Security comes to Las Vegas this week in the form of Black Hat USA 2017. Hot sessions range from an analysis of power grid malware and "cyber fear as a service" to details of two major hacker takedowns and how the world's two largest ransomware families cash out their attacks.
Medical transcription software vendor Nuance is the latest company to acknowledge that it's still struggling to recover from the recent global NotPetya ransomware attacks and will see a dip in its financial performance as a result.
It's boom time for the ransomware business as criminals continue to make easy cryptocurrency paydays via crypto-locking attacks. AlienVault's Javvad Malik and Chris Doman detail how crowdsourced threat intelligence can help in the fight against this threat.
Package-delivery giant FedEx is warning that the global outbreak of NotPetya malware will "materially impact" profits; its TNT Express international delivery service continues to experience "widespread service delays" as it struggles to restore crypto-locked systems.
Enterprises should be working overtime to eradicate "EternalBlue" from their networks since two massive malware outbreaks - WannaCry and NotPetya - have targeted the Windows flaw. But vulnerability scans show there's still work to be done.
The latest edition of the ISMG Security Report leads off with a multi-part report explaining why President Donald Trump sought to create a joint U.S.-Russian cybersecurity unit and then backed off. Also, ransomware's impact on emergency services providers.
Good news for some ransomware victims: The master key used to encrypt the original versions of Petya ransomware has been released. But the key cannot be used to decrypt the "NotPetya" malware that recently began crypto-locking PCs.
The latest edition of ISMG Security Report leads with a conversation with DataBreachToday Executive Editor Mathew J. Schwartz on how the NotPetya malware spread from its Ukraine origins. Also, why tech users can't secure their systems.
Police in Ukraine have seized servers operated by the Intellect Service, which develops the M.E. Doc accounting software used by 80 percent of Ukrainian businesses. Attackers backdoored the software to launch XData, NotPetya and fake WannaCry - aka FakeCry - malware campaigns.
The NotPetya outbreak - and XData ransomware before it - have been traced by security researchers at ESET to backdoored M.E. Doc accountancy software. The installed software contains a unique tax identification code for each user's organization, potentially aiding attackers.
Firms in Ukraine and beyond are still struggling to bring all systems back online following last week's devastating "NotPetya" malware outbreak. Authorities in Ukraine have blamed Russia, and said criminal charges could be filed against a Ukrainian software vendor caught up in the attack.
Ransomware attacks are increasingly using multiple proven techniques to spread quickly and achieve the maximum impact before being thwarted. They are going to get bigger and target other platforms in the future, warns Justin Peters at Sophos APAC.
NotPetya was not as bad as WannaCry, despite NotPetya being even more sophisticated, and targeting the same EternalBlue flaw that had allowed WannaCry to spread far and fast. Microsoft says NotPetya's builders limited its attack capabilities by design.