Check Point warns that a new Internet-of-things botnet shaping up could become at least as damaging as Mirai. While they see some possible similarities and connections to Mirai, researchers regard this new botnet as "an entirely new and far more sophisticated campaign." The botmasters have concentrated on herding IP cameras. Check Point says "more than a million organizations" have been affected.
Sofacy (APT28) is aggressively exploiting the Adobe Flash vulnerability patched Monday. The Russian intelligence service threat actor is working to get as much as it can in the wild before the world gets around to applying the patch.
University of Washington researchers demonstrate how third-party attackers can exploit smartphone apps' targeted advertising systems to conduct surveillance of users.
Cisco joins the ranks of vendors who have patched against the KRACK WPA2 vulnerability.
Facebook draws adverse attention from those concerned with information operations and security. The social media giant says it's working to secure itself (a "painful" process) and promises to help secure upcoming Canadian elections.
Fairly or unfairly, suspicion of Kaspersky products as being the Russian FSB's royal road into the enterprise has taken firm root in the commercial sector.
NATO leaders feel unsure of their ability to counter Russian hybrid warfare, and fear losing battlefield advantage.
The cost of NotPetya pseudoransomware continues to be counted. Verisk estimates that Merck's insurers will pay out some $275 million, with the big pharma company itself on the hook for more.
Marcus Hutchins ("Malwaretech") is out on bail and unencumbered, awaiting trial.