Researchers at Lookout describe two extensive Pakistani cyber espionage campaigns: Stealth Mango (which targets Android devices) and Tangelo (which works against iOS). The targets were diplomatic, military, and governmental personnel in India, the UAE, and Afghanistan, with strong interest shown in collecting against Pakistani dissidents as well. Some Australian, US, and German officials were apparently swept up in the campaigns as well. The campaigns, thought to be run by Pakistan's military, used convincing spoof sites in conjunction with phishing to net the victims.
A Vietnamese state-directed group has compromised Cambodia's Phnom Penh Post website to infect Vietnamese dissidents with spyware.
Attackers are using UPnP protocol in harder-to-track DDoS attacks.
The US Department of Homeland Security has released its long-anticipated strategy. The plan has these major goals: better risk identification, improved reduction of both threats and vulnerabilities, better attack mitigation, reduce threats and vulnerabilities, mitigate the consequences of cyberattacks, develop infrastructure resilience, and improve management of the Department's cyber portfolio.
Cambridge Analytica and Facebook data scandal whistleblower Christopher Wylie is testifying before the US Senate Judiciary Committee today. He tweeted yesterday that Cambridge Analytica was "the canary in the coal mine," and that he hopes Facebook and others will be held accountable to users.
Joshua Schulte, a former CIA employee whom US Federal prosecutors suspect in the Vault 7 disclosure of CIA hacking tools to WikiLeaks, is being held in Manhattan on unrelated charges. There's apparently insufficient evidence to charge him in the Vault 7 case, but he remains under investigation.