Marcus Hutchins, aka MalwareTech the WannaCry hero, was arrested and charged with another unnamed individual with creating and distributing the Kronos banking malware.

Pharmaceutical kingpin Merck reported that operational disruptions continue more than a month after the NotPetya wiper malware attacks.

At Black Hat last week, an add-on Windows driver and filesystem called ShieldFS was unveiled that detects ransomware and recovers files.

A shift in APT tactics is emerging as characterized by the destructive ExPetr attacks hidden in ransomware, and WannaCry, which also failed to turn a profit.

Researchers have spotted malicious email campaigns using Zip archives to spread NemucodAES ransomware and the Kovter click-fraud Trojan, simultaneously distributing both pieces of malware.

Data collected from the freely available scanner called EternalBlues shows that tens of thousands of computers remain vulnerable to the SMBv1 vulnerability that spawned WannaCry and ExPetr.

The key to decrypt the original Petya ransomware has been reportedly released by the ransomware’s author.

Mike Mimoso and Chris Brook discuss this week’s ExPetr global ransomware outbreak, how it was distributed, the wiper aspect, and similarities to 2016’s Petya ransomware.

Researchers at Kaspersky Lab have discovered an error in the ExPetr ransomware code that prevents recovery of lost data.

Microsoft has made a definitive link between MEDoc and initial distribution of the Petya ransomware. Kaspersky Lab, meanwhile, has identified a Ukrainian government website used in a watering hole attack.