The Islamic State's recent setbacks on the ground have cost ISIS territory and much of its pretension to being a government even as Interpol circulates a list of 173 suspected members of Caliphate suicide units. ISIS has maintained its Russian-language propaganda service, but other operations in cyberspace are showing signs of strain.
WannaCry and NotPetya continue to look like state-sponsored works of disruption. Companies affected by the campaigns are still working on recovery and damage assessment. Maersk and other victims emphasize one point: customer data do not appear to have been compromised in the attacks.
Both WannaCry and NotPetya propagated rapidly; comparable spreader technology is appearing in other strains as well. Fidelis has been tracking spreader functionality as it's been added to the widely used Emotet loader.
Malwarebytes and Synack are tracking Mac malware that's quietly infested the Mac ecosystem for years, going largely undetected. "Fruitfly," as it's called, is regarded as both primitive and mysterious. It's infection mechanism and purpose both remain unclear.
In industry news, healthcare cybersecurity startup Protenus has received an additional $3 million in funding, bringing its Series A total to $7 million. Nyotron, which offers a threat-agnostic defensive solution designed to be effective against unknown threats, has raised $21 million in its recent funding round.
South Korea's Defense and Foreign Ministries are reorganizing and upgrading cyber defenses. Saudi Arabia is also shaking up its counterterror and domestic intelligence services.
Microsoft wages lawfare against Russia's GRU, using IP law to seize domain names from Fancy Bear.