Chronicle, Alphabet's security unit, has reported the results of their investigation of various strains of malware that have hit industrial systems: Stuxnet, Duqu, and Flame. Not only are some variants returning, but Chronicle sees them as connected to "GossipGirl," which it calls a "supra threat actor," a collection of threat actors interacting with one another in complex ways.
Securonix has taken a close look at LockerGoga, the ransomware strain that afflicted Norsk Hydro and others. The researchers conclude that LockerGoga's destructive functionality may well be a feature, not a bug.
Venezuela's Chavista regime continues to use its failing grid as a handy stick with which to beat the neighbors. According to Colombia Reports, this time, Mr. Maduro says, the cyberattacks against Venezuelan power generation and distribution are coming from Chile and Colombia. Both are in Mr. Maduro's view yanqui cat's paws.
Haaretz reports that a hacktivist ("DarkCoder") claims to have breached Israel's voter database as part of #OpIsrael. Whether DarkCoder has actually done so or simply regifted old breaches is unclear; investigation is underway.
If the Daily Beast has it right, the "preliminary forensic investigation" the US Secret Service performed on Mar-a-Lago gatecrasher Yujing Zhang's USB thumbdrive consisted of an agent plugging it into one of his agency's computers, where some sort of unwanted program began to run. (Security experts reached the conclusion by close-reading the Secret Service's account of the incident in the New York Times. Most of the experts don't think jacking in is necessarily a best practice.)