Observers continue to pick through the files pulled from recently doxed Hacking Team, reading customer lists (which appear to confirm longstanding views of the company's business), pricing, emails, etc. The same hacker ("PhineasFisher") who claimed responsibility for last year's breach at Gamma International tells Motherboard he (or she) is also behind this one.
Among the lessons and observations being drawn from the leaks are two obvious ones that bear repeating (1) use strong passwords (not, e.g. "P4ssword") and (2) offensive cyber tools are effectively indistinguishable from defensive ones (if for no other reason than the role they play in testing and vulnerability research). Control of such tools is a tough problem, as may be seen in the case of a University of Northumbria student dissertation, apparently redacted (says Threatpost) in the name of Wassenaar compliance.
Russian cyber operations appear to continue in the hybrid war against Ukraine.
MalwareMustDie reports finding a KINS malware builder being distributed in the underground, and predicts a surge in KINS Trojan infestations.
Team GhostShell's self-described community-spirited (but obviously unwelcome) hacks of universities reach several institutions in Hong Kong.
US state and Federal authorities investigate hacks of New Jersey online casinos.
Several sources warn enterprises to expect a major patch of OpenSSL this Thursday.
Mozilla patches Firefox.
Not-for-profits are warned of risks their collection of personally identifiable information pose. Some such collection is probably inevitable, but it exposes them, their donors, and their clients to cyber risk.
FBI Director Comey calls for debate over strong encryption.