July, 2014:

• Malware on Backcountry Gear website, payment cards compromised
• Latest Citadel trick allows RDP access after malware's removal
• Cryptoblocker variant emerges, encryption differs from CryptoLocker
• Jimmy John's sandwich chain investigating possible breach
• Nearly 600 U.S. businesses compromised by 'Backoff' POS malware
• SC Magazine brings home national and regional honors
• Apple hit with privacy class-action over iPhone location service
• Attackers compromise Gizmodo Brazil
• Paddy Power breach impacting 650K customers dates back to 2010
• Leahy bill would end bulk data collection, introduce reforms
• House passes two cyber security bills
• A five-month-long Tor attack attempting to 'deanonymize' users
• BlackBerry acquires voice and data encryption firm Secusmart
• OTI report exposes economic costs of NSA spying
• Symantec Endpoint Protection vulnerabilities enable privilege escalation
• Breach index: Encryption used in 4 percent of Q2 incidents
• Programming error results in CVS Caremark mailing blunder
• House of Lords subcommittee highlights 'right to be forgotten' flaws
• Instagram iOS and Android apps vulnerable to session hijacking
• Seattle University donor checks possibly exposed due to settings error
• Report: Hackers stole data from Israeli defense firms
• Neverquest trojan targets regional banks in Japan
• IG scolds NOAA on security deficiencies, recommends fixes
• HP tests 10 popular IoT devices, most raise privacy concerns
• Vulnerability impacting multiple versions of Android could enable device takeover
• Accuvant taps Coca Cola CISO Guttmann as VP
• ICO fines U.K. travel firm £150,000 for 2012 breach
• Firefox 32 feature could cut undetected malware downloads 'in half'
• EFF asks court to find NSA internet spying a violation of Fourth Amendment
• Study: Asian Android users at higher risk of malware exposure
• Companies accused of peddling bogus AV ordered to pay $5.1M
• Bug in MailPoet plugin exploited to compromise thousands of WordPress sites
• Senator Leahy prepares bill to tackle NSA snooping
• Malware used to compromise payment cards at Wendy's restaurant in Michigan
• Report: Japan eyes law requiring security incident reporting
• Details emerge about PlugX/Kaba RAT in Pacific Rim
• Michaels class-action suit tossed after plaintiffs can't show damage
• Unfair competition: Proactive preemption can save you from litigation
• New backdoor 'Baccamun' spreads through ActiveX exploit
• Outdated browsers put U.K. users at risk of malware
• Survey: 53 percent change privileged logins quarterly
• Former student sentenced to six months for Nebraska university hack
• Laptop stolen from Self Regional Healthcare contained patient data
• U.K. hacker charged in third state for Adobe ColdFusion exploitation
• ECB database hacked, attackers ask for financial compensation
• CyberMaryland conference returns, hosts job fair for military vets
• Andromeda bot spreads Tor-using CTB-Locker ransomware
• Hackers only need to get it right once, we need to get it right every time
• Cyber Command tests gov't collaboration in wake of attacks
• Text message spammer settles charges filed by FTC
• Rhode Island hospital to pay $150K for past data breach
• Sony to shell out $15M in PSN breach settlement
• IT manager fired following massive Maricopa college district breach
• Facebook scam leads victims to Nuclear exploit kit
• eBay faces class-action suit over breach
• Five schools earn NSA's excellence in cyber ops distinction
• With RATs at their disposal, 419 scammers target businesses
• InfoSec pros worried BYOD ushers in security exploits, survey says
• Six charged in global StubHub scheme, company defrauded out of $1 million
• Juniper Networks divests mobile products for $250 million
• Successful strategies for continuous response
• Firefox 31 plugs critical memory safety bugs
• Android/Simplocker adds tricks, including ransom message in English
• Wall Street Journal website vulnerable to SQL injection, gets hacked
• Metro.us site compromised, serves malicious code
• Threat intelligence revolution
• DDoS attacks remain up, stronger in Q2, report says
• Superman soars above fellow superheroes as most toxic search term
• Black Hat talk on Tor weaknesses canceled
• $4 billion breach suit against Sutter Health dismissed
• More charged for roles in three separate Android app piracy groups
• Angler Exploit Kit delivers Tor-using Critroni ransomware
• Op Emmental spoofs bank sites, uses Android malware to maintain account access
• Goodwill investigates compromise of credit, debit card info
• Vice.com hacked, possibly The Wall Street Journal website too
• EFF intros wireless router software to boost industry standard
• Breaches driving organizational security strategy, survey indicates
• Siemens industrial products impacted by four OpenSSL vulnerabilities
• Pair jailed for Apple-themed phishing scams, racket supported criminal transport
• On Facebook, fake video of disrobing woman leads to malware
• Apple to use TLS encryption for iCloud email, other providers
• Qihoo team cracks Tesla's Model S car, reportedly earns $10K
• Snowden, Ellsberg ask hackers to help obscure whistleblower activity
• How PCI 3.0 impacts your security posture & compliance
• Thousands had data on computers stolen from California medical office
• Persistent Threats are ever evolving. Is your security?
• Almost 40 percent of Canada's Justice Department duped by phishing
• Microsoft wavers on Canadian spam fears
• Underinvestment, poor communication plague Canadian cybersecurity
• Report: Zero-day attack used in 2010 NASDAQ breach
• Microsoft researchers recommend sometimes ditching complicated passwords
• U.S. hosted most Q2 malware, top 10 ISPs still main sources
• Diluting data profiles with obfuscation, a hot topic at HOPE X hacker conference
• Hamas targets TV station via satellite hack
• U.K. data security office quietly discloses breach
• Australian daily deals site discloses data breach after three years
• Report: Old bugs in Microsoft XML still haunt users, program 'most exposed'
• Benjamin F. Edwards tells New Hampshire AG CryptoWall led to breach
• 'Neverquest' banking trojan evolves as U.S. attacks continue
• Study: 72 percent of Chicago fraud victims also data breach victims
• Privacy groups, security experts and others implore Obama to veto CISA
• Severe RCE vulnerability affects several Cisco products
• Russian espionage malware adapted for ransomware scams
• The eBay breach explained
• ScarePakage ransomware warns Android users of FBI probe
• eBay Q2 results up, password reset took toll on user activity
• Subcontractor breach impacts 1,700 in Dominion Resources employee wellness plan
• Report: 31 percent of IT security teams don't speak to company execs
• Senate subcommittee looks to stop botnet threat
• CSA releases updated cloud security guidance
• Certificates associated with malware added to SSL Blacklist
• Oracle: Java on Windows XP will still get security updates
• Compromised Japanese porn websites distribute banking trojan
• Pushdo botnet gets DGA update, over 6,000 machines host new variant
• Russia protests arrest of hacker Seleznev, demands release
• Document posted to California city website, employee data accessed
• Teen posed as Anonymous, arrested for major DDoS attacks in Norway
• Oracle releases 113 bug fixes in Critical Patch Update
• When it comes to cyber attacks, predictions are pointless but preparation is key
• Judge dismisses second class-action suit against Advocate Health
• Google creates 'Project Zero' team to protect the internet
• Active Directory flaw opens enterprise services to unauthorized access
• New York suffered 900 data breaches in 2013, AG reports
• Survey: 77 percent of IT staffers have incorrectly reported the cause of a security incident
• NIST drafts report on cloud computing challenges, requests comments
• Russian hackers compromise CNET servers
• Chinese man charged with hack of Boeing, Lockheed Martin aircraft data
• Cryptolocker neutralized, says Justice Department
• Apple blocks outdated Flash plug-ins to ward off Rosetta Flash attacks
• Fraudsters market new malware Kronos on underground
• Google external experts to tour Europe, explain right to be forgotten
• Hotel business center computers see uptick in keylogger malware
• Apple denies storing information on Chinese customers
• Man pleads guilty to bank fraud, 48-hour global operation netted $14 million
• Four stages of cloud security challenges
• About 20K impacted in South Carolina college laptop theft
• Zberp evolves, spreads through phishing campaign
• A possible attempt to revive the Gameover Zeus botnet
• After takedown efforts, Cryptolocker fate still "undetermined," firm says
• About 18K doctors may have had Social Security numbers exposed
• China targets shipping firms in Zombie Zero attack
• NightHunter campaign dates back to 2009, targets credentials and other data
• Study: Security not prioritized in critical infrastructure, though most admit compromise
• Amazon hit with FTC suit over in-app purchases
• Penn State College of Medicine breach risks alumni Social Security numbers
• Tinba malware source code leaked in forum
• Romanian man sentenced to 45 months for role in phishing scheme
• Two new Boleto malware families discovered
• Kaspersky quickly addresses XSS flaw impacting company website
• Resurgence of VBA macro malware poses new threat
• Microsoft to implement 'right to be forgotten' form
• Police, security firms abate Shylock malware threat
• Gmail iOS app vulnerable to MitM attack, emails and credentials at risk
• Chinese hackers seek security clearance data on federal workers
• Thousands notified of six-month payment card breach at The Houstonian Hotel
• Google fights off attacks via fraudulent certs
• Senate Intelligence Committee approves cyber security bill
• Researcher identifies XSS bug impacting Kaspersky website
• In year's first half, Verizon hit with 150,000 gov't data requests
• Former NSA chief pitches consulting work for $1 million per month
• Facebook disrupts cryptocurrency-mining botnet Lecpetex
• Attackers brute-force POS systems utilizing RDP in global botnet operation
• PCI council's Bob Russo to retire, new general manager named
• Former employee posts data online, 10K impacted in Missouri school district
• MiniDuke variant, 'CosmicDuke,' aimed at new targets
• Study: AV, anti-malware most used controls for APT defense
• Adobe addresses three vulnerabilities, Flash Player deemed critical
• Russian man arrested for POS hacks draws Russia's ire
• Nude pics, other data, recovered from 'wiped' Android phones purchased on eBay
• Microsoft addresses 29 bugs in IE, Windows, with six bulletins
• Phishers target Silk Road Bitcoin bidders, more than $62K stolen from Australian firm
• Phishing scheme targets biting World Cup player's sympathizers
• HotelHippo shuts down permanently after security flaws discovered
• St. Vincent Breast Center mails 63K letters to wrong people
• Protecting what matters
• PKI for the Internet of Things
• Advanced attack group Deep Panda uses PowerShell to breach think tanks
• NSA spying on possible Tor and Tails users
• NCL calls on gov't, business to better protect consumer data
• Next generation privileged identity management: Are you ready?
• Microsoft plans six Patch Tuesday fixes, RCE bugs in 'critical' batch
• Hiding in plain sight: What's really happening on your network
• Massachusetts man charged in Twitter hack
• DailyMotion users redirected to exploits in pay-per-click ruse
• European group details use of mini-skimmers on compromised ATMs
• Target asks court to stay discovery
• EFF sues NSA in bid for records related to Heartbleed disclosure
• After DNS customer backlash, Microsoft returns seized domains to No-IP
• Sneaky Android RAT disables required anti-virus apps to steal banking info
• Another firm sheds light on espionage group hitting energy sector
• Spear phishers abuse Word programming feature to infect targets
• Oversight board supports NSA internet spying
• Google blocks access to email to prevent 'needless and massive' Goldman Sachs breach
• Microsoft steps up encryption in Outlook
• HotelHippo offline after security pro finds flaws
• Buying something illegal? Bitcoin is not the currency for you.
• Expose of threat groups: Lessons learned on how to combat the threat
• Report: DDoS attacks down, gov't increasingly a target
• Brazilian 'bolware' gang targeted $3.75B in transactions, RSA finds
• Phishing websites up 10 percent in Q1 2014, the U.S. still hosts the majority
• Hackers commandeer businessman's phone lines, rack up $23K in charges
• Applying the cyber kill chain
• Laptop stolen from billing vendor contained unencrypted data on 3,500 students
• Alabama Department of Public Health warns of possible data breach
• File sharing programs cause data leaks, security headaches
• P.F. Chang's incident calls for updating payments tech
• Netflix goes open-source with AWS security tool
• POS vendor notifies restaurants of possible payment card breach
• Microsoft seizes No-IP domains in effort to stop malware infections
• Houston Astros hacked, trade conversations posted online
• Denmark caved to NSA's threats, security demands
• Benjamin F. Edwards alerts customers to May breach
• Infostealer Bugat resurfaces with worm component
• Apple updates address flaws in Mavericks, Safari, iOS, and Apple TV
• Appeals court can review ruling on FTC authority in Wyndham suit
• Stanford Federal Credit Union email error exposes 18K members' data
• PCI 2014: From compliance to security
• P.F. Chang's hit with class-action lawsuit following breach