Windows malware

Incidents

New GpCode spreading

Two hours ago we started receiving multiple emails from users with encrypted documents. Virus.Win32.GpCode.ae is responsible for this outbreak – this is a new variant of something we’ve reported on before.

Reports

ToddyCat: your hidden email assistant. Part 2

An in-depth analysis of Umbrij, a new tool used by the ToddyCat APT group to compromise corporate email communications in Gmail. The attack targeted OAuth authorization tokens, allowing threat actors to gain access to Google services.