ESET describes a Trojanized TOR browser that warns victims that they're vulnerable to police snooping because their browser is out-of-date. The bogus update page to which the unwary are redirected installs malware that enables the crooks to steal cryptocurrency, mostly Qiwi and Bitcoin. The caper is conducted in Russian and is directed against Russian-speaking visitors to various darknet sites.
ESET has also reported that older and unpatched versions of Amazon's Kindle and Echo are vulnerable to key reinstallation attacks that exploit WiFi vulnerabilities to achieve man-in-the-middle status.
Upstream says it's caught the popular Android app Snaptube engaged in large-scale clickfraud.
A site offering the putative iPhone jailbreak "Checkrain" is, Cisco Talos warns, enrolling visitors in an ad-fraud campaign.
While Apple CEO Cook mollifies Beijing (as WIRED describes), Facebook's Zuckerberg said yesterday that his company is not only uninterested in returning to business in China, the Telegraph reports. Mr. Zuckerberg expressed Facebook's strong commitment to free speech as grounds for refusing to moderate political content.
TASS is authorized to state that, while the enemy of my enemy may not exactly be my friend, he could at least be my cooperating law enforcement agency. The Moscow Times has some information on US assistance to Russia's FSB in a Russian domestic counter-terror operation. What terrorist group was implicated isn't publicly known, but the US has in the past given Russia intelligence on Islamist operations.
Nevertheless, Russo-American relations in cyberspace aren't all rainbows and unicorns: Cozy Bear, after all, has resurfaced in the news.