ISIS sympathizers from Algeria vandalize University of Toronto websites to proclaim their love for jihad.
A new report from the American Enterprise Institute and Norse outlines Iranian offensive cyber operations, ambitions, and capabilities. They discern signs of close interest in the North American power grid. (Compare to Cylance's earlier report on Operation Cleaver, which noted Iranian interest in airport security.)
Airliner security remains in the news as Boeing and others dispute the recent US Government Accountability Office's warning that networked flight decks are vulnerable to hacking. (Via several vectors, but passenger Wi-Fi attract the most attention. It also draws law enforcement attention, as One World Labs' Roberts attracts the FBI's basilisk eye after some perhaps too-frisky tweeting on a Denver-to-Syracuse run. It's striking how much is observed.)
Wikileaks publishes Sony emails (accompanied by some high-minded rumination about corporate political influence).
The Pawn Storm cyber espionage campaign is still active. So is banking malware Neverquest (a.k.a. Vawtrak): now more evasive. And gamers should remain alert for Teslacrypt ransomware.
Cisco patches an exploitable vulnerability in ASR 9000 Series Aggregation Services Routers. Sophos calls Microsoft's patch MS15-034 a "must-fix."
US SecDef Carter woos Silicon Valley.
Dark Reading calls out the "seven deadly sins" users commit that expose enterprises to hacking. They don't interpret them in terms of the traditional Seven Capital Vices, so we'll do that for you: users are guilty of, in order, sloth, avarice, and (a distant third) pride. Lust, envy, gluttony, and wrath not so much (at least in cyberspace).