The fast-rising Play ransomware group that targeted the City of Oakland earlier this year is now hitting managed service providers (MSPs) around the globe in a cyberattack campaign to distribute ransomware to their downstream customers. One troublesome aspect of the campaign is the threat actor’s use of intermittent encryption — where only parts of a file are encrypted — to try and evade detection.

Source: Dark Reading: Cloud