Things are tense in the Korean peninsula, but not that tense. US Forces Korea says that the text and social media messages that yesterday appeared to be a Noncombatant Evacuation Order telling US civilians to leave South Korea at once was a hoax. Responsibility has not been determined. It could be a state-actor (with Pyongyang the obvious suspect) but a freelancing skid doing for the sick lulz is just as likely.
The breach of the US Securities and Exchange Commission's EDGAR system has spooked investors and legislators alike. It's being called a blow to confidence in the US financial system; how serious a blow remains to be seen.
It now seems that whoever hit Equifax spent several months carefully establishing their presence in its systems. And, with the Equifax breach, closer scrutiny of its competitors will turn up issues there as well: Experian's site allows anyone to request your credit freeze PIN.
ESET warns that ongoing campaigns distributing FinFisher spyware have features suggesting some Internet service providers may have been compromised to distribute the lawful intercept product to its targets.
Investigation into the supply chain's insinuation of a backdoor into Avast's CCleaner security product moves toward the conclusion that the effort was more closely targeted than initially believed. Cisco thinks the hackers were after a relatively small number of large companies: Intel, Microsoft, Linksys, Dlink, Google, Samsung, Cisco, O2, Vodafone, and Gauselmann.
GCHQ warns that bigger attacks than WannaCry are coming, particularly if Britain doesn't get its security act together.