CNN identifies one Iranian group hit with a US cyberattack last week: Kata'ib Hezbollah, a Shi'ite militia said to be an Iranian military proxy. Kata'ib Hezbollah is thought to have access to Iranian missiles.
Myanmar has shut down mobile networks in substantial sections of the Rakhine province, CNN reports. The blackout was imposed in conjunction with a military sweep. The Irrawaddy says the government intends to keep the networks down until the situation stabilizes: locals are believed to phone insurgents information on government operations. Foreign Policy notes that the Arakan Army, a major ethnic Rakhine Buddhist insurgent group, uses Facebook for coordination and inspiration.
Finite State studied the supply chain and found Huawei gear unusually buggy. It doesn't say the bugs were deliberate, but the report casts doubt on whether low-price Huawei represents best value.
Researchers at Netskope track a spam campaign that's distributed LokiBot and NanoCore since April. The phishbait is a diffident notice about an overdue invoice with an ISO file (specifically a disk image). LokiBot checks for web or email servers, locates email and file transfer credentials, and detects popular remote administration tools. NanoCore is a remote access Trojan.
ProPublica reports that Emsisoft, in an investigatory sting, found that ransomware recovery service Red Mosquito would pay the ransom, and then charge the customer four times that amount for its services. Emsisoft objects mostly to the lack of transparency: there might be times you'd pay ransom, Emsisoft says, but you should be clear that that's what you're doing.