As Air France sustains cyber vandalism from Algerian mujahedin and Anonymous continues to out ISIS-sympathizing Twitter handles, Recorded Future outlines indicators that ISIS itself may be going beyond its familiar information operations playbook to develop cyber offensive capabilities. But they conclude the evidence is ambiguous at best, probably more consistent with rioting by sympathizers and wannabes than with any centrally directed campaign. (One tip-off: Cyber Caliphate's co-hacking with Lizard Squad.)
Errata Security points to Great Firewall enabler Unicom China as the fons et origo of the GitHub DDoS attack.
IBM Security warns of "Dyre Wolf," an Eastern European criminal gang with a well-tuned and effective multi-vector toolkit that's robbing large and medium-sized US companies with bogus wire transfers. IBM particularly notes Dyre Wolf's social engineering techniques, "unprecedented" in their sophistication.
ICS security mavens at Control Global seek to play their familiar role of reality principle amid industrial control system FUD and its opposite (which we might call CUD: complacency-unawareness-denial). Other reports, after this week's scare in Turkey, delineate threats to power grids and other infrastructure.
Cisco enhances its software-defined-networking capability by acquiring Embrane. Salesforce picks up mobile security shop Toopher, and Check Point closes its long-anticipated acquisition of Lacoon.
The TrueCrypt audit is complete and finds no backdoors, but many worry about the encryption tool's future.
NIST releases a draft of IR 8050, and invites comment on its recommendations for improving consumer data security and privacy.
The just-enacted US cyber sanctions policy draws skepticism on familiar attribution and due-process grounds.