Security experts continue to mull the significance of the Triton/Trisis hack, disturbing in that it was designed to manipulate industrial safety systems. Control Global's Unfettered blog has a number of interesting points to make. First, there are some noteworthy similarities to Stuxnet (in apparent goals and approach). Stuxnet happened seven years ago, and Triton still came as a surprise. Second, comingling control and safety systems results in a loss of safety. The plant Triton attacked escaped catastrophic damage because it was saved by its "hard-wired analog safety systems."
North Korea's Lazarus Group again pursues Bitcoin (whose market price continues its fast rise). Some researchers report signs of a similar Russian interest in the cryptocurrency.
Researchers at F5 Networks report a Monero mining campaign, "Zealot," which is exploiting the same Apache Struts vulnerability used to breach Equifax. It's also deploying EternalBlue and EternalSynergy, exploits the Shadow Brokers leaked earlier this year, saying they were taken from NSA.
Cryptocurrency exchange Bitfinex sustained another large distributed denial-of-service campaign yesterday.
A database (MongoDB) of California voters was found exposed online and compromised by attackers late last week. The data appear to have been compiled by some third party, not the State of California, which says its systems and data are secure. California is investigating.
After turning down an offer from Atos last week, Gemalto has agreed to be acquired by Thales for a reported sum of nearly $4.5 billion.
Facebook acknowledges that research indicates Facebook may impair mental health, and so prescribes more Facebook.