Antivirus software to protect corporate systems from malware is like a flu shot. You should have it, but it won’t likely protect you from every strain of the flu. “Antivirus is great for blocking known threats, but the issue has grown past viruses,” said Ryan O’Leary, vice president of the…

Thanks to Kaspersky, we now know that 98% of the Windows machines infected by WannaCry/WannaCrypt were running Windows 7. Since, once it gets a foothold, the malware can infect an entire network, most of the attention was focused on LAN based attacks. …

‘Know your enemy’ — understanding what to prepare for While ransomware isn’t new, this once-simple criminal hacker tactic has morphed into a devastatingly effective weapon wielded by more advanced cyber-criminals — as seen with the recent Wannacry outbreack. These sophisticated attackers are highly motivated by the profitable nature of their…

VMware fixed two bugs in its VMware Workstation late Thursday night, including an insecure library loading vulnerability and a NULL pointer dereference vulnerability. The virtualization software company warned of the issues Thursday night in a security advisory VMSA-2017–0009. Jann Horn, a security researcher for Google Project Zero who’s previously uncovered…

Despite all the attention currently focused on Windows computers being infected with WannaCry ransomware, a defensive strategy has been overlooked. This being a Defensive Computing blog, I feel the need to point it out. The story being told everywhere else is simplistic and incomplete. Basically, the story is that Windows…

Bipartisan bill wants to stave off another WannaCry Two US senators have proposed a law limiting American intelligence agencies’ secret stockpiles of vulnerabilities found in products. The Protecting our Ability To Counter Hacking (PATCH) Act [PDF] would set up a board chaired by an Department of Homeland Security (DHS) official to assess security flaws spies have found in…

Are you ready for the next cyber disaster? You may not ever be fully ready. Given the ever-increasing number and variety of threats out there, it’s hard to imagine the many ways in which you could be hit. Twenty years ago, who would have imagined 9/11 or ransomware or the…

Mike Mimoso and Chris Brook discuss WannaCry, Microsoft’s response, the killswitches, a potential link with Lazarus Group, and what the future holds for the ShadowBrokers.

When internet pioneer Vinton Cerf was 10, he was working on advanced math, and by the time he was 17, he was tinkering at programming at UCLA and beginning a lifelong “love affair” with computing. Today, Cerf, known as the father of the internet, says software bugs are among the…