New Zealand has joined the three Five Eyes sisters who have called out exploitation of Cisco Smart-Install-enabled devices. CERT-NZ doesn't specifically call out Russia as the author of the ongoing campaign against such devices, but it does reference with agreement the US-CERT report that does, so it's safe to conclude that the view from Wellington is much the same as that from Canberra, London, and Washington.
Russia for its part has denied doing anything of the kind. Government spokesman Dmitry Peskov said the accusations were unfounded. Echoing the sorts fo demands for evidence Moscow issued after the nerve agent attack in Salisbury, Peskov called the accusations "feeble," and said Russia had no idea what the Five Eyes' assertions were based on: "Such accusations are typically thrown into the air and no one even bothers to offer any arguments anymore."
Symantec researchers warn of a new problem, "trustjacking." It occurs when a user pairs an iPhone to a Mac laptop or workstation, at the point where users are asked if they trust this computer. (Maybe users should be more circumspect.)
Radware warns of "Stresspaint," a Chrome login information-stealing Trojan served by a Windows app that presents itself as a stress-relief tool.
LocalBlox, a company that scrapes data from the various sources on the web and builds profiles of individuals for marketing purposes, has been found to have leaked data. It's apparently, according to researchers at UpGuard, an AWS misconfiguration issue: they say they found forty-eight-million records exposed in an S3 bucket.