Iran's Internet crackdown continues. It's not just the blocking and censorship of the filternet, but online control extends to active surveillance and offensive cyber operations against Iranian citizens.
Turla, which has never really gone away, is back with more sophisticated and elusive exploits against consular and ambassadorial targets. The cyber espionage group, one of the organs of Russian intelligence, is active for the most part against the Near Abroad: former Soviet Republics. It has appeared, however, in operations against more far-flung targets. Turla has been recently observed using a Flash installer to infect targets. The downloads appear to come from legitimate sites.
The US has accused Russia of undertaking a large information campaign aimed at influencing Mexico's 2018 national elections.
The still-unattributed cyber offensive targeting South Korean companies during the run-up to the Pyeongchang Winter Olympics appears to depend upon effective timing and compelling phishbait, that is, on good social engineering as opposed to technically sweet hacking.
A new mobile banking Trojan, FakeBank, has appeared in Russia. The criminals behind it are afflicting customers of Sberbank, Letobank, and VTB24. FakeBank is distinguished by its sophisticated use of multiple layers of obfuscation.
Patch Tuesday saw Microsoft fix fifty-six security issues. Redmond addressed not only Spectre and Meltdown, but also a zero-day in the Office Equation Editor.
If you're thinking of downloading a flashlight app for your Android phone, don't. Too many of them are malicious, and it's not worth the risk. Get a cheap LED light for your (physical) keychain instead.