Threatpost News Wrap, May 19, 2017

Mike Mimoso and Chris Brook discuss WannaCry, Microsoft's response, the killswitches, a potential link with Lazarus Group, and what the future holds for the ShadowBrokers.

PATCH Act Calls for VEP Review Board

The PATCH Act proposes the formation of a review board that would formalize and make transparent the processes by which the government determines whether it will use or disclose a zero-day vulnerability.

Android Gets Security Makeover With Google Play Protect

Google announces big changes for Android security including new features, a rebranding of old services and an updated UI, all streamlined under a new service called Google Play Protect.

WordPress Fixes CSRF, XSS Bugs, Announces Bug Bounty Program

WordPress fixed six vulnerabilities with version 4.7.5 and announced a bug bounty program with HackerOne this week.

Senate’s Use of Signal A Good First Step, Experts Say

The Senate's use of the end-to-end encrypted messaging app Signal is a good first step in protecting U.S. democratic institutions, but much more needs to be protected.

Patches Pending for Medical Devices Hit By WannaCry

Companies such as Siemens and Bayer are planning to release patches for medical devices hit by the ransomware WannaCry over the past several days.

Cisco TelePresence IX5000 Series Directory Traversal Vulnerability

A vulnerability in the web framework of the Cisco TelePresence IX5000 Series could allow an unauthenticated, remote attacker to access arbitrary files on an affected device. The vulnerability is due to insufficient input validatio...

APT3 Linked to Chinese Ministry of State Security

Researchers claim that APT3, widely believed to be a China-based threat actor, is directly connected to the Chinese Ministry of State Security (MSS).

Next NSA Exploit Payload Could be Much Worse Than WannaCry

Researchers urge Windows admins to apply MS17-010 before the next attack using the EternalBlue NSA exploit deploys a worse payload than WannaCry ransomware.

DocuSign Phishing Campaign Includes Hancitor Downloader

DocuSign warns of a breach and subsequent theft of email addresses that are part of a phishing campaign that employs malicious macro-laced Word documents.

Apple Patches Pwn2Own Vulnerabilities in Safari, macOS, iOS

Apple fixed 66 vulnerabilities - many found at March's Pwn2Own competition - across seven product lines, including Safari, iTunes, macOS, and iOS, on Monday.

WannaCry Shares Code with Lazarus APT Samples

Experts have confirmed there are similarities between code used by the ransomware WannaCry and the Lazarus APT.