Daily briefing.

US jitters about the possibility of Iranian cyberattacks persist. While many of the warnings (and Space Daily has a useful collection) are founded largely on a priori probability, Cyberint reminds all that Iran does have a track record in cyberspace. During heightened periods of tension misdirection is often successful, and Fortune cites experts who caution against jumping to conclusions: false flags are always a possibility, and Russia has flown an Iranian false flag in the past.

Reuters reports that Ukrainian authorities have asked for FBI assistance in investigating the alleged Burisma hack and related matters. The news service also says US President Trump may raise the Burisma affair with Russian President Putin.

A report by the Federal Reserve Bank of New York concludes that a cyber attack on a small number of banks could propagate rapidly through the US financial system through the wholesale payments network. It's not necessarily that the malware itself would spread, but rather the way an attack's effects would be amplified by practices like liquidity hoarding, creating a virtual run-on-the-bank. The Fed glumly calls the study a "pre-mortem analysis," which seems more pessimistic than alternatives like "assessment," "diagnosis," or "prognosis."

US authorities have seized WeLeakInfo's domain as part of an international law enforcement operation against the online souk that dealt in compromised credentials. Two men associated with WeLeakInfo have been arrested, according to Computing and others: one in Northern Ireland, the other in the Netherlands.

Bravo, Bitdefender: the company has released a decryptor for Paradise ransomware.