Yesterday's reports of a Belgacom hack are confirmed, along with a possible motive: Belgacom operates undersea telecom cables serving much of the Middle East. The Belgian press accuses GCHQ and NSA because they're capable, well resourced, and, well, much in the news—so far a largely a priori attribution. (Whoever committed it, the Belgacom attack is surely more sophisticated than the attempt by divers to cut the SEA-ME-WE 4 cable off Alexandria back in March of this year.)
Iran opened, then promptly shut down, access to Twitter and Facebook. This was no thaw, just a glitch soon corrected. Iran learned the importance of social media to information operations a few years ago when dissidents made effective use of Twitter during 2009's Green Revolution false dawn; other regimes in the region haven't been dull pupils. The Financial Times offers an overview of relevant national policies.
The BEAST cryptographic attack, thought effectively blocked by client- and server-side mitigations, is apparently still in business: enterprises should guard against man-in-the-middle attacks.
Tor seems increasingly infested by botnets and criminal activity.
Recent warnings of financial markets' vulnerability are reiterated as High-Tech Bridge claims it's found a cross-scripting vulnerability at Nasdaq. Quartz reports that high-speed automated trading has effectively created "a secret financial market only robots can see."
In industry news, China's ZTE prepares a major push into the European cloud market. Splunk acquires BugSense. NSA is apparently a customer of gray-market zero-day vendor VUPEN.
Some disturbing proof-of-concept research addresses the feasibility of dopant-level hardware Trojans.