here is a write up from malwarbytes on the hta infections. https://blog.malwarebytes.com/cybercrime/2016/09/surfacing-hta-infections/
"CryPy ransomware encrypts your files with a unique key for each one.." https://www.neowin.net/news/crypy-ransomware-encrypts-your-files-with-a-unique-key-for-each-one?utm_source=feedburner&utm_medium=feed&utm_campaign=Feed:+neowin-main+(Neowin+News)
Indiana county government shut down by ransomware to pay up http://arstechnica.com/security/2016/11/indiana-county-government-shut-down-by-ransomware-to-pay-up/
"Hospitals Now Seeing 20 Ransomware Attacks Per Day On IT Infrastructure... ...'According to a recent report by Intel Security, the healthcare sector is experiencing over 20 data loss incidents per day related to ransomware attacks...' " https://www.techdirt.com/articles/20161103/07494035952/hospitals-now-seeing-20-ransomware-attacks-per-day-it-infrastructure.shtml?utm_source=feedburner&utm_medium=feed&utm_campaign=Feed:+techdirt/feed+(Techdirt)
Telecrypt ransomware uses Telegram for command and control https://www.helpnetsecurity.com/2016/11/10/telecrypt-ransomware-uses-telegram/
Crysis ransomware master decryption keys released https://threatpost.com/crysis-ransomware-master-decryption-keys-released
"The threat posed by a ransomware family known as CrySis was diminished considerably on Sunday when the master decryption keys were released to the public." "The survey also found that 95 percent of the attacks bypassed the victims' firewall(s) and 52 percent bypassed anti-malware solutions." makes the curious cat wonder what kind of antimalware were they using?
Encryption ransomware hits record levels https://www.helpnetsecurity.com/2016/11/18/encryption-ransomware-hits-record-levels/
Locky ransomware spread via SVG images on Facebook Messenger http://securityaffairs.co/wordpress/53650/malware/svg-images-locky.html
Locky ransomware uses decoy image files to ambush Facebook, LinkedIn accounts http://arstechnica.com/security/201...ecoy-image-files-boobytrap-facebook-linkedin/
Customers of Liechtenstein banks blackmailed by ransomware http://securityaffairs.co/wordpress/53891/malware/liechtenstein-banks-ransomware.html