Germany undertakes an investigation of allegations that its BND spied on allies (France and the US prominently mentioned) without government authorization or oversight.
The cyber espionage group Pawn Storm (by consensus thought to be run by Russian security services) exploits a Flash zero-day. NATO and US officials find the threat disturbing, and many security experts advise disabling Flash as soon as possible.
More hacking incidents appear linked to Chinese maritime and territorial ambitions in the South China Sea.
ISIS is said to be actively trying to disrupt the US power grid, but so far seems to be doing a lousy job of it. The attempts will no doubt continue, so complacency is unwise. On the subject of power utilities' cyber risk, rating firm Moody's finds the US electrical generation and distribution system vulnerable, but notes that the Government is likely to pay for remediation and restoration. (We leave speculation about moral hazard as an exercise for the reader.)
A researcher demonstrates a USB computer-killer.
The Woods Hole Oceanographic Institute sustains a cyber espionage incursion. Whatever the intruders were looking for, it seems not to have been PII, which suggests state industrial espionage.
McAfee Labs reveals current black market price lists.
In industry news, PhishMe acquires "key assets" of Malcovery Security. Northrop Grumman reorganizes, and Symantec wants its security swagger back. FireEye shows how a story stock tells its story.
The US revisits its Wassenaar implementation.
Alleged ISIS-linked hacker Ardit Ferizi (a.k.a. "Th3Dir3cgtorY") is collared in Malaysia on a US beef.