ISIL continues to use hostages in online propaganda.
The Senate Armed Services Committee declassifies an inquiry into Chinese cyber espionage against US Transportation Command (TRANSCOM — a unified, functional combatant command in the Department of Defense) and the details aren't pretty. More than twenty advanced persistent attacks (and around thirty other intrusions) occurred between June 2012 and May 2013, with attacks largely accomplished against TRANSCOM's contractors. TRANSCOM was aware of two of them, and the Senate attributes this institutional myopia to poor information sharing on the part of pretty much everyone: TRANSCOM, contractors (and subcontractors), the FBI, other elements of the Defense Department, etc. The campaign targeted both intellectual property and military information.
IBM warns that it's seeing banking Trojans repurposed for use against other sectors.
Home Depot says it's contained the breach it sustained, and that some 56M cards were affected. The investigation is focused on self-checkout point-of-sale systems, which appear to be where the malicious code was installed.
A partial answer to the black-market value of medical records is provided, unfortunately, by a breach at a Texas insurance company. KrebsOnSecurity has found "medical records being sold in bulk for as little as $6.40 apiece" in criminal markets.
Apple releases iOS 8 and OS X 10.9.5. Microsoft struggles again with its patch process.
In industry news, layoffs at Microsoft and elsewhere are churning the IT labor market. Huawei dismisses Western security concerns as "noise around the perimeter."
TrueCrypt seems ready to reappear as "CipherShed."
New Zealand's GCSB clarifies Project Speargun.