As Presidents Trump and Xi meet for their first Sino-American summit, we note again the Fidelis report on "Operation TradeSecret," with the look and feel of APT10 (which in turn has the look and feel of a Chinese state-run actor). US officials worry about Chinese ambitions with respect to international trade: not only familiar IP theft, but also collection against US trade lobbyists like the National Foreign Trade Council.
A strange campaign in the wild that's being called "BrickerBot" is looking for insecure IoT devices and then bricking them—rendering them incapable of operation. Discovered by Radware in one of its honeypots, BrickerBot is baffling because its motive is unclear. Many observers suspect that it's a vigilante action conducted by a grey hat hacker who's trying to kill IoT devices before they can be herded into a botnet.
Palo Alto's Unit 42 reports on a campaign to exploit vulnerable DVRs as bots: the campaign is called "Amnesia." And ESET warns against "Sathurbot," said to contain some twenty-thousand devices.
Ransomware remains a current and enduring threat. A pediatric practice in Texas has been a victim of Dharma ransomware; the attack was swiftly contained but more than fifty-thousand patient records may have been exposed during the attack. Bleeping Computer reports that an Indian developer has been "playing around with an open source ransomware builder" on GitHub. At least one gang seems to have made $100,000 exploiting Apache Struts.
Concerns about influence operations and improper surveillance persist, in both the US and France.