Here's something out of the ordinary: WikiLeaks has posted documents purporting to describe the Russian state surveillance apparatus and some of its operations. This dump has received a very mixed reception: WikiLeaks has looked to many observers like a Russian cat's paw, so why this dump, now? Some read it as a refutation of the Russian connection. Many others see it as dragging a red herring across the path that leads back to Moscow.
Some lessons on how wage information operations come from Ukraine, as Germany continues to look for the signs of Russian activity they've long expected as they prepare for Sunday's elections.
In other news on state-sponsored cyber operations, North Korean cryptocurrency raids draw more attention. Chinese intelligence services are being considered possible suspects in the cyber attacks against Scotland's parliament. And from the company's perch in Mountain View, California, a senior Google executive says they think of the US NSA as a nation-state threat actor.
The compromise of Avast's CCleaner with a backdoor prompts discussion and concerns about software supply chains.
It seems clearer that Equifax was aware of the Apache Struts vulnerability and the patch was available for the bug. The credit bureau is seen by some as finally getting a handle on its messaging, but the breach is drawing more law suits.
In industry news, Mantech has bought InfoZen for $180 million. Threat Stack has raised a $45 million investment. And the US Senate attached an amendment to the Defense Authorization bill banning Kaspersky products.