Ransomware

The relatively new ransomware Sodinokibi is already using an array of vectors to infect victims. Aside from using spam and phishing emails, the group behind this malware continues to add more delivery methods to their arsenal.

Baltimore City and County governments, Ohio-based NEO Urology, and Talley Medical Surgical Eyecare in Indiana are still in recovery efforts after ransomware incidents caused daily operations to be temporarily suspended.

The ransomware evolution continues: 2019 data shows changes in volume of threats and a shift in targets. New evasion techniques and distribution methods are also being deployed by malware creators.

Security researchers saw a spate of attacks targeting Windows servers running unsecure or misconfigured MySQL databases to infect them with the GandCrab ransomware.

Ransomware's persistence is perhaps best embodied by a relatively new breed of ransomware, Ryuk, which has been making waves recently with multiple incidents occurring over the past year.

A new ransomware dubbed MegaCortex has been targeting business networks across the world. The sudden surge in activity was noted by cybersecurity firms and researchers, and further investigation shows how complex this particular ransomware is.

Ransomware's destructive impact still makes it a significant threat, with the latest spate of attacks crippling several counties and municipalities in the U.S.

A ransomware family was recently spotted targeting vulnerable Samba servers: NamPoHyu Virus aka MegaLocker Virus. NamPoHyu Virus searches for publicly accessible Samba servers, brute-forces them, and runs the ransomware locally to encrypt the exposed servers.

A severe ransomware attack has crippled operations of local government offices in Genesee County, Michigan. More severe than originally thought, services are still stalled after almost a week. The county reports that data has not been taken.