ESET attributes Babar espionage malware (and probably its Casper and Bunny cousins) to France DGSE. Its principal targets appear to be (have been?) Syrian.
Bluebox finds preinstalled malware in a Xiaomi Mi 4 smartphone. Signs that the malicious code was inserted by third-party tampering arouse fears of the retail supply chain's security.
Researchers track the evolution of some familiar malware kits and botnets. In some cases these gain functionality, in others, shed capability.
Some 46,000 Twitter accounts seem at least nominally devoted to the cause of the Islamic State. Amid signs of domestic fraying — infighting, local disaffection, murky adherence of Boko Haram — the Caliphate continues to draw foreign fighters seeking authenticity in jihad. Much of its information operations push is directed toward potential Western recruits who seem attracted by ISIS's grotesque and unapologetic propaganda-of-the-deed, the sort of traffic US NSA Director Rogers deplored in a plea to media to stop "feeding" terror groups.
ISIS is also having success inducing various hackers to claim allegiance to the Islamic State as they vandalize Western websites. The choice of targets resembles AnonGhost's long-standing campaign against poorly defended, low-profile networks — attacks recently hit a Montana credit union and a Biloxi, Mississippi, blues-and-barbecue joint — and suggests that ISIS is inspiring script kiddies. The FBI is investigating.
The still-immature cyber insurance market is developing a comprehensive approach to cyber risk. (While it matures, read your policies' fine print.)
A tight cyber labor market gets tighter as the US military increases recruiting (and retention) in the field.