Patches are available—and should be applied—that address a critical vulnerability in Windows Search that some are calling the next WannaCry. Others aren’t so ready to do that.

Microsoft patched 25 critical vulnerabilities, including a remote code execution bug in Windows Search.

Marcus Hutchins, aka MalwareTech the WannaCry hero, was arrested and charged with another unnamed individual with creating and distributing the Kronos banking malware.

The WannaCry story has new life with the attacks having withdrawn the Bitcoin collected as ransom during the attacks, and with the detainment of killswitch researcher Marcus Hutchins in Nevada.

Pharmaceutical kingpin Merck reported that operational disruptions continue more than a month after the NotPetya wiper malware attacks.

At Black Hat last week, an add-on Windows driver and filesystem called ShieldFS was unveiled that detects ransomware and recovers files.

A ransomware study released Google revealed the malware earned criminals $25 million over the past two years.

A shift in APT tactics is emerging as characterized by the destructive ExPetr attacks hidden in ransomware, and WannaCry, which also failed to turn a profit.

Mike Mimoso and Chris Brook discuss the news of the week, including the Verizon breach, the Oracle session hijacking attack, a Telegram-based hacking tool, and a free EternalBlue scanner.

Data collected from the freely available scanner called EternalBlues shows that tens of thousands of computers remain vulnerable to the SMBv1 vulnerability that spawned WannaCry and ExPetr.