In its now familiar Friday ritual, WikiLeaks dumps another set of documents from Vault7. These purport to be a tool kit the US CIA assembled to use against air-gapped systems. "Air-gapped" sounds deeply sinister but the reality is more mundane: "Brutal Kangaroo" used USB drives to get into its targets. Still, a timely reminder—don't stick thumb drives into your devices unless you know where they've been.
A very large database of some 800 million email credentials offered for sale in dark web souks since October is traced to Russian criminals. It's not only for sale, but on sale: the Times says it can be had for as little as £2. Many British accounts are on the block.
Post mortems of the Deep Root Analytics voter data exposure see poor configuration of an Amazon S3 bucket as a sufficient explanation of the incident.
After vanishing for a time, Locky ransomware is back. This type of attack continues to exact a financial cost—a South Korean web hosting firm paid the Erebus threat actors about $1 million to recover their data—but it can also serve other purposes. The WannaCry furor, for example, appears to have served as misdirection for a data-theft campaign.
The Final Fantasy online game service sustains a distributed denial-of-service attack from an unknown party.
Reuters reports that US firms are complying with Russian government requirements that they share their source code as a condition of doing business.
Symantec patches three remote-code-execution flaws in its Messaging Gateway platform.