Summary: A proposed national standard for consumer protection after a data breach might result in weakening existing state provisions. Further, a transfer of enforcement responsibility from the Federal Communications Commission to the Federal Trade Commission might remove some communication companies from the protections.

Summary: The security firm Symantec says that its incident response center has seen a shift from banks to health care systems as victims during 2014. The Privacy Rights Clearinghouse, however, says that universities are also becoming attractive targets for data breaches.

Summary: Modern aircraft rely on firewalls to separate the passenger wifi network from the flight operations network, but there may be vulnerabilities. There is a report of a bug that allow privileged access from the passenger network to satellite communications equipment, and there is also a claim of being able to issue flight control commands from the passenger compartment. [This makes the "PalmPilot" a rather prescient product].

Summary: A Norwegian cybersecurity firm says that the Las Vegas Sands casino had its gaming computers disabled by a cyberattack orchestrated by Iran. The incident may have been retaliation for remarks by the casino's owner.

Summary: Oracle provides Java software that has installation options for third party-party software. Unwary users lament the results of taking the default installation. The "Ask.com" toolbar, for example, is reportedly very difficult to remove. This feature was reported for Windows in 2013, but as of this year it was added to the Java installation for the Apple MACOS.

Summary: Almost everyone wants to stop cyberattacks, and the federal government has for years sought access to information from private companies about how cyber criminals have attacked them. The feds may have their way if the House and Senate agree on a bill that "pushes" private companies to share data and receive liability protection if they have scrubbed the data to protect customer identities.

Summary: Symantec reports that 2014 was another banner year for malware. Overall, cyberattacks increased by 40%, according to their report center. This included 80% of all "large companies" in the US.

Summary: An Israeli company reports the ability to crash iOS devices by manipulating wifi network SSL certificates.

Summary: At the annual RSA Conference, Homeland Security Secretary Jeh Johnson said the agency would be looking to recruit cybersecurity experts from Silicon Valley, even going so far as to open a local office.

Summary: An investigation of an intrusion into the White House computer network last year has concluded that data and email on the unclassified network, including some of President Obama's, were accessed by Russian hackers. The article implies that the classified network was not involved in the breach.

Summary: The editorial board of the New York Times concludes that a new report by the Pentagon about cybersecurity lays the groundwork for a policy about retaliation to cyberattacks. It contains conditions under which "if ordered by the president, the military could conduct operations to counter 'an imminent or ongoing attack against the U.S. homeland or U.S. interests in cyberspace.'" The editorial surmises that the Obama administration feels that the executive branch must take the lead because of Congressional inaction.

Summary: The Patriot Act gave the NSA the power to collect bulk information on phone calls. Congress is considering two bills, one to extend the act and another to curtail it.

Summary: Rep. Ted Lieu of California has a computer science degree from Stanford University. He thinks that encryption "back doors" are infeasible because they cannot be restricted to "good guys". The members of House Government Oversight and Reform Committee's Information Technology subcommittee were "skeptical", but it is unclear if their opinions were founded on any understanding of cryptography.

Summary: Tom Van Vleck has caused the disinterment of a report on the landmark operating system, Multics.

Summary: Taxpayer information from an online IRS database was used to create false tax returns and claim refunds without the knowledge of the true account holders. This was possible because the hackers had previously obtained the taxpayers' personal identifying information from different data breaches. The combination of information defeated the authentication mechanisms used by the IRS. This has been done before on a small scale, but the technique now may be a potent weapon in fraud.