Ransomware, insecure connected devices, bug bounties and governments buying bugs: All four ceased to be novelties in 2016; they’re all new normals for cybersecurity.

Researchers have neutralized the threat of the latest strain of CryptXXX v.3 ransomware, releasing a decryption tool for unlocking files.

Ransomware still under development called Popcorn Time forces victims to either pay the ransom, or try to infect other machines in exchange for the decryption key.

Researchers have discovered that criminals behind the latest Cerber ransomware variant are leveraging Google redirects and Tor2Web proxies in a new and novel way to evade detection.

The San Francisco Municipal Transport Agency says it has contained a ransomware attack, but now it faces new unsubstantiated claims by attackers who say they have 30GB of the agency’s data.

Researchers have spotted an increase in Nemucod downloader infections moving via Facebook Messenger spam, with some victims being infected with Locky ransomware.

Mike Mimoso and Chris Brook discuss the news of the week, including this week’s House hearing on the Internet of Things, Samy Kamkar’s PoisonTap tool, and Windows 10’s ransomware protections.

The master decryption keys unlocking files encrypted by the CrySis ransomware have been released. Kaspersky Lab has already updated its Rakhni decryptor to help victims restore their data.

A phishing campaign is targeting some of the 22 million victims of the massive United States Office of Personnel Management breaches of 2014 and 2015.

In a deep analysis of RIG, Cisco Talos team outlined the way the exploit kit combines different web technologies such as DoSWF, JavaScript, Flash and VBscript to obfuscate attacks.