You are using an out of date browser. It may not display this or other websites correctly. You should upgrade or use an alternative browser.
konni
About this tag
The konni tag on WindowsForum covers discussions about KONNI malware, a remote administration tool (RAT) used by cyber actors. Content includes analysis of phishing emails that deploy KONNI via malicious Microsoft Word documents with VBA macro code. The malware is capable of stealing files, capturing keystrokes, taking screenshots, and executing arbitrary commands. References to the MITRE ATT&CK framework and CISA alerts highlight the threat's relevance to enterprise IT security. Users seeking information on KONNI detection, prevention, or incident response will find relevant technical details and mitigation strategies in these threads.
Original release date: August 14, 2020
Summary
This Alert uses the MITRE Adversarial Tactics, Techniques, and Common Knowledge (ATT&CK®) framework. See the ATT&CK for Enterprise framework for all referenced threat actor techniques.
The Cybersecurity and Infrastructure Security Agency (CISA)...