US-CERT has warned of a new remote access Trojan released by North Korea. McAfee and Intezer have conducted joint research into Pyongyang's attack tools and they've found considerable code reuse: some of the code that continues in use goes back to 2009's Brambul, one of the earlier malware strains to come from the DPRK. Code reuse is an obvious labor-saver. Intezer is particularly confident that DPRK code-reuse offers strong evidence for attribution; they call it the malware's "DNA."
Researchers at KU Leuven report finding vulnerabilities in implementations of the widely-used Wi-Fi Protected Access two (WPA2)’s 4-way handshake.
The PGA was hit with a ransomware attack just before its current golf championship tournament got underway. Investigation and remediation are in progress, but there's widespread speculation that the ransomware used was a strain of Bitpaymer. The hoods want their ransom in cryptocurrency.
Engadget reports that Amazon Web Services accidentally exposed GoDaddy information in the course of a sales call with the domain host.
South Korea's troubled Cyber Command is about to undergo reorganization.
The Russian government braces for US sanctions, and has promised retaliation in kind. The US sanctions are directed, first, against Russian breaches of chemical weapons treaties in the Novichok incident (which Russia denies) and second, against election meddling. The second class of sanctions, which Russian sources suggest the Kremlin thinks are soon to be tightened by the US Congress, appears to be the more threatening. (Russia also continues to deny election-related influence operations, but few believe that, either.)