The ISIS cyber threat to infrastructure may be low, but the Islamic State continues to show considerable aptitude for information operations more broadly considered. (The Washington Post, for one, boggles at barbarism's appeal in the marketplace of ideas.) US Central Command, responsible for the US air campaign against ISIS and other elements in the Levant, reports a great deal of social media interaction over targeting, most of it from Kurds urgently nominating jihadist targets for prompt servicing.
Chinese authorities block Instagram as Hong Kong's "umbrella protests" continue. The government also appears to have increased its use of mobile spyware against dissidents.
Peace talks between Colombia's government and FARC rebels undergo another eavesdropping hack; the government promises to upgrade security.
Shellshock exploits proliferate; fresh Bash bugs surface. Proof-of-concept exploits are now widely available, and security analysts forecast a wave of large-scale attacks. Apple issues a patch to close the vulnerability in OS X. The Harvard Business Review calls Shellshock a "wake-up call" that should summon enterprises to collaborative security.
Malware Must Die reports another Linux vulnerability unrelated to (but obscured by) Shellshock. Investigation is in its early stages, but researchers claim to have found Chinese criminals exploiting an ELF weakness for denial-of-service.
A malvertising campaign spreads CryptoWall ransomware.
The US Department of Health and Human Services warns of coming attacks against healthcare IT networks. FDA works more closely with DHS on device security.
Europol warns of a burgeoning criminal service industry. InvoCode's CEO is arrested for allegedly enabling stalkers with StealthGenie.