The group behind the VenusLocker ransomware have switched to cryptocurrency mining Monero.

Over 4,000 insecure Elasticsearch servers have been hosting the point-of-sale malware Alina and JackPoS.

A malware campaign utilizing bogus “HoeflerText” popup warnings is back in full swing targeting Google Chrome and Firefox browsers with Locky ransomware attacks and the NetSupport Manager RAT.

As recently as Wednesday afternoon, a U.S. government website was hosting a malicious JavaScript downloader that led victims to installations of Cerber ransomware. The malware link has since been taken down.

Defray, a new, although small strain of ransomware, was spotted by researchers targeting comapnies in the education and healthcare verticals.

A.P. Moller -Maersk said June’s NotPetya wiper malware attacks would cost the world’s largest shipping container company $300M USD in lost revenue.

Mike Mimoso and Chris Brook discuss the news of the week including the return of the Mamba ransomware, APT trends, a mystery company’s 250K bug bounty, and a high schooler’s $10K bug bounty from Google.

Ukranian police arrested a suspect alleged to have distributed the NotPetya/ExPetr malware that ultimately infected 400 computers.

Researchers at Kaspersky Lab have seen a resurgence of Mamba ransomware pop up recently in Brazil and Saudi Arabia.

Attackers behind APT campaigns have kept busy in Q2 2017, adding new ways to bypass detection, crafting new payloads to drop, and identifying new zero days and backdoors to help them infect users and maintain persistence on machines.