In today’s podcast we hear about a new vigilante in the IoT—Hajime—and learn that the security industry doesn’t think much of vigilantes. Observers pore over the most recent ShadowBrokers’ files and don’t like what they see, even though most of the more dangerous exploits have been patched. Still no word on how the ShadowBrokers got their wares, or where WikiLeaks got the contents of Vault 7. BankBot is back in the PlayStore with Trojanized video apps. Attackers are seen using pixel-tracking for target recon. AsTech’s Greg Reber outlines cyber M&A due diligence. Lancaster University’s Awais Rashid describes their effort to assemble a cyber security body of knowledge. And Oracle issues a very big patch.