target dozens of banks, steal card data
• Vendors of major U.S. companies targeted in elaborate wire fraud scheme
• Advanced threat report names Great Britain, Switzerland as most targeted in Europe
• Senate bill would let private sector share threat info with gov't
• Data on nearly 10K Snelling Staffing employees made available online
• New program looks to tackle the industry's talent shortage
• UCF wins national collegiate cyber security competition
• Report: Attackers maintained long-term access in Australian Parliament breach
• Ohio couple's baby monitor hacked
• New iDroid mobile trojan said to impact iOS and Android devices
• Adobe Flash Player update addresses critical vulnerabilities
• Attackers leverage new IE zero-day in 'Clandestine Fox' op
• Supreme Court to hear cases on police search of cell phone data
• HelloBridge trojan poses as Heartbleed detection tool
• Data of 2,000 Johns Hopkins graduate students accessed on internet
• Mt. Gox ordered to begin liquidation
• Spam campaign targets banks, social media, with Gameover Zeus trojan
• Online gambling provides cover for money laundering, study says
• Humana co. pays HHS $1.7 million after unencrypted laptop breach
• Wallpaper apps on Google Play contain mobile Bitcoin-mining malware
• Researcher reveals how Facebook Notes can be used to DDoS sites
• Anonymous might be culprit behind apparent DDoS attack on children's hospital
• Spammers, posing as insurers, use Heartbleed to phish for credentials
• Tufts Health Plan data stolen, 8,830 members impacted
• In Cisco probe, misuse or compromise spotted on all firms' networks
• Fareit trojan observed spreading Necurs, Zbot and CryptoLocker
• Post Heartbleed, tech giants join initiative to bolster open source
• Mozilla offers up $10K for bugs found in new certificate verification library
• HMRC offers shaky explanation on plans to sell taxpayer data
• 'Reverse Heartbleed' can attack PCs and mobile phones
• No encryption means easy compromise of Viber location data, communications
• Cyber gang that stole $2 million from Barclays sentenced to 24 years
• DDoS attack almost crashes children's hospital website
• Feds warn health care sector of looming cyber attacks
• Second burglary breach within a month for Coordinated Health
• Brazilian president signs internet 'Bill of Rights' into law
• Android trojan sends premium SMS messages, targets U.S. users for first time
• Report: DDoS up in Q4 2013, vulnerability scanners leveraged to exploit sites
• A hundred Android apps, 150M downloads, vulnerable to Heartbleed
• Report: Bank of England to helm pen-testing effort for UK's finance sector
• FBI arrests two members of Anonymous's Cambodia section
• Apple's iOS 7.1.1 fixes Webkit bugs, encryption bypass issue
• 'Unauthorized' media contact a fireable offense for U.S. intel employees
• Fate of unencrypted drive unknown, PHI of 5,500 in Virginia at risk
• AOL Mail hack furthers spam campaign using spoofed accounts
• Backdoors in Wi-Fi routers, said to be closed, can be reopened
• Apple ships Mac OS X updates, fixes several code execution bugs
• NIST eyes removing flawed Dual_EC_DRBG alogrithm from guidelines
• Man pleads guilty to Comcast scam
• Privacy groups urge NIST to be more transparent
• Iowa State server breach exposes SSNs of nearly 30,000
• Verizon: Espionage attacks grew threefold in 2013, greater visibility diverts China focus
• Security concerns shutter educational database inBloom
• Phishing for the "wildcard"
• Three laptops stolen from New York podiatry office, 6,475 at risk
• Feedly fixes Android JavaScript code injection flaw, deems it "harmless"
• Class-action suit aimed at MCCCD for delayed notification in breach
• Attack exercise reveals threat-sharing roadblock within health orgs
• Report: Google looks to integrate PGP with Gmail
• Critical update makes P2P Zeus trojan even tougher to remove
• Heartbleed bug exploited to bypass multifactor auth, hack VPN
• Life after a data breach: Identifying and containing advanced threats at the moment of compromise
• Big Data - Your secret weapon in the war against cyber crime
• U.S. and Russia both look to extradite hacker
• Hacktivist claims Facebook is vulnerable to DNS attacks, Facebook says it's not
• Make It Stop! Protecting Corporate Data Assets Against Breach
• Heartbleed prompts HealthCare.gov to reset passwords
• Mysterious iOS malware campaign has Chinese origins
• Research shows vulnerabilities go unfixed longer in ASP
• Bill would restrict Calif. retailers from storing certain payment data
• Amplification, reflection DDoS attacks increase 35 percent in Q1 2014
• Investors aim to 'save' bitcoin exchange Mt. Gox
• Attackers target Facebook to deliver Android iBanking malware
• Federal watchdog says SEC security issues put financial data at risk
• Pittsburgh hospital employees hit by tax fraud following breach
• Donation campaign launched, aimed at OpenSSL audit
• New VOICE website a resource tool for cyber crime victims
• POS malware risks millions of payment cards for Michaels, Aaron Brothers shoppers
• Phishing scam targets Michigan public schools
• Contempt order against Lavabit still stands, appeals court rules
• Arrested Canadian hacker 'believed' to have exploited Heartbleed bug
• Darknet gets its first search engine
• Researchers uncover critical flaws impacting satellite communications
• Virgin Media email blunder leads to breach, may affect 130k
• German Aerospace Center discovers spy malware on network
• A Starbucks scam is brewing, phishing emails contain Zeus attachment
• Report: SQL injection a pervasive threat, behavioral analysis needed
• WhatsApp bug allows for interception of shared locations
• Google tweaks its terms of service for clarity on Gmail scanning
• Competition challenges students to think like IT professionals
• Most Heartbleed detection tools have bugs of their own, firm finds
• Galaxy S5 fingerprint scanner bypassed using old Apple Touch ID spoof
• Technology is not the only answer when it comes to security
• Why mobile security requires a holistic approach
• Oracle fixes 104 flaws in quarterly update, addresses Heartbleed bug
• Two plead guilty for roles in separate Android app piracy groups
• Study: Eighteen percent of online adults have had personal info stolen
• The cool factor: New tech in banking has an edge
• Pentagon to triple its security workforce by 2016
• Is SIEM up to the challenge?
• Tech manufacturer's online payment system breached
• The Heartbleed bug works, and could be a scapegoat for older breaches
• Feds to roll out face recognition database by summer
• FTC warns Facebook on changing WhatsApp privacy policies
• Karpeles won't appear in U.S. deposition, cites Treasury subpoena
• Researchers find Android security issue in app permissions protocol
• UK cosmetic surgery group extorted by hacker that stole data on 500K
• Data on 55,000 VFW members impacted by attacker seeking military intel
• Google considers boosting rankings of websites that encrypt
• Texas man receives 14 more charges for brute-force attack
• New Wisconsin law restricts employer access to personal accounts
• Yahoo quickly fixes Flickr SQL injection, remote code execution flaws
• Mandatory cyber insurance: Driving improved security or passing the buck?
• Revenue Canada: Heartbleed exploit used in taxpayer breach
• Kentucky becomes 47th state to pass data breach notification laws
• Online poker sites slow to fix Heartbleed, have other security issues
• The driving force behind new attacks
• Heartbleed bug not leveraged for surveillance, NSA says
• Trio charged with hacking, stealing data from U.S. Army, Microsoft and more
• Phishing attack targets FIFA video game players
• The inside job
• Authorities search for suspect using credit cards from Target breach
• Federal appeals court overturns conviction of AT&T hacker "weev"
• Bank of America target of class-action suit for 2012 breach
• 200,000 South Korean credit card users' information stolen
• DHS puts critical infrastructure on 'Heartbleed Bug' alert
• Indictment charges 'Jabber Zeus Crew' with using malware to steal millions
• Phishers find most success midweek, masquerading as IT, report finds
• Card skimming device found on NYC subway station machine
• More than 1,400 medical records compromised in Texas breach
• FTC, Justice Dept. say antitrust laws shouldn't block cyber threat disclosure
• Google Chrome bug enables stealthy tapping of microphones
• 'Heartbleed bug' leads Canada Revenue Agency to suspend tax efiling
• Trojanized Android apps steal authentication tokens, put accounts at risk
• Facebook ups privacy measures, tests new user settings
• Latest UMD 'intrusion' linked to IT worker exposing security issues, account shows
• Man pleads guilty for involvement in $50M scam
• Breach impacts thousands in Bibb County that applied for gov't jobs
• JPMorgan Chase CEO details company's cyber threats in annual letter
• Vulnerable organizations respond to encryption-breaking 'Heartbleed Bug'
• Canadian privacy bill floats $100k fine per breach victim not notified
• Study reveals only 56 percent of employees get awareness training
• Battelle announces this year's CyberAuto Challenge
• More states look into Experian co. breach exposing 200 million records
• Critical Adobe Flash Player vulnerabilities addressed in Tuesday update
• Blackberry issues update for remote code execution vulnerability
• GovWin IQ hacked, payment card data of 25,000 Deltek customers at risk
• Popular ad server patches SQL injection flaw impacting platform
• Report: Data breaches up 62 percent in 2013
• A NAC for eliminating blind spots in advanced attacks
• File sharing and mobile productivity: How to limit risk
• Judge denies Wyndham motion challenging FTC authority
• Anonymous may be targeting educational institutions in 'OpSafeEdu'
• FTC files complaint against website that labeled users "jerks"
• Microsoft releases final fixes for Windows XP, Office 2003
• Critical OpenSSL vulnerability, 'Heartbleed Bug,' enables SSL/TLS decryption
• Utah law shields electronic device locations and communication content
• Phishers use fake voting campaign to steal Facebook credentials
• Chicago doctor's email account accessed, held info on 1,200 patients
• Yahoo changes tune, fixes Flickr invite disclosure bug
• HHS reveals "high-risk" security issues at Medicaid agencies
• Zeus variant uses valid digital signature to avoid detection
• Report: Neiman Marcus breach work of Russian hackers who targeted Heartland
• Android app vulnerabilty puts Chinese users at-risk
• Come on Firewall! Grow a cortex!
• Managing identity for a millennial workforce
• Supreme Court won't take on constitutionality of NSA metadata program
• Another 170K L.A. county health clients impacted in Sutherland breach
• Drives containing info on 2,500 stolen from Michigan health department
• Connecticut, Illinois to investigate massive breach at Experian co.
• Barrett Brown pleads guilty to two federal charges
• Google pays $1 million fine for Street View privacy violations
• Microsoft previews last Patch Tuesday update for Windows XP
• XSS vulnerability in popular video site enables unique DDoS attack
• Cable modem flaw leaves Optus subscribers vulnerable to hackers
• Intrusion deception: Making a case for middle ground in malware mitigation
• Facebook doled out $1.5 million to researchers in 2013 for bug bounties
• Five-year-old discovers Xbox bug, accesses dad's account to play mature games
• Malware on Kaiser Permanente server since 2011 impacts 5,100 members
• The true Target story: Why the data breach was inevitable
• Federal agencies fall short on data breaches, GAO report says
• Regulator alerts banks of mounting ATM attacks, DDoS threat
• Yahoo enhances data security through encryption efforts
• Singapore's NTUC resident members get two-factor authentication devices
• Lawsuit over Symantec, Digital River sales practices granted class-action status
• More than 24M home routers enabling DNS amplification DDoS attacks
• Target customer satisfaction levels drop
• Theft of computers from Texas nonprofit risks data on nearly 3,000
• Former Microsoft employee accused of leaking software pleads guilty
• iOS 7.1 bug enables iCloud account deletion, disabling Find My iPhone, without password
• The NIST framework: The public's stake in the cybersecurity of our critical infrastructure
• Google wants Supreme Court to rule on Street View privacy case
• Mortgage software provider Ellie Mae suffers DDoS attack
• FTC vigilant on data security, Ramirez tells Senate committee
• Cryptocurrency mining malware discovered on surveillance DVRs
• Two men plead guilty to role in worldwide hacking operation
• Bankruptcy judge orders Mt. Gox CEO to U.S. for questioning
• 24,000 computers worldwide infected by Middle Eastern malware
• Apple's Safari update addresses 27 vulnerabilities
• Database of more than 150K Boxee.tv accounts posted on Tor Network
• LinkedIn identifies company that used bots to scrape profile data
• Unauthorized access gained to about 800 JSTOR accounts
• Researchers uncover NSA tool, enables faster cracking of flawed algorithm used by RSA
• Advanced Evasion Techniques still top of mind for pros, study says
• Attorney of alleged Silk Road operator files for dismissal of charges
• Coinbase responds to information disclosure, user enumeration, other concerns
• In LinkedIn breach suit, judge denies company's motion to dismiss
• Fake Google apps removed from Window Phone Store by Microsoft
• Anonymous DDoS attack dismantles Albuquerque Police website
• NSA spying on German broader than expected, Snowden docs show
• Medical staffers fall for phishing emails, data on 8,300 compromised
• Strengthen links in the supply chain
• Can good come from bad news?
• The zombie's bite: Avoiding a botnet
• Network Rx: Health care security
• Bad reputation: Annual guarding against a data breach survey
• Know your friends: Partnering with the right allies
• Changing the business culture
• Data archiving benefits
• Ahead in the cloud
• The more things change...
• Covering all the SAP bases
• News briefs: Revelations at RSA Conference, zero-day fixes and more security news
• Debate: Should Edward Snowden be granted amnesty?
• Threat of the month: Linksys router zero-day
• Privacy: Who cares?
• Company news: McAfee's new CTO and Bit9's recent merger
• Me and my job: James Hill senior security architect, Consolidated Data Services
• Skills in demand: Cloud security architects
• Million-dollar password: New authentication strategies