Advintel cybersecurity experts: Malware operators now target exposed RDP connections to gain an initial foothold and exploit CVE-2018-8453 and CVE-2019-1069.
Truesec cybersecurity experts: Maybe the first one sold its TTPs to the ransomware gang, probably they are closely affiliated and may be part of the same network.
The cybersecurity expert Pierluigi Paganini: On November 26, leaking the data stolen begun: an archive of 3.03GB that accounts for 2% of the total amount of stolen data.
Sea News: aggressions increased by 900% over the last 3 years and in 2020 they will be more than 500. OT systems are the malware targets, but their breaches are not covered by insurances.
FBI supervisory special agent DeCapua: The Top Ten of malware variants sees Ryuk as the winner with $61.26 million, followed by Crysis/Dharma ($24.48 million) and Bitpaymer ($8.04 million).
The cyber security experts find the malware, thanks to files uploaded to VirusTotal and a memory dump found by Colin Cowie of Red Flare Security. Maybe Emotet and TrickBot are involved.