The WannaCry ransomware outbreak was a huge "wake-up call" for the global information security community, says Dan Schiappa of Sophos. It's time to patch those legacy systems and prepare for the inevitable next big crimeware scare, he says.
Good news for many victims of WannaCry: Free tools developed by a trio of French security researchers can be used to decrypt some PCs that were forcibly encrypted by the ransomware, if the prime numbers used to build the crypto keys remain in Windows memory.
In a rare acknowledgment of a data breach by an Indian company, online restaurant guide and food ordering service Zomata says 17 million users' email addresses and hashed passwords were stolen from its database. The company was hacked by a white-hat hacker back in 2015.
WannaCry ransomware victims who haven't backed up their files have a tough choice: take a risk paying the ransom or just accept the loss. But there's a slim glimmer of hope: French researchers have figured out a way to decrypt files without paying, although their tools won't work for everyone.
Reports on how the U.S. Congress is taking steps to toughen cybersecurity lead the latest edition of the ISMG Security Report. Also, an analysis of a Government Accountability Office study on the IoT landscape and the security threats facing the internet of things.
Police in Europe have arrested 17 suspects as part of an EU-wide investigation into ATM black box attacks, Europol says. These "jackpotting" or "cash-out" attacks use rogue hardware to trick ATMs into dispensing all of their cash on demand.
Life after WannaCry: Already, other cybercrime gangs appear to be jumping on the SMB-targeting bandwagon, including the operators behind Uiwix ransomware. Thankfully, security experts say, these attacks pose scant risk.
The Shadow Brokers leaked spying tools - likely stolen from the National Security Agency - that aided WannaCry. But the hackers blame Microsoft and the U.S. government for the ransomware outbreak and are promising fresh exploits.
As computer security analysts begin to unwind the mystery behind the global wave of WannaCry ransomware, a familiar name has surfaced: Lazarus, the nickname for a suspected elite North Korean hacking group.
Weeks before the WannaCry outbreak, other attackers unleashed malware that targeted the same SMB flaw in Windows. But instead of installing ransomware, this campaign instead infected endpoints with Adylkuzz cryptocurrency mining software, security researchers say.
The words of Assistant to the President Thomas Bossert, who boldly pledges to outdo previous administrations on improving federal government cybersecurity, lead the latest edition of the ISMG Security Report. Also, Microsoft's exasperation with the NSA over WannaCry ransomware.
Disney is reportedly being targeted by cyber-extortionist hackers who have threatened to release a stolen, prerelease copy of the movie studio's fifth "Pirates of the Caribbean" film unless they receive a ransom, payable in bitcoins.
Microsoft's chief legal officer has slammed U.S. spy agencies, warning that civilians are at risk if governments stockpile libraries of software vulnerabilities that eventually fall into the hands of cybercriminals.
Criminals have long aimed to separate people from their possessions. So for anyone who follows ransomware, the WannaCry outbreak won't come as a shock. Nor will longstanding advice for surviving ransomware shakedowns: Prepare, or prepare to pay.