The Olympic Destroyer malware that hit the Winter Games being held in South Korea appears to be a complex piece of work. It's a wiper, it spreads via EternalRomance (one of the alleged Equation Group exploits the Shadow Brokers leaked), and it also contains a self-patching functionality that enables it to change its characteristics as it moves from machine to machine. Cisco's Talos research unit have been examining it, and finds some similarities to code used in NotPetya and BadRabbit, and speculation about attribution has turned largely toward Russia, but speculation remains based mostly on motive and opportunity.
The US Intelligence Community's annual threat assessment sees Iran, Russia, and North Korea as growing more assertive in cyberspace. They expect Russian influence operations (propaganda and disinformation) during this year's midterm elections. The goal is to sow discord and mistrust.
On Patch Tuesday, Microsoft fixed fifty bugs, fourteen rated critical, affecting widely used products, including Outlook. Adobe patched thirty-nine flaws in Acrobat and Reader.
US Army Lieutenant General Paul Nakasone, long the front-runner, has been nominated to succeed Admiral Rogers as Director NSA and Commander, US Cyber Command. He'll be dual-hatted, at least initially, when he takes over this summer. A fourth star will come with the job.
Graham Cluley reports that Salon magazine now offers a choice: you can block ads, but only if you let them install a coinminer on your machine. Mining is disruptive but not very lucrative: the recent CoinHive infestations seem have brought the crooks about $24.