Two security researchers are attempting to crowdfund a recurring subscription fee to Shadow Brokers' monthly exploit dump club in hopes of helping to prevent or blunt future outbreaks of the WannaCry variety. Cue ethical debate.
The identity of the individual or group behind the global WannaCry ransomware campaign remains unclear. But whoever wrote the ransom notes appears to have been fluent in Chinese and pretty good at written English, according to a linguistic analysis from security firm Flashpoint.
A number of media reports have recently suggested there's a "link" between WannaCry and the Lazarus hacking group, implying that North Korea authorized the ransomware campaign. But based on the evidence available so far, it's much too early to attribute the attacks to anyone.
Sweden has ended a seven-year rape investigation against WikiLeaks founder Julian Assange. But it's far from the end of the legal troubles for the man whose spilling of secrets has shaped world politics.
Life after WannaCry: Already, other cybercrime gangs appear to be jumping on the SMB-targeting bandwagon, including the operators behind Uiwix ransomware. Thankfully, security experts say, these attacks pose scant risk.
Disney is reportedly being targeted by cyber-extortionist hackers who have threatened to release a stolen, prerelease copy of the movie studio's fifth "Pirates of the Caribbean" film unless they receive a ransom, payable in bitcoins.
Criminals have long aimed to separate people from their possessions. So for anyone who follows ransomware, the WannaCry outbreak won't come as a shock. Nor will longstanding advice for surviving ransomware shakedowns: Prepare, or prepare to pay.
To better battle ransomware, we must take a page from the lessons learned by the kidnapping and ransom insurance industry in its battle against piracy in the Indian Ocean, Jeremiah Grossman told the AppSec Europe conference in Belfast, Northern Ireland.
The cybersecurity epitaph of the fired FBI director could read: "He showed courage to take on Apple." Comey publicly battled Apple CEO Tim Cook over unlocking the iPhone of the San Bernardino shooter, becoming the face of the proponents who seek ways to bypass encryption on mobile devices.
Hot sessions at this week's OWASP AppSec Europe 2017 conference in Belfast, Northern Ireland, cover everything from the EU's General Data Protection Regulation and fostering better SecDevOps uptake, to quantum-computing resistant crypto and ransomware economics.
Reporting software vulnerabilities can be legally dicey, particularly if the affected company has not previously had contact with computer security researchers. A Sydney consultant recently experienced both ends of the spectrum while investigating building management software.
The figure sounds alarming, 60 percent of small companies went belly up within six months of a breach. And that stat was repeated several times by lawmakers as a House panel debated - and approved - a bill aimed at helping small businesses battle hackers. But is that number true?