MegaCortex ransomware, which aggressively targeted enterprises in August, has evolved and attacks again. Its new iteration not only encrypts files and demands ransom, but also changes user's password and threatens to publish all the files from the infected machine. Files encrypted by this ransomware have a new .m3g4c0rtx extension. It has not been confirmed yet if the attackers really copy all the files and then publish them when the ransom is not paid. However, it is highly probable and in this case infection with MegaCortex must be also viewed as a data breach.
At the beginning of November, BlueKeep has been widely exploited for the first time.