I've got another new post up on the State of Security blog: https://www.tripwire.com/state-of-security/breaches-wont-make-headlines

A subtle attacker can get away with large scale, low key operations over time without users being made aware. (I often liken this to the idea that whilst bank heists will often make the headlines, the reality of theft is typically medium to small value goods that are less likely to arouse the suspicion of security services until it’s too late.)

Is crypto-mining the "new" thing and ransomware "old hat"? I don't think so - it's just another attack approach we all need to get use to unforunately.