Volexity is tracking a Vietnamese threat group the company says is running an ongoing cyberespionage campaign against ASEAN neighbors. The researchers are coy about attribution, but they identify the group with APT32, a.k.a. OceanLotus, which FireEye described in May. APT32 is currently engaged in surveillance of ASEAN meetings convened in Manila.
Symantec finds espionage group "Sowbug," known since 2015, still quietly active with its Felismus malware. Sowbug's targets have principally been in Latin America, but it's recently expanded its interests to include Asia. It looks like nation-state sponsored activity with an interest in diplomatic intelligence, but which nation might be running Sowbug is unknown.
Appleby, the Bermuda off-shore specialist law firm, says it was hacked, and it wasn't an inside job: some outsider stole and leaked the Paradise Papers.
McAfee notes that Fancy Bear (Russia's GRU), after having phished CyCon with little evident success, continues to tune its activities. It's seeking to take advantage of a recently demonstrated Microsoft Office vulnerability (the Dynamic Data Exchange can be exploited to install malware) and it's baiting its phish hooks with fears surrounding the recent terror attack in New York City.
Misconfigured AWS S3 buckets continue to make trouble (Accenture recently narrowly escaped what observers believe might have been a significant breach). Amazon is trying to give its AWS customers easier ways of avoiding missteps in the cloud.
Shipping giant Maersk estimates its losses to NotPetya at something north of $300 million.
The New York Times says Avast is preparing for an IPO.