New research from Unit42 with some interesting TTPs: - Data exfil and data recon from SQL DBs - PlugX doing PlugX things with the usual side loading techniques - Defense evasion mixed with loud exec TTPs—plenty of detection opportunities! https://unit42.paloaltonetworks.com/espionage-campaign-targets-south-asian-entities/