Threat hunters at Palo Alto Networks’ Unit 42 have warned that a Russia-based hacking group known as Cozy Bear, Nobelium, APT29 and Cloaked Ursa, are using trusted, legitimate cloud services such Dropbox and Google Drive in their attacks. For example, the group’s recent attacks on some western diplomats use a pdf to call out to cloud storage services to retrieve malicious malware and Dynamic Link Libraries (DLLs). The advice to businesses is to review their email policies. Dropbox is reported to be working on the issue with industry partners and researchers.