Mike Mimoso and Chris Brook recap the news of the week, including the storylines around last week’s Dyn DDoS attack, Keen Team winning big again at Pwn2Own, and a fake Windows installer.

Cisco warns of 16 flaws in its latest security bulletin, mostly impacting its Cisco AsyncOS software used in its Email Security Appliances.

Microsoft announced it has extended a feature in Office 2016 that protects against malicious macros to Office 2013.

Analysis by DNS provider Dyn hints that more than 1 terabyte per second of traffic may have been used in last week’s massive DDoS attack that impacted Internet service on the East Coast.

Hackers with Keen Team identified vulnerabilities in iOS 10.1 and Android Nougat at Mobile Pwn2Own this week.

Attackers can leverage a design weakness in all versions of Windows to carry out code injection attacks that bypass detection by security software.

Joomla fixed two critical issues in the content management system and is strongly encouraging users to update their sites immediately.

Three vulnerabilities, all which can lead to remote code execution, exist in the LibTIFF library.

Adobe released an emergency Flash Player update that patches a use-after-free vulnerability being exploited in targeted attacks.

Sen. Mark Warner of Virginia wrote a letter to the heads of the FCC, FTC and DHS asking whether ISPs have the power to keep insecure connected devices off the public Internet.