Mike Mimoso and Chris Brook discuss this week’s Virus Bulletin conference in Denver and CNBC’s Cambridge Cyber Summit at MIT, the NSA contractor arrest, APT false flags, and more.

Investigating state-sponsored espionage and counterterrorism is one thing. Writing public reports about these activities is another.

Mike Mimoso talks to Kaspersky Lab Global Research and Analysis Team researchers Juan Andres Guerrero-Saade and Brian Bartholomew about a paper released at Virus Bulletin on deception tactics and false flags flown by APT groups to frustrate analysis.

Victims infected with the MarsJoke ransomware can now decrypt their files; researchers cracked the encryption in the CTB-Locker lookalike last week.

The first mobile banking Trojan that obtains root privileges on Android devices has been seen in the wild.

A rogue and malicious app that billed itself as a “Guide for Pokémon GO” managed to make it into Google Play’s marketplace. Once installed, the malware-laced app gave attackers root access to any Android device it was installed on. The app, actually a Trojan in disguise, contained a nasty piece of code that went onto...

Researchers on Wednesday confirmed that an OS X variant of a recently discovered family of cross-platform backdoors exists. Stefan Ortloff, a researcher with Kaspersky Lab’s Global Research and Analysis Team, identified the family of backdoors called Mokes in January, but it wasn’t until Tuesday that an OS X variant was discovered. Ortloff wrote a technical breakdown of the...

Mike Mimoso, Tom Spring, and Chris Brook discuss the news of the week, including the MedSec/Muddy Waters story, how the Angler exploit kit was traced back to the Lurk Gang, Fairware hitting Linux servers, and the Bashlite IoT malware. Download: Threatpost_News_Wrap_September_2_2016.mp3 Music by Chris Gonsalves

The June arrest of a Russian cybercrime gang responsible for the Lurk Trojan also put to rest the infamous Angler Exploit Kit. Researchers at Kaspersky Lab today published a detailed report on the Lurk takedown, confirming at the same time the connection between the Lurk gang and Angler. Activity around Angler all but disappeared once...

The No More Ransom initiative released decryption keys for yet another strain of ransomware this week; now victims of the mostly Dutch-leaning ransomware called WildFire can get their files back without paying attackers. According to an update from the Dutch National Police on Wednesday, when it took down command and control server responsible for WildFire, it was...