The hacker who breached mobile forensic tool provider Cellebrite last year has dumped code he (or she or they) claims to have obtained from that company. The proclaimed motive is to demonstrate that such tools, once developed, inevitably find their way into undesirable hands. Cellebrite's main product is the Universal Forensic Extraction Device (UFED), thought to be widely used by British and US police to unlock phones in the course of criminal investigations. The hacker's dump includes tools related to cracking Android, Blackberry, and older iOS devices. Motherboard reports that experts say the code looks like jailbreaking exploits adapted to forensic purposes.
In the US, the Internal Revenue Service (IRS) warns that criminals are combining W-2 tax form theft with business email compromise in fraud campaigns expected to continue through the end of tax season.
Bitdefender and the SANS Institute have analyses of Cisco router vulnerabilities likely to be of particular concern with respect to home networks.
US-CERT warns of a Windows zero-day that could be exploited to bring about the BSOD (that is, the "blue screen of death").
Verizon and Sprint are rolling out Android patches.
Iran continues to find cyber operations an attractive means of striking foreign enemies and exerting domestic control. An Iranian dissident is taking a pirate-radio-inspired approach to pirate podcasting to circumvent censorship.
Mixed signals from the US about Russian hacking. The US Treasury Department is modifying sanctions against the FSB. On the other hand, the US Army is funding a Ukrainian cyber defense center.