The Energetic Bear campaign, a.k.a. DragonFly, draws comparison to Stuxnet. Although so far apparently used mostly for espionage, its association with Havex ICS malware gives it a more active, dangerous potential. Suspicion remains on Russian intelligence organs.
Taiwan has suffered from Dropbox exploits. Suspicious eyes look at China.
Saudi Arabia gets a new intelligence chief: job one will be collecting and operating against ISIS/ISIL's self-proclaimed caliphate.
While everyone was looking at the World Cup, criminals busily pilfered a great deal of money via small-scale Brazilian cyber fraud.
The healthcare sector is warned that a major attack is inevitable, that it poses a legal risk second only to major malpractice, and that security is a relative thing: the soft, slow sector targets will be hit first.
Russia moves to ban services that don't host personal data in Russia, a foreseeable move that promotes autarky and (more importantly) eases surveillance.
Facebook's emotional contagion study attracts ill will, skepticism, and (in the UK) legal scrutiny.
Other ill will follows PayPal's (quickly rescinded) suspension of crowd-funded crypto-email service ProtonMail and Microsoft's (now apologized for) sinkholing of No-IP domains. The former seemed prompted by heebie-jeebies over large-scale crowd-funding, and the latter by over-aggressive response to a relatively low-level of user abuse. Both episodes provide useful reminders that (1) a lot (most?) of critical cyber infrastructure is in private hands, (2) novel business models are easily misunderstood, and (3) active measures against cyber crime carry non-trivial risk of collateral damage.
GCHQ and NSA face new lawsuits.