A Phishing-as-a-service offering on the dark web bypasses MFA. The Worok cyberespionage group is active in Central Asia and the Middle East. Prynt Stealer and the evolution of commodity malware. Sharkbot malware reemerged in Google Play. BlackCat/ALPHV claims credit for attack on the Italian energy sector. Joe Carrigan shares stats on social engineering. Our guest is Angela Redmond from BARR Advisory with six cybersecurity KPIs. And the Los Angeles Unified School District was hit with ransomware.

For links to all of today's stories check out our CyberWire daily news briefing:
https://thecyberwire.com/newsletters/daily-briefing/11/171

Selected reading.
EvilProxy Phishing-As-A-Service With MFA Bypass Emerged In Dark Web (Resecurity)
Worok: The big picture (WeLiveSecurity) 
Dev backdoors own malware to steal data from other hackers (BleepingComputer) 
The Prynt Stealer malware contains a secret backdoor. Crooks steal data from other cybercriminals (Security Affairs)
Fake Antivirus and Cleaner Apps Caught Installing SharkBot Android Banking Trojan (The Hacker News)
SharkBot malware sneaks back on Google Play to steal your logins (BleepingComputer) 
BlackCat ransomware claims attack on Italian energy agency (BleepingComputer)
11.84GB of United States Military Contractor and Military Reserve data has been leaked. (vx-underground)
Hackers honeytrap Russian troops into sharing location, base bombed: Report (Newsweek) 
LAUSD hit by hackers in apparent cyber attack (FOX 11 Los Angeles)
Los Angeles Unified Targeted by Ransomware Atta (Los Angeles Unified School District)