ThyssenKrupp discloses that it lost steel production intellectual property to a cyberattack early this year. German authorities have the matter under investigation (and have for some time).
A recent distributed denial-of-service attack, "Sledgehammer," originated in Turkey and affected organizations the attackers regarded as unsympathetic to Turkish government policy, among them German and Turkish political parties as well as organizations devoted to memorializing the Armenian genocide and promoting Kurdish autonomy. The campaign is unusual, Forcepoint says, in its gamification of DDoS. Play with caution if play you must—the prize may backdoor the player.
Talos and Flashpoint report that Floki Bot, essentially an evolved Zeus Trojan, is for sale in dark web souks. It poses a threat to point-of-sale systems as well as banks and insurance companies.
RiskIQ warns of subdomain infringement risks.
Dridex is back, and circulating among Scottish banking systems.
US Congressional Democrats and others continue to advocate bipartisan investigation of Russian attempts to interfere with recent US elections.
The destructive cyberattack on Saudi systems, widely attributed to Iran as a second round of Shamoon, is said by a Middle East Eye op-ed to look like a false flag operation. Maybe—the possibility can't be ruled out a priori—but apparent action against interest wouldn't be a first either, as Iranian policy has sometimes followed a complex internal logic that appears strategically incoherent to Western eyes.
National Health Service facilities in the UK have come under cyberattack recently. Perhaps unsurprisingly, 90% of NHS Trusts are still using Windows XP.