Every cryptographer who's been telling people to abandon SHA-1 can feel vindicated this week: Google announced the first successful collision attack against the algorithm.
TruSTAR looks at additional information on Grizzly Steppe the US Department of Homeland Security has released. They've found that its operators (by consensus Russian intelligence services) have much in common with the Carbanak gang, including not only code, but also command-and-control infrastructure. This isn't to say that the Russian government wasn't behind the Grizzly Steppe operations (see NSA Director Rogers's recent comments on this attribution) but it does suggest again the complexity of attribution. The Russian organs have long made effective use of criminal organizations, and this week Moscow revealed that its investment in cyber warfare and information operations has been larger than many defense intellectuals suspected.
Iran continues to probe Saudi targets in what is both a regional and an intra-Islamic competition. Cylance has an account of Disttrack, the destructive malware generally believed to be an Iranian product. Disttrack is more commonly known by its older name, Shamoon.
Bitfinex, a major Bitcoin exchange, was hit earlier this week by a significant denial-of-service attack. The disruption occured as Bitcoin's value was reaching new highs.
Yesterday, according to Reuters, parties familiar with the negotiations confirmed that about six months ago Symantec had been in preliminary talks to acquire FireEye. Those negotiations came to nothing; this particular acquisition is now said to be off the table.
A British subject has been arrested for last year's Deutsche Telekom hack.