OpIsrael, which Anonymous mounts this time every spring, is scheduled for tomorrow. It's always essentially fizzled, never rising above a nuisance level, and Israeli enterprises appear prepared for it, some intending to treat it as a training opportunity.
Operation Cloudhopper, the cyberespionage campaign BAE and PWC have associated with APT10, has elicited warnings to businesses from authorities in the UK and Sweden, although the threat is not confined to those countries. Cloudhopper compromises its targets via their cloud and managed services providers. This story continues to develop, as Fidelis reports tracking another, related APT10 campaign, which they're calling Operation TradeSecret. This one is specifically pursuing intelligence on developing US trade policy.
A different incident also enabled through a compromised third-party, affected Scottrade. Some 20,000 loan applications were exposed by an IT service provider in the course of uploading them to the cloud.
Kaspersky and Symantec researchers continue to draw attention to North Korea's Lazarus Group. Kaspersky finds increased sophistication on the bank robbers' part; Symantec sees signs of activity in some thirty countries.
RiskIQ this morning released a report on mobile users' problematic relationship with their apps. The average user regularly interacts with about thirty apps, and tends to do so carelessly (with so many apps in use, unselective downloading, clicking suspect ads, password reuse and other problems seem practically inevitable). RiskIQ recommends shifting defenses from consumers to businesses, which may be better equipped to control and mitigate mobile threats.
US Congressional hearings into surveillance and Russian influence operations continue.