Anonymous having gone quiet for the moment, World Cup cyber action falls into three categories: attempts against gaming sites (mostly denial-of-service extortion), malicious fútbol-baited mobile apps (particularly targeting Android devices), and the customary phishing scams.
Card data apparently stolen from restaurant chain P.F. Chang's have turned up for sale on black market stall rescator[dot]so, the same place the fruits of the Target breach were shopped. The P.F. Chang caper remains under investigation, and it's too soon to draw many parallels with Target, Neiman Marcus, and Sally Beauty, but rescator's involvement shows the persistence of black market actors.
POSCLOUD malware is currently scraping small business point-of-sale systems.
Feedly remains under denial-of-service attack as it refuses to pay off the extortionists responsible. The US Federal Communications Commission has denied it suffered a denial-of-service attack, but Naked Security offers reason to think that in fact the Commission was DDoSed in response to a comedian's viral net neutrality rant.
"Maple," a Zeus variant, is circulating through Canadian banking customers. The Zeus framework is proving highly adaptable, and affords an interesting if dismal case study of malware evolution.
VMware patches products against OpenSSL bugs. Recent Google Play permission changes are coldly received.
FireEye notes that mergers and acquisitions predictably raise the cyber risk of the businesses involved.
In product and industry news, companies work toward increasingly automated security solutions and superior encryption products. Aggressive red-teaming and penetration testing also gain respect (especially in the US Department of Defense).
Emerging NIST standards address supply-chain cyber risk.