ISIS information operations worry governments as evidence of online recruiting and command-and-control success continues to accumulate. Afghanistan's president warns against underestimating ISIS, and a piece in Foreign Policy speculates about how the US might counter the Caliphate's messaging (by emulating aspects of Russian and Chinese operations).
Fingerprints lost in the OPM breach (and no one's yet sure whose, or how many were taken) are called a "counterintelligence disaster" and "battle[space] preparation." OPM has a new Director: she faces both an enormous cleanup challenge and a Congress in a do-something-now mood.
A smaller, different breach (data lost through mishandling in transit) affects current and former soldiers of the US Army Reserve National Guard.
Chinese hackers of uncertain provenance phish US Government personnel and reel them in with a Flash zero-day.
A new version of the Dyre banking Trojan infests Spanish networks.
TeslaCrypt evolves into a more dangerous form even as researchers tell BlackHat that most ransomware remains, truth be told, pretty dumb. Dumb, but dangerous.
SSL redirects show up in malvertising.
Malwarebytes says that affinity marketing has become a leading distributor of PUPs (potentially unwanted programs).
Acunetix looks at business websites and doesn't at all like what it finds: half of them would flunk a PCI standards check.
Systems administrators are dealing with patches from Oracle, Abode, and Microsoft, some of which close vulnerabilities disclosed in the Hacking Team breach. SAP has also patched. BT Security gives Land Rover high marks for its handling of a recall for automotive software bugs.