A variant of the Nymaim dropper has surfaced, and it includes new delivery methods, obfuscation techniques, and the use of PowerShell to download payloads.

Researchers said they observed three separate spam campaigns pushing an updated version of Locky on Monday.

Microsoft malware researchers say Locky ransomware authors are changing tactics again to evade detection.

Victims infected with the MarsJoke ransomware can now decrypt their files; researchers cracked the encryption in the CTB-Locker lookalike last week.

Researchers have identified a new ransomware strain that spoofs tracking services via spam messages and contain URLs that link to malicious files.

The massive Yahoo breach, this week’s Security of Things Forum, Mamba ransomware, and Google Allo are discussed.

A new ransomware strain called Mamba opts to encrypts hard drives rather than individual files and folders stored on the local disk.

The Federal Bureau of Investigation this week urged victims of ransomware to report infections to federal law enforcement in hopes of better understanding the threat.

When asked to describe what it’s like to deal with the constantly looming threat of ransomware, Chad Wilson, the Director of Information Security at Children’s National Medical Center in Washington D.C., didn’t beat around the bush. “I’ll sum it up in one word: It’s scary,” Wilson said at a Federal Trade Commission workshop Wednesday. “It’s...

Ransomware purporting to come from a phony government agency, something called the Central Security Treatment Organization, has been making the rounds, researchers say. The ransomware, which is already known by a number of names including Cry, CSTO ransomware, or Central Security Treatment Organization ransomware, uses the User Datagram Protocol (UDP) to communicate and the photo sharing service Imgur and Google...