The Ukrainian prime minister's office and at least ten of the country's embassies abroad report being victims of an (apparently) Russian cyber espionage campaign. The malware reportedly belongs to the Turla family (a.k.a. Snake, a.k.a. Oroboros) and Ukraine is far from the only target. While Turla has hit predictable Western networks in France, Germany, Belgium, and the US, it appears to devote a great deal of attention to the former Soviet republics of the near abroad.
Kaspersky reports solving Turla's hitherto mysterious infection mechanism: a related campaign Kaspersky calls "Epic" makes the initial penetration. Symantec views Turla as principally a diplomatic cyber espionage tool, although aerospace and pharmaceutical companies have also been subject to its ministrations. The campaign used a mix of zero-day and known exploits.
The other big cyber story remains CyberVor's big criminal score of login credentials. The Russian gang apparently used botnets and SQL injection attacks to scavenge usernames and passwords from vulnerable sites. How serious the crimewave ultimately proves remains controversial. Everyone agrees something big was stolen, but estimates of consequences vary widely, from a universal password death knell to marketing opportunities for security companies. Most would like to see more details from Hold Security, the company that announced the theft.
Investors continue to look for better ways of assessing cyber risk, especially but not exclusively when looking at mergers and acquisitions.
IBM and BlackBerry look like (very preliminary) winners in the newly restricted Chinese market.
US Intelligence may have at least two more unidentified moles.