The Ivano-Frankivsk grid hack remains a matter of intense interest. Investigation indicates that the attackers (described by observers as disciplined and sophisticated) ran a patient campaign to establish persistence in the Ukrainian utility's network and harvest control system credentials used to produce rolling blackouts in late December.
The consensus on the DROWN vulnerability is that the SSL hole is bad enough, but not quite so bad as Heartbleed.
Researchers report that Schneider Electric’s StruxureWare Building Operation software suffers from weak default credentials and a command execution bug that could enable minimally skilled hackers to disrupt building security systems.
The US continues to pursue ISIS in cyberspace, intent on disrupting the Caliphate's communications infrastructure. Effective cyber capabilities are beginning to make their appearance at the tactical level—special operations forces, specifically including the US Navy's SEALs, are taking an increasing interest in social media as vehicles for counter-ISIS information operations.
The ACLU, in an amicus brief filed regarding the FBI's request that Apple assist in giving them access to an iPhone used by a San Bernardino shooter, warns that if the Department of Justice has its way, we can all forget about trusting future software updates. What assurance, they ask, will users have that they're not being pushed another Government OS?
The pay card breach at Wendy's chain restaurants produces significant debit card losses. Credit unions are believed especially affected.
Google has issued a Chrome update.
Skids are now trying to extort Bitcoin payments from the wives of Ashley Madison customers.