ISIS claims, online, as usual, responsibility for the Brussels massacres. Also as usual, ISIS welcomes all media coverage even when it execrates jihad. This serves only to inspire their recruits, increasingly drawn from the disaffected and the criminal. They easily organize into small cells whose coordinated actions are sufficiently local to require little more command-and-control than what face-to-face word-of-mouth can provide. European authorities recognize an old lesson in this guerrilla war: intelligence collection outstrips analysis and dissemination.
The US is expected to charge Iranian nationals later today with crimes related to cyber reconnaissance of a Rye, New York, flood control dam. The indictment comes as other concerns about the vulnerability of water and power infrastructures arise. A Verizon report indicates that an unnamed water supply utility was hacked in ways that enabled attackers to manipulate levels of chemicals in potentially dangerous ways. And the continuing investigation into December's Ukraine grid hack reveals more patient preparation on the attackers' part.
The US FBI has added two members of the Assad regime's Syrian Electronic Army to its most-wanted list. Observers think this case shows the convergence of political hacktivism and ordinary organized crime (a convergence also noted with ISIS).
Cisco's Talos group finds privilege escalation vulnerability in the Apple Intel HD3000 Graphics kernel driver. Apple's fixing it.
Consensus among observers is that the alternative method the FBI's come up with to open the San Bernardino jihadist's iPhone involves NAND mirroring. The "third-party" who's helping the Bureau is said to be Cellebrite.
Catch today's CyberWire podcast later this afternoon. We'll hear from the University of Maryland's Ben Yelin, who'll discuss US Constitutional rights to privacy in the cyber domain. (And we'll discuss more of the day's news.)