The New York Times has an account of how cooperation between law enforcement agencies (notably the FBI) and US and UK military forces have enabled the arrest—or, in many cases, the battlefield killing—of ISIS social media operators. In a separate action, French security services have rolled up an alleged ISIS terror ring.
There's no word yet on how last week's denial-of-service attack on the European Commission was accomplished. Radio Free Europe/Radio Liberty notes that the attack coincided with a meeting in Brussels between Ukraine's president and EU officials.
Two hoods using the noms-de-hack "Popopret" and "BestBuy" (the latter unconnected with the electronics retailer) are leasing a Mirai botnet said to contain 400,000 devices. They offer a variety of rental levels, of which this come-on provides a representative sample: "price for 50,000 bots with attack duration of 3600 secs (1 hour) and 5-10 minute cooldown time is approx 3-4k per 2 weeks." Popopret and BestBuy are thought to have been responsible for the GovRAT Trojan which InfoArmor identified in November 2015.
In other DDoS news, router vulnerabilities have been exploited to disrupt service to some 400,000 Eir webmail users in Ireland.
KrebsOnSecurity offers another glimpse into the criminal underground with sales videos for ATM inset card skimmers.
Over the weekend San Francisco's Muni public transportation system was hit with HDDCryptor ransomware. The ask is a relatively low 100 Bitcoin, but until the attack on scheduling and payment systems is remediated, the Muni decided to let people ride for free.