Consensus continues to emerge on the coordinated cyber attack against Western Ukraine's electrical utility. SANS thinks (and others concur) that although BlackEnergy malware accompanied the attack, neither BlackEnergy nor its Killdisk module were directly used to cycle the breakers. And US officials offer a tight-jawed warning to expect more attacks on industrial control systems.
Other predictors continue to see more effective cyber warfare out of ISIS, but so far the terrorist group has shown itself more capable of information operations than of cyber operations narrowly conceived. One disturbing capability ISIS has, however, is ability to use the Internet to find journalists and others who don't toe the Caliphate's line.
Anonymous continues to be more active on the pro-cetacean front than the anti-ISIS one. This time the hacktivist collective disrupts Nissan websites in order to protest Japanese whaling.
The Crackas-with-Attitude meddling with US DNI Clapper's telephone account is under investigation. The Crackas seem to have exploited a bug in Verizon FIOS Broadband.
Cisco releases three sets of patches: Wireless LAN Controller software, Identity Services Engine software, and Aironet 1800 Series Access Points. OpenSSH 7.1p2 is also out, with a fix for a flaw that could leak private keys.
Bromium's "Endpoint Exploit Trends Report" for 2015 has just been published.
The Internet-of-things is going to be expensive to secure, analysts think: a dollar a device is one rule-of-thumb. Machine-to-machine traffic also seems poised to take up a big share of roaming connections.
US Wassenaar implementation seems likely to change, toward industry's liking.