""The attack uses classic techniques with a modern twist: WebDAV downloads, COM hijacking, shellcode hidden in PNGs, and the Covenant framework using Filen cloud storage for C2," Morata said. “Organizations must update and restart Office immediately. Office 2021 and 365 get server-side protection, but the apps must be restarted to take effect.""