Flashpoint has looked at how jihadist infosec group Horizon is reacting to Vault 7 on the dark web. ISIS adherents are being advised that favorite communication tools Telegram and WhatsApp may be vulnerable to interception. Whether Horizon will have better luck instilling sound opsec and digital hygiene into the terrorist pool than legitimate enterprises have with their employees seems doubtful. Sputnik piously opines that the leaked documents could be exploited by criminals, making us all less safe.
The ShadowBrokers' dump is thought by many to be bad news (and worse optics) for the US Intelligence Community. Both SWIFT and Microsoft reassure users that their systems are now safe against the exploits the ShadowBrokers' documents describe (and many observers note Microsoft's quietly proactive pre-leak patches). Motherboard notes that the ShadowBrokers' dump password is a typographic squeal associated with Pepe the Frog, and so the Brokers associate themselves with the alt-right. Pepe has appeared before in Russian information operations.
Speculation continues that the US hacked North Korea's weekend missile tests. The source of this wishful thinking seems to be former UK Foreign Secretary Sir Malcolm Rifkind.
Recorded Future reports discovery of “Karmen,” a low-cost ransomware-as-a-service product being hawked in the dark web souks by “DevBitox,” described as "a Russian-speaking cyber criminal."
Chrome, Firefox, and Opera are reported vulnerable to homograph attack in which malicious sites spoof ("undetectably") safe, legitimate ones.
VMWare has patched a remote-code-execution flaw in its VCenter Server platform.
Committee jurisdictional squabbles are inhibiting cyber legislation in the US Congress.