Forbes reports attempts by the GRU to compromise ProtonMail accounts belonging to journalists investigating Russian security and intelligence services. Bellingcat says it was among the targets. ProtonMail says the attacks were blocked.
KrebsOnSecurity calls it "the unsexy threat to election security," but argues that securing email and social media accounts of election officials shouldn't be overlooked. A civil grand jury in San Mateo County, California (part of Silicon Valley) warned that hijacked or spoofed accounts could be used to suppress voting by distributing misinformation about polling, or could be used to excite conflict with false reports of results.
Palo Alto Networks' Unit 42 reports that MyDoom, the old worm that surfaced in 2004, is still out and actively used in phishing campaigns. Its persistence is due in part to its self-sufficiency, as ZDNet notes.
TechCrunch and others report that Marcus Hutchins, the accidental hero of WannaCry and the deliberate villain of the Kronos banking Trojan, has been sentenced to time served and a year of supervised release for charges related to developing and selling Kronos. The presiding judge cited Hutchins's youth and apparent reform when he passed sentence.
The US Coast Guard last week released further details on a cyberattack that hit a large merchant vessel inbound for the Port of New York and New Jersey. The Wall Street Journal says the malware involved was an Emotet variant.