The first Russian cyber operations in its Crimean incursion are reported (by Ukrainian security authorities). These seem initially restrained, directed largely toward isolation of the Crimean battlespace, but there's a strong likelihood they'll see expansion through either Ukrainian retaliation or Russian escalation. Estonian and (especially) Georgian experience of being on the receiving end of Russian cyber attack offer instructive precedents. Some observers think the initial and uncharacteristic restraint of the Russian cyber offensive is explained by wariness of Ukraine's capable domestic hacking talent: a cyber riot can be as troublesome as a closely-run state campaign.
Russia's adventure for now enjoys the tepid, foot-dragging diplomatic support of China, so Kevin Mandia's retrospective of Chinese cyber capabilities is timely.
The Syrian Electronic Army threatens consequences for US Central Command should the United States undertake cyber operations against the Assad regime.
A large SOHO router pharming campaign, in progress since mid-December, has been exposed by Team Cymru. Some 300,000 machines are infected, with ground zero located in two London IP addresses registered with 3NT solutions. The campaign has so far been largely concentrated in Eastern Europe and Asia. Team Cymru calls it a "logical evolution of botnet technology." The campaign's motive, purpose, and attribution remain obscure, but Dynamoo sees fingerprints of Serbian cyber criminals.
Bitcoin bank Flexcoin has shut down—it's been looted. Mt. Gox attributes its own fall to criminal hacking. But Bitcoin isn't synonymous with either Flexcoin or Mt. Gox: Bitcoin ATMs continue to open, most recently in Singapore and Ireland.