Arbor Networks describes a "multi-pronged" malware campaign targeting sites — most of them belonging to non-governmental organizations — in Southeast Asia. There's no formal attribution of the malware cluster ("Trochilus"), but observers see China as a suspect.
Post mortems on the BlackEnergy/SandWorm cyber attack on Western Ukraine's power grid continue. Observers see the incident as a bellwether, not an outlier, and warn utilities to expect more attacks in 2016.
Increasing sectarian and political tensions between Saudi Arabia and Iran inflame a guttering regional cyber riot in which many expect to see the governments themselves join (if they haven't already).
Proclamations of fealty to ISIS emerge from the Philippines. European governments continue to work toward closer cooperation against extremism and its resultant terror. The US Departments of State and Defense show signs of looking beyond technical approaches to fighting ISIS and toward aggressive counter-messaging. But some think the new style of information operations — even if it gets its messaging right — will soon be entangled with legal and organizational obstacles.
Akamai warns that a malicious search-engine-optimization scheme is using SQL injection to goose search hits.
European data center services provider Interxion discloses a breach in its CRM system that may have exposed sensitive customer information.
The Russian hacker "w0rm" claims to have broken into Citrix.
Trend Micro patches a remote-execution bug. Microsoft ends support for Windows 8 and older versions of IE.
The US House holds hearings this afternoon on the Wassenaar cyber export control regime. Industry fears Wassenaar will criminalize legitimate security research.