The US NSA has just released an advisory warning that twenty-five vulnerabilities are under active exploitation by Chinese government cyber operators. All twenty-five vulnerabilities are well-known and have available patches and mitigations.
The Guardian reports that the UK's National Cyber Security Centre (NCSC) says it’s discovered Russian plans to interfere with the (postponed) 2020 Tokyo Olympics.
The US Justice Department yesterday announced the indictment of six Russian GRU officers belonging to unit 74455, the group commonly known as "Sandworm." The conspiracy charged covers disruption of Ukraine's power grid, the destructive NotPetya attacks, operations directed against the Winter Olympics in South Korea, and against elections in France and other countries.
This morning the US Justice Department also brought its long-expected anti-trust suit against Google. Reuters reports that eleven states have joined in the suit.
Darkside, a ransomware gang that came to prominence in August as a "big-game hunter" that went after deep-pocketed corporations, has apparently donated some of its proceeds to two charities, Children International and the Water Project, each of which ZDNet says have received $10,000 in Bitcoin. This isn't unknown in the history of organized crime, from the Yakuza to the Chicago Outfit to the Gulf Cartel, so pump the brakes before following a PR ploy to elevate the Darkside to the status of a modern Robin Hood.
Avast picks up last week's story on vulnerable intimacy-device Qiui Cellmate, and draws a lesson: avoid abandonware, software beyond the ability of its vendors to maintain, something endemic to the Internet-of-things.