Now that ISIS has been considerably disrupted, Al Qaeda is working online to regain terrorist mindshare lost to the Caliphate. They're calling from the familiar playbook, but with their own emphasis on inspiring attacks in infidel lands.
Dragos offers details on the CHRYSENE threat group, specialists in hitting industrial control systems. Associated with the 2012 and 2016 Shamoon attacks on Saudi Aramco, CHRYSENE has, Dragos says, developed a sophistication beyond groups like Greenbug (a.k.a. OilRig). CHRYSENE's target list concentrates on the petrochemical, oil, gas, and electric generation sectors. It may be extending that target list beyond the Middle East.
AnonPlus, a hacktivist group believed to be based in Italy, has been attacking US state governments. New Mexico is the latest victim, but Idaho and Connecticut were also recently hit. AnonPlus in its communiqués follows the now familiar anarcho-syndicalist line—they have no leaders, they say—and their principal declared interest is opposition to censorship. It's unclear how defacing a workmen's compensation site (among others) fits AnonPlus's strategy, but the nuisance value is undeniable.
GDPR takes effect a week from tomorrow, and researchers continue to find sensitive data exposed online. Imperva has a useful timeline explaining what organizations will be expected to do within seventy-two hours of detecting a breach.
The US Senate passes a resolution restoring net neutrality. The issue now passes to the House.
The US House wants a full report from the Department of Homeland Security on cybersecurity issues surrounding ZTE.
Serbian police have popped the alleged DarkOverlord.