The actual provenance of the Cyber Caliphate (known for attacks on small-market US media outlets and other poorly defended targets) has been a matter of some dispute. While doubtless "objectively" serving some ISIS interests, the group is being called out (by iSight Partners) as a Russian false flag operation.
Russian security services are also the usual (and plausible) suspects in hostile probes of Latvian government websites.
The US NSA Director expects more attacks like the one that compromised OPM. OPM's new director promises to do more to help the victims; she's offered legislative help to make good on her promise.
As the Hacking Team hack moves into litigation (former employees are in the company's legal crosshairs) Dark Reading outlines some of the incident's lasting effects, among which is Flash's probable final eclipse. The Internet Storm Center speculates about where hackers will turn post-Flash.
Researchers demonstrate vulnerability in the RC-4 encryption algorithm. Symantec finds a new tool, "SeaDuke," in the Duke APT group's kit. Kaspersky outlines TeslaCrypt 2.0's "curious behavior. Blue Coat continues descriptions of "shady" top-level domains.
Lloyds estimates insurance costs of a major cyber attack on the US power grid. Control Global thinks it's a nice, and important, try, but that Lloyds has their figures wrong: the exposure's probably worse than feared.
Pending cyber export controls in both the US and Australia attract opposition. The US deadline to comment on Wassenaar is next Wednesday.
The Darkode takedown brings seventy arrests. (One of the bigger collars is a Carnegie-Mellon sophomore.)