One month after the SMB-targeting WannaCry worm outbreak began spreading globally, Honda discovered fresh infections at multiple facilities, and was forced to temporarily idle one plant as a result of the ransomware.
South Korean web hosting firm Nayana has agreed to pay attackers a record-shattering $1 million to unlock 153 Linux servers crypto-locked by ransomware. Security researchers say the infection was likely exacerbated by the company running ancient versions of the Linux kernel, as well as Apache and PHP.
Sixty-five percent of security leaders consider their organizations' security postures to be above average or superior. But only 29 percent are very confident in their security controls. Neustar's Tom Pageler analyzes results of Strategic Cybersecurity Investments Study.
Britain's security services have reportedly concluded that the WannaCry ransomware outbreak was launched by Lazarus group, a hacking team tied to North Korea. Attribution aside, security experts question how many organizations can defend themselves against Lazarus attacks.
The CEO of the company that crippled WannaCry's ransomware component explains to Congress how the worm continues to attack unpatched systems at increasing rates. Also, creating a healthcare cybersecurity framework.
The U.S. government on Wednesday issued its most direct and technically detailed advisory about North Korea's hacking activity to date, warning that the country continues to target U.S. media, aerospace, financial and critical infrastructure sectors.
Victims of Jaff and EncrypTile ransomware can take advantage of two new free tools from security firms that exploit weaknesses in the malware crypto to forcibly crack encrypted files on demand - no potential ransom-payment required.
Microsoft fears that nation-state actors may unleash viral code that could devastate users. On Tuesday, it released software fixes again for its older operating systems in hopes of averting a repeat of last month's infection of tens of thousands of computers with ransomware.
HHS has issued a checklist and other materials to aid healthcare organizations and their vendors in their "quick response" to cyberattacks. The move comes as Congress scrutinizes HHS' efforts to help the healthcare sector improve its cybersecurity capabilities.
Two researchers who launched a crowdsourced effort to subscribe to the Shadow Brokers' monthly leak of stolen Equation Group exploits - on behalf of the entire information security community - have dropped their effort, citing legal concerns.
Two security researchers are attempting to crowdfund a recurring subscription fee to Shadow Brokers' monthly exploit dump club in hopes of helping to prevent or blunt future outbreaks of the WannaCry variety. Cue ethical debate.
Leading the latest edition of the ISMG Security Report: Secretary John Kelly's congressional testimony on how DHS led government efforts to mitigate the WannaCry ransomware attacks. Also, reports on ransomware defenses as well as big data and machine learning combining to secure IT.
The identity of the individual or group behind the global WannaCry ransomware campaign remains unclear. But whoever wrote the ransom notes appears to have been fluent in Chinese and pretty good at written English, according to a linguistic analysis from security firm Flashpoint.