https://www.proofpoint.com/us/threat-insight/post/ta505-abusing-settingcontent-ms-within-pdf-files-distribute-flawedammyy-rat
TA505 Abusing SettingContent-ms within PDF files to Distribute FlawedAmmyy RAT | Proofpoint US
Proofpoint researchers detail a large campaign abusing the DeepLink object in SettingContent-ms files embedded in PDF documents.
pdf filesto distributeta505abusingms
https://attack.mitre.org/groups/G0092/
TA505, Hive0065, Spandex Tempest, CHIMBORAZO, Group G0092 | MITRE ATT&CKĀ®
ta505spandextempestchimborazogroup
https://www.proofpoint.com/us/threat-insight/post/threat-actor-profile-ta505-dridex-globeimposter
Threat Actor Profile: TA505, From Dridex to GlobeImposter | Proofpoint US
Proofpoint researchers detail the malware and notable campaigns associated with one of the most prolific threat actors: TA505.
threat actorprofileta505dridexproofpoint