CSE Cybsec's Z-Lab reports finding Fancy Bear (also as APT28, Sednit, Pawn Storm, Sofacy, Strontium, and Russia's GRU) engaged in an espionage campaign directed against the Italian Navy. The Russian intelligence service is said to have installed an updated version of its familiar X-Agent malware in naval systems. The campaign is being called "Roman Holiday."
ESET researchers are analyzing three remote access tools used in ongoing campaigns against targets—mostly government agencies—in Ukraine. The tools are called "Quasar," "Sobaken," and "Vermin." ESET characterizes the campaign as one of "criminal espionage." The tools are used to access and exfiltrate sensitive files from government systems.
A database containing US voter information was found exposed in an unsecured AWS S3 bucket by Robocent, a robocalling firm specializing in selling its services to political campaigns. Kromtech found and disclosed the exposure.
Trustwave's SpiderLabs say they've found a vulnerability in Reprise Software's RLM license management tool. Reprise says they won't patch because there's no vulnerability at all. RLM, says Reprise, is designed to run in a segregated non-privileged account. It's not supposed to be given administrator-level privileges, which is what SpiderLabs saw. That, says Reprise, isn't a bug, but rather an abuse of their product.
Cisco has patched Policy Suite, SD-WAN, and Nexus.
The US National Institute of Standards and Technology (NIST) will withdraw eleven SP 800 cybersecurity publications on August 1st.
Members of the US Congress press the tech industry on content moderation.
The US Intelligence Community still believes Russia is a cyberthreat.