The following represent,in no particular order, the stories I found interesting during the past week:
Infrastructure vs Application Security Spending
Abusing WCF to Perform Remote Port Scans
New Russian Botnet tries to kill its larger rival
What's the right IT/Information security certification for me?
How to render SSL useless