Sodin, Sodinokibi, REvil or BlueBackground Ransomware encrypts user data with AES, and then requires a ransom at 0.475–0.950 BTC to return files. It exploits a zero-day, CVE-2018-8453, was previously abused by an APT, and was patched in the Oct 18 Patch Tuesday.
LooCipher Ransomware encrypts user data with AES, and then requires a ransom in BTC to return files. It spreads via spam email campaigns. It spread macro enabled word document called Info_BSV_2019.docm
Information security company Trend Micro said it had found a new family of malware, nicknamed by researchers as BlackSquid. It infects web servers, network drives and removable drives by installing mining software through many different exploits.
GoldBrute is a Brute-Force campaign which involves more than 1.6 million RDP servers spread all over the world and publicly accessible via the Internet. It exploits BlueKeep vulnerability, a critical remote code execution vulnerability in Remote Desktop Services (RDS) identified by CVE-2019-0708.
ESET researchers have discovered LightNeuron , a backdoor that affects Microsoft Exchange mail servers. It can read, modify or block any email that passes on the server. It can even write new emails and send them under the guise of a legitimate user, chosen by an attacker.