Olympic Destroyer, the threat group responsible for disruption of digital aspects of this past winter's Pyeongchang Olympic games, is apparently back. Kaspersky Lab is tracking activity that looks very much like Olympic Destroyer's against organizations associated with chemical and biological weapons control. Targets in Germany, France, Switzerland, Russia, and Ukraine are said to have been spearphished. The evidence for Olympic Destroyer's renewed activity lies principally in the obfuscation and spearphishing macros the recent attacks have employed. Kaspersky as usual offers no attribution, but US officials concluded in February that Olympic Destroyer was a Russian operation cloaked by false flags. Russia has objected to investigations linking it to chemical attacks in Salisbury and Syria, and this resentment is thought to provide a motive.
The US has charged Joshua Schulte with "unauthorized disclosure of classified information and other offenses relating to the theft of classified material" from the CIA. Schulte is alleged to be the source of WikiLeaks' Vault7. The defendant's careless search for, and online communications about, illicit pornography are thought to have constituted the opsec mistakes that led Federal agents to him.
Experts speculate that Liberty Life may have been the victim of a malicious insider in the data loss it disclosed over the weekend.
Another malicious insider may be behind "sabotage," including deliberately bad coding and data theft, at Tesla (or so Elon Musk believes).
The US Senate voted yesterday to revoke the lifeline the Administration had extended to ZTE. Huawei appears to be in Congressional crosshairs as well.