FireEye has identified extensive coordinated information operations in support of Iranian interests during US midterm elections. Inauthentic accounts tended to express opposition to President Trump, but their ideological slant, in American terms, was opportunistic. Some of the lines pushed represented themselves as progressive, others as conservative, but their common goal was to advance Iranian policy. Both Twitter and Facebook, tipped off by FireEye, have removed the accounts in question.
Politico observes that the Iranian activity indicates that other governments are cribbing from Russia’s information ops playbook. Exposing that playbook can be dangerous, as the Times explains in a profile of troll-hunting Finnish journalist Jessikka Aro, who’s drawn death-threats for her work.
Errata Security thinks that roughly a million machines are susceptible to exploitation of the BlueKeep Remote Desktop Protocol vulnerability. Trend Micro has looked at the risk BlueKeep poses and concludes that, while it may seem easy to trigger, actually achieving code execution on a target would be “incredibly challenging.” A more realistic danger, they think, is inducing DHCP (Dynamic Host Configuration Protocol) server service crashes, a denial-of-service condition that could enable attacks via a rogue DHCP server.
Forbes reports that other Saudi dissidents were affected with Pegasus spyware before the apparently Pegasus-connected, perhaps enabled, murder of Jamal Khashoggi.
An essay in the National Interest argues that Abu Bakr Al-Baghdadi is reorganizing ISIS to survive as a virtual community, with local “franchises” operating on the ground.
Huawei alleges that US sanctions amount to an unconstitutional bill of attainder, Computing reports.