The SANS Institute picked up a story about an offhand comment made during a panel discussion between Russian and US intelligence officials. A Russian dignitary is said to have 'fessed up to the cyber-attack on Estonia in 2007, calling it the work of his assistant.
And another reminder of why nuclear labs should be keeping their PCs secure: A janitor at a Tennessee nuclear facility pleaded guilty to trying to sell information on producing highly enriched uranium to an undercover FBI agent.
Breaches
Google accidentally shared the documents of a small number of users with people that it shouldn't have.
Getty Images-owned micro-stock site iStockPhoto was taken down for a short time after an internal phishing attack on one of its forums was found to be harvesting user login credentials.
45 000 current and former FAA employees' information took flight after a computer was illegally accessed.
Twitter reported that 750 accounts had been hijacked to pump out spam tweets. And Heise Online found that an SMS spoofing flaw that enables people to send fake twitter messages from other peoples' mobile phones is still working in the UK and Germany.
As if Fannie Mae didn't have enough trouble: an IT worker was indicted for planting a malware script on its systems after being dismissed.
Legislation
A new bill introduced into Californian state legislature would extend existing data breach notification law. It spells out what companies would have to divulge in more detail, and makes it law to notify the state attorney for breaches affecting more than 500 people.
Tools
Warvox 1.0 is up. It's an automated wardialing tool that lets researchers profile up to 1 000 lines per hour, sniffing for modems, voicemail systems, and faxes (remember those?) It uses VoIP and analyses call audio.
The latest version of the Wireshark network protocol analyser is out, with various bug fixes.