ERIS Ransomware encrypts user files with Salsa20 + RSA, and then requires a ransom to give it back. It is distributed via RIG exploit kit. A user would simple have visit a malicious web page to get infected with ERIS.

Sodin, Sodinokibi, REvil or BlueBackground Ransomware encrypts user data with AES, and then requires a ransom at 0.475–0.950 BTC to return files. It exploits a zero-day, CVE-2018-8453, was previously abused by an APT, and was patched in the Oct 18 Patch Tuesday.

LooCipher Ransomware encrypts user data with AES, and then requires a ransom in BTC to return files. It spreads via spam email campaigns. It spread macro enabled word document called Info_BSV_2019.docm

Information security company Trend Micro said it had found a new family of malware, nicknamed by researchers as BlackSquid. It infects web servers, network drives and removable drives by installing mining software through many different exploits.

GoldBrute is a Brute-Force campaign which involves more than 1.6 million RDP servers spread all over the world and publicly accessible via the Internet. It exploits BlueKeep vulnerability, a critical remote code execution vulnerability in Remote Desktop Services (RDS) identified by CVE-2019-0708.