Massive zero-day Cerber ransomware attack targeted Microsoft Office 365 users with spam or phishing emails carrying malicious file attachments. Cerber Ransomware not only encrypts user files and displays a ransom note, but also takes over the user’s audio system to read out its ransom note informing them that their files were encrypted. Microsoft reported in its first quarter 2016 that there are almost 18.2 million Office 365 subscribers. The Cerber malware is invoked via Macros. Locky and Dridex malware also made use of the malicious Macros to hijack systems.
Source: https://thehackernews.com/2016/06/ransomware-msoffice.html