As covered in the latest research by SentinelLabs, we’ve seen an increased use of lnk and ISO files to bypass security controls. This trend is supported by tools that simplify the generation of lnk, ISO or IMG-based droppers. Read the research here: https://www.sentinelone.com/labs/who-needs-macros-threat-actors-pivot-to-abusing-explorer-and-other-lolbins-via-windows-shortcuts/