OilRig hires the Russian cyber-mob. WannaCry updates. Other EternalBlue exploits surface in the wild. Pending legislation in the US Congress. NIST issues guidelines for Executive Order compliance.
In today's podcast, we hear that Iran's OilRig cyberespionage campaign seems to employing Russian hoods, and BlackEnergy. WannaCry recovery continues, but there may be worse to come. Still talking funny, the ShadowBrokers say you'll be able to subscribe to an Equation Group leak service next month. The US Senate considers putting the Vulnerability Equities Process on a legal foundation. NIST issues draft guidance on cyber Executive Order implementation. Level 3 Communications' Dale Drew predicts there's more ransomware in our futures. Mandeep Khera from Arxan Technologies outines vulnerabilities in mobile apps. And political parties in Western Europe still stink at email security, for all their worries about Fancy Bear.