The Petya ransomware -- and several variants -- wreaked havoc with data around the world, but now the author of the original malware has released the master decryption key.

Janus Cybercrime Solutions has provided a key that work with all "official" variants of Petya (meaning NotPetya is not included). The key was released to -- of all places -- Mega, and its authenticity has been verified. While Petya has already been cracked, the key offers the fastest and most reliable decryption method yet.

Continue reading →

Police in the Ukraine have seized the servers of Intellect Service, a company supplying accounting software, as part of their investigation into the NotPetya ransomware attack.

A malicious update to Intellect's MeDoc accounting package is believed to have been responsible for some of the initial NotPetya infections.

Continue reading →

Ransomware is barely out of the news these days. We had WannaCry wreaking havoc not so long ago, and now it’s the turn of Petya/NotPetya. And those are just two of the better-known threats; there are plenty more forms of ransomware out there which, while maybe not as prevalent, can have just as devastating an effect.

If you’re concerned about the threat of ransomware, which is easily one of the nastiest forms of malware out there, we have a selection of ebooks and whitepapers you can download for free which will give you all the knowledge you need to avoid becoming a victim, and which can help you recover from an infection.

Continue reading →

With ransomware hitting the headlines at the moment thanks to the Petya/NotPetya attack, a timely new report from cloud data protection specialist Druva reveals it's becoming a ubiquitous global threat affecting enterprises large and small and devices of all types.

The survey of more than 800 companies shows that over 80 percent of respondents report ransomware attacks are on the rise and that half of businesses hit by ransomware have been attacked multiple times.

Continue reading →

The ransomware attack we reported yesterday may have begun in the Ukraine, but it spread rapidly across Europe and has now hit companies in Australia and the US including pharmacy giant Merck.

A variant of the Petya ransomware now being dubbed 'NotPetya', it spreads initially by phishing emails and once on a system the ransomware demands $300 in bitcoin. When it's installed on one system behind a firewall it's able to spread rapidly to others on the same network.

Continue reading →

Companies, government departments and airports in the Ukraine have been hit by ransomware this afternoon and the attack now appears to be spreading across Europe.

In Ukraine, government departments, the central bank, a state-run aircraft manufacturer, Kiev airport and the metro network have all been hit. In the UK, the advertising company WPP says its systems have also been taken down, and Danish transport company Maersk reports sites and business units shut down by the attack.

Continue reading →

The cost of a ransomware attack can be pretty substantial. Businesses that are not well prepared are looking at lost revenue from downtime and massive damage to their reputation, not to mention a pretty hefty ransom bill as well.

For web hosting company Nayana, that was $1 million. Nayana, which is based in South Korea, had 153 of its Linux-based servers infected by the Erebus ransomware on June 10. The attack affected roughly 3,400 customers that relied on its services for hosting websites, databases and multimedia content.

Continue reading →

Nearly a month after it struck devices around the globe, new information has emerged surrounding the major WannaCry ransomware attack.

The BBC says British officials from the National Cyber Security Center (NCSC) are now claiming infamous North Korean cyber-criminal group Lazarus was behind the attack.

Continue reading →

From the fall, Microsoft is disabling SMBv1 in Windows 10. With the release of Windows 10 Fall Creators Update (or Redstone 3 if you prefer), the protocol that was exploited by the WannaCry ransomware will be no more.

The file sharing protocol was developed by Microsoft over two decades ago, and the company recognizes that the time has come for it to be retired. Internal builds of Windows 10 being tested by Microsoft already have SMBv1 disabled, and similar builds will make their way to Windows Insiders and the wider public in due course.

Continue reading →

Following the WannaCry attack last month, ransomware was one of the big topics at the recent Infosecurity Europe event in London.

The worldwide assault woke many businesses and organizations up to the real danger that ransomware poses, but new research has also discovered that the criminals behind such attacks could be gearing up for even bigger attacks soon.

Continue reading →

Recent weeks have seen a rise in fake WannaCry protectors on mobile app stores, even though this particular infection doesn't target mobile devices.

But using the fear of high profile infections to get users to download potentially unwanted programs or malware is nothing new according to threat management company RiskIQ. Using its mobile database, hundreds of examples of apps that claim to help defend mobile phones were found, instead, to be preying on unsuspecting users by pushing adware, trojans, and other malware.

Continue reading →

A new report suggests that people in the UK are more aware of the terminology surrounding cyber security, and are less likely to fall victim to hacking and identity theft. Wombat Security Technologies' 2017 edition of its User Risk Report reveals a stark difference in cyber knowledge on either side of the Atlantic.

The report is based on a survey carried out last month into knowledge of, and attitudes to, cyber security topics and best practices. While the report shows that the UK is generally more cyber security savvy, the US is shown to fare better when it comes to passwords and backing up data.

Continue reading →

PhishMe has released its latest malware trends report for Q1 2017, concluding that botnets are on the rise, it is unusually quiet on the ransomware front, and cyber criminals are tapping into international trends.

The report, entitled 2017 Q1 Malware Review, is based on an analysis of 749 sets of phishing emails delivering nearly 10,000 unique malware samples supported by over 14,000 online resources.

Continue reading →

When WannaCry was running rampant on older versions of Windows -- Windows 7 being the most at risk -- Windows 10 was unaffected. According to Microsoft, "no Windows 10 customers were known to be compromised by the recent WannaCry (WannaCrypt) global cyberattack."

That’s great news for anyone running the latest version of the OS, and the software giant says it is working to ensure Windows 10 remains safe from other future attacks. However, if you want to guarantee your safety from ransomware, then Microsoft points out there’s an even more secure option to consider -- Windows 10 S.

Continue reading →

British businesses are ready to pay as much as £136,000 to get their files back after a ransomware attack. This is according to a new report by Citrix and One Poll, based on a poll of 500 IT decision makers at UK companies with 250 or more employees.

The report says these new figures are four times higher than 12 months ago, highlighting the growth of ransomware risk among businesses on the Island.

Continue reading →