The previously discovered RCE flaw in the Spring framework is being leveraged by attackers to deploy the Mirai botnet malware.
A recent wide-ranging campaign shows how APT10 is broadening its victimology beyond Japanese organizations.
The threat group has been using a new initial access vector and a novel malware family in the first stages of its attack.
Attackers are using compromised Microsoft Exchange servers to launch thread-hijacking attacks that infect victims with the IcedID malware.
A new initial access broker known as Exotic Lily has used exploits for zero days and sells network access to cybercrime teams such as FIN12 for ransomware deployment.