Assad's cyber operators remain remote-access Trojan specialists. ISIS demonstrates that bad guys also lose data when they lose laptops — a Dell captured from the caliphate in Syria reveals lurid plans-cum-fantasies of bioterror, mass death, etc. Iranian cyber operators lurk in the wings as US intelligence services keep a close watch on Tehran.
Pakistani dissidents cyber-riot against police repression.
Assessments of the JP Morgan hack range from an incipient cyber 9/11 to business as usual. JP Morgan and the FBI are keeping fairly mum during the investigation, but the bank has warned Louisiana regulators of a card breach (other warnings expected soon), and sources claim Russian criminal involvement (Evgeniy Bogachev, again). There does appear to have been some data corruption.
Hosting service Namecheap reports the CyberVor gang (believed to have obtained more than a billion records this summer) is now using stolen credentials to access accounts. This would be the first report of crime deriving from this large breach (but interestingly Hold Security, which first disclosed the theft, says it's not seeing the activity).
The leak at week's end of celebrity photos is interesting, not for the squalid voyeurism it facilitates, but for what it says about security in clouds. The photos had been stored in iCloud, and Apple has patched that service's vulnerability to password brute-forcing. Investigation is still in its early stages; TechCrunch has an overview of what's actually known so far.
This week's NATO summit is expected to extend Article 5 (collective defense) to cyberspace. Russia is displeased.