The UK mulls sanctioning Russia for the attempted assassination, in England, of former GRU officer (and MI6 spy) Sergei Skripal. Many think sanctions would prompt Russian retaliation by cyberattack.
A Kaspersky study sees a shift toward Asia in Sofacy's interests. (Sofacy is also known as APT28, Tsar Team, and Fancy Bear. Kaspersky describes the group as "pragmatic, measured, and agile.")
Iran may be showing greater cyber capabilities and a correspondingly larger disposition to use them for espionage and surveillance.
Bots have their uses in spreading disinformation over social media, but an MIT study suggests human gossips are overwhelmingly more active in doing so.
Is a kill-switch "the cavalry," or questionably legal interference in someone else's computer? Corero thinks the "flush_all" command is a potentially useful method of stopping Memcrash distributed denial-of-service attacks, as reported in the Register. Cloudflare and Arbor Networks told eWeek that flushing all would amount to changing the contents of a non-cooperating computer. And, of course, that's illegal in many (most?) places.
Kaspersky Lab has described Slingshot, cyber-espionage malware that for six years has quietly infested systems in the Middle East and Africa. The researchers call it sophisticated and stealthy, an elegant product, they think, of a nation-state. They don't say which nation-state, but they do note that the debug code is written in pretty good English.
The University of Toronto's Citizen Lab says that Egypt, Syria, and Turkey are adapting Sandvine products to install spyware and cryptojackers. Sandvine says it's got nothing to do with it.