Kurdish hackers take the Turkish government to task for its alleged support of ISIS.
Government services — notably in China, Russia, North Korea, and Iran, but elsewhere as well, as such activity establishes new international norms — are expected to continue to expand espionage and sabotage in cyberspace.
KrebsOnSecurity looks at the Anthem breach and suggests it may have started as early as April of 2014, far earlier than Anthem's announced December attack date. Anthem says the compromise may be traceable to successful phishing of a few employees. Investigators continue to speculate about possible Chinese government responsibility for the breach, but remember the notorious difficulty of attribution. (Read Tenable's blog for a refresher course in healthy skepticism. Attribution's difficulty seems to motivate the US White House's formation of its new Cyber Threat Intelligence Integration Center.)
State insurance commissioners are calling for a multi-state investigation of Anthem's security. Other regulators (like the Federal Financial Institutions Examination Council and New York's Department of Financial Services) clarify guidance for the sectors they oversee.
Ransomware remains of concern, with Critroni affecting French businesses and CryptoWall appearing in a new, stripped-down variant.
Dr. Web reports on a multi-purpose Linux backdoor Trojan. PlugX retains its popularity as a tool for targeted attacks.
Today is Patch Tuesday: non-premium customers should know shortly what Microsoft intends to fix.
The public and private sectors seem in a surly, reactive mood, as op-eds variously call for cyber-law-west-of-the-Pecos or Citizens' Vigilance Committees (or at least a more active corporate approach to cyber crime).