The U.S. Department of Justice indites middle-aged doctor, accusing him of being a malware mastermind.

https://threatpost.com/doj-says-doctor-is-malware-mastermind/179659/

Researchers say a GitHub proof-of-concept exploitation of recently announced VMware bugs is being abused by hackers in the wild.

https://threatpost.com/vmware-bugs-abused-mirai-log4shell/179652/

An account promoting the project—which offers a range of threat activity from info-stealing to crypto-mining to ransomware as individual modules—has more than 500 subscribers.

https://threatpost.com/telegram-spread-eternity-maas/179623/

Researchers discovered a simple malware builder designed to steal credentials, then pinging them to Discord webhooks.

https://threatpost.com/malware-discord-webhooks/179605/

The stealthy, feature-rich malware has multistage evasion tactics to fly under the radar of security analysis, researchers at Proofpoint have found.

https://threatpost.com/nerbian-rat-advanced-trick/179600/

Why a private college that stayed in business for 157 years had to close after the combo of COVID-19 and ransomware proved too much.

https://threatpost.com/ransomware-deathblow-college/179574/

The threat group has leaked data that it claims was stolen in the breach and is promising more government-targeted attacks.

https://threatpost.com/conti-ransomware-attack-emergency-costa-rica/179560/

Researchers say a hacker is selling access to quality malware for chump change.

https://threatpost.com/low-rent-rat-worries-researchers/179553/

Activity dubbed ‘Raspberry Robin’ uses Microsoft Standard Installer and other legitimate processes to communicate with threat actors and execute nefarious commands.

https://threatpost.com/usb-malware-targets-windows-installer/179521/

A sophisticated campaign utilizes a novel anti-detection method.

https://threatpost.com/attackers-use-event-logs-to-hide-fileless-malware/179484/

The Botnet appears to use a new delivery method for compromising Windows systems after Microsoft disables VBA macros by default.

https://threatpost.com/emotet-back-new-tricks/179410/

A full 89 percent of organizations experienced one or more successful email breaches during the previous 12 months, translating into big-time costs.

https://threatpost.com/email-security-fail-block-threats/179370/

Citizen Lab uncovers multi-year campaign targeting autonomous region of Spain, called Catalonia.

https://threatpost.com/catalangate-spyware/179336/

Fortinet’s Derek Manky discusses the exponential increase in the speed that attackers weaponize fresh vulnerabilities, where botnets and offensive automation fit in, and the ramifications for security teams.

https://threatpost.com/cyberattackers-speed-fortinet-podcast/179294/

Connections that show the cybercriminal teams are working together signal shifts in their respective tactics and an expansion of opportunities to target victims.

https://threatpost.com/karakurt-conti-diavol-ransomware/179317/

Threat actors have developed custom modules to compromise various ICS devices as well as Windows workstations that pose an imminent threat, particularly to energy providers.

https://threatpost.com/feds-apts-critical-infrastructure/179291/

Accounting materials from the Italy-based luxury fashion house were leaked online by RansomExx because the company refused to pay.

https://threatpost.com/menswear-zegna-ransomware/179266/

The APT28 (Advanced persistence threat) is operating since 2009, this group has worked under different names such as Sofacy, Sednit, Strontium Storm, Fancy Bear, Iron Twilight, and Pawn.

https://threatpost.com/microsoft-takedown-domains-ukraine/179257/

Google removed six different malicious Android applications targeting mainly users in the U.K. and Italy that were installed about 15,000 times.

https://threatpost.com/google-play-bitten-sharkbot/179252/

Huntress Labs R&D Director Jamie Levy busts the old “Macs don’t get viruses” myth and offers tips on how MacOS malware differs and how to protect against it.

https://threatpost.com/macos-malware-myth-vs-truth-podcast/179215/