Adobe patched Flash Player late yesterday. The ScarCruft APT group is exploiting the zero-day the patch addresses.
The Russian government denies any involvement in the DNC hack. Guccifer 2.0 releases by-name and by-amount donor information, seeking thereby to give the lie to DNC chair Wasserman Shultz’s assurances that no financial data were lost.
CrowdStrike stands by its attribution of the hack to Russian intelligence services, and suggests that Guccifer 2.0 may be a disinforming catphish. Ars Technica and others point out circumstantial evidence that the hacker was Russian-speaking: the use of “)))” (a characteristically Russian form of a smiley emoji), Cyrillic text noting broken links (suggesting doxed pdfs were converted on a Russian-language machine), and the editor’s screen name “Феликс Эдмундович,” in document metadata—an allusion to Felix Edmundovich Dzerzhinsky, “Iron Felix,” Lenin’s Che Guevara.
From the realm of a priori speculation, Edward Snowden thinks the DNC hack shows someone’s demonstrating the ability to manipulate elections. Donald Trump says it’s possible the DNC may have hacked itself (few seem persuaded, so far).
The FBI cautions that it’s found no link between Orlando shooter Mateen and ISIS, by which they mean no command-and-control, since Mateen said plenty online about fealty to ISIS. A study of ISIS sympathizers on Twitter reports predictable social-media behavior prior to attacks, and suggests it’s possible to identify and track ad hoc web groups, “aggregates,” as opposed to individuals.
GitHub has sustained, and is recovering from, a password-guessing attack.
FireEye still isn’t for sale. Neither is Tanium.
A note to our readers: next Wednesday the CyberWire will be down in Laurel, Maryland, covering Cyber 7.0. Watch for our usual live-tweeting and special report on the proceedings.