A look at some threats to ICS endpoints. EternalBlue remains a problem. US preparing attribution of the Microsoft Exchange Server hack. DoubleVPN seized. An arrest in the Gozi case.

A report on threats to industrial control systems is out, and it focuses on ransomware, coinjacking, and legacy malware. EternalBlue remains a problem. The US is preparing a formal attribution in the case of the Microsoft Exchange Server campaign. An international police operation has taken down DoubleVPN, and the authorities seem pretty pleased with their work. Joe Carrigan examines vulnerabilities in systems from Dell. Our guest is Vikram Thakur from Symantec on Multi-Factor Authentication evasion. And the guy who allegedly provided the Gozi banking malware with its bulletproof hosting has been collared in Bogota. For links to all of today's stories check out our CyberWire daily news briefing: https://www.thecyberwire.com/newsletters/daily-briefing/10/125