Proofpoint finds an active cyber espionage campaign targeting Indian diplomatic and military personnel. "Transparent Tribe," as they're calling it, seems most active against Indian missions to Saudi Arabia and Kazakhstan. Several Pakistani IP addresses are said to be involved in the campaign, which uses a mix of phishing and water hole attacks to distribute the MSIL/Crimson remote access Trojan.
Observers continue to look for the causation, if any, behind BlackEnergy's correlation with December's Ukrainian grid hack.
Trend Micro finds Pawn Storm infesting government and media targets in Turkey. They offer no attribution, but they do avert to ongoing tensions between Turkey and Russia, Pawn Storm's circumstantial connection with various Russian actors, and the current infestation's localization to sites involved with criticism of Russian intervention in Syria.
The legitimate BitTorrent application Transmission has become enmeshed in what's being called the first ransomware campaign directed against Mac users. Palo Alto Networks reported the KeRanger attacks to Apple last week, and Apple has taken steps to interdict the ransomware.
The US and South Korea increase cooperation against North Korean threats, kinetic and cyber.
Observers mull the impact of last week's open avowal, by the US, of its possession of (and intent to use, against ISIS) offensive cyber weapons.
Apple draws more industry support in its dispute with the US FBI over unlocking the San Bernardino jihadist's iPhone.
And ave atque vale, Ray Tomlinson, "godfather of email," who passed away late last week. Our thanks to him; our condolences to his family and friends.