FireEye is describing an Iranian threat group, "APT33," which has been operating since 2013, and which FireEye has been tracking since May 2016. The news is that APT33, which had hitherto been principally an espionage operation, appears to be running a new destructive malware campaign similar to the Sandworm effort that's been associated with Russia.
The Russian dog German authorities have been listening for still hasn't barked in the run-up to Sunday's German elections.
UpGuard has discovered another unsecured AWS S3 bucket, this one belonging to Viacom, and exposing the company's IT infrastructure.
Barracuda is tracking an "aggressive" ransomware campaign operated principally from Vietnam. It's using a variant of the tried-and-true Locky ransomware.
Check Point warns that DU Antivirus Security, a free security app available in Google Play, is in fact harvesting user data and sharing them with other apps.
SfyLabs, poking into a Russian criminal forum, has found a new banking Trojan, "Red Alert 2.0." It's worth noting the increasing commodification of malware. Google says this trend puts attack capabilities not only in criminal hands, but in the hands of poorly resourced rogue governments as well.
Reports yesterday that Equifax had sustained an earlier breach that was only now being disclosed turn out to be only partially true. The credit bureau did indeed sustain a breach in March, well before the incident disclosed on September 14, but the company did in fact disclose that breach in a relatively timely manner. The industry press picked it up; big media didn't.