

Operation Poisoned Helmand - sajal83
http://www.threatconnect.com/news/operation-poisoned-helmand/

======
lifeisstillgood
It looks interesting (We found a compromised CDn used by afghan government
sites that delivers malicious code - it's is suspiciously like others we
vaguely linked to China)

But, where is the cert number or other, peer reviewed verification. There is a
lot of leaping to conclusions here (I really don't get the "time stamp on
compromised file is same as on a photo of Chinese diplomat." Unless the attack
originated from a journalists machine this seems trivial coincidence)

It is, without deeper knowledge of the area, a I am sure well researched but
suspiciously biased article.

