Ransomware operators relied heavily on commodity Trojans, open source reconnaissance tools, and legitimate Windows utilities to execute many of their attacks during the past quarter. The most prolific ransomware families included Ryuk, Vatet, WastedLocker, and variants of Egregor. Phishing remains the most observed infection vector for these attacks, says Brad Garnett, general manager of the Cisco Talos Incident Response team. For enterprises, the trend could spell even more trouble on the ransomware front.”]