Hopes that diplomacy and the lure of becoming a more normal country might inhibit North Korean hacking seem to have faltered. Palo Alto Networks notes that Pyongyang's Reaper Group deployed malware ("NOKKI" and "DOGCALL") in June against a range of companies. The campaign involved exfiltration of screenshots, keylogging, and staging of further infestations. The motive was apparently the DPRK's usual one: financial gain.
Former Facebook executive Alex Stamos (now of Stanford University) tweeted that Facebook's breach indicates the effect of GDPR's coupling of heavy fines with a requirement for swift disclosure: "Announce & cop to max possible affected users," which produces confusion; "a month later truth is included in official filing." Thus public announcements are offered on the basis of incomplete investigation. Observers see a difficult trade-off: on the one hand early disclosure can help victims; on the other, it can impede investigation and effective response.
Google is having trouble keeping unwanted material off its platforms. YouTubers have posted instructions for hacking Facebook, and fraudsters are apparently still able to buy ads.
The University of Toronto's Citizen Lab reports finding Pegasus spyware in a Saudi dissident's phone. The affected person is a permanent resident of Canada. Citizen Lab attributes the infection to the Saudi government.
Tribhuvan International Airport in Nepal saw its official website taken offline between September 28th and 30th. It appears to have been a case of hacktivism, if counting coup for the lulz can be considered hacktivism: the unidentified hacker who claimed responsibility commented "Typical Idiot Security."