Phorpiex/Trik, a botnet with some worm functionality, is brute-forcing ransomware through port 5900. It finds vulnerable Remote Desktop Protocol and Virtual Networking Computing servers and runs through lists of commonly used credentials to gain access. Researchers at SecurityScorecard say the payload is typically a GrandCrab ransomware variant.
The holiday season isn't here yet, but it's not too early to begin thinking about retail security. Venafi is observing an unpleasant expanse of look-alike domains being registered with the apparent intent of duping online shoppers.
The US Secret Service is warning banks that there's an increase in ATM wiretapping attacks that involve drilling a small hole in an ATM, inserting the skimmer (often with an endoscope) and then covering the hole.
The Port of San Diego continues to struggle with a ransomware infestation in its business systems.
A hacker in Taiwan named Chang Chi-yuan says he's going to obliterate Mark Zuckerberg's Facebook page this weekend, and that he's live-streaming the hack. He says he's a white hat and he may well be, but on the other hand he does seem to get himself sued from time to time.
In the first case of its kind, the US Securities and Exchange Commission is bringing an enforcement action against Voya Financial Advisors for poor cybersecurity.
After receiving some tough love from Ecuador's London embassy, Julian Assange has stepped down as the leader of Wikileaks. Spokesperson Kristinn Hrafnsson will take over. Mr. Assange is still in the embassy, but Ecuador's taken away his internet access.