The Cisco Talos team has analyzed ROKRAT remote administration tool targeting South Koreans by spear phishing campaign.
The "rensenWare" ransomware is asking victims to score over 0.2 billion game currency playing the game "Touhou Project - Undefined Fantastic Object”.
The new BrickerBot malware is performing so called Permanent Denial-of-Service (PDoS) on a IoT device. It's using the same attack vector as a Mirai botnet - bruteforcing ssh passphrase. If succesful, it tries to brick device storage.
Triada Android malware is using open source DroidPlugin sandbox when running, in order to evade detection.
The security issue in the Splunk Enterprise allowed a potential attacker to steal data from the authenticated user if she visited a malicious website.
Google Project Zero demonstrated a Broadcom’s Wi-Fi stack remote code execution exploit on a fully updated Nexus 6P, running Android 7.1.1 version NUF26K.
TheShadowBrokers hacking group just leaked the NSA digital weapons package online.
WikiLeaks published documents detailing the Grasshopper framework used by the CIA to create custom Windows malware installers.
Source code of the "Stolen Goods" module contains parts of the leaked Carberp banking trojan source code.
The Xen Security Team has discovered a security bug in the hypervisor code which, if exploited, can be used for breaking Qubes OS isolation.
Exploit chaining required for the full system takeover tough.
Interesting research about the using antivirus software as a leverage during the attack.
"Automatically Inferring Malware Signatures for Anti-Virus Assisted Attacks"