The director of Norway's E-tjenesten intelligence service flags both Russia and China as cyber espionage threats. He also explicitly charged Chinese actors with theft of intellectual property from Norwegian firms.
Nominal ISIS supporters continue their practice of hitting small targets of opportunity, this time a small manufacturer of solar panels in England. The "Caliphate Cyber Army" defaced the website of Solar UK at the end of January.
The ransomware infestation of German hospitals has spread beyond the initially reported attack on Lukaskrankenhaus in Neuss. Two other medical centers in Nordrhein-Westfalen, Klinikum Arnsberg and a second unnamed facility have also been affected. Klinikum Arnsberg says that patient care was not interrupted. Police are investigating.
Trustwave researchers say they've found the Angler exploit kit on Extendoffice[dot]com. Angler, of course, disseminates TeslaCrypt ransomware.
TrendLabs reports that FighterPOS, a strain of point-of-sale malware active largely in Brazil, has acquired worm-like capabilities that enhance its ability to spread. FighterPOS steals payment card details, and a Brazilian site is offering validation services on the black market to assist criminals with monetization of stolen cards. Validated cards fetch a premium price.
Snapchat has apparently sustained a successful phishing attack and exposure of employee data.
In the US, the Internal Revenue Service revises upward—by some 390,000—the number of taxpayers whose information was stolen from weakly secured IRS sites.
Palo Alto Networks strong results released late last week buoyed the company's shares and had a broader effect on the markets: Fortinet and Check also enjoyed a lift.