The 2015 breaches of Bundestag systems in Berlin are looking more like a Russian operation. An anonymous source within the German security services tells journalists the attacks were "clearly attributable to a Russian military intelligence service." Some observers in Germany think the deep game is destabilization of the European Union, with a playbook taken from hybrid operations against Ukraine.
SentinelOne continues to warn against BlackEnergy3, which at least accompanied, if it didn't actually accomplish, the recent hacks of Ukraine's grid.
BlackEnergy is currently spreading through malicious Microsoft Office files. Another familiar kit, Kasidet, a.k.a. Neutrino, enjoys an unwelcome resurgence, transmitted by compromised Office macros.
The US Congress begins investigating whether the now-patched encryption issues in Juniper products have their source in an NSA-developed algorithm. The US Government is a big Juniper customer, and the gear it bought and uses apparently suffered the same weaknesses as anything sold to other customers.
DDoS attacks may have become the single most common cyber assault on financial services enterprises. Not only banks are affected: the Elder Scrolls online game reported a DDoS episode yesterday.
TalkTalk thinks the breach it sustained in October cost it up to £60 million and more than 100 thousand customers.
In industry news, FireEye acquires Invotas. Bell Aerospace enters the cyber security market with its purchase of Wavefront. Quick Heal prepares for next week's IPO, and Alert Logic gets ready for a 2017 IPO. Norse is still down-and-out.
And a study shows that cyber crime doesn't pay (all that well).