Rumors of attribution begin to circulate around the Anthem breach: sources claiming familiarity with the investigation say they see the Chinese government's hand in the attack. It's very early, and attribution of course is notoriously difficult, but if the rumors prove out this wouldn't be the first time an intelligence service has sniffed around the healthcare sector. Mandiant, hired by Anthem to investigate, has said on the record that the attack used "custom backdoors," which would be consistent with a sophisticated attacker.
To be clear, personally identifiable information (PII) appears the object of the attack, not medical records proper or paycard data. PII could be used in either crime (via identity theft) or espionage (for cultivation or compromise of individual targets). If the attackers were indeed ordinary criminals, they'll find PII more lucrative than paycard data.
Some observers (notably CyberPoint's CTO) are struck by the extent to which the breach was foreshadowed by FBI warnings last year. We link to two of them below, and they're particularly instructive in retrospect.
Internet Explorer and Flash zero-days return to the news. Ransomware's tactical evolution proceeds apace: it's now targeting back-ups. Fake WhatsApp spam makes a nuisance of itself, and a WordPress plug-in vulnerability is exploited (and patched).
Hacking campaigns, whatever their sophistication, are showing greater complexity, with denial-of-service and social media exploitation increasingly functioning as preparation and misdirection.
Sony Pictures CEO Pascal resigns, her departure widely believed to be fallout from the Guardians of Peace hack.
Adobe patches Flash. Google updates Chrome.