Some news for security operations teams investigating their networks for signs that nation-state attackers had deployed the Sunburst malware via the SolarWinds' Orion network monitoring technology: FireEye has identified a killswitch that would stop the malware from executing in infected networks.
Attackers planted a compromised update for the SolarWinds Orion platform, leading to a cyber espionage campaign that hit many companies and government agencies.
New variants of the Bandook malware that are digitally signed have been used in a recent wave of attacks on organizations in many industries.
The Trickbot malware operation is back, with a fresh spam campaign delivering malicious Word documents.
Days after a takedown operation, the Trickbot botnet is back up and running with new C2 servers in Europe and South America.