Microsoft announced late last night the takedown of six sites associated with Russian influence operations in the US. Redmond's Digital Crimes Unit ran the operation, which concentrated on bogus sites established over the last few months to impersonate public policy organizations.
This time conservative organizations received attention: the Hudson Institute, a conservative think tank that's investigated corruption in Russia, the International Republican Institute, a democracy-promotion not-for-profit, and three sites built to look as if they were affiliated with the US Senate. The sixth site was non-political: it spoofed Microsoft. Microsoft went no farther than attributing the operation to APT28, but others have been quick to point out that APT28 is just Fancy Bear, Russia's GRU military intelligence organization.
Trend Micro has published a comprehensive look at Operation Red Signature, which they call "an information theft-driven supply chain attack targeting organizations in South Korea." The campaign surfaced late last month.
Motherboard describes "Intrusion Truth," apparently a hacktivist group engaged in doxing members of Chinese intelligence services. Motherboard seems convinced, based on their exchanges with Intrusion Truth, that they are indeed the hacktivists they say they are. It would be interesting to rule out the possibility that that group is a hostile (to China) intelligence service.
A British mission to the US will push for more sanctions against Russia. The US Senate works to ensure that existing sanctions don't rain collateral economic damage on US and allied countries.
US-CERT warns of vulnerabilities in Philips IntelliSpace Cardiovascular and Xcelera IntelliSpace Cardiovascular (ISCV) products.