Data released yesterday by Kryptos Logic reveals that most WannaCry victims are located in China, and not Russia, as various antivirus vendors have announced during the WannaCry ransomware outbreak.
According to a linguistic analysis of the WannaCry ransom notes, the ransomware appears to be the work of a Chinese-speaking author, according to Jon Condra and John Costello, two Flashpoint researchers.
As everyone expected, scammers are attempting to cash in on the mass hysteria currently surrounding the WannaCry ransomware outbreak, a mass-infection took place over the weekend of May 12 and 14, and whose effects we still feel today.
On Friday, North Korea denied allegations that it was somehow responsible for the WannaCry ransomware outbreak that affected over 240,000 computers in nearly 200 countries across the globe.
Numbers released by Kaspersky Lab on Friday reveal that over 98% of all documented WannaCry infections were running versions of the Windows 7 operating system.
Researchers have detected a new worm that is spreading via SMB, but unlike the worm component of the WannaCry ransomware, this one is using seven NSA tools instead of two.
Reports have surfaced that the WannaCry ransomware has infected actual medical devices, not just computers at medical facilities.
While initially, we thought this would be a silly and unsubstantiated discovery, the number of security firms claiming they've identified and confirmed connections between the WannaCry ransomware and malware used by the Lazarus Group has now gone up to three.
It only took one troll to photoshop one image to get the ball rolling. Now we have all sorts of craziness, ranging from pregnancy tests to the Star Trek Enterprise.
New evidence has revealed that nearly three weeks before the WannaCry ransomware outbreak, at least one cybercrime group was using the same NSA exploits — ETERNALBLUE and DOUBLEPULSAR — to infect computers with malware that mined for the Monero cryptocurrency.
On Sunday, someone tried to create a version of the WannaCry ransomware that didn't feature the kill switch domain. Fortunately, the ransomware was never released in the wild, as this appeared to be only a test.
On Sunday, security researchers have detected a second WannaCry version that featured a different kill switch domain, which they quickly moved to register and sinkhole it, preventing further damage.
With the successful launch of the WannaCry Ransomware last Friday, ransomware developers are being quick to release their own imitations. As of today, I found 4 different WannaCry knockoffs in various forms of development. Let's take a look at what they have to offer.
Microsoft's Chief Legal Officer Brad Smith has penned a blog post today, accusing the NSA of stockpiling exploits, failing to protect its hacking tools, and indirectly causing the WannaCry ransomware outbreak.
The WannaCry ransomware — also known as WCry, Wana Decrypt0r, WannaCrypt, and WanaCrypt0r — infected a honeypot server made to look like a vulnerable Windows computer six times in the span of 90 minutes, according to an experiment carried out by a French security researcher that goes online by the name of Benkow.
Following the massive Wana Decrypt0r ransomware outbreak from yesterday afternoon, Microsoft has released an out-of-bound patch for older operating systems to protect them against Wana Decrypt0r's self-spreading mechanism.
A security researcher that goes online by the nickname of MalwareTech is the hero of the day, albeit an accidental one, after having saved countless of computers worldwide from a virulent form of ransomware called Wana Decrypt0r (also referenced as WCry, WannaCry, WannaCrypt, and WanaCrypt0r).
Today was a big day for the WanaCrypt0r ransomware as it took the world by storm by causing major outbreaks all over the world. While BleepingComputer has covered these outbreaks in-depth, I felt it may be a good idea to take a technical look at the WanaCrypt0r ransomware for those in the IT field who have to support victims.
Ransomware scum are using an SMB exploit leaked by the Shadow Brokers last month to fuel a massive ransomware outbreak that exploded online today, making victims all over the world in huge numbers.
A ransomware outbreak is wreaking havoc all over the world, but especially in Spain, where Telefonica — one of the country's biggest telecommunications companies — has fallen victim, and its IT staff is desperately telling employees to shut down computers and VPN connections in order to limit the ransomware's reach.