The Winter Olympics opened today, but state-sponsored threat actors have hacked in first. So far it's mostly phishing and doxing by North Korea and Russia.
Apple has filed a notice under the Digital Millennium Copyright Act to have Github remove leaked iOS source code.
Cryptomminers turn up in more uncomfortable places, among them a Tennessee hospitals electronic medical records system.
As more criminals seek payment Litecoin, that cryptocurrency appears to be taking black marketshare from Bitcoin.
Phishing shows some fresh plausibility and sophistication as the criminals pay closer attention to their marks. Researchers report a spike in conversation hijacking, where criminals interpose themselves into an email thread, spoofing one of the parties to the conversation in an effort to induce the other to open a malicious attachment that carries the Gozi Trojan as its payload. Other observers note an increase in phishing attempts that induce employees to give up their credentials so their paychecks can be directly deposited in the criminals' account. In this scam a trusted company resource is spoofed, and suspicious employees who respond to the initial phishing email with questions are promptly reassured that, yes, this is legitimate.
NETGEAR has patched five vulnerabilities Trustwave's SpiderLabs found in their broadband routers.
WordPress has issued an emergency patch for version 4.9.3, but users will have to apply it manually. Admins are finding the update comes with some headaches.
US interest in forestalling Russian mid-term election influence operations remains high, with Congress suggesting strategy to the Department of Homeland Security.