ISIS has long used Twitter and YouTube for recruiting, and it also draws significant donations from fundraising in social media. The US Treasury Department is working to disrupt that, as well as ISIS's use of conventional banking to collect, save, and move money. A whiff of ISIS's bad odor inevitably clings to Twitter, so it's worth remembering Twitter's positive role in 2009's Iranian dissent (a false dawn, but bright while it lasted).
The Pawn Storm cyber-espionage campaign shows what bad actors can achieve through social engineering. A sophisticated, patient organization (probably Russian, say some observers) did its homework, and the preparation paid off.
Microsoft's patches may have slowed Sandworm, but Sandworm seems to have regained its slither. Another recently patched set of vulnerabilities — these in Flash Player — is attacked in the wild: at least two exploit kits are available.
CryptoWall nearly destroyed an unnamed US not-for-profit recently. The ransomware continues its dangerous spread.
Another familiar malware family, the Backoff RAM-scraper, is also infecting machines at an increasing rate, this despite Backoff's very public prominence in retail data breaches.
Malvertising campaigns against commercial targets provide criminals with steady cash flow.
Cisco patches a Telnet remote-execution vulnerability. VMware fixes an information-disclosure bug in vSphere.
A new consortium forms to help franchise businesses with cyber security: DHS, NCSA, and IFA are in.
ESG sees a clear trend toward investment in "cybersecurity cavalry" as opposed to traditional network defenses.
Yesterday's attack on Canada's Parliament is thought to augur more extensive surveillance in that country.