People have asked us how they can support the CyberWire, and so we're pleased to say we've launched our new Patreon site, where we've created a variety of support levels. Our patrons are important to our future, and we hope you'll consider becoming one. We invite you to become part of the CyberWire story, and we thank you for reading and listening.
Get Started with Threat Intelligence
Hacking efforts against French President-elect Macron show boldness, but also signs of haste (and of St. Petersburg). WikiLeaks continues Vault7 dumps. Microsoft patches zero-day in Windows' Protection Engine.
The hacking of French President-elect Macron's campaign emails has yet to turn up anything observers find particularly scurrilous or discreditable, with influence operations amounting to little more than tendentious jeering memes in social media. Flashpoint thinks the effort shows signs of haste, perhaps driven by Macron's late emergence as a serious candidate.
Ars Technica reports that some evidence points toward Evrika ZAO, a St. Petersburg IT company that numbers Russia's FSB among its customers. WikiLeaks itself noted, in what practically counts as an admission against interest, that metadata in some of the leaked material indicates that it was last edited by someone working at Evrika. Trend Micro has maintained for some time that operations against Macron's campaign are circumstantially but significantly similar to the ones Pawn Storm (Fancy Bear, that is, the GRU) conducted against the US Democratic National Committee last year. Moscow denies involvement, denouncing the attribution as slander.
False flags planted in the leaks are possibilities, but German and British authorities are taking the threat of Russian information operations against their own elections very seriously. Recently retired US DNI Clapper agrees, and says the US should expect more of the same.
WikiLeaks, unchastened by l'affaire Macron, continued its Vault7 dumps Friday, releasing "Archimedes," said to be a CIA tool used to compromise devices operating within a single LAN.
Today is Patch Tuesday, but one problem couldn't wait: Microsoft late yesterday fixed a remote-code-execution vulnerability Google's Project Zero found in Windows' Malware Protection Engine. Google called the bug "crazy-bad."
Today's issue includes events affecting China, European Union, France, Germany, Ireland, Japan, Democratic Peoples Republic of Korea, Russia, Syria, and United States.
In today's podcast, Joe Carrigan from our partners at the Johns Hopkins University describes the benefits of segmenting your home network, especially the benefits of putting IoT devices on a distinct segment isolated from your home PCs. Our guest is Andrew Blaich from the mobile security company Lookout. He discusses the Pegasus lawful-intercept tool as it appears on Android devices.