Various Caliphate-inspired information operations surface from Maryland to Germany (via Indiana). The Washington Post offers an account of how and why those operations have seen some success in recruiting Western women to jihad.
Exploitation of the US IRS's ill-starred "Get Transcript" feature is seen as an object lesson in how data theft enables other cyber crime.
In industrial control system security news, researchers at the Ural System Security Center claim that weak encryption renders Rockwell systems vulnerable to exploitation. CyberX analyzes the BlackEnergy campaign against ICS and concludes that its motive was data theft.
Like routers, USB modems seem vulnerable to drive-by hacking.
The Anti-Phishing Working Group reports an upsurge in phishers' domain registrations.
ESET and Avast find more problems (especially for gamers chasing cheats) in the Google Play Store.
Apple has blacklisted outdated versions of Flash in OS X and Safari.
The cyber insurance market continues to shape standards of care. Current litigation suggests insurers "won't cover stupid;" they invoke a "clueless clause" to avoid payment to the careless. (Part of getting a clue will probably involve designing good user interfaces, a Deloitte opinion piece in the Wall Street Journal argues.)
Palo Alto and FireEye remain story stocks. SonicWall buys one of KEYW subsidiary Hexis's business units.
US regulations on controlled unclassified information are evolving, and both Defense and the National Archives are shaping them.
The US Patriot Act remains on the path to expiration.
The Wassenaar Arrangement has a lot of security researchers spooked — just ask the EFF.