Security industry researchers, many of them GCHQ alumni, warn that ISIS is trying to recruit hacking talent in labor black markets. The terrorist group has hitherto excelled at inspiration but generally flunked hacking proper, demonstrating little more than an ability to vandalize poorly protected sites. An influx of criminal coding talent could change that.
Exploitation of an Adobe Flash Player zero-day (patch expected sometime this week) is now generally being attributed to North Korean operators belonging to the "TEMP.Reaper" threat group.
Researchers tie a gaming server rental operation more closely to the JenX botnet, thought to be controlled by the San Calvicie organization that offers Grand Theft Auto hosting.
Scarabey ransomware (a variant of the well-known Scarab malware) brings a new twist to ransomware. It encrypts files, of course, but then threatens to delete twenty-four files from the victims' systems every four hours the extortionists aren't paid. It's apparently a Russian criminal product, and it spreads by RDP/manual dropping.
British hacker Lauri Love, who hit US Government sites in 2012 and 2013, will not be extradited Stateside after all: the High Court overturned his 2016 extradition order (but left the door open to Love's prosecution in the UK). Russian hacker Petr Levashov, alleged creator of the Kelihos botnet and reputedly one of the world's leading spammers, has been extradited to the US from Spanish custody. Levashov has claimed connections to Russian President Putin's political party.
In the US, the Nunes Memo is expected to be followed by other memos, releases.