Enforcement officers from the UK's Information Commissioner's Office raided Cambridge Analytica's London headquarters late Friday night, tossing the place until 3:00 Saturday morning. What they found, if anything, is not yet known.
The data scandal has clobbered Facebook in the markets. Last week it lost, says MarketWatch, $75 billion in market cap. (That's like losing a Raytheon.) The company disputes reports that it indiscriminately collected Android data, saying that it collected only data users gave it permission to collect. A full-page apology the company ran in three US and six UK newspapers yesterday frames the scandal as a relatively restricted app issue.
The US this morning expelled sixty Russian diplomats in response to Russia's nerve-agent use in Salisbury, England. Other allied nations are taking similar steps. The expulsions come during a period of heightened fears of cyberattack, especially Russian cyberattacks against vulnerable power grids.
Rapid 2.0 ransomware has a significant new feature: it won't execute on victim machines if it detects Russian locale settings. AVCrypt ransomware, which attempts to uninstall security software, may in fact be a wiper, since it offers no instructions for paying ransom. Another possible wiper that's out is DiskWriter (or "UselessDisk"), a master boot record bootloader. Webroot reports the TrickBot banking Trojan has received a new extortion module.
Iran has expressed outrage over the US indictment of nine hackers working for the Mabna Institute.
The alleged leader of the Carbanak gang has been arrested in Spain, collared in a collaborative effort involving at least five nations.