ESET warns that the threat actor behind BlackEnergy—involved in past attacks against sections of Ukraine's power grid—is back. This time it's infected three "energy and transport companies" in Poland and Ukraine. ESET notes that the group has developed a new malware suite, "GreyEnergy," and that it appears positioned for further campaigns. Reuters says that ESET doesn't call out a nation-state as responsible, but naming BlackEnergy associates the activity with the GRU. Others, notably Britain's GCHQ, have called out BlackEnergy (a.k.a. "Sandworm," in FireEye's nomenclature) as an operation of the Russian military intelligence agency.
There's also a reported spike in Russian activity against diplomatic targets in Central Asia. ESET and Kaspersky track the campaign as DustSquad and Nomadic Octopus.
ISIS may be on the ropes in the last shreds of territory it operates in, but its online operations (mostly inspirational and informational) won't disappear as the terrorist group enters its diaspora phase. And the US Department of Defense thinks that the ISIS cyber template will be used by other terror groups for years.
The US Department of Homeland Security downplays the increase in reported threats to midterm elections. The increase DHS sees is an increase in reporting, which isn't necessarily correlated with an increase in the level of threat. The Department also reminds everyone that the voting data Anomali found in black market souks is for the most part already public.
The EU is also preparing for its upcoming elections. The principal concern in Europe is with information operations.