GoldBrute is a Brute-Force campaign which involves more than 1.6 million RDP servers spread all over the world and publicly accessible via the Internet. It exploits BlueKeep vulnerability, a critical remote code execution vulnerability in Remote Desktop Services (RDS) identified by CVE-2019-0708.
ESET researchers have discovered LightNeuron , a backdoor that affects Microsoft Exchange mail servers. It can read, modify or block any email that passes on the server. It can even write new emails and send them under the guise of a legitimate user, chosen by an attacker.
LockerGoga Ransomware is responsible for complete halt of work on one of the largest aluminum producers in the world, Norsk Hydro. Although it has made multiple victims, it gained public attention in January in an attack against Altran Technologies, an engineering consulting firm operating at a global level.
Anatova belongs to a new modular next generation ransomware family. It as an intelligent piece of code that does not blindly encrypts a file. It does not encrypt files that are places in critical windows directories and leave exe and cmd files too.
Happy Ransomware encrypts user data using AES, and ask ransom to recover files. Original file name is T1, but it is not indicated in the lock-note. The file says: T1.exe. Encrypted files have .happy extension.