Welcome to the Triad Situation Report, your trusted source for the latest cybersecurity and compliance news. In this edition, we bring you crucial updates on emerging cyber threats, including data breaches, phishing schemes, and sophisticated malware campaigns. Stay informed and take proactive steps to protect your business from evolving cyber risks.
New Coyote Malware Variant Exploits Windows UI Automation to Steal Banking Credentials
A fresh variant of the Coyote banking trojan has emerged as the first known malware to weaponize Microsoft’s UI Automation (UIA) framework—an accessibility layer built into Windows—to harvest user credentials from over 75 banks and crypto platforms, primarily in Brazil. This evolution raises new concerns about misuse of legitimate accessibility features for covert credential theft.
Read more here
Credential Theft & Remote Access Surge via AllaKore, PureRAT & Hijack Loader
Security researchers report a sharp uptick in campaigns leveraging AllaKore RAT, PureRAT, and Hijack Loader tools. The attacks target Mexico-based organizations, stealing credentials and deploying remote access trojans to persist in networks. It’s a blatant reminder: stolen credentials remain a top gateway into enterprise environments.
Read more here
Allianz Life Confirms Data Breach Impacting Majority of 1.4M U.S. Customers
On July 16, 2025, threat actors successfully social‑engineered access to a third‑party CRM system used by Allianz Life. The breach exposed PII for the majority of its 1.4 million U.S. customers, financial professionals, and some employees. Allianz says its internal systems were untouched, but the fallout includes free identity theft protection and ongoing FBI involvement.
Read more here
U.S. Nuclear & Health Agencies Breached via Microsoft SharePoint (ToolShell Zero‑Days)
A major global campaign has exploited ToolShell zero‑day vulnerabilities in on‑premise Microsoft SharePoint servers. Among the impacted institutions: the U.S. National Nuclear Security Administration (NNSA) and National Institutes of Health (NIH). While no classified data is believed to have been exfiltrated, the breach touches over 400 organizations worldwide, orchestrated by Chinese-linked threat groups including Linen Typhoon and Violet Typhoon. Experts warn these flaws remain dangerous even after patching.
Read more here
158-Year-Old Company Collapses After Ransomware Attack via Guessed Password
Knights of Old, a historic UK logistics company, shut down permanently after ransomware actors breached its systems through a single, weak password. The Akira ransomware gang encrypted operational systems and backups, demanding a ransom the company couldn’t afford. Despite having cyber insurance and meeting compliance standards, the attack crippled operations, cost 700 jobs, and grounded 500 trucks.
Read more here
How Triad InfoSec Can Assist Your Business:
Navigating the complexities of cybersecurity compliance can be challenging. Triad InfoSec is dedicated to helping businesses prepare for CMMC audits, ensuring compliance, and optimizing cybersecurity strategies. Our services include:
- CMMC Audit Preparation: Guiding your organization through the necessary steps to achieve CMMC certification.
- MSP Partnerships: Collaborating with Managed Service Providers to ensure your business remains compliant while reducing cyber insurance premiums.
- Comprehensive Cybersecurity Solutions: Offering a range of services tailored to meet all your cybersecurity needs.
Partner with Triad InfoSec to secure your business’s future.
Stay vigilant and proactive in addressing cybersecurity challenges to protect your business and its valuable assets.
