Ryuk ransomware operation updates hacking techniques


Recent attacks from Ryuk ransomware operators show that the actors have a new preference when it comes to gaining initial access to the victim network.

The trend observed in attacks this year reveals a predilection towards targeting hosts with remote desktop connections exposed on the public internet.

Furthermore, using targeted phishing emails to deliver the malware continues to be a favored initial infection vector for the threat actor.

Read more…
Source: Bleeping Comuter