According to "officials familiar with the investigation," the US will publicly attribute the 2013 hack of a small dam in Rye, New York, to Iran. The Justice Department is expected to indict Iranian operators next week. Iran has long been the leading suspect. This news, together with legislation pending in the Senate designed to protect the power grid, makes it worth reviewing recent expert presentations on ICS security.
ISIS itself suffers a data breach. A disgruntled jihadist, dismayed by what he saw as an excessive Baathist presence in the Caliphate, stole a USB drive with data on 22,000 ISIS fighters. Sky News and German intelligence services have the information.
ISIS retains its formidable social media presence: estimates of sympathetic Twitter accounts ranging up to 90,000.
Cyber espionage against Tibetans (presumably the work of Chinese security services) adapts its techniques to accommodate changes in the Tibetan community's online behavior.
Zscaler continues to track the Android Marcher Trojan—it's now moved from fake Google Play to (presumably real) adult sites.
Adobe issues an emergency patch for Flash; the vulnerability is being exploited in the wild. Oracle patches Java—a 2013 fix is found to be easily bypassed.
The North American Securities Administrators Association has updated its exams to test cyber knowledge.
The US Congress deliberates what's being called "anti-encryption" legislation.
The US Patriot Act's anti-terrorism surveillance provisions are said to have bled over into other forms of law enforcement.
Apple and the FBI move into the "open hostilities" phase of their case.