An explosion and fire at Iran’s Natanz uranium processing center last Thursday is being widely attributed, by Iranian authorities and others, to a cyberattack, but the case isn't obvious. Tehran says investigators had determined the cause of the attack but were withholding details for security reasons. Reuters says unnamed Iranian officials called it either a US or Israeli cyberattack. While promising retaliation for any cyberattack against its nuclear facilities, Iran stopped short of publicly blaming either the US or Israel.
Breaking Defense cited Israeli cyber experts who were quick to call the incident a "kinetic cyberattack," but who also said it wasn't an Israeli operation. Over the weekend Israeli Foreign Minister Ashkenazi and Defense Minister Ganz issued soft denials, the Jerusalem Post reports, apparently intended to preserve strategic ambiguity.
Before the fire became public knowledge Thursday, the BBC's Persian service said a self-proclaimed Iranian dissident group, the "Cheetahs of the Homeland," claimed responsibility for the sabotage. But, as the AP points out, there's some implausibility in the Cheetahs' self-presentation.
Satellite imagery and Iranian statements confirm a destructive fire. Beyond that it's unclear what happened, and worth noting that Breaking Defense's sources understand "cyberattack" expansively, including possible remote disabling of security cameras to facilitate sabotage. Accident or conventional sabotage are at least as (and arguably more) probable, as Forbes sensibly notes.
US Cyber Command urges users to patch F5 BIG-IP application-delivery controller bugs immediately.
Sanssec researchers find North Korea's Lazarus Group using Magecart to skim US and European online shoppers' paycards.