Cisco's Talos research unit describes DNSMessenger, an evasive remote-access Trojan that avoids detection by pulling malicious PowerShell commands stored in DNS TXT records. As so often happens, victims were infected by enabling macros in a bad Word document. The Asia-Pacific Network Information Centre's (APNIC) chief scientist calls failure to secure DNS "pathetic" and "savage ignorance."
Luxembourg government services sustained a protracted distributed denial-of-service attack last week. The actors and any motives remain unknown. Before this incident DDoS attacks against the country had largely affected financial trading platforms. DDoS has become effectively a commodity form of attack as resistant to suppression as any endemic form of crime: the stressor services, for example, taken down with HackForum late last year are back and being actively traded on the black market.
In the US, an on-going cyber offensive designed to impede North Korean missile development is revealed. Ordered by President Obama, it seems likely to continue under President Trump.
The Defense Science Board's Task Force on Cyber Deterrence has publicly released its final report. It recommends both denial (reduction of vulnerability) and retaliation (which should be assured, encompassing a range of responses from diplomacy through cyber attack to kinetic strike). It discounts cyber arms control as "not viable" and suggests lines of work that might produce higher confidence in cyberattack attribution.
Over the weekend US President Trump said his predecessor engaged in surveillance of the Trump presidential campaign. The former president's spokespeople retort that any surveillance would have been pursuant to FISA warrants.