Just had a client get hit with the Zepto ransomware. It was a "PDF" attachment in an email that delivered the payload. Both Bitdefender AntiRansomware and Malwarebytes AntiExploit did not stop it, despite it being a variant of Locky.
It's worse than Locky, in that all encrypted files are also renamed. This caused a problem trying to roll back the office-wide "Onedrive for Business" share. All previous versions of the files were wiped, and replaced with only 2, with the same time stamp. Restoring back to version "1.0" gave the same modified name and extension, but thankfully, DID reverse the encryption. I had to manually assign an extension based on best guess from file size, though, and there is no way to do a mass rollback in the web gui, so I asked for Microsoft's help. Microsoft was planning a full site roll-back, but it was going to take a few days... that was too much downtime, and I had a local cached copy on one of the machines with a "Previous Versions" only a day old. I made sure that copy was clean, backed up the entire encrypted share (in case a decryption tool becomes available), and resync'd up the share. Once again, backup saves the day... but worthy of note that OneDrive's versioning system in not enough to save your bacon here (and this is one of the reasons I moved to a OneDrive share in the first place!)
Anyone have any suggestions for AntiRansomware moving forward? Malwarebytes AntiRansomware interfered with some software I used last time a tried it (sorry, can't remember which), and the aforementioned 2 I had in place obviously were insufficient.