The NSA mole hunt continues, as the weekend's New York Times piece is still drawing much comment. Observers tend to make a couple of points. First, the leaks that have reached the world through the Shadow Brokers cast doubt on any organization's ability to safeguard sensitive information. Second, every enterprise should bring its patches, particularly patches for mobile devices, up to date, as many fear a wave of mobile system hacking. Suspicion centers on either Russian intelligence services or on some group of disgruntled insiders.
Spain's government has warned the European Union that a disinformation campaign aimed at influencing the Catalan separatist movement appears to originate "in Russian territory," with much of it being repeated "from Venezuelan territory." The Spanish Defense Minister stopped short of formally accusing the Russian government.
IBM X-Force researchers report finding a new banking Trojan, IcedID. It's new, and apparently still under development, but it appears capable of using both redirection and web injection attacks. Until now, Dridex had been the only prominent banking Trojan to employ both kinds of attack. X-Force thinks IcedID is using Emotet's botnet infrastructure to distribute itself.
Commonly used anti-virus software are vulnerable to a proof-of-concept exploit, "AVGater," that bypasses their protections. Emsisoft, Ikarus, Kaspersky, Malwarebytes, Trend Micro, and Check Point have patched.
In other update news, Firefox 57 will introduce more capable sandboxing in its next version, and Google has put Android app developers on notice that it will kick anything found misusing Accessibility services out of the Play Store.