Ukraine's SBU security service warns that various government agencies in Kiev are under cyberattack, again. No attribution so far.
ESET reports that Telebots and BlackEnergy, and therefore Industroyer and NotPetya, are linked to the same threat actor.
Observers look at cyberattacks against the ports of Barcelona and San Diego and conclude that commingling IT and OT yields unacceptably high risk.
Cisco's Talos research group has found a new Android Trojan, "GPlayed." It masquerades as the Play store, using the name "Google Play Marketplace" to further the imposture.
Skepticism over Bloomberg's Chinese supply chain attack story continues to rise. Some sources have walked back their statements to Bloomberg. Other observers point to an implausibility: if Chinese intelligence services really had seeded the supply chain as effectively as the story suggests, why would they engage in all the noisy hacking they've continued to conduct?
Facebook has purged more "inauthentic" sites. In this case the 559 pages and 251 accounts the social network took down were for the most part American. The problem, in Facebook's view, is their "coordinated inauthenticity." The company admits that inauthentic content is "often indistinguishable from legitimate political debate," and is trying to develop that distinction on the basis of behavior as opposed to content. The inauthenticity specified is moneymaking: clickbaiting people into ad farms.
The UK and Netherlands intend to push the EU to develop more effective sanctions against cyberattack.
Reuters says the Five Eyes and friends have agreed to closer cooperation against Russian and Chinese cyber operations.