2561

May’s Patch Tuesday Include Fixes for ‘Wormable’ Flaw in Windows XP, Zero-Day Vulnerability
https://blog.trendmicro.com/trendlabs-security-intelligence/mays-patch-tuesday-include-fixes-for-wormable-flaw-in-windows-xp-zero-day-vulnerability/

===================================================
Microsoft’s May security release includes updates for 80 vulnerabilities for a number of Microsoft products, including a security update for unsupported operating systems such as Windows XP and Server 2003 not included in the mainstream customer support notification.

2562

The May 2019 Security Update Review
https://www.zerodayinitiative.com/blog/2019/5/14/the-may-2019-security-update-review

2563

This option is available for macOS Mojave, High Sierra, and Sierra after installing security updates.

https://support.apple.com/en-us/HT210108

2564

Bots Tampering with TLS to Avoid Detection
https://blogs.akamai.com/sitr/2019/05/bots-tampering-with-tls-to-avoid-detection.html

2565

Plead malware distributed via MitM attacks at router level, misusing ASUS WebStorage
https://www.welivesecurity.com/2019/05/14/plead-malware-mitm-asus-webstorage/

2566

The Trade Secret - Firms That Promised High-Tech Ransomware Solutions Almost Always Just Pay the Hackers
https://features.propublica.org/ransomware/ransomware-attack-data-recovery-firms-paying-hackers/

2567

Recent MuddyWater-associated BlackWater campaign shows signs of new anti-detection techniques
https://blog.talosintelligence.com/2019/05/recent-muddywater-associated-blackwater.html

2568

JSWorm 2.0 Ransomware Decryptor Gets Your Files Back For Free
https://www.bleepingcomputer.com/news/security/jsworm-20-ransomware-decryptor-gets-your-files-back-for-free/

2569

A journey to Zebrocy land
https://www.welivesecurity.com/2019/05/22/journey-zebrocy-land/

2570

Sorpresa! JasperLoader targets Italy with a new bag of tricks
https://blog.talosintelligence.com/2019/05/sorpresa-jasperloader.html

2571

Hack for Hire: Exploring the Emerging Market for Account Hijacking
https://www.sysnet.ucsd.edu/~voelker/pubs/hackforhire-www19.pdf

2572

Abusing Code Signing for Profit
https://medium.com/@chroniclesec/abusing-code-signing-for-profit-ef80a37b50f4

2573

HawkEye Malware Operators Renew Attacks on Business Users
https://securityintelligence.com/hawkeye-malware-operators-renew-attacks-on-business-users/

2574

The Nansh0u Campaign – Hackers Arsenal Grows Stronger
https://www.guardicore.com/2019/05/nansh0u-campaign-hackers-arsenal-grows-stronger/

2575

Xulu: Cryptojacking Leveraging Shodan, Tor, and Malicious Docker Container
https://www.alibabacloud.com/blog/xulu-cryptojacking-leveraging-shodan-tor-and-malicious-docker-container_594869
https://blog.trendmicro.com/trendlabs-security-intelligence/infected-cryptocurrency-mining-containers-target-docker-hosts-with-exposed-apis-use-shodan-to-find-additional-victims/

2576

Justice Dept. Explores Google Antitrust Case
https://www.nytimes.com/2019/05/31/business/google-antitrust-justice-department.html

2577

It always amazes me when an inefficient Government agency investigates a successful business.

2578

Microsoft Azure Being Used to Host Malware and C2 Servers
https://www.bleepingcomputer.com/news/security/microsoft-azure-being-used-to-host-malware-and-c2-servers/

2579

BlackSquid Slithers Into Servers and Drives With 8 Notorious Exploits to Drop XMRig Miner
https://blog.trendmicro.com/trendlabs-security-intelligence/blacksquid-slithers-into-servers-and-drives-with-8-notorious-exploits-to-drop-xmrig-miner/

2580

It’s alive: Threat actors cobble together open-source pieces into monstrous Frankenstein campaign
https://blog.talosintelligence.com/2019/06/frankenstein-campaign.html