Google today disclosed the existence of a Windows zero-day vulnerability under attack. The flaw was reported to Microsoft 10 days ago; Microsoft says the disclosure puts users at risk.
A variant of the Nymaim dropper has surfaced, and it includes new delivery methods, obfuscation techniques, and the use of PowerShell to download payloads.
The Article 29 Working Party, an EU privacy coalition urges WhatsApp to clarify that user information shared between the company and Facebook is compliant with data protection laws on the books in Europe.
A buffer overflow found in the Mirai botnet could eliminate its ability to carry out HTTP flood attacks. But exploiting that vulnerability puts defenders in a gray area with regard to hacking back.
Mike Mimoso and Chris Brook recap the news of the week, including the storylines around last week’s Dyn DDoS attack, Keen Team winning big again at Pwn2Own, and a fake Windows installer.