The relatively new ransomware Sodinokibi is already using an array of vectors to infect victims. Aside from using spam and phishing emails, the group behind this malware continues to add more delivery methods to their arsenal.
Baltimore City and County governments, Ohio-based NEO Urology, and Talley Medical Surgical Eyecare in Indiana are still in recovery efforts after ransomware incidents caused daily operations to be temporarily suspended.
Two hacking groups have been spotted attacking vulnerable Exim email servers, trying to exploit CVE-2019-10149. One group uses a public internet server, and another a server on the dark web.
Fortune 500 company Quest Diagnostics, LabCorp, and billing provider American Medical Collection Agency (AMCA) are facing multiple class-action lawsuits after cybercriminals breached the web payment page of AMCA over an eight-month period.
An active Microsoft Office and Wordpad spam campaign is targeting European users with files that allow attackers to exploit the CVE-2017-11882 vulnerability.
The ransomware evolution continues: 2019 data shows changes in volume of threats and a shift in targets. New evasion techniques and distribution methods are also being deployed by malware creators.
HawkEye Reborn v8.0 and v9.0, the latest iterations of the old but notorious keylogging malware, were spotted in spam campaigns targeting business users.