Among software vulnerabilities, none is more feared than so-called “zero days,” which are known only to the attackers (that is, defenders have “zero days” to patch). These have traditionally been used sparingly in targeted attacks carried out by nation-states. Recently, however, this has started to change, and zero day exploits have started turning up more […]

Should organizations extorted by ransomware gangs pay their attackers? It’s a question that­ cuts to the heart of ransomware response. Some take what might be viewed as a pragmatic stance and say there is no right or wrong answer, and organizations should be free to make their own decision.   On the other side is […]

There aren’t many certainties in cybercrime, but one that is often repeated is that malware is overwhelmingly a problem affecting computers running Microsoft Windows. This can sound like a statement of the obvious, but malware targets Windows because there are a lot more Windows computers to target—up to 80% of all desktops and laptops globally, […]

Ransomware is supposed to be about money, and only money. This view is backed by plenty of evidence. Almost without exception, ransomware attacks are commercial events rather than ones motivated by ideological or hacktivist aims. Despite this, every now and again exceptions pop up that counter this idea in ways that send ransomware analysts back […]

In November 2019, companies across the United States started receiving the following poorly written but still threatening email: In the past day we have come across data pertaining to company you work for: [company name]. Data contains all personal identifiable information for every employee that works for this company including yourself. Data was leaked around […]