Equifax is suggesting its data breach was probably the work of Chinese intelligence services. Sources claim to perceive similarities of tactics and approach to the 2016 intrusion into the US Office of Personnel Management. Sources also say a dispute between Equifax and Mandiant (Equifax is said to have thought Mandiant substituted junior personnel for the senior consultants Equifax believed they'd hired) led the credit bureau to discount the security consultants' warnings during a crucial phase of the attack.
TransTeleCom, a Russian telecommunications firm, appears to have established an Internet connection with North Korea. This supplements the DPRK's other Internet connection through China Unicom. The new connectivity increases Pyongyang's bandwidth and resilience, both attack potential and potential attack surface.
ISIS does some virtual whistling past its Raqqa graveyard with online videos displaying captured coalition small arms. More worrisome perhaps is its warning to Muslims (conveyed via Telegram) to avoid public places in infidel lands, as these will be targets of the "soldiers of the Caliphate."
Facebook is expected today to provide the US Congress with evidence concerning 2016 election ads purchased by Russia's Internet Research Agency. Bots have become more visibly active in social media; their tendency has been to exacerbate conflict without much discernible interest in conflict's outcome. US Senator Warner (D-Virginia), vice chair of the Senate Intelligence Committee, thinks social media have now become decidedly weaponized.
A PHP backdoor has been hidden in software that purports to be a WordPress security plugin.
Siemens patches a Ruggedcom improper access vulnerability.