The Iran-linked threat actor is exploiting the infamous Log4j bug in order to execute a new PowerShell data exfiltration toolkit.
Proofpoint's Sherrod DeGrippo discusses the top malware trends of the past year, including Emotet's takedown and eventual return.
Researchers have linked a malware loader, called CeeLoader, to the threat group behind the SolarWinds supply-chain attack.
A threat actor has been deploying web browser credential stealers, an undocumented backdoor and new Google Chrome malicious extension in an ongoing campaign.
Three APTs have been observed using RTF template injection, and researchers warn more threat groups may adopt the new tactic.