Every Sunday evening, the CyberWire takes a look back in the Week that Was, a narrative summary of the past seven days' significant cyber security news. Designed for busy professionals who need a week-to-week perspective on developments and trends, the Week that Was provides context for the breaking stories of the day. Every issue is organized topically, with inline links to sources the reader can follow for amplified detail. Like the Daily News Briefing, the Week that Was is delivered to subscribers by email, free and spam-free. If you already subscribe to the CyberWire Daily News Briefing you'll automatically receive the Week that Was (a sixth issue joining the five you already receive each week). If you aren't a Daily News Briefing subscriber but would like to sign up for just the Week that Was, you can do so here.
ISIS claims responsibility for two atrocities—a murder and hostage standoff in Melbourne, and a double suicide bombing in Tehran. Both are being exploited online for their presumed inspirational value. The Tehran murders are not as anomalous as some would think: Shi'ite Muslims are little better than Crusaders in ISIS's Salafist demonology.
Similar intra-Muslim conflict may be playing out in current tensions between Qatar and its Arab neighbors. Those neighbors, especially Saudi Arabia, have long seen Iran as a dangerous rival in the region. CNN reports that Russian threat actors were behind the hack of Qatar's QNS with hoaxed pro-Iran and pro-Israel news that provoked the diplomatic rift.
The Turla threat actors are back, working through a backdoored Firefox extension that checks Instagram for command-and-control. Platforms other than Instagram are also being used, but Turla shows a preference for Britney Spears Instagram emissions.
The EternalBlue exploits behind WannaCry and some other recent problems are appearing in attempts against aerospace and defense industry targets; they're reported to have been ported to Windows 10, which lends additional urgency to patching.
4iq found seventy-seven-million individuals' records exposed in a breach of Edmodo educational technology. And Kromtech researchers found an exposed US database of ten-million cars (and their owners).
Investigation of the recently charged NSA leaker continues. As far as the leaked reports themselves go, former US Homeland Security Secretary Johnson says he knows nothing of them.
A 14-year-old boy in Japan was arrested for creating and distributing ransomware. His motive? "To become famous."
Today's issue includes events affecting Australia, Bahrain, Canada, Egypt, European Union, France, Iran, Italy, Japan, Philippines, Qatar, Russia, Saudi Arabia, Ukraine, United Arab Emirates, United Kingdom, United States and Yemen
In today's podcast, we hear from our partners at the Johns Hopkins University, as Joe Carrigan describes how you can crack PINs using a mobile device's accelerometer. Our guest is Eliana Schwartz, who gives us a preview of CyberTech Fairfax.
And Recorded Future's latest podcast, From Russia with Lulz, produced in partnership with the CyberWire, is still up, наши друзья. Enjoy.