The suspected attack on Ukraine's power grid around Kiev last month appears to have been confirmed. It appears to have been part of a larger campaign against a variety of sectors, and sources say the attack looks like the work of the same actors who took down electrical service around Ivano-Frankivsk in December 2015.
Famous for having wiped 30,000 Saudi Aramco computers in 2012, Shamoon returns. Palo Alto researchers say this time it comes with default credentials for Huawei's FusionCloud desktop virtualization solution. Shamoon, at least in its first go-round, was thought to have been an Iranian cyber weapon.
Emsisoft reports on Spora ransomware, being sold in darknet souks.
Microsoft patches Edge, Office, and Windows.
European governments, especially in France, Germany, and the UK, are looking to shore up election security in the face of hacking and influence operations Russia mounted against voting in other countries, especially the US. Consideration of those operations attracts new interest as the Guardian (sourced largely from Buzzfeed) reports rumors of compromise and collusion with Russia in President-elect Trump's campaign. The media treat the rumors with cautious but interested skepticism.
Embassies are tweeting a lot, and Russia's diplomatic tweets for some reason feature Pepe the frog's unedifying presence.
US DNI Clapper said yesterday that the Intelligence Community's report on Russian election hacking and influence operations was based on a mix of human intelligence, technical collection, and open sources (which is to say it was based on pretty much every kind of thing, we mean, INT).