Dragos has published a reassessment of the 2016 CRASHOVERRIDE attack on a portion of Ukraine's power grid. They now believe that the attack was probably intended to disrupt operations for weeks or months as opposed to the hours the actual outage lasted. They also think that the threat actor (which they track as "Electrum" and which is widely regarded as working on behalf of Russian intelligence) intended the destruction of some pieces of equipment. Electrum now seems to be taking an interest in other sectors' industrial control systems, and those interests appear to extend beyond Ukraine.
Zscaler describes InnfiRAT, a remote-access Trojan designed to steal cryptocurrency wallet information.
AdaptiveMobile Security yesterday announced the discovery of "Simjacker," a vulnerability and associated exploits in which an SMS is used to effectively hijack a mobile device's SIM card via its S@T Browser. The company says that a "sophisticated threat actor" has been exploiting Simjacker in the wild for at least two years.
The SINET 16 have been announced.
A pair of Coalfire pentesters were arrested during an engagement at the Dallas County, Iowa, courthouse. The Des Moines Register says that the Iowa Judicial Branch did indeed hire them to conduct penetration testing of court records, but that the court administrators did not expect physical penetration to be within the scope of the job.
The Baltimore Sun reports that Baltimore has gotten around to realizing that it permanentlly lost some data in May's ransomware attack. The city now thinks backups are a good idea.