The Diplomat has an interesting piece on allegations that Chinese intelligence services hacked the international court that's adjudicating South China Sea territorial claims. The author notes, in a reflective contrarian way, that attribution may not be as difficult as "myth" would have it, and that one can anticipate state attacks with relatively high confidence. (And warns that among the things to anticipate in this case is a patriotic cyber riot out of China.)
The North Antrim teenager arrested in connection with the TalkTalk hack is out on bail as the Metropolitan Police continue their investigation. There may be other arrests, but observers note that the attack TalkTalk sustained combined distributed denial-of-service and SQL injection — neither difficult to mount (nor terribly difficult, others add, to parry).
US Director of Central Intelligence Brennan says, with justice, that the successful attack on his personal email account simply illustrates how universal the risk is.
Several ongoing cyber crimes troll for victims using bogus receipts (a spoofed IKEA receipt is proving a Dridex vector), fax notifications, etc. Criminals also continue using major events (like the World Series) as phishbait. Attractive targets to them are unpatched or seldom-used (and often-overlooked) systems.
In industry news, uptake of cyber insurance has roughly tripled over the last year. Intel buys Saffron as an IoT play, and analysts give good reviews to Cisco's purchase of Lancope.
Cyber information-sharing legislation advances in the US Senate, to predictably mixed reviews, some complaining of new potential for surveillance, others hailing better collaborative defense.