A wave of ISIS-connected terror attacks over the past weekend suggests a mix of inspiration and the directed operation of clandestine cells. They appear to represent a shift to out-of-area operations as ISIS-controlled territory shrinks.
Palo Alto reports evidence linking the MNKit exploit generator with three Chinese cyber-espionage campaigns targeting the Russian military, Tibetan communities, and Uyghur minorities.
SBDH malware appears in active espionage campaigns run against targets in five Eastern European countries, one former Soviet Republic and four ex-members of the Warsaw Pact. ESET sees several interesting features in SBDH, among them similarities to tools used in Buhtrap raids on Russian banks and the use of steganography to hide command-and-control features.
OurMine, representing itself as a white-hat security scanning outfit, hacked the Vox Media editor-in-chief’s Twitter feed to promote its services. CSO coldly reports that “most real security professionals see the group as a collective of script kiddies,” and their hacks as fallout from the recent series of credential dumps that exposed recycled passwords.
Heimdal warns that the Adwind remote access Trojan is back, infecting systems without tripping anti-virus warnings.
Two new ransomware strains appear: “Satana” follows Petya’s example and encrypts master boot records as well as files, and “Zepto” seems to have succeeded its hospital-targeting progenitor Locky.
Chinese Internet censorship tightens its grip on social media. Observers foresee continuing increase in Russian cyber offensives.
Investigation of US State Department emails grows warmer: Attorney General Lynch controversially meets with former-President Clinton; the FBI interviews the former Secretary of State.