Ransomware, especially Locky (distributed via malicious Word macros, like Dridex) but also PadCrypt (which picks up the trend set by CrytoWall 4.0, treating victims as if they're customers) continues to exercise researchers and security teams. Palo Alto believes it's discovered the revenant Dridex subnet that's pushing Locky. PadCrypt's "customer service" includes both an uninstaller — but it only uninstalls the malware, leaving files encrypted — and a "live chat" feature in which PadCrypt's controllers walk victims through their payment options.
Cyber extortion seems to pay. Hollywood Presbyterian said yesterday it paid its attackers $17,000 in Bitcoin to release control of some affected systems. A Bitdefender survey suggests paying up has become increasingly common, with victims in the UK willing to pay the highest levels of ransom.
In industry news, some retail investment advisors look upon the recent pullback in cyber security share prices as a buying opportunity.
Amid conflicting reports over how well private sector cooperation against ISIS is going — some say Twitter's giving ISIS troubles; others say account-blocking amounts to little more than a gesture — US Secretary of State Kerry asks Hollywood to help with counter-ISIS messaging.
Apple continues to fight the court order it received to assist the FBI in the Bureau's efforts to unlock an iPhone used by the San Bernardino jihadists. Apple receives support from Microsoft and Google, and also from both Ed Snowden and former NSA Director Michael Hayden. Observers agree the case's outcome will set important precedents. It's also likely to push Congress toward encryption legislation.