Among the revelations of last week's Google Threat Horizons report is an account of how North Korean operators approached South Korean targets online by posing as Samsung recruiters.
The shadow, quasi-cyberwar between Iran and Israel seems not only to be intensifying, but also, according to the New York Times (which sources its conclusions to anonymous US intelligence sources), entered a phase in which both sides seem willing to hit clearly civilian targets. An attack that disrupted Iranian fuel stations and the doxing of Israeli participants in an LGBTQ online community both represented themselves as the work of hacktivists, but both incidents seem to be the work of fronts run from Jerusalem and Tehran.
Israel's government has restricted the sale of intercept tools (notably NSO Group's Pegasus software) to just thirty-seven countries, down from the previous one-hundred two, Calcalist reports.
Just before the Thanksgiving holiday the US Commerce Department added twenty-eight organizations to its Entity List of sanctioned groups. The countries most directly affected are China (for a range of technologies, including quantum computing with military applications), Pakistan (for ballistic missile proliferation), and Russia (for military R&D).
Tensions between Russia and Ukraine remain high. The US embassy in Kiev last week reiterated warnings to travelers urging them to avoid the Crimea and Ukraine's eastern regions. The AP reported Saturday that Ukrainian President Zelensky said Kiev's intelligence services had uncovered Russian plans for a coup d'état in Ukraine within the week. Cyber operations can be expected to keep pace with the conflict.