Refund fraud as a service. Costs of a nuisance. Remaining on alert during a hybrid war. Renewed activity by Polonium. Andrea Little Limbago from Interos discussing quantum computing policy. CyberWire Space Correspondent Maria Varmazis speaks with Dr. Gregory Falco on lessons learned from Russia’s attack on Viasat. Reflections on the Uber case's impact on security professionals. And when it comes to phishing-as-a-service, we’ll take decaf.

For links to all of today's stories check out our CyberWire daily news briefing:
https://thecyberwire.com/newsletters/daily-briefing/11/196

Selected reading.
The Fresh Phish Market: Behind the Scenes of the Caffeine Phishing-as-a-Service Platform (Mandiant) 
Caffeine phishing. (CyberWire)
Refund Fraud as a Service (Netacea)
Amid reports of JP Morgan cyberattack, experts call Killnet unsophisticated, ‘media hungry’ (SC Media)
Hacktivists Force Companies to Respond to Low-Level Cyberattacks (Wall Street Journal) 
Nato warns Russian sabotage on Western targets 'could trigger Article 5' (The Telegraph)
US Not Ruling Out Russian Cyber Offensive (VOA)
Ukraine at D+230: Escalation, but unlikely to be sustainable. (CyberWire)
POLONIUM targets Israel with Creepy malware (WeLiveSecurity)
Hacking group POLONIUM uses ‘Creepy’ malware against Israel (BleepingComputer)
Security chiefs fear ‘CISO scapegoating’ following Uber-Sullivan verdict (The Record)
Sullivan verdict sends shockwaves through the security industry (Security Info Watch)
Reflections on the Uber case's impact on security. (CyberWire)