A RAT that has stayed under the radar for at least three years was recently uncovered in highly targeted espionage attacks against companies in the telecommunications and aerospace industries.
Researchers have discovered a new UEFI bootkit called ESPecter that can modify the Windows Boot Manager.
The fear surrounding the Pegasus spyware tool is being used to lure victims to a fake Amnesty International site that installs the Sarwent RAT.
Some cybercrime groups are using trojaned proxyware installers to gain a foothold on victim machines and install malware and cryptominers.
TA505, a well-known cybercrime group, is using signed MSI files and other techniques to install the ServHelper RAT on victims' systems.