Trend Micro's report on Arid Viper seems to have pushed some Arabic hacktivists-cum-mercenaries into social media occultation, but their command-and-control servers are still up and active.
Increasingly firm evidence surfaces that Komodia's traffic interception engine from (used by Superfish, among others) is being exploited in man-in-the-middle attacks.
Figures on the scope of the Anthem breach are out, with some good and bad news (more bad than good): 78.8M people's records were compromised (down 1.2M, so good) but somewhere between 8.8M and 18M people who aren't Anthem customers may have been affected (and that, of course, is bad).
Joomla redirect denial-of-service attacks continue. Another campaign, evidently staged from China, exploits a remote-code-execution vulnerability in Rejetto HTTP File Server to distribute the DDoS tool IptabLex.
Phishing spam is distributing links that, when clicked reset default router passwords to enable harvesting of sensitive data, including banking credentials.
US Director of National Intelligence Clapper testifies before Congress and offers some pointed criticism of state opponents in cyberspace. He singles out Russia, China, Iran, and North Korea as unregenerate bad actors (and attributes last year's attack on Las Vegas' Sands Corporation to Iran). Russian capabilities and intentions, he says, are particularly disturbing.
Corporations increasingly turn to cyber attack and response drills to train security teams (see Symantec) and concentrate on building timely response capabilities (see Northrop Grumman).
Drexel University researchers claim they've successfully "fingerprinted" malware coders — think linguistic analysis.
Reactions to the US Administration's new CTIIC continue to roll in. The US FCC passes net neutrality (and arouse Congressional attention).