Recorded Future finds a "Russian-speaking hacker" who may have compromised the US Election Assistance Commission. "Rasputin," as they're calling him, is selling access to the Commission. The Election Assistance Commission is a small independent Federal agency charged with supporting the conduct of elections in the States through a variety of largely voluntary services. The hack seems more embarrassing than dangerous, and does not appear to threaten any significant danger of vote fraud or manipulation.
The US continues investigating Russian influence operations during the recently concluded elections. Officials murmur about President Putin's direct involvement, President Obama promises unspecified retaliation, and the White House grouses that media who reported leaked DNS emails effectively became an "arm of Russian intelligence." British and European officials worry about similar Russian meddling in their own elections. The prospect of what ThreatConnect calls "Faketivism"—false flags and covert information operations—is particularly troubling to them.
The magnitude of the Yahoo! breach continues to sink in, and security industry observers express displeasure over weak crypto practices and slow breach disclosure. The company's stock price declines as investors lose confidence that Verizon's acquisition of Yahoo!'s core assets will go through.
Proofpoint warns that the DNSChanger exploit kit, distributed by malvertising, is now hitting routers.
Netskope discovers new variants of Locky ransomware circulating in the wild. There's some compensating good news: the public-private partnership No More Ransom adds new partners and expanded free services for ransomware victims.
India worries that the "Legion" hacks may amount to more than a nuisance.