Symantec reports on increased Iranian action (by attack groups "Cadelle" and "Chafer") against internal dissidents and foreign regional organizations. Airlines and telcos figure prominently among the foreign targets. (Note that regional airlines were targets of last year's "Operation Cleaver.") Symantec gives the hackers relatively low technical marks, but says they may nonetheless have accumulated a lot of sensitive information.
Observers see ISIS/Daesh information operations as heavily invested in various prophesies, and that Daesh response to Western counteroffensives (and statements of intent like US President Obama's recent speech). Many argue that Daesh actions, whether cyber or kinetic, can only be understood within prophetic context.
Anonymous still plans to troll ISIS this Friday.
Palo Alto describes "BackStab," which compromises iOS mobile backup files stored on a user's non-mobile device.
Windows systems also come in for criminal attention. The "Nemesis" bootkit, which FireEye attributes to FIN1, "a financially motivated threat group" (read, criminal gang), targets payment processing. Nemesis is a complex, difficult-to-detect platform that supports a wide range of actions against target systems.
TeslaCrypt expands its set of victims. Ransomware and other forms of cyber extortion are expected to continue trending upward. Two US Senators, Johnson (Republican-Wisconsin) and Carper (Democrat-Delaware) ask the Department of Homeland Security what it's doing about the problem.
Cyber stocks appear to be rebounding from yesterday's sell-off.
Europe enacts a data-breach reporting law. In the US, President Obama weighs in on encryption: he wants tech companies to '"make it harder for terrorists to use technology to escape from justice."