Concerns about nation-state hacking rise. Observers see signs of increased use of criminal gangs in state-directed, coordinated, or inspired operations. The activities of the Lazarus Group may provide a particularly interesting example: whoever may be directing them, their crimes do seem to chime with the interests of one or two states (and the Internet is looking at you, Russia and North Korea).
FireEye's Kevin Mandia counsels everyone not to expect any markedly reformed behavior from the Russian government. Observers continue to mull Microsoft's call for international norms that would govern conflict in cyberspace: they might bear comparison with those implied by the new edition of the Talinn Manual.
Cyber4Sight has an interesting account of the malware used in the watering hole attacks on Polish banks and other financial institutions.
Journalists and activists interested in Gulf-region migrant worker issues appear, according to Bleeping Computer, to be receiving the ministrations of an as-yet unattributed cyber espionage campaign. that campaign seems to feature catphishing.
Ransomware continues its predictable evolotion. Observers note that the extortionists' preferred target sets are becoming better-defined. They're focusing their attentions on what are being called "high-value" targets, but these would be better characterized as high-payoff targets, those most likely to pay: governments, healthcare, and small businesses.
In industry news, (more accurately, industry rumor) Google is thought to be shopping for Indian cybersecurity companies.
Former NSA contractor Hal Martin has pled not guilty to charges he purloined highly classified information. The probable lines of his defense have yet to emerge.