A newly discovered threat actor is using Microsoft Teams, AWS S3 buckets, and custom "Snow" malware in a multipronged campaign. The threat actor is leveraging legitimate cloud services for command and control and data exfiltration while deploying custom malware to compromise target systems.