Malwarebytes researchers warn that a fresh, more dangerous version of DMA Locker ransomware will soon appear in the wild. DMA Locker was famous for its easily cracked encryption, but in version 4.0 the criminal developers seem to have done better. (Right for them, wrong for the rest of us.)
Turla espionage malware has hit Swiss defense firm RUAG. Switzerland’s CERT describes the attack as as careful, closely targeted, and patient. It seems to have begun at least as early as 2014.
ESET last week received the keys to TeslaCrypt, along with something like an apology from the ransomware’s criminal controllers. But there’s less remorse here than meets the eye: Bleeping Computer says TeslaCrypt’s impresarios have shifted to CryptXXX.
The recently patched Flash zero-day has been integrated into at least three exploit kits: Magnitude, Angler, and Neutrino.
In industry news, the SWIFT funds transfer system plans to release a plan for upgrading security sometime today. The organization intends to improve information sharing, “harden” security requirements for its member institutions, and offer help detecting fraud through some form of pattern recognition.
IBM is preparing for layoffs, but it’s still hiring in the areas into which it intends to expand, notably security.
Panama Papers post mortems proceed, reaching some consensus among observers that Mossac Fonseca was the victim of an SQL injection attack.
The US House and Senate have published versions of the Defense Authorization Act; both have significant implications for cyber policy.
Phineas Phisher seems to be starting a hack-back political movement.