Good news for many victims of WannaCry: Free tools developed by a trio of French security researchers can be used to decrypt some PCs that were forcibly encrypted by the ransomware, if the prime numbers used to build the crypto keys remain in Windows memory.
Reports on how the U.S. Congress is taking steps to toughen cybersecurity lead the latest edition of the ISMG Security Report. Also, an analysis of a Government Accountability Office study on the IoT landscape and the security threats facing the internet of things.
Life after WannaCry: Already, other cybercrime gangs appear to be jumping on the SMB-targeting bandwagon, including the operators behind Uiwix ransomware. Thankfully, security experts say, these attacks pose scant risk.
The Shadow Brokers leaked spying tools - likely stolen from the National Security Agency - that aided WannaCry. But the hackers blame Microsoft and the U.S. government for the ransomware outbreak and are promising fresh exploits.
Weeks before the WannaCry outbreak, other attackers unleashed malware that targeted the same SMB flaw in Windows. But instead of installing ransomware, this campaign instead infected endpoints with Adylkuzz cryptocurrency mining software, security researchers say.
The words of Assistant to the President Thomas Bossert, who boldly pledges to outdo previous administrations on improving federal government cybersecurity, lead the latest edition of the ISMG Security Report. Also, Microsoft's exasperation with the NSA over WannaCry ransomware.
As organizations around the globe - including hospitals in the United Kingdom - recover from the WannaCry ransomware campaign, healthcare entities in the United States so far appear to have mostly avoided the crisis. But why?
Criminals have long aimed to separate people from their possessions. So for anyone who follows ransomware, the WannaCry outbreak won't come as a shock. Nor will longstanding advice for surviving ransomware shakedowns: Prepare, or prepare to pay.
A fast-moving ransomware outbreak has compromised Spanish telco Telefonica, multiple National Health Service trusts in Britain and other organizations around the world. The attacks have been using the leaked "Equation Group" SMB exploit to penetrate networks.
As organizations worldwide rush to mitigate the outbreak of the WannaCry crypto-locking ransomware, Adam Meyers of CrowdStrike shares insights on what researchers have gleaned from the attacks and how organizations should respond.
To better battle ransomware, we must take a page from the lessons learned by the kidnapping and ransom insurance industry in its battle against piracy in the Indian Ocean, Jeremiah Grossman told the AppSec Europe conference in Belfast, Northern Ireland.
Hot sessions at this week's OWASP AppSec Europe 2017 conference in Belfast, Northern Ireland, cover everything from the EU's General Data Protection Regulation and fostering better SecDevOps uptake, to quantum-computing resistant crypto and ransomware economics.