German new outlets are reporting that a number of senior politicians and their staffs have come under cyber attack, apparently by Russian actors. The Bundestag sustained compromised last year; the current round extends to political party organizations in the country's Länder. It appears the attackers initial approach was through a long series of phishing emails purporting to originate in NATO. The timing of the attacks suggests an interest in elections, and Süddeutsche Zeitung significantly juxtaposes the story with its coverage of election-related hacking in the US.
Anonymous, unhappy with the treatment offered for ADHD in Italy, focuses its attention on four healthcare sites. The action involves both website defacements and release of stolen data.
The vulnerability Cisco found in the course of its investigation of the Shadow Group exploits is being used by attackers in the wild. Patches and mitigations are expected soon.
More ransomware enters circulation, some unsophisticated (DetoxCrypto is distributed in a poorly crafted imitation of Malwarebytes communication; other strains are being carried by bogus FedEx failed delivery notices) but some sophisticated indeed, and dangerous—Mamba, also known as HDDCryptor, is unusually dangerous. Mamba locks hard drives, encrypts files in mounted drives and network shares, and overwrites master boot records.
The RIG exploit kit has taken Angler's place, and is now distributing CrypMIC ransomware.
Academic institutions appear to have taken over first place from healthcare institutions as the principal target of ransomware.
Chinese researchers demonstrate proof-of-concept hacks of Tesla cars. They disclosed them privately; Tesla has already patched.