We're happy to announce that we've established a Patreon site where anyone interested in supporting the CyberWire and helping us continue to provide our popular news service can sign on as a Patron today. Thanks for your consideration. And, as always, thanks for reading and listening, and we hope you'll want to become a part of the CyberWire story.
Get Started with Threat Intelligence
ESET found Sednit (a.k.a. Fancy Bear, a.k.a. GRU) distributing two zero-days in phishing emails with a "Trump's Attack on Syria" theme. Microsoft patched both vulnerabilities yesterday.
US NSA and CYBERCOM head Rogers told Congress yesterday that Russian actors penetrated French election "infrastructure," and that NSA tipped off its French counterparts that the Russians were actively targeting their election. "Infrastructure" was left vague, but most read it as referring to the now well-known penetration of En Marche! emails. Admiral Rogers urged public confrontation of Russia over its cyber activities.
Observers believe the Russian services are turning their principal attention to September's German federal elections, pursuing a long-term goal of EU disruption.
NSA Director Rogers also outlined (for Senator McCain) a worst-case cyberattack: "outright destructive attacks focused on some aspects of critical infrastructure" and data manipulation "on a massive scale".
Wandera reports a dramatic rise of SLocker Android ransomware variants (and infections) over the last six months.
Check Point says a flaw in Android 6.0.0 (Marshmallow) permissions could allow malicious apps to download directly from Google Play.
In addition to the Microsoft patching mentioned above, Adobe yesterday addressed seven issues in Flash Player, and Cisco closed the Vault7 zero-day affecting various switch models.
US President Trump dismissed FBI Director Comey late yesterday over his handling of campaign-season email security investigations. Sources indicate that the FBI's need to correct the Director's inaccurate testimony before the Senate last week was the proximate cause of the firing, but that termination was likely in any case.
Today's issue includes events affecting Australia, Canada, China, France, Germany, Japan, Democratic Peoples Republic of Korean, Republic of Korea, Russia, Syria, United Kingdom, and United States.