US-CERT and others begin work to prevent CrashOverride, the malware ESET and Dragos found behind last December's Ukrainian power grid takedown, from hitting utilities elsewhere. The US Department of Homeland Security's National Cybersecurity and Communications Integration Center (NCCIC) has distributed a set of indicators of compromise to the power industry; they're freely available to any interested parties. The security firms who produced the research attribute the malware to a threat group (Electrum, with ties to Sandworm) and stop short of calling out a nation-state, but Ukrainian authorities have left no doubt that the attacks they sustained were the work of Russian security services.
Criminals are exploiting the Samba vulnerability to mine cryptocurrencies.
In industry news, NSO Group, controversial vendor of Pegasus lawful intercept tools, is for sale, for roughly a billion dollars.
The New York Times credits US cyber operators with successes against both Iran and North Korea but says efforts against ISIS have been less successful. The Caliphate's recruiting and inspiration networks are reconstituted almost as soon as they're taken down, and continue to reach terrorists. This suggests that influence operations are tougher to block than traditional IT or OT hacks.
Authorities are working harder to expunge content held objectionable from the Internet, and in this case at least the judgment is blasphemy, and the penalty is death. A court in Pakistan has handed down a capital sentence for a man, Taimoor Raza, finding that he insulted the Prophet Mohammed in the course of a Facebook debate concerning Islam.