Trellix: Threat actors, including APTs, are abusing the Discord application for payload delivery, information stealing and data exfiltration. Trellix identified several malware families leveraging Discord's capabilities to conduct their operations, uncovering when they started abusing them. IOC provided. Link:https://www.trellix.com/en-us/about/newsroom/stories/research/discord-i-want-to-play-a-game.html
2023-09-21 (Thursday) thru 09-25 (Monday): I collected examples of #AgentTesla from my honeypot email accounts, and thought I'd share, since this is an ongoing threat.
Although it's something I consider a "low-hanging fruit," AgentTesla remains part of our threat landscape, with compromised accounts used for data exfiltration active for months at a time.