Cruddy cryptography means victims whose files have been encrypted by the Ukraine-tormenting ransomware can break the chains without paying extortionists.

https://threatpost.com/free-hermeticransom-ransomware-decryptor-released/178762/

A military email address was used to distribute malicious email macros among EU personnel helping Ukrainians.

https://threatpost.com/phishing-campaign-targeted-those-aiding-ukraine-refugees/178752/

It’s not just Ukraine: There’s a flood of intel on Russian military, nukes and crooks, says dark-web intel expert Vinny Troia, even with the Conti ransomware gang shuttering its leaking Jabber chat server.

https://threatpost.com/russia-leaks-data-thousand-cuts-podcast/178749/

Malicious Google Play apps have circumvented censorship by hiding trojans in software updates.

https://threatpost.com/teabot-trojan-haunts-google-play-store/178738/

The decryptor spilled by ContiLeaks won’t work with recent victims. Conti couldn’t care less: It’s still operating just fine. Still, the dump is a bouquet’s worth of intel.

https://threatpost.com/conti-ransomware-decryptor-trickbot-source-code-leaked/178727/

Via node-hopping, the espionage tool can reach computers that aren’t even connected to the internet.

https://threatpost.com/daxin-espionage-backdoor-chinese-malware/178706/

Microsoft detected cyberattacks launched against Ukraine hours before Russia’s tanks and missiles began to pummel the country last week.

https://threatpost.com/microsoft-ukraine-foxblade-trojan-hours-before-russian-invasion/178702/

A pro-Ukraine Conti member spilled 13 months of the ransomware group’s chats, while cyber actors are rushing to align with both sides.

https://threatpost.com/ukraine-russia-cyber-warzone-splits-cyber-underground/178693/

The infamous trojan is likely making some major operational changes, researchers believe.

https://threatpost.com/trickbot-break-researchers-scratching-heads/178678/

The ransomware gang known as Cuba is increasingly shifting to exploiting Exchange bugs – including crooks’ favorites, ProxyShell and ProxyLogon – as initial infection vectors.

https://threatpost.com/microsoft-exchange-exploited-cuba-ransomware/178665/

Ransomware is getting worse, but Daniel Spicer, chief security officer at Ivanti, offers a checklist for choosing defense solutions to meet the challenge.

https://threatpost.com/latest-insights-ransomware-threats/178391/

The options reportedly included tampering with trains, electric service and internet connectivity, hampering Russia’s military operations in Ukraine.

https://threatpost.com/white-house-denies-mulling-massive-cyberattacks-against-russia/178658/

Sonya Duffin, ransomware and data-protection expert at Veritas Technologies, shares three steps organizations can take today to reduce cyberattack fallout.

https://threatpost.com/harsh-truths-cybersecurity-part-two/178447/

The SEO poisoning bot, capable of full system takeover, is actively taking over social media accounts, masquerading as popular games like Temple Run.

https://threatpost.com/microsoft-app-store-electron-bot-malware/178629/

Demand for public Wi-Fi is on the rise. Usually free of charge, but there is a risk of expensive losses. Learn ways to protect yourself from cyber-threats.

https://threatpost.com/web-filtering-and-compliances-for-wi-fi-providers/178532/

With human error being the common factor in most cyberattacks, employee training has got to get better. To that end, Trustwave cybersec training expert Darren Van Booven explains the importance of fish stress balls and management buy-in.

https://threatpost.com/the-art-of-non-boring-cybersec-training-podcast/178594/

Attackers are sending email blasts with malware links in embedded PDFs as a way to evade email filters, lying about having fictional “video evidence.”

https://threatpost.com/sextortion-rears-its-ugly-head-again/178595/

Nothing like zombie campaigns: WannaCry’s old as dirt, and GandCrab threw in the towel years ago. They’re on auto-pilot at this point, researchers say.

https://threatpost.com/wannacry-gandcrab-top-ransomware-scene/178589/

The overall number of attacks on mobile users is down, but they’re getting slicker, both in terms of malware functionality and vectors, researchers say.

https://threatpost.com/gaming-banking-trojans-mobile-malware/178571/

The Conti gang breached the cookware giant’s network, prepping thousands of employees’ personal data for consumption by cybercrooks.

https://threatpost.com/cyberattackers-employee-personal-data-meyer/178570/