It took only a few days for a Linux worm to start exploiting the vulnerability in the Exim mail transfer agent. Microsoft said some Azure customers have already been affected.
A newly discovered version of the Echobot malware, which is tied to the Mirai botnet, contains eight new exploits and targets enterprise applications as well as consumer devices.
There used to be a time when malware signed with a legitimate certificate was the mark of a sophisticated, nation-state-backed attacker. Now anyone can have signed malware.
The FIN7 attack group is still alive and well, despite arrests of some alleged members and intense attention from researchers and law enforcement.
The DNSpionage attack group is now using a new backdoor called Karkoff, which may have ties to the OilRig leaks as well.