As Presidents Xi and Obama sit down for their summit, researchers at ThreatConnect and DGI publish a report on "Operation CameraShy" alleging that PLA Unit 78020's cyber operations in support of Chinese territorial ambitions in Southeast Asia (and especially in the South China Sea). The report claims that for the last five years the PLA has used "an array of global midpoint infrastructure to proxy the command and control of customized malware variants."
For his part, Xi has traversed the US with bland assertions that in cyberspace China's been more sinned against than sinning. (And the head of China's Cyberspace Administration cautions the US against rocking the boat. But a lot of US security firms in the attribution business rock on.)
Also from China, and not necessarily state-sponsored, come new Android malware strains.
The XcodeGhost infestation of app stores is still being mopped up. Apple publishes an FAQ on XcodeGhost. Observers see app developers' preferences and predilections implicated in the problem.
In the US, the Office of Personnel Management (OPM) acknowledges that more people's fingerprint records were stolen than initially thought: the tally's risen from 1.1 to 5.6 million.
Ransomware's evolution proceeds apace, with fresh outbreaks in Western Europe.
Volkswagen's software issues, having claimed the company's CEO, raise larger questions about possibly deliberate data corruption in SCADA and IoT systems.
In industry news, security stocks ride out market corrections.
India's security policies are debated. EU and US Safe Harbor agreements totter.
And, hey — Edward Snowden sees a downside to encryption.