In an unusual move, Metamorfo abuses legitimate, signed Windows binaries to load the malicious code. Go to Source

Webstresser[.]org, a DDoS-for-hire market believed to be behind at least 4 million cyberattacks around the world, has served up its last internet-paralyzing traffic tsunami. Go to Source

Researchers discovered a flaw in Amazon’s Alexa virtual assistant that enabled them to eavesdrop on consumers with smart devices – and automatically transcribe every word said. Go to Source

A leaky Mongo database exposed personal information of 25,000 investors and potential investors tied to the Bezop cryptocurrency. Go to Source

Researchers have found an exploit in Nvidia Tegra X1-based systems that they say cannot be patched. Go to Source

A freshly minted attack group dubbed Orangeworm has been uncovered, deploying a custom backdoor in mostly healthcare-related environments. It’s bent on laser-focused, comprehensive corporate espionage, with a noisy attack vector that shows that it’s unlikely… Orangeworm Mounts Espionage Campaign Against Healthcare

The Ukrainian Energy Ministry has been hit by a ransomware attack – and for once it looks like this is the work of amateurs, not nation-state attackers bent on making a geopolitical point. However, the… Ransomware Attack Hits Ukrainian Energy Ministry, Exploiting Drupalgeddon2

A botnet has exploited a highly critical Drupal CMS vulnerability, which was previously disclosed by Drupal in March. Go to Source

Andy Ellis, CSO Akamai, discusses how the company works with others within the cybersecurity landscape to help keep the internet safe. Go to Source

Threatpost’s Tom Spring talked to Roman Unuchek, senior malware analyst at Kaspersky Lab, about his discoveries this week at the RSA Conference. Go to Source