Canada's CSEC attributes Babar, Bunny, Casper, Dino, NBot and Tafacalou (Kaspersky calls the Trojans "Animal Farm") to France's DGSE. (Much publicly cited evidence is linguistic or circumstantial, based on presumed DGSE intelligence targets.)
Elsewhere in Canada, a group styling itself the "United Islamic Cyber Force" vandalizes websites belonging to the francophone party Bloc Québécois. (The UICF calls for an invasion of Rome, but this seems more prophetic and aspirational than imminent.) The Bloc Québécois is Provincial but not provincial, larger and better resourced than other recent North American targets of Islamist cyber vandals.
The University of Toronto's Citizenlab accuses the Hacking Team (a well-known Italian cyber firm) of selling its ICS lawful intercept tool to Ethiopia ("the world's first turnkey surveillance state") for use against US-based dissident journalists.
Xiaomi says the M 4 LTE device in which Bluebox found pre-loaded malware was, in fact, a counterfeit (Bluebox concurs). Not only a counterfeit, but "a very good one at that," the device offers an object lesson in supply chain vulnerability.
Trend Micro reports finding a bogus Flash update sniffing home networks for vulnerabilities.
Sophos grumps at BitTorrent for including "foistware" in its uTorrent client.
While waiting for Redmond's Patch Tuesday, admins may consult Apple's latest upgrades.
The Guardian runs a surprisingly sympathetic piece on cybercrime victims giving hackers a dose of their own medicine.
Concerns over cyber labor shortages continue: Cisco estimates there are more than 1M unfilled cyber jobs worldwide.
Analysts wonder how one determines threat intelligence return on investment.