A scholar argues that ISIS information operations succeed because the brutality of the group's "apocalyptic vision" is well adapted to transmission through social media.
Apple and others, including Amazon and Baidu, continue efforts to exorcise XcodeGhost from app stores, but the infestation is proving unpleasantly durable.
Google deals with Trojanized games (including versions of "Plants versus Zombies" and "Candy Crush") in Google Play. Other Android exploits (SMS Trojans) show a new predilection for assaults on financial accounts.
Heimdal warns that Cryptolocker 2 ransomware vectors are spoofing communications from Denmark's post office.
British Columbia's Education Ministry loses an unencrypted hard drive containing personal information on "millions" of the province's citizens.
Mozilla issues a Firefox patch.
Details emerge on Volkswagen's clean diesel software scandal, with observers drawing lessons for ICS security.
Market researchers find that customers in fact leave businesses' websites if they perceive security problems. In other industry news, venture capital continues to flow into security start-ups. Damballa looks at Zerodium's Halloween bounty of $1 million for iOS exploits (and says in effect "we told you so").
Cyber information sharing remains a centerpiece of emerging standards of care (and CSOs say they're not waiting for government to lead), but breach response is fast gaining, as are "holistic" approaches to security.
As the US and China prepare for their summit, China's President Xi sweet talks the US tech industry during a stopover in Seattle, emphasizing cyber cooperation. China denies cyber industrial espionage, but observers see subjunctive and bureaucratic misdirection in the denials.