The ObliqueRAT malware is now being delivered through malicious image files hosted on compromised websites.
The Emotet malware has begun spreading again after one of its periodic breaks, using Christmas and COVID lures.
Some news for security operations teams investigating their networks for signs that nation-state attackers had deployed the Sunburst malware via the SolarWinds' Orion network monitoring technology: FireEye has identified a killswitch that would stop the malware from executing in infected networks.
Attackers planted a compromised update for the SolarWinds Orion platform, leading to a cyber espionage campaign that hit many companies and government agencies.
New variants of the Bandook malware that are digitally signed have been used in a recent wave of attacks on organizations in many industries.