Researchers see newly evolved strains of malware showing more sophisticated evasion capabilities. Trustwave reports that the Neutrino exploit kit now uses OS fingerprinting to screen out Linux devices security researchers commonly use. Palo Alto Networks describes how the T9000 custom backdoor identifies 24 security products, and then customizes its installation to evade analysis.
The ransomware campaign afflicting WordPress sites continues to serve up TeslaCrypt.
Someone (perhaps a white hat?) has coopted a Dridex botnet to deliver, not Trojans, but rather an Avira Antivirus installer. (Whoever did it, it wasn't Avira.)
In industry news, Symantec reported solid results last night. The fate of Norse remains murky even as its former CEO hits back at critics. Some analysts believe VCs are rethinking threat-intelligence plays, but the subsector still seems to have room to run.
Reports from US intelligence sources suggest a weakening of ISIS in its core territories, and there's some cautious optimism that ISIS realities may be undermining its narrative in ways its information ops will find it difficult to overcome.
Concerns about terrorism prompt governments to seek more comprehensive surveillance powers. Poland is the latest to enact a law enabling such surveillance. The EU's not happy about the new laws, but Poland is probably more bellwether than outlier in European surveillance policy.
The UK and the US discuss extending the UK ability to serve wiretap warrants in the US.
Privacy Shield's happy afterglow dims a bit with concerns over whether it will hold up in EU courts. Businesses, stay cautious.