Investigation into the Orlando shooting (which ISIS boasts of having inspired) continues. US authorities are looking into the possible involvement (and the online lives) of the shooter’s father and wife. German authorities are investigating the father’s banking transactions.
US Cyber Command leaders assess ISIS hacking capabilities as rudimentary, but the terrorist group concentrates on information operations. As its territory shrinks, ISIS turns to releasing increasingly indiscriminate by-name kill lists in the hope of inspiring carnage in Dar al Harb—which is to say, essentially everywhere outside of a few regions in Syria and Iraq.
Yesterday the Democratic National Committee and Crowdstrike disclosed that the US political party had been hacked by Russian intelligence services. Crowdstrike identifies the threat actors as “Cozy Bear” (a.k.a. APT 29, probably the FSB, which had been in the DNC’s networks for about a year) and “Fancy Bear” (a.k.a. APT 28, a GRU crew that arrived noisily in April, and blew the gaffe). Emails, chat, and opposition research are reported to have been compromised.
Palo Alto Networks points out that APT 28 (a.k.a. again “Sofacy”) is involved in an ongoing spearphishing campaign against US officials.
More cyber economic espionage by the Chinese government comes to light even as the US and China conduct bilateral talks aimed at achieving a modus vivendi in cyberspace.
Microsoft patched yesterday, as did Verizon and D-Link. Adobe has not yet patched, but promises to do so later this week: it hopes to address a Flash zero-day being exploited in the wild.