Ransomware is evolving in some interesting directions as its purveyors adopt crimeware best practices. CryptoWall 4.0 is circulating in the wild, and Heimdal notes that the new strain is not only more adept at evading firewalls, but has also taken to encrypting filenames as well as the files themselves. That latter step is thought to increase victims' confusion and susceptibility to the ransom pitch. That pitch is now presented as a "welcome to the CryptoWall community," with an offer of a remedial "software package" replacing the expected ransom demand.
Check Point takes a look at a different strain of ransomware (going by too many names to list) whose contribution to criminal technique is to obviate a need to interact with a command-and-control server to receive encryption keys. Rather, the victim contacts the criminal through a shifting set of email addresses, making it more difficult to run the criminal to ground.
Ars Technica looks at the evolution of CryptoWall and Chimera and sees a boom in the ransomware market.
Banking Trojans are still out there and enjoying success, too: Timba in Russia and the Near Abroad, a variety of opportunistic exploits in Singapore (which has both wealth and a lot of online transactions).
A Forbes piece looks at the IoT and sees a future battlefield. Other policy wonks regard cyber attacks as potential casus belli.
A sell-off in cyber stocks (led by FireEye) prompts analyst speculation about the industry as a whole. (FBRFlash sees the problem as FireEye's, not the sector's.)