Highlights from the week include: A new financially motivated threat actor advertised up to 841 million data records for sale on Dream Market; “APT-C-36” has targeted multiple Colombian sectors, including government, in an ongoing cyber espionage campaign; and the “Gandcrab” ransomware has been delivered through the Kaseya VSA plug-in vulnerability.