India continues to receive the attention of North Korean cyber operators. A phishing campaign is underway that poses as a job opportunity at Hindustan Aerospace (HAL), the Herald Publicist says.
The US State of Louisiana yesterday activated its cybersecurity response team after some of its servers were hit with ransomware. Affected agencies have begun restoring service, which is expected to be complete in about two days. The Office of Motor Vehicles, for example, will be back in business for the most part at noon today, KPLC reports. ZDNet says the state's Office of Technology Services contained the infestation quickly: Louisiana, unlike some other state and local governments, had a sound plan it executed quickly.
Zscaler has discovered two campaigns using compromised WordPress sites to distribute a remote access Trojan. One uses a bogus Flash Player update as the vector, the other an equally phony "font update" (the font it helpfully offers to update is "PT Sans").
Prevailion warns it's found a clever spearphishing campaign conducted by the HydSeven criminal group. The campaign, which Prevailion calls "Operation BlockChain Gang," is distributing Linux and Windows versions of the macOS Trojan HydSeven used against Cambridge University this summer.
Huawei has received a ninety-day reprieve from the US, and China hawks are concerned that the US Administration has gone wobbly, the Washington Post reports.