Incidents

New Bagle active

A new Bagle variant is spammed to users. We received over 40 letters from users with Bagle.at. Anti-virus databases are updated and we are monitoring the situation.

Bagle.at is very similiar to recent Bagle variants and also installs an email proxy server.

I-Worm.Bagle.at

New Bagle active

Your email address will not be published. Required fields are marked *

This site uses Akismet to reduce spam. Learn how your comment data is processed.

Reports

ToddyCat: your hidden email assistant. Part 2

An in-depth analysis of Umbrij, a new tool used by the ToddyCat APT group to compromise corporate email communications in Gmail. The attack targeted OAuth authorization tokens, allowing threat actors to gain access to Google services.