Researchers have been combing through code related to the Petya ransomware long enough they’ve been able to cobble together a decryption tool that should allow most victims to generate keys in less than 10 seconds. A Twitter user who goes by the handle @leostone came up with a genetic algorithm on Friday to generate passwords and subsequently...

Exploits for a zero-day vulnerability in Adobe Flash Player are being aggressively distributed in two exploit kits. The zero day, meanwhile, was patched by Adobe in an emergency update released Thursday night. Attackers are using the previously unpatched flaw in the maligned Flash Player to infect victims with either Locky or Cerber ransomware. Locky is a relatively...

Ransomware clearly has people on many fronts worried, so much so that the United States and Canada took an unprecedented step last week to issue a joint advisory on the threat posed by crypto-ransomware. The U.S. Cyber Emergency Response Team together with the Canadian Cyber Incident Response Centre penned a comprehensive warning on the heels...

Mike Mimoso and Chris Brook recap the week in news, including how the FBI cracked that iPhone, the barrage of ransomware hitting hospitals, and the Hack the Pentagon bug bounty trial program announcement. Download: Threatpost_News_Wrap_-_April_1_2016.mp3 Music by Chris Gonsalves

New ransomware called KimcilWare is targeting websites running the Magento ecommerce platform, used by the likes of Vizio, Olympus and Nike. According to security experts from the MalwareHunterTeam, hackers exploit vulnerabilities in the Magento ecommerce platform and install the KimcilWare ransomware on the webserver. Once installed, attackers use Rijndael block ciphers to encrypt website files and demanding...

Portions of the hospital chain MedStar Health remain offline Wednesday as a result of a major malware attack that occurred Monday and crippled the hospital’s computer systems and forced one of the largest healthcare providers in Maryland and Washington, D.C. to turn patients away. The healthcare provider said the attack forced it to shut down its...

In a conversation from RSA Conference, Mike Mimoso talks to Endgame chief technology officer Jamie Butler about what’s new–if anything–with targeted attacks, the proliferation of ransomware, and what defenders are doing about detecting attacks on their networks. Download: Jamie_Butler_RSA.mp3 Music by Chris Gonsalves

Researchers are digging through samples of the Petya ransomware, and while they’ve learned some about its inner workings, they still haven’t mastered enough to come up with a decryptor. Petya is the latest twist on crypto-malware. It was found recently targeting companies in Germany in a spam campaign aimed at human resources organizations. The emails...

Hackers are escalating recent attacks against hospitals with new strains of server-side ransomware dubbed SamSam and Maktub. Unlike traditional ransomware samples that rely on gullible users to click on a malware-infected email attachment or visit a booby-trapped website, this new breed of ransomware is installed once attackers have exploited unpatched server vulnerabilities. To date, only...

First ransomware locked your desktop. Then it encrypted your files. Not long after, webservers, shared drives and backups were targeted. Now? Introducing Petya, ransomware that targets the Master Boot Record. Spotted in email campaigns sent to human resources offices in German companies, the malware encrypts the compromised computer’s master file table and demands .9 Bitcoin...