Threat actors behind Venus Ransomware are hacking into publicly-exposed Remote Desktop services to encrypt Windows devices. Venus campaigns have been observed since mid-2021 and have been increasing since September 2022. The attack campaigns are opportunistic and broad across verticals.
