The IBM X-Force Threat Intelligence Index reveals "historic" growth for the number of records compromised in 2016-- from 600 million in 2015 to over 4 billion, an increase of 566%, thanks to a shift in cybercriminal strategies.

The leaked records include traditional targets such as credit cards, passwords and personal health information, but IBM also notes "significant" breaches in unstructured data such as email archives, business documents, intellectual property and source code. The observations come from over 8000 monitored security clients in 100 countries and data derived from non-customer assets such as spam sensors and honeynets.

In total X-Force monitors around 8 million spam and phishing attacks daily, and analyses over 37 billion websites and images.

HashiCorp releases the Vault Enterprise 0.7-- an update featuring multi datacentre replication, allowing organisations spanning multiple public clouds or private datacentres to centrally manage security policies.

The open source Vault Enterprise is a tool designed to keep secrets running within cloud-based applications, such as passwords, certificates and confidential information, secure. According to the company, the update features a custom replication scheme to ensure system availability is never sacrificed, allowing users to continue using current encryption keys in case of connectivity failure, even if they will not be able to rotate keys.

Customers worried about BadUSB, the malware able to maliciously reprogram USB chips? Developer Robert Fisk has a hardware solution with the USG, a "firewall for your USB ports."

BadUSB is a sinister piece of malware able to bypass the OS, antivirus software and other security measures. It can attack by hopping into PCs through the USB port, for example via USB sticks supplied by customers or colleagues. This lead to Fisk working on a hardware solution for access to untrusted USB devices, without need for a USB condom or disabling USB ports.

The USG is plug and play, and is compatible with many devices with a USB port, be it modern Windows, Mac OS and Linux machines or legacy and embedded systems. It supports mass storage (flash drives), keyboards and mice, but cannot handle hubs and only uses 12Mbps USB hardware.

Cloudflare reveals the extend of "Cloudbleed," the bug leading to the mass leaking of encrypted browsing sessions-- it was triggered over 1 million times in the past 6 months before it was patched.

According to the post-mortem by Cloudflare CEO Matthew Prince there is "no evidence" the bug was maliciously exploited, even if it had the "potential to be much worse." In total the bug was triggered 1.2 million times from 6500 websites, and the company is still going through Google, Microsoft Bing and Yahoo search engine caches to scrub leaked data off the memory of cached sites.

“We’ve successfully removed more than 80000 unique cached pages," Prince writes. "That underestimates the total number because we’ve requested search engines purge and recrawl entire sites in some instances."