Konni Campaign Distributed Via Malicious Document

FortiGuard Labs recently identified the use of a Russian-language Word document equipped with a malicious macro in the ongoing Konni campaign. Despite the document’s creation date of September, ongoing activity on the campaign’s C2 server is evident in internal telemetry. Read More …

Social engineering attacks lure Indian users to install Android banking trojans

Microsoft has observed ongoing activity from mobile banking trojan campaigns targeting users in India with social media messages designed to steal users’ information for financial fraud. Using social media platforms like WhatsApp and Telegram, attackers are sending messages designed to Read More …

Hackers accessed sensitive health data of Welltok patients

Hackers accessed the personal data of more than a million people by exploiting a security vulnerability in a file transfer tool used by Welltok, the healthcare platform owned by Virgin Pulse. Welltok, a Denver-based patient engagement company that works with Read More …

K-12 schools improve protection against online attacks, but many are vulnerable to ransomware gangs

Some K-12 public schools are racing to improve protection against the threat of online attacks, but lax cybersecurity means thousands of others are vulnerable to ransomware gangs that can steal confidential data and disrupt operations. Since a White House conference Read More …

Canada: Current and former public service, RCMP, military members affected by data breach

The federal government is warning current and former public service employees and members of the RCMP and Canadian Armed Forces their personal and financial information may have been accessed in a data breach that occurred on Oct. 19. The breach Read More …

Toyota finance business confirms ransomware attack, data breach

Toyota Financial Services (TFS), a subsidiary of the popular automaker, has confirmed suffering a ransomware attack. In a statement company stated that Toyota Financial Services Europe & Africa “recently identified unauthorized activity on systems in a limited number of its Read More …

Stately Taurus targets the Philippines as tensions flare in the South Pacific

Tensions between China and the Philippines have risen sharply over the past several months. Coinciding with these real-world events, Unit 42 researchers observed three Stately Taurus campaigns during the month of August. These campaigns are assessed to have targeted entities Read More …

Into The Trash: Analyzing LitterDrifter

Gamaredon, also known as Primitive Bear, ACTINIUM, and Shuckworm, is a unique player in the Russian espionage ecosystem that targets a wide variety of almost exclusively Ukrainian entities. While researchers often struggle to uncover evidence of Russian espionage activities, Gamaredon Read More …