Today is Ukraine's independence day, and fears that the country would be subjected to another wave of cyberattacks haven't so far been realized, despite a scare. The web server of Crystal Finance Millennium, an accounting software firm based in Kyiv, has been found compromised with Purgen ransomware. But the attack seems simply criminal, not state-directed as was the case with NotPetya. Purgen has been in the servers since August 18th, according to Kaspersky Labs, and ISSP's analysis of the malware indicates that it's conventional ransomware.
The US Navy hasn't ruled out cyberattack as having contributed to the collision between a destroyer and a tanker in the Straits of Malacca this week, but that possibility seems increasingly unlikely. The commander of the US 7th Fleet has been relieved (his seniors have "lost confidence" in his leadership of the Fleet).
4iQ reports finding an accidental exposure of high-net-worth individuals' data by various banks.
Mimecast warns of "Ropemaker," a method of altering the content of emails after they've been received. A threat actor could inject malicious content via remote CSS files. (Mimecast hasn't seen Ropemaker used in the wild, yet.)
Microsoft cautions enterprises to be on their guard against "weaponized" virtual machines.
The US Government turns up the volume of warnings that Kaspersky products could be virtual FSB moles. Australia's Government still wants nothing to do, on security grounds, with a Huawei cable serving the Solomon Islands. Both Kaspersky and Huawei protest their innocence.
European countries remain on high alert for jihadist attacks.