ESET reports on recent activity of K3chang, an "elusive" threat group engaged in cyber espionage. Most of K3chang's recent targets have been in Slovakia, Belgium, Chile, Guatemala and Brazil. ESET studiously avoids attributing K3chang, but they do observe that since its discovery by FireEye in 2013, K3chang has been associated with China. The recent campaigns show improved backdoors and greater evasiveness. In MITRE's threat group taxonomy, K3chang is also known as APT15, and sometimes as Vixen Panda or Playful Dragon.
Hacked Bulgarian tax information has begun turning up in various discreditable hacker online neighborhoods. ZDNet says that the person who posted it (someone with the nom-de-hack "Instakilla") obtained it from a download link carelessly displayed by a Bulgarian television news report. Instakilla crowdsourced a solution to the password and has now made the data available. He's not worried about doing so. Since he's not the "original hacker," he doesn't "feel accountable for anything." The alleged original hacker has now been identified. Computing magazine, citing Bulgarian sources, identifies the suspect as Kristiyan Boykov, age 20. Mr. Boykov had worked for TAD Security, perhaps in a training role. Some of his students are said to have been members of the police cyber squad that collared him.
Emsisoft reflects on the recent wave of ransomware hitting US local governments. The firm suggests that counties and towns are vulnerable because of outdated systems and big attack surfaces.
SC Magazine and others continue to report that hundreds of thousands of devices remain unpatched against BlueKeep.