Interesting blog about the generic unpacking of the Locky malware using Radare r2pipe, python and the Windows 7 VM.
More information about the Shadow Brokers NSA hacking toolkit dump are coming out after analysis.
Kudelski Security research published the overview of an Equation Group exploitation arsenal for the Windows platform. Good to note, that this dump has also implicated that the NSA compromised a SWIFT system.
Symantec researchers linked the CIA hacking tools (Vault 7) to a cyber attacks launched in recent years by a Longhorn group gang specialising in the intelligence gathering operations.
Black hats have robbed at least 8 ATMs in Russia and stole $800,000 in one night using a ATMitch "fileless" malware.
FireEye documented a campaign leveraging the CVE-2017-0199 vulnerability, which enabled attackers to "download and execute a Visual Basic script containing PowerShell commands when a user opens a Microsoft Office RTF document containing an embedded exploit." It delivers so called FINSPY and LATENTBOT samples, targeting mostly Russian speaking users.
I wrote about the Broadcom’s Wi-Fi stack exploit last week, this is the second part of a series of Google Project Zero team.