Hybrid conflict, with its ambiguities and fog, continues in Eastern Europe. Deutsche Welle reports a Russian disinformation campaign in the Baltic, with phoney news stories planted alleging that German soldiers on NATO deployments have been responsible for a wave of assaults in Lithuania. Researchers at CyberX look at a cyber campaign in Ukraine (possibly criminal, possibly state-directed, possibly a mix of the two) that's been responsible for a widespread spyware infestations in Ukrainian businesses. More than seventy enterprises are said to have been affected by what CyberX is calling BugDrop. Synack researchers have been taking a look at tools that appear to have recently eaked from Fancy Bear's paws, and they conclude that those tools look a great deal like lawful intercept products from Hacking Team. (Fancy Bear is generally believed to be Russia's GRU.) Synack sees a "weirdness" in the code that suggests a copy-and-paste job.
Bitdefender believes it's found evidence that there's now a variant of Fancy Bear's X-Agent malware that targets MacOS.
Senior US officials, including the Vice President and the Secretaries of State and Defense are making the diplomatic rounds in Europe, and cyber matters have inevitably arisen during their discussions. Secretary of Defense Mattis said "there's very little doubt" that Russia has interfered with elections. (One might add that historically it's not just Russia.)
Panda Labs reports a new criminal hack, "RDPPatcher," which simply sells third-parties access to a victim computer.
Cato Networks describes "Ticketbleed," a vulnerability whose exploitation could let attackers intercept SSL traffic.