The United States Conference of Mayors unanimously agreed to not pay any more ransoms following ransomware attacks against municipal networks.
The new MegaCortex ransomware is using stolen domain controller credentials to gain a foothold in corporate networks before spreading.
The Sodinokibi ransomware is being installed on vulnerable Oracle WebLogic servers that haven't been patched against CVE-2019-2725.
Researchers are still trying to figure out how LockerGoga infects its targets, and what the group behind this damaging ransomware variant really wants. Can't be just money.
Researchers have been tracking a group using the Emotet and TrickBot malware to install the Ryuk ransomware in enterprises.