Ransomware called Epsilon Red may be the same crew behind the REvil threat actors, researchers say. The name of the new ransomware is a reference to an obscure enemy character in the X-Men comics. The ransom note left on infected computers is similar to the note left behind by the group, Sophos says. The initial point of entry for the attack was an unpatched Microsoft Exchange server, from which attackers used WMI to install other software onto machines inside the network that they could reach.
Source: https://threatpost.com/exchange-servers-epsilon-red-ransomware/166640/