Akamai’s quarterly State of the Internet report sees a continuing rise in cheap-to-mount but disruptive DDoS attacks, many of them using stresser/booter-based botnets. Akamai also reports that account takeover attacks are particularly targeting financial and entertainment verticals.
Bogus Apple domains are the source of several phishing expeditions targeting users in the UK and China. FireEye says the phishers are after Apple IDs and passwords.
Victims of the Mount Gox cryptocurrency exchange collapse are being phished from the Kraken Exchange, Cyren warns.
Crysis crypto ransomware is overtaking both Locky and TeslaCrypt. ESET says Crysis is unusual in its indifference to file extensions.
Trend Micro warns that BlackShades ransomware also remains active.
Fortinet describes “Herbst,” apparently still in beta, but whose authors seem to be preparing for a ransomware campaign against German speakers (perhaps this fall).
The Facebook Messenger bug Check Point found is said to enable attackers to alter previously sent messages.
SecureWorks explains the recurrence of malware in cleaned systems: some malicious code exploits BITS, a native Windows tool used to retrieve updates.
As investigations into SWIFT-related fraudulent transfers proceed, US bank regulators, specifically those associated with the Federal Financial Institutions Examination Council (FFIEC), are warning financial institutions to pay attention to compliance, follow best security practices, and expect closer scrutiny.
In industry news, Fortinet buys SIEM shop AccelOps.
US Cyber Command finds retention more challenging than recruiting.
In a move to upgrade its security posture, Singapore will cut most civil servants’ workplace Internet access by May of next year.