ClearSky reports an ongoing Iranian cyber campaign, "Thamar Reservoir," against Israeli targets. The company says the campaign has been in progress since 2014.
Bruce Schneier, writing in Wired, criticizes the Sunday Times' reporting on Russian and Chinese access to Snowden-leaked documents, but he's nonetheless convinced that those two countries' services indeed have and are reading the files. (But he thinks this was neither Snowden's fault nor intent.)
The Bundestag has also been hit with a banking Trojan.
Investigation of Duqu 2.0 continues. Kaspersky notes that the malware's persistence module is subtler than most, and makes it less easy to remove than one might suspect.
Bit4ld's Paganini says he's found data stolen from the US Office of Personnel Management (OPM) for sale on the dark web. Krebs offers a timeline of the OPM hack, as OPM and CyTech Services squabble over who first detected the breach. Department of Homeland Security investigators working on the case say they're having a hard time unraveling it because "these events happened months ago" and much of the forensic evidence (including logs) "no longer exists." Some Government sources tell ABC News on background that the attackers may have worked their way in by compromising a contractor, KeyPoint Government Solutions.
In any case, President Obama tells the Executive Branch to get its basic cyber hygiene in order "without delay." He's also considering sanctioning China (with customary Congressional help and commentary).
Password manager LastPast is compromised; users are given remediation steps.
Researchers describe various newly evasive threats.
A sad note to our readers: KEYW founder and recently retired CEO Len Moodispaw has passed away. Our condolences to his family above all, and then to all of our colleagues at KEYW.