In the US, the IRS discloses a compromise of some 100,000 taxpayers' personal information. The IRS's "Get Transcript" online service was the attackers' apparent point of entry: they were able to use stolen personally identifiable information (PII) to gain access to records. Krebs notes that tax agency issues in the US are cascading to state revenue agencies. Others note that the breach offers an object lesson in why PII are valuable in enabling other attacks.
Iran claims it thwarted a US cyber attack on its oil ministry.
Moroccan hacktivists deface sites belonging to the Nepalese embassy in the US to express distaste for US policy.
Core Security demonstrates a proof-of-concept exploit against a Windows Group Policy flaw, MS15-011, patched in February.
New Android ransomware distributed in a very aggressive campaign comes with an unusually convincing spoof of an FBI warning.
New router exploits are giving particular attention to social networks.
Dark Reading runs two interesting pieces on cyber crime. One describes the activities of a lone-wolf, petty skid, the other the high-end connections between nation-state security services and organized cyber crime.
In industry news, Bain acquires Blue Coat for a reported $2.4 billion. Homeland Security Today offers a summary of recent cyber mergers and acquisitions.
Several articles offer views on the possibilities and pitfalls of cyber threat intelligence sharing.
The White House scowls at Congress (and they're looking at you, Senator Paul) over failure to enact cyber legislation.
Target's data breach settlement with MasterCard is said to have fallen apart.