Iran says that a recent series of fires at its petrochemical facilities were not the result of a cyberattack. Official sources report that such facilities had sustained attempted attacks, but those attempts were unsuccessful and unrelated to the fires.
Observers react to reports by Citizen Lab and Lookout of iOS zero-days (since patched by Apple) actively exploited by surveillance tools provided by NSO Group. Some take this as another reason to forego hoarding zero-days, reinforcing conclusions already being drawn on the strength of the Shadow Brokers' leaks.
The Shadow Brokers incident is regarded by many as an escalation of US-Russian conflict to levels not seen since the Cold War. Concerns for upcoming US elections—vulnerable to both information operations and direct manipulation of electoral returns, many fear—prompt some (not universally welcomed by the states) gestures toward infrastructure protection from the US Department of Homeland Security.
Security firm MedSec Holdings makes unusual and controversial use of its vulnerability research: it reported pacemaker bugs not to manufacturer St. Jude, but to Muddy Waters Capital, a hedge fund that shorted St. Jude stock, then announced the vulnerabilities. MedSec is reported to be sharing profits from the short selling. Thus shorting stock now seems an alternative to bug bounties?
FireEye reports that a new variant of RIPPER malware was used recently to skim money from ATMs in Thailand.
Reculer pour mieux sauter: the US again rethinks its social media information operations against ISIS, apparently hoping to enlist third-parties in preference to direct messaging.