Casey Ellis, CTO at Bugcrowd, outlines how international relations have deteriorated into a new sort of Cold War, with espionage playing out in the cyber-domain.

https://threatpost.com/global-cyberattacks-nation-state-threats/177253/

A look back at what was hot with readers in this second year of the pandemic.

https://threatpost.com/5-top-threatpost-stories-2021/177278/

Attackers use the Telegram handle “Smokes Night” to spread the malicious Echelon infostealer, which steals credentials for cryptocurrency and other user accounts, researchers said.

https://threatpost.com/telegram-steal-crypto-wallet-credentials/177266/

The origin of the Monero cryptominer file has been traced to a Russian torrent website, researchers report.

https://threatpost.com/spider-man-no-way-home-download-installs-cryptominer/177254/

Overtaking the Conti ransomware gang, PYSA finds success with government-sector attacks.

https://threatpost.com/pysa-top-ransomware-november/177242/

Conti has become the first professional-grade, sophisticated ransomware group to weaponize Log4j2, now with a full attack chain.

https://threatpost.com/conti-ransomware-gang-has-full-log4shell-attack-chain/177173/

Meta, Facebook’s parent company, said that the seven banned actors run fake accounts on its platforms to deceive users and plant malware on targets’ phones.

https://threatpost.com/facebook-bans-spy-hire/177149/

Joker malware was found lurking in the Color Message app, ready to fleece unsuspecting users with premium SMS charges.

https://threatpost.com/malicious-joker-app-downloads-google-play/177139/

Oliver Tavakoli, CTO at Vectra AI, takes us inside the coming nexus of ransomware, supply-chain attacks and cloud deployments.

https://threatpost.com/cloud-ransomware-convergence/177112/

The incident occurred last weekend at the popular chain of restaurants, hotels and breweries, which is still facing disruptions.

https://threatpost.com/conti-gang-ransomware-attack-mcmenamins/177119/

Analysts warn that the attack group, now known as ‘Earth Centaur,’ is honing its attacks to go after transportation and government agencies.

https://threatpost.com/tropic-trooper-transportation/177106/

It’s similar to Lazarus’s Manuscrypt malware, but the new spyware is splattering itself onto government organizations and ICS in a non-Lazarus-like, untargeted wave of attacks.

https://threatpost.com/pseudomanuscrypt-mass-spyware-campaign/177097/

The new tool manipulates Windows Registry in unique ways to evade security detections and is likely being used by ransomware groups for initial network access.

https://threatpost.com/darkwatchman-rat-evolution-fileless-malware/177091/

More than 1.8 million attacks, against half of all corporate networks, have already launched to exploit Log4Shell.

https://threatpost.com/log4j-attacks-state-actors-worm/177088/

“Owowa” stealthily lurks on IIS servers, waiting to harvest successful logins when an Outlook Web Access (OWA) authentication request is made.

https://threatpost.com/malicious-exchange-server-module-outlook-credentials/177077/

Not only is the jaw-dropping flaw in the Apache Log4j logging library ubiquitous; Apache’s blanket of a quickly baked patch for Log4Shell also has holes.

https://threatpost.com/apache-patch-log4shell-log4j-dos-attacks/177064/

If 2021 was the Year of Supply Chain Pain, 2022 will be the Year of Supply Chain Chronic Pain (or something worse than pain). This past year, the pain was felt in two significant ways: through the supply chain disruptions caused by COVID-19, and through the many security breaches that we saw in our key […]

https://threatpost.com/supply-chain-pain-and-changing-security-roles/177058/

December’s Patch Tuesday updates address six publicly known bugs and seven critical security vulnerabilities.

https://threatpost.com/exploited-microsoft-zero-day-spoofing-malware/177045/

The new campaign masqueraded as an Orange Telecom account management app to deliver the latest iteration of Anubis banking malware.

https://threatpost.com/400-banks-targeted-anubis-trojan/177038/

An exclusive roundtable of security researchers discuss the specific implications of CVE-2021-44228 for smaller businesses, including what’s vulnerable, what an attack looks like and to how to remediate.

https://threatpost.com/log4shell-bug-smbs-experts/177021/