MedStar continues its recovery from the malware infection the hospital system sustained Monday. Investigators (including the FBI) remain tight-lipped, but various anonymous sources close to the case but not authorized to speak are telling the press that MedStar was hit by ransomware. There are plenty of possible ransomware variants under speculative suspicion, prominent among them of course being SamSam, Maktub, and, especially, PowerWare. But this remains speculation.
There's much advice on protecting yourself from ransomware, including the usual counsels about backing up files and developing emergency plans for continuity of operations. Some variants have now evolved their delivery mechanisms to seek out and target unpatched systems, thereby dispensing with the traditional need for some user interaction.
Bitdefender's offering a free tool said to provide prophylaxis (for now) against Locky, TeslaCrypt and CTB-Locker.
Symantec finds a new cyber espionage Trojan, Backdoor.Dripion. Most of its targets are in Taiwan, but infestations have also been reported in Brazil and the United States.
Cheetah Mobile reports discovering a remote execution vulnerability in the Truecaller phonecall management app.
Law firms take note—a Russian gang is after your clients' data.
As the FBI continues to do whatever it's doing to the San Bernardino jihadi's iPhone, Apple serves notice that it wants that whatever disclosed. And the Justice Department says it won't hesitate to litigate again to gain access to encrypted devices.
CNBC committed an unpleasant gaffe in a story on password strength—the posted story collected and exposed actual passwords. (CNBC has retracted the story.)