For a few days, “Follina” is generating a lot of noise on the Internet, check our yesterday diary[1] about this new vulnerability if you need more details. It was time to hunt for some samples. For this purpose, I created a simple YARA rule on VT:
Article Link: InfoSec Handlers Diary Blog - SANS Internet Storm Center