Threatpost Windows 10 Drive-By RCE Triggered by Default URI Handler There's an argument injection weakness in the Windows 10/11 default handler, researchers said: an issue that Microsoft has only partially fixed. When Scammers Get Scammed, They Take It to Cybercrime Court Underground arbitration system settles disputes between cybercriminals. Google Takes Down Glupteba Botnet; Files Lawsuit Against Operators The malware's unique blockchain-enabled backup C2 scheme makes it difficult to eliminate completely. SolarWinds Attackers Spotted Using New Tactics, Malware One year after the disruptive supply-chain attacks, researchers have observed two new clusters of activity from the Russia-based actors that signal a significant threat may be brewing. Crypto-Exchange BitMart to Pay Users for $200M Theft BitMart confirmed it had been drained of ~$150 million in cryptocurrency assets, but a blockchain security firm said it's closer to $200 million. Are You Guilty of These 8 Network-Security Bad Practices? Tony Lauro, director of Security Technology & Strategy at Akamai, discusses VPNs, RDP, flat networks, BYOD and other network-security bugbears. Cyber Command Publicly Joins Fight Against Ransomware Groups U.S. military acknowledges targeting cybercriminals who launch attacks on U.S. companies. Cuba Ransomware Gang Hauls in $44M in Payouts The gang is using a variety of tools and malware to carry out attacks in volume on critical sectors, the FBI warned. Pegasus Spyware Infects U.S. State Department iPhones It's unknown who's behind the cyberattacks against at least nine employees' iPhones, who are all involved in Ugandan diplomacy. Apache Kafka Cloud Clusters Expose Sensitive Data for Large Companies The culprit is misconfigured Kafdrop interfaces, used for centralized management of the open-source platform. Distributed by aarss.com.