Shamoon post-mortems continue as affected Saudi networks mop up the infection.
Over the past week ransomware protection companies Emsisoft and Dr. Web were both hit with distributed denial-of-service attacks, apparently in retaliation for both companies' good work in offering decryption tools and other security assistance to ransomware victims. Emsisoft has told Bleeping Computer that they believe the author of MRCR is responsible for organizing the campaign.
Trend Micro is describing another ransomware campaign, which they're calling "RANSOM_NETIX.A." It's targeting Windows users who also use Netflix, and it's holding their Netflix login credentials hostage. And the Cockrell Hill, Texas, police department has also fallen victim to ransomware. In their case it's thought the infestation came through the usual spam vectors. Security firm Acronis identifies the ransomware strain as "Osiris," an evolved version of Locky. The police declined to pay, instead biting the bullet and wiping the infected server, accepting the loss of several years' worth of records.
Trustwave reports Netgear routers are susceptible to authentication bypass flaws. They disclosed their findings to Netgear, which is making security updates available.
Several researchers are reporting use of malicious SVG image files in the wild.
In industry news, Keysight's rumored acquisition of Ixia seems to be happening, with Ixia fetching $1.6 billion.
ISIS is making hay of President Trump's order restricting immigration from seven Muslim-majority countries. Its narrative suggests (1) ISIS represents Islam, and (2) Islam is the victim here.
Those following Russia's FSB shake-up may wish to revisit an old interview with Shaltai-Boltai.