Cybereason has released a report on a long-running, extensive (but highly focused) campaign, "Operation Soft Cell," that compromised mobile networks to collect metadata. It appears to be the work of Chinese intelligence services, specifically APT10 (also known as Stone Panda). It's "either APT10 or someone operating just like them," as the Register puts it, to express the attribution with proper caution.
The Washington Post notes that the US did, as promised over the weekend, announce new sanctions against Iran, with President Trump warning Iran not to overestimate American patience or restraint, as both of these have limits. For its part Iran pointed out that it could knock down an American drone any time it decided to do so, and that "the enemy knows it." According to the Wall Street Journal, the new sanctions directly affect senior Iranian leaders. Observers tell the Post that an Iranian cyber campaign, if one continues to develop, will probably resemble Tehran's earlier work: opportunistic and destructive.
Positive Technologies looks at mobile device security and finds that a prospective data thief rarely needs physical access to a phone in order to pull information from it. The root problem, the researchers find, lies in insecure data storage, and the problems with such storage all too often derives from the earliest stages of app development, where design decisions are made without fully thinking through their security implications.
Cloudflare traces yesterday's US Internet outages to a "cascading catastrophic failure" that began with Verizon. Thus, a fumble, not an attack.