The US FBI has warned against the possibility of ISIS-inspired hacking. So far this amounts to recognition that allied airstrikes are likely to summon a response from Islamist sympathizers and useful idiots in the hacktivist world, but the FBI's surely prudent to keep its antennae up.
China continues cyber surveillance and information operations against dissidents in Hong Kong, who themselves are turning, with some apparent success, to FireChat as a social media tool.
Shellshock is found in OpenVPN. Bash bug fixes continue to roll out from many affected vendors as exploitation increases around the world. VMware, among others, issues a major security update. Some patches (notably but very far from exclusively Apple's) are found to be partial solutions only, so admins should remain alert for continuing updates. Security experts warn enterprises not to neglect easily overlooked embedded devices, where the vulnerability is particularly widespread.
Researchers demonstrate proof-of-concept exploits of new payment systems, which analysts observe will be particularly dangerous to smaller banks.
Signature Systems, closing the point-of-sale system holes that led to the Jimmy John's breach, warns that other retailers may be similarly vulnerable.
Private equity, not often thought of as a "cottage industry," nonetheless faces cyber risks one would associate with smaller businesses. But the value-at-risk is very high, and the sector is advised to look to its defenses (and its insurance, especially D&O insurance).
Deutsche Bank London gets good reviews for cyber self-defense.
The StealthGenie indictment may set precedents in prosecuting suppliers as opposed to users of spyware.