Intel has acknowledged and begun to fix a firmware vulnerability researchers say is nine years old. The company warns that, if left unpatched, the flaw could lead to remote management takeover of systems using Intel Active Management Technology, Intel Small Business Technology and Intel Standard Manageability. These are widely used by small and medium enterprises, who are advised to work through the patching as soon as practicable.
IBM inadvertently shipped Trojanized USB sticks to customers. The devices were to be used as initializers for IBM Storwize disk racks. The company is advising customers to destroy the USB drives. The malware is apparently a Trojan dropper that enables installation of other malware; according to Kaspersky researchers, this particular malware strain has hitherto mostly affected Russian systems.
Cybereason reports that "ShadowWali," a run-of-the-mill but quietly effective backdoor, has been used to attack Japanese businesses since 2015.
Check Point warns that OSX/Dok, malware that installs a backdoor and monitors web traffic, has been spreading through European targets. Like most successful Mac malware, it's disseminated through phishing. The phishbait has been official-looking but bogus emails purporting to be from, for example, national tax departments.
Neustar today released a major study of DDoS trends. The problem is increasing: the size, pace, and volume of attacks have grown significantly over the past year, as have the costs they exact from enterprises.
There's growing sentiment in the UK's Parliament to punish social media and Internet service providers who fail to stop "hate speech" from crossing their platforms.