A cloudy campaign delivers commodity remote-access trojans to steal information and execute code.
https://threatpost.com/amazon-azure-clouds-rat-infostealing/177606/
Threat actors have developed custom modules to compromise various ICS devices as well as Windows workstations that pose an imminent threat, particularly to energy providers.
https://threatpost.com/feds-apts-critical-infrastructure/179291/