A politically motivated group is paralyzing Israeli entities with no financial goal – and no intention of handing over decryption keys.

https://threatpost.com/mosesstaff-locks-targets-ransom-decryption/176366/

Researchers observed what looks like the Emotet botnet – the “world’s most dangerous malware” – reborn and distributed by the trojan it used to deliver.

https://threatpost.com/emotet-resurfaces-trickbot/176362/

An analysis of ransomware attack negotiation-data offers best practices.

https://threatpost.com/ransomware-response-data/176360/

Malicious groups disable features in Alibaba Cloud ECS instances for Monero cryptojacking, according to Trend Micro researchers.

https://threatpost.com/cybercriminals-alibaba-cloud-cryptomining-malware/176348/

The alert was mumbo jumbo, but it was indeed sent from the bureau’s email system, from the agency’s own internet address.

https://threatpost.com/fbi-system-exploit-email-fake-cyberattack-alert/176333/

Europol reports that criminal groups are undermining the EU’s economy and its society, offering everything from murder-for-hire to kidnapping, torture and mutilation.

https://threatpost.com/organized-cybercrime-syndicates-europol/176326/

Immutable storage and more: Sonya Duffin, data protection expert at Veritas Technologies, offers the Top 10 steps for building a multi-layer resilience profile.

https://threatpost.com/cybersecurity-best-practices-ransomware/176316/

Google researchers have detailed a widespread watering-hole attack that installed a backdoor on Apple devices that visited Hong Kong-based media and pro-democracy sites.

https://threatpost.com/mac-zero-day-apple-hong-kong/176300/

Ransomware volumes are up 1000%. Aamir Lakhani, cybersecurity researcher and practitioner at FortiGuard Labs , discusses secure email, network segmentation and sandboxing for defense.

https://threatpost.com/invest-3-key-security-technologies-ransomware/176246/

A Russian-language threat group is available for hire, to steal data on journalists, political leaders, activists and from organizations in every sector.

https://threatpost.com/cyber-mercenary-void-balaur/176230/

A bill introduced this week would regulate ransomware response by the country’s critical financial sector.

https://threatpost.com/congress-ban-ransomware-payouts/176213/

The One Font BEC campaign targets Microsoft 365 users and uses sophisticated obfuscation tactics to slip past security protections to harvest credentials.

https://threatpost.com/tiny-font-size-email-filters-bec-phishing/176198/

PhoneSpy already has stolen data and tracked the activity of targets in South Korea, disguising itself as legitimate lifestyle apps.

https://threatpost.com/new-android-spyware-poses-pegasus-like-threat/176155/

Experts urged users to prioritize patches for Microsoft Exchange and Excel, those favorite platforms so frequently targeted by cybercriminals and nation-state actors.

https://threatpost.com/microsoft-nov-patch-tuesday-fixes-six-zero-days-55-bugs/176143/

The Q3 2021 report revealed a 4.5% increase in CVEs associated with ransomware and a 3.4% increase in ransomware families compared with Q2 2021.

https://threatpost.com/12-new-flaws-used-in-ransomware-attacks-in-q3/176137/

Yaron Kassner, CTO of Silverfort, delves into the pros and cons of transparency when it comes to cybersecurity tools’ algorithms.

https://threatpost.com/security-tool-transparency/176113/

The U.S. is seeking the extradition of a Ukrainian man, Yaroslav Vasinskyi, whom they suspect is behind the Kaseya supply-chain attacks and other REvil attacks.

https://threatpost.com/revil-affiliates-arrested-doj-europol/176087/

Researchers have uncovered a large, tangled web of infrastructure being used to enable a wide variety of cyberattacks.

https://threatpost.com/zebra2104-initial-access-broker-malware-apts/176075/

A new campaign is prying apart a known security vulnerability in the Zoho ManageEngine ADSelfService Plus password manager, researchers warned over the weekend. The threat actors have managed to exploit the Zoho weakness in at least nine global entities across critical sectors so far (technology, defense, healthcare, energy and education), deploying the Godzilla webshell and […]

https://threatpost.com/zoho-password-manager-flaw-godzilla-webshell/176063/

An FBI notification is warning of an uptick in attacks against tribal casinos.

https://threatpost.com/native-tribal-casinos-ransomware-losses/176060/