The new MegaCortex ransomware is using stolen domain controller credentials to gain a foothold in corporate networks before spreading.
The Sodinokibi ransomware is being installed on vulnerable Oracle WebLogic servers that haven't been patched against CVE-2019-2725.
Researchers are still trying to figure out how LockerGoga infects its targets, and what the group behind this damaging ransomware variant really wants. Can't be just money.
Researchers have been tracking a group using the Emotet and TrickBot malware to install the Ryuk ransomware in enterprises.
What does dumping toxic waste in the the Chicago River and paying cyber extortionist have in common? Quite a lot, actually. Risk management expert Tony Martin-Vegue looks at the factors that drive the decision to pay or not pay the ransom after an attack.