A ransomware attack (or, as airport authorities hedge it, an attack similar to ransomware) took departure board screens offline for two days at Bristol Airport in the UK. The screens were disenabled as part of a general response to detection of the attack. The airport believes the attack was "speculative" rather than specifically targeted.
Several universities in the UK, Cambridge and Oxford among them, sustained cyberespionage incidents in which sensitive technical material was taken on behalf of Iran.
The EternalBlue exploits, widely believed to have been stolen from the US NSA, continue to turn up in infestations around the world. A great many of the infections involve cryptojacking.
Several evolved ransomware strains are circulating in the wild. A new variant of Dharma is out. Ryuk is not only encrypting files, but disabling endpoint protection on infected devices. SynAck (not to be confused with the legitimate security company with the similar name) evades detection with Process Doppelgänging. Kraken Cryptor masquerades as the legitimate security tool SuperAntiSpyware.
The EU advances consideration of its next major Internet regulation: hosts will, if the measure passes, have one hour to remove "extremist" content from their services. The clock begins when authorities notify providers. Fines would be in the GDPR range.
North Korea is said to be turning to false identities and online services to evade economic sanctions, using Upwork, Freelancer, Github, Slack, LinkedIn, PayPal, and Facebook to facilitate IT service sales.
Russian disinformation over the Novichok attacks seems, the Washington Post reports, to be backfiring.