Mike Mimoso and Chris Brook recap the week in news, including how the FBI cracked that iPhone, the barrage of ransomware hitting hospitals, and the Hack the Pentagon bug bounty trial program announcement. Download: Threatpost_News_Wrap_-_April_1_2016.mp3 Music by Chris Gonsalves

As Apple’s attorneys mull over their legal options for having the FBI explain how it hacked Syed Farook’s iPhone, a separate case playing out involving the security service and the anonymity software Tor may have a hand in predicting the outcome. According to a court filing earlier this week, the FBI is refusing to comply with a judge’s request...

New ransomware called KimcilWare is targeting websites running the Magento ecommerce platform, used by the likes of Vizio, Olympus and Nike. According to security experts from the MalwareHunterTeam, hackers exploit vulnerabilities in the Magento ecommerce platform and install the KimcilWare ransomware on the webserver. Once installed, attackers use Rijndael block ciphers to encrypt website files and demanding...

Portions of the hospital chain MedStar Health remain offline Wednesday as a result of a major malware attack that occurred Monday and crippled the hospital’s computer systems and forced one of the largest healthcare providers in Maryland and Washington, D.C. to turn patients away. The healthcare provider said the attack forced it to shut down its...

In a conversation from RSA Conference, Mike Mimoso talks to Endgame chief technology officer Jamie Butler about what’s new–if anything–with targeted attacks, the proliferation of ransomware, and what defenders are doing about detecting attacks on their networks. Download: Jamie_Butler_RSA.mp3 Music by Chris Gonsalves

Researchers are digging through samples of the Petya ransomware, and while they’ve learned some about its inner workings, they still haven’t mastered enough to come up with a decryptor. Petya is the latest twist on crypto-malware. It was found recently targeting companies in Germany in a spam campaign aimed at human resources organizations. The emails...

Hackers are escalating recent attacks against hospitals with new strains of server-side ransomware dubbed SamSam and Maktub. Unlike traditional ransomware samples that rely on gullible users to click on a malware-infected email attachment or visit a booby-trapped website, this new breed of ransomware is installed once attackers have exploited unpatched server vulnerabilities. To date, only...

Popular open source shopping cart app Zen Cart is warning its users of dozens of cross-site scripting vulnerabilities found in its software. Affected websites, security experts say, risk exposing customers to malware, theft of cookies data and site defacement. Researchers at the security firm Trustwave discovered the vulnerabilities in September 2015 and have worked closely...

First ransomware locked your desktop. Then it encrypted your files. Not long after, webservers, shared drives and backups were targeted. Now? Introducing Petya, ransomware that targets the Master Boot Record. Spotted in email campaigns sent to human resources offices in German companies, the malware encrypts the compromised computer’s master file table and demands .9 Bitcoin...

As more US companies snuff out point of sale malware by deploying chip-and-PIN bankcard technology, attackers are rushing to exploit existing magnetic strip card systems still vulnerable to malware. A group of hackers that go by the name Bears Inc. are behind the latest barrage of attacks with a custom-built point of sale malware called...