Victims of WannaCry ransomware continue to treat their infestations. Researchers are increasingly convinced the attack was a North Korean operation (but caveat lector: the evidence remains circumstantial, the attribution preliminary and provisional).
Other, better crafted and arguably more dangerous campaigns exploiting EternalBlue vulnerabilities are under way, and they seem to be playing a longer, more focused game. Heimdal calls one such effort "BlueDoom." Although disguising itself as WannaCry, BlueDoom drops no ransomware payload and appears to be aiming for long-term persistence to serve future attacks. It incorporates a suite of exploits believed stolen from NSA.
Other EternalBlue-based campaigns mine cryptocurrencies; some such exploitation antedates WannaCry.
OilRig, a cyber campaign generally believed to be run by Iran against regional rivals, especially Saudi Arabia, has resumed, and this time researchers see evidence that Iran is using the services of Russian cybercriminals.
Legislation introduced into the US Senate this week, the "PATCH Act," would formalize the vulnerability equities process and remove it from Intelligence Community control.
NIST has supplemented US President Trump's cybersecurity Executive Order with guidance on how agencies should implement that order. Comments on Draft NISTIR 8170 are open through June 30. The US House has passed the Modernizing Government Technology Act (MGTA) to facilitate replacement and modernization of outdated Federal IT systems.
For all the concern about election hacking in the West, Agari's study of political parties in Germany, Norway, and the UK finds them deficient in email authentication, with poorly implemented DMARC (Domain-based Message Authentication, Reporting and Conformance) policies.