Researchers have found links between the BlackEnergy APT group and threat actors behind the ExPetr malware used in last month’s global attacks.
With Chernobyl among those hit by Petya and the US breach, concerns are rising about the potential effect of weaponised exploits being used against nuclear energy infrastructure
Mike Mimoso and Chris Brook discuss this week’s ExPetr global ransomware outbreak, how it was distributed, the wiper aspect, and similarities to 2016’s Petya ransomware.
The global outbreak of the Petya/ExPetr malware wasn’t a ransomware attack, it was wiper malware aimed to sabotage, according to experts.
Microsoft has made a definitive link between MEDoc and initial distribution of the Petya ransomware. Kaspersky Lab, meanwhile, has identified a Ukrainian government website used in a watering hole attack.
Researchers at Kaspersky Lab have discovered an error in the ExPetr ransomware code that prevents recovery of lost data.
Attackers grabbed data including names, birthdates, taxpayer IDs and more from Anthem patients – a toolkit for identity theft
It’s been 24 hours since the outbreak first hit: here’s what we know now about how Petya behaves
A massive ransomware outbreak is spreading globally and being compared to WannaCry.
Today’s global ransomware attack is spreading via EternalBlue and through local networks using PSEXEC and WMIC.