Recorded Future updates its report on Al-Qaeda's improved encryption to show how it accounts for the impact of Snowden's leaks.
CyberSquared describes "Operation Arachnophobia," which it associates with a Pakistani hacking group (possibly private, possibly government-controlled — attribution remains unclear) working against India.
The New York Times yesterday reported that cyber criminals of Russia's CyberVor gang have stolen more than 1 billion user credentials. The revelation comes from Hold Security, which has declined to say where CyberVor got them. Other observers (notably writing in The Verge) are cautiously skeptical: there aren't that many services with over a billion users (apparently the credentials were stolen from multiple sources), and the credentials don't appear as expected on the black market, instead being used for Twitter-spamming services (pretty low-grade crime, with a low ROI).
US-CERT warns that Backoff malware has been found in some 600 point-of-sale systems; US banks consider their response.
Malicious macros in MS Office documents are making a comeback among cyber criminals: they're cheap and easy tools, and still find their marks.
Tor anonymity remains under question after proof-of-concept breach research is released, then pulled at lawyers' request.
Symantec has patched the privilege-escalation vulnerability in it Endpoint Protection.
Some good news: NTP attacks have fallen off dramatically in the wake of widespread adoption of countermeasures. Also, protection against and recovery from second-generation ransomware seems to be advancing.
The financial sector is adding cyber intelligence specialists to their security teams. Pricey labor, but judged worth it.
Child pornography investigations raise privacy issues.