Avanan reports finding "baseStriker," a phishing technique that crafts HTML in emails so that malicious links, even those on a blacklist, pass through the Safe Links feature of Microsoft Office 365's Advanced Threat Protection.
The AP says it has evidence showing that 2015 threats communicated via Facebook to spouses of US military personnel were not in fact from ISIS, and that those particular operations, like the TV5 Monde hack that same year, were the work of Fancy Bear (Russia's GRU). The GRU was flying the false flag of the Cyber Caliphate.
Bitdefender describes the "Hide-and-Seek" botnet, an IoT botnet that survives device reboots.
Palo Alto Networks finds a significant increase in the rate of cyberattacks by the Nigerian gang Palo Alto tracks as "SilverTerrier." They made on average 17,600 attempts each month during 2017, up from 2016's average of 12,200.
Microsoft patched some sixty-seven issues with its products yesterday. One of the vulnerabilities addressed merits particular attention: CVE-2018-8174, which affects the way the Windows' scripting engine handles certain classes of objects, is already being exploited in the wild. Adobe also patched, addressing issues in Flash Player and the Adobe Creative Suite. vpnMentor is offering an "unofficial" fix for vulnerable Dasan GPON routers.
Georgia Governor Nathan Deal has vetoed that state's ill-received State Bill 315 ("catastrophically stupid," in BoingBoing's headline assessment), which would have criminalized many common and legitimate security research practices. It also would have authorized certain forms of hacking back under the rubric of "active defense" (also poorly received).