CryptoMix is often distributed through RDP but also through exploit kits such as malvertising, in which victims click an infected ad to a hacked shopping site that attacks their device’s system. CryptoMix can also hide on flash drives, so if a user inserts a flash drive from an infected system into another, the infection spreads. Inception: March 2016; Attack vector: Remote Desktop Protocol (RDP) and Exploit Kit
The worldwide Accellion #cyberattacks appear to have originated from the infamous Clop #ransomware gang. https://wbrt.io/2P5E1Ln
Our #BrightCloud Threat Intelligence associated the IP address of the SolarWind's Orion update with a botnet in the summer of last year.
A properly configured security tool using our #threatintelligence data would have blocked comms with the C&C server. https://wbrt.io/3aQsjv7