An open-source ransomware project forms the basis of a new family of ransomware, desuCrypt and its Deuscrypt variant, now being widely distributed in criminal souks. Researcher Michael Gillespie has developed a decryptor for infected files.
Fortinet reports that SpriteCoin, a bogus cryptocurrency that's nothing more than phishbait that leads to ransomware, not only encrypts victims' files, but, after they pay the ransom (only Monero is accepted) then installs malware that parses images, harvests certificates, and activates web cameras.
IoT devices containing ARC chipsets are turning up in Satori botnets, which indicates that botnet controllers have significantly increased the number of maverick devices they can rope into their herd.
Intel tells users to disregard its recent Spectre patch. A new, less troublesome version is due out soon.
Farsight Security has issued a study of how Internationalized Domain Names (IDNs) can use non-Latin characters from, say the Greek or Cyrillic alphabets, to craft sites that impersonate urls that use the more familiar Roman characters. Spoofed sites are used for more persuasive phishing. Thus a Cyrillic мягкий знак ("myagkii znak") softsign, "ь," can be used to spell "faceьook," which might fool the casual eyes of users normally alert to the urls they follow. Companies whose sites have been impersonated in this way include Apple, Adobe, Amazon, Bank of America, Cisco, Coinbase, Credit Suisse, eBay, Bittrex, Google, Microsoft, Netflix, New York Times, Twitter, Walmart, Yahoo, Wikipedia, YouTube, and Yandex.
ISIS seeks to inspire lone wolf terrorists (and frighten infidels) with the slogan "We are in your home."