Major commercial organizations are having their networks infiltrated by the new Cactus ransomware operation through the exploitation of VPN appliance vulnerabilities since March, according to BleepingComputer. Both file encryption and data exfiltration are being utilized by Cactus ransomware, but the group has been leveraging encryption for ransomware binary protection in a bid to better evade detection, a report from Kroll showed.
Read full article on SC Magazine