Threatpost talks to Kaspersky Lab researcher Kurt Baumgartner who was instrumental in tracking the latest activities of the Russian-speaking Sofacy APT gang.

The Turla APT’s WhiteBear toolset was used to attack defense organizations as recently as June, and diplomatic targets in Europe, Asia and South America during most of 2016.

Mike Mimoso and Chris Brook discuss the news of the week including the return of the Mamba ransomware, APT trends, a mystery company’s 250K bug bounty, and a high schooler’s $10K bug bounty from Google.

Attackers behind APT campaigns have kept busy in Q2 2017, adding new ways to bypass detection, crafting new payloads to drop, and identifying new zero days and backdoors to help them infect users and maintain persistence on machines.

Microsoft patched three zero day vulnerabilities actively under attack today as part of its May Patch Tuesday release.

Verizon’s Data Breach Investigations Report for 2017 shows big growth in the reported number of ransomware attacks and incidents involving cyberespionage.

Researchers may have found a link between Moonlight Maze of the late ’90s and the Turla APT, which would elevate Turla to the ranks of the Equation Group as an elite nation-state attacker.