Protesters in Hong Kong continue to draw the authorities' attention, with extensive use of mobile remote-access Trojans (RATs) against activists reported.
India's Defence Metallurgical Research Laboratory sustained and apparently parried a cyber espionage attempt.
Shellshock attacks appear to have slackened, but as fresh Bash vulnerabilities are disclosed, this is probably only a parenthesis. Akamai (who reported the fall-off) notes that slightly more than half the payloads it's monitored were illegitimate probes, which comports with other analysts' predictions that early Shellshock exploitation was likely to be battlespace preparation for subsequent large-scale campaigns.
The JPMorgan breach is larger than initially feared: the bank disclosed in a security filing yesterday that some 76M household and 7M small business accounts were affected. Investigation continues.
Large data breaches in the banking and retail sectors drive a surging cyber-insurance market, in part because the assets at risk are relatively easy to determine compared to, for example intellectual property value-at-risk. IP remains difficult to insure.
Post mortems determine that the WordPress hack affecting Gizmodo early this summer distributed banking malware to 7000 users in two hours.
Failure to patch and employees' gullible susceptibility to social engineering bedevil enterprises.
NIST releases its "Framework and Roadmap for Smart Grid Interoperability Standards."
Russia's President Putin, cast vaguely implausibly in the role of cyber victim, authorizes TASS to state that "over 90M hacker attacks have been registered in Russia since 2010." (One presumes TASS doesn't include outbound hacker attacks.) Expect a Russian Internet crackdown — the Finance Ministry has already banned Bitcoin.