Late yesterday Anomali issued a report on Mustang Panda, a Chinese government threat group that's probably operating against a distinct but extensive set of targets: people interested in UN Security Council resolutions concerning ISIL, MIAT Airlines (a Mongolian carrier), cultural exchange not-for-profit China-Zentrum e.V., the Communist Party of Vietnam, and Shan Tai Theravada Buddhists. Their conclusions about the targets are based on the nature of the phishbait. Mustang Panda was first identified by CrowdStrike in June of 2018.
Unpatched instances of the Drupal content management system continue to receive "Drupalgeddon2" attacks, Akamai warns.
The US NSA yesterday added its own warnings to those CISA and the UK's NCSC issued last week concerning the exploitation of older but still widely used VPNs by various international threat actors. NSA's notes include advice about mitigation.
It's Patch Tuesday, and the usual round of updates are expected later today. One set of patches, however, won't appear. D-Link has decided not to patch its older home routers against a critical remote takeover vulnerability, Threatpost reports. Users should upgrade to new equipment instead. The affected routers, although still available as "new" from third-party vendors, are beyond their end-of-life.
The Internet Society has done a privacy audit of twenty-three US Presidential campaign sites and found seven of them worthy, those belonging to candidates Buttigieg, Harris, Klobuchar, O'Rourke, Sanders, Trump, and Williamson. The other sixteen? Sorry, no bueno.