A claim by blackhat showboat CyberZeist to have compromised a US FBI website and dumped credentials on Pastebin looks bogus. The Register reports that the security team at Plone, which produces the FBI's content management system, says that it's a hoax: the email addresses seem to be derived from old publicly available dumps, and the password hashes don't add up, either.
Canadian authorities are investigating "a possible cyber threat" against Ontario's Hydro One electrical utility. There may be nothing more to it than there was to the Burlington Electric incident, but the Royal Canadian Mounted Police are on the case.
Several exploits in the wild draw security researchers' attention. Forcepoint reports the return of the MM Core backdoor spyware in two new variants, "BigBoss" and "SillyGoose." The GDI Foundation warns of a campaign actively targeting MongoDB. Fujutsu and its partners Forcepoint and Recorded Future are tracking the RIG exploit kit, which is now serving TrickBot and Madness/QuantLoader.
Ransomware retains its prominence in the threat landscape. It's increasingly seen equipped with DDoS and doxing functionality (Dunbar calls the latter "doxware"). GoldenEye ransomware is appearing in campaigns targeting HR departments, especially vulnerable because the nature of their business tends to make them willing to open email attachments. Some good news: Emsisoft has a decryptor for version 3 of Globe ransomware.
US investigators think about how to make the hacking case against Russia without tipping their hand, too much. One tip: don't illustrate that case with screenshots from Fallout 4 (apologies to CNN).