CISA has issued a joint Homeland Security/FBI Malware Analysis Report on the "HOPLIGHT" Trojan, attributed to North Korea's Hidden Cobra (a.k.a. the Lazarus Group).
Kaspersky describes an operation by the "politically motivated" Gaza Cybergang Group 1, which Kaspersky calls "SneakyPastes."
Finland's election-results reporting system sustained a denial-of-service attack this week, Bloomberg says. Authorities are investigating, but there is so far no attribution. Finland votes this Sunday.
Computing reports that Ecuador ejected WikiLeaks founder Julian Assange from its London embassy this morning, citing "repeated violations to international conventions and daily-life protocols." Mr. Assange has been arrested by the Metropolitan Police for bail jumping. (Russia's government denounced the arrest as "strangling freedom.") He may be returned to Sweden, should assault charges there be reopened, or (more probably) extradited to the United States, where he's under indictment on a single count of conspiring to release classified information. That indictment, the Washington Post says, was unsealed shortly after Ecuador showed Mr. Assange the door. The alleged conspiracy was with former US Army Specialist Manning.
Accounts in the Times and elsewhere suggest the expulsion may be connected with an attempt to blackmail Mr. Assange for €3 million: the extortionists claimed to have discreditable security audio and video of the asylum seeker that they somehow obtained from embassy systems.
There's widespread agreement that incident response plans are a security essential. It's therefore dispiriting that an IBM Security study should find that over half of the organizations that have such plans never get around to exercising them.