With a Sino-American summit in the offing, the US is said to be considering an array of economic sanctions that would target "individuals and companies" engaged in economic cyber espionage. (But how cyber retaliation would work remains unclear.)
Economic espionage apart, the consequences of ordinary cyber espionage for the US continue to expand. Russian and Chinese intelligence services are reported to be assiduously and successfully cross-indexing information gleaned from recent data breaches: OPM, airlines, health insurance providers. Sources say the process has already blown significant US operations.
Russian cyber operators have stayed busy, most recently in an EFF-themed spearphishing campaign attributed by observers to APT 28. Russian-speaking hackers have shown up in force with intrusion into dating sites (one cannot rule out a priori that they're simply impoverished and lovelorn, but betting on form, they're trolling for usable personal information). Reuters reports a new twist: a spike in Latin American cyber incidents seems driven by Brazilian and Peruvian hackers leveraging Russian support and expertise.
IBM warns against CoreBot, an information-stealing operation in the wild. Palo Alto describes KeyRaider, an exploit targeting jailbroken iPhones. Bitdefender reports an arbitrary code execution vulnerability in JetAudio Basic and JetVideo media players.
Low-grade blackmail and removal offers find their way to Ashley Madison clients. TreatSTOP thinks insiders could be behind the adultery site's data breach.
Companies add cyber expertise to boards, and begin to regard cyber security as a major concern during mergers and acquisitions.
Cyber companies seem good bets after last week's market plunge.