After being knocked offline for nearly two weeks, officials at a California hospital that was hit with ransomware elected on Wednesday to pay attackers. The Hollywood Presbyterian Medical Center (HPMC) shut down computers on its network on Feb. 5, after attackers allegedly asked for 9,000 Bitcoin, or just over $3 million USD, to unlock medical...

It’s been difficult to keep track of all the different strains of ransomware that have plagued users over the last year or two. Unlike many of them the latest to grab headlines is spreading through a decidedly old school vector: document-based macros. Named Locky, the ransomware appears to borrow a technique from the Dridex banking malware. Victims...

Several flavors of ransomware, most notably Cryptowall, have come packaged with support features. But a new piece of crypto-ransomware called PadCrypt has upped the game with a live chat feature that victims can use to interact with the attackers about ransom payments and other information. Discovered by a Swiss researcher at abuse.ch, PadCrypt is the...

Website operators running sites on the WordPress platform need to be aware of a massive string of infections that as of Thursday were poorly detected by security products. Researchers at Heimdal Security said the compromised sites redirect victims to other domains hosting the Nuclear Exploit Kit, a potent collection of exploits for vulnerable Adobe products...

Earlier this week Israel’s Electric Authority mitigated what officials there are calling a “severe cyber attack.” The Electric Authority is in charge of regulating and overseeing the distribution of electricity in Israel. The State of Israel’s National Infrastructure, Energy and Water Resources Minister Yuval Steinitz disclosed the incident, calling it a virus Tuesday, during closing...

Crimeware services are nothing new. Criminals for years have advertised on the underground not only malware, but management services and support for banking Trojans, exploit kits and more. Researchers this week turned up a new ransomware-as-a-service operation that pushes the first ransomware coded entirely in JavaScript. Ransom32 is available for download on a Tor hidden...

With 2015 more or less in the rear view mirror Mike Mimoso and Chris Brook discuss the year in security: Wassenaar, ransomware, Carbanak and Equation Group,how big of a deal Stagefright was, that Juniper backdoor, and more. Download: tp_2015_in_review.mp3 Music by Chris Gonsalves

Experts believe that the success tied to a recent spate of DDoS-for-hire groups may be because many are copycat collectives operating with a shorter lifespan. Researchers with Recorded Future, a Massachusetts-based firm that tracks real time threat intelligence, said Monday that they’ve noticed an increase in would-be hackers asking for guidance on forums when it comes to...

As expected, it didn’t take long for one of the most popular exploit kits, Angler, to start spreading the latest iteration of Cryptowall ransomware. A drive-by campaign that uses a one-two punch to drop Cryptowall 4.0 has been observed in the wild this week, according to researchers at Heimdal Security. First, the password stealing malware Pony...

In short order, the newest version of Cryptowall has begun showing up in exploit kits. The SANS Internet Storm Center said on Tuesday that an attacker working off domains belonging to Chinese registrar BizCN has been moving the ransomware via the Nuclear Exploit Kit. SANS ISC handler and Rackspace security engineer Brad Duncan said that...