Microsoft is warning of a wave of phishing campaigns pushing tech support scams via malicious links to phony Amazon, Alibaba and LinkedIn web pages.

Criminals used a typo-squatting technique and uploaded rogue JavaScript libraries to a popular code repository npm.

ICS-CERT published advisories this week warning users of Siemens molecular imaging products of publicly exploits for Windows 7 versions of those devices.

Tor cofounder Roger Dingledine sets the record straight at DEF CON on popular myths, and at the same time teases upcoming features.

The news of the week is discussed, including how Marcus Hutchins, aka MalwareTech was arrested in Las Vegas, Alex Stamos’ Black Hat keynote, and this week’s proposed IoT legislation.

Cisco fixed two high severity vulnerabilities in two products this week that could have let an attacker trigger a denial of service condition or bypass local authentication.

Marcus Hutchins, aka MalwareTech the WannaCry hero, was arrested and charged with another unnamed individual with creating and distributing the Kronos banking malware.

The WannaCry story has new life with the attacks having withdrawn the Bitcoin collected as ransom during the attacks, and with the detainment of killswitch researcher Marcus Hutchins in Nevada.

Two IP cameras sold by Loftek and VStartcam are leaving over 1.3 million users open to 21 vulnerabilities that range from a lack of HTTPS encryption to bugs that open users up to cross-site request forgery attacks.

IBM fixed a cross-site scripting vulnerability in its Worklight and MobileFirst products that could have let an attacker steal sensitive information.