Security Affairs

MARCH 26, 2021

The researchers shared a detailed analysis on Security Affairs , they explained that once the malware has infected a Windows machine, it overwrites the existing Master Boot Record, with a custom MBR and encrypts the hard drive using the DiskCryptor tool. Only use secure networks and avoid using public Wi-Fi networks.

Ransomware 145

Ransomware Encryption File names Passwords 145

Security Affairs

SEPTEMBER 23, 2024

Suspected China-linked APT Earth Baxia targeted a government organization in Taiwan by exploiting a recently patched OSGeo GeoServer GeoTools flaw. Trend Micro researchers reported that China-linked APT group Earth Baxia has targeted a government organization in Taiwan and potentially other countries in the Asia-Pacific (APAC) region.

Phishing 143

Phishing File names Cloud Government 143

Security Affairs

OCTOBER 21, 2021

The Macaw Locker ransomware encrypts victims’ files and append the .macaw macaw extension to the file name of the encrypted files. The US Government announced sanctions for ransomware negotiation firms that will support victims of the Evil Corp group in the ransom payments. Pierluigi Paganini.

Ransomware 144

Ransomware File names Encryption Government 144

Security Affairs

MAY 3, 2020

In other words, it could be nice to see what are the patterns used by malware in both: domain names, file names and process names. TOP domains, TOP processes and TOP File Names. I am a computer security scientist with an intensive hacking background. About the author: Marco Ramilli, Founder of Yoroi.

Computer and Electronics 131

Computer and Electronics File names Cybersecurity Security 131

Security Affairs

AUGUST 28, 2024

Iran-linked group APT33 used new Tickler malware in attacks against organizations in the government, defense, satellite, oil and gas sectors. The first sample, contained in a file named Network Security.zip including: YAHSAT NETWORK_INFRASTRUCTURE_SECURITY_GUIDE_20240421.pdf.exe dll to execute its functions.

IT 136

IT Education File names Passwords 136

Security Affairs

MARCH 8, 2022

Google TAG observed Russian, Belarusian, and Chinese threat actors targeting Ukraine and European government and military orgs. Google TAG observed Russian, Belarusian, and Chinese threat actors targeting Ukrainian and European government and military organizations, as well as individuals. ” concludes the report.

Military 116

Military Phishing File names Government 116

Security Affairs

JUNE 24, 2024

Over the past year, ExCobalt targeted Russian organizations in the the following industries: Metallurgy Telecommunications Mining Information technology Government Software development The Cobalt’s hallmark was the use of the CobInt tool , the same tool that ExCobalt began using in 2022.

File names 127

File names Communications Mining Archiving 127

Security Affairs

FEBRUARY 16, 2024

The Turla APT group (aka Snake , Uroburos , Waterbug , Venomous Bear and KRYPTON ) has been active since at least 2004 targeting diplomatic and government organizations and private businesses in the Middle East, Asia, Europe, North and South America, and former Soviet bloc nations.

CMS 142

CMS File names Passwords Access 142

Security Affairs

MAY 16, 2020

The phishing messages use Trojan sample associated with a file named “Company PLP_Tax relief due to Covid-19 outbreak CI+PL.jar,” experts from MalwareHunterTeam noticed that the malicious code was only detected by ESET AV. "Company The operators behind the campaign use COVID-19 lure promising victims tax relief.

Phishing 140

Phishing File names Access Government 140

Security Affairs

MAY 19, 2021

“The National Cyber Security Centre (NCSC) became aware on Thursday of an attempted cyber attack on the Department of Health. ” The National Cyber Security Centre (NCSC) also published an alert titled “Ransomware Attack on Health Sector” that included technical details on the attack. Pierluigi Paganini.

Ransomware 134

Ransomware Encryption File names IoT 134

Security Affairs

OCTOBER 18, 2022

Symantec pointed out that the attacks against government organizations in Hong Kong remained undetected for a year in some cases. The post China-linked APT41 group targets Hong Kong with Spyder Loader appeared first on Security Affairs. ” continues the report. Follow me on Twitter: @securityaffairs and Facebook.

File names 137

File names Encryption Manufacturing Libraries 137

Security Affairs

MARCH 28, 2022

The phishing messages use a RAR-archive named “Saboteurs.rar”, which contains RAR-archive “Saboteurs 21.03.rar.” ” This second archive contains SFX-archive “Saboteurs filercs.rar,” experts reported that the file name contains the right-to-left override (RTLO) character to mask the real extension.

Archiving 98

Archiving CMS File names Phishing 98

Security Affairs

OCTOBER 13, 2022

The Budworm cyber espionage group (aka APT27 , Bronze Union , Emissary Panda , Lucky Mouse , TG-3390 , and Red Phoenix) is behind a series attacks conducted over the past six months against a number of high-profile targets, including the government of a Middle Eastern country, a multinational electronics manufacturer, and a U.S.

File names 145

File names Financial Services Manufacturing Libraries 145

Security Affairs

FEBRUARY 3, 2023

The government experts pointed out that the threat actor continues to evolve its TTPs to avoid detection. The attack chain starts with spear-phishing messages with a.RAR attachment named “12-1-125_09.01.2023.” The.RAR archive contains the.LNK file named “Запит Служба безпеки України 12-1-125 від 09.01.2023.lnk”

File names 98

File names Archiving Phishing Government 98

Gimmal

NOVEMBER 21, 2024

Enter metadata—a powerful tool that can revolutionize your information governance strategy. Limited Sorting and Filtering : Users can only sort and filter files based on basic attributes like name and date within a folder, restricting efficient data retrieval. Efficiency : Reduce the time spent searching for documents.

Metadata 52

Metadata Information governance Government Records Management 52

Gimmal

OCTOBER 30, 2024

For information governance professionals, understanding and managing RIOT data is crucial. Data Governance Challenges You can’t protect or govern what you can’t access or read. This solution helps enterprises and government agencies uncover and remediate RIOT data effectively.

Information governance 52

Information governance Government Cleanup Digital preservation 52

Security Affairs

JULY 14, 2021

LuminousMoth: Kaspersky uncovered an ongoing and large-scale APT campaign that targeted government entities in Southeast Asia, including Myanmar and the Philippines. We found multiple archives like this with file names of government entities in Myanmar, for example “COVID-19 Case 12-11-2020(MOTC).rar” Pierluigi Paganini.

Archiving 98

Archiving File names Government Libraries 98

Security Affairs

JULY 22, 2019

APT34 is an Iran-linked APT group that has been around since at least 2014, it targeted mainly organizations in the financial, government, energy, telecoms and chemical sectors in the United States and Middle Eastern countries. The fake profiles asked the victims to open the weaponized excel file named ERFT-Details.

File names 111

File names Phishing Government Passwords 111

Security Affairs

OCTOBER 10, 2018

A previously unknown cyber espionage group, tracked as Gallmaker, has been targeting entities in the government, military and defense sectors since at least 2017. Gallmaker is a politically motivated APT group that focused its surgical operations on the government, military or defense sectors. ” continues Symantec.

Military 108

Military File names Government Libraries 108

AIIM

AUGUST 26, 2021

Storing important information in a secure and compliant way. Often, you can make some good initial decisions right away by examining things like file name, path name, and file extensions before you attempt to migrate, read, or index the content itself. Using that information in ways that matter.

Digital transformation 200

Digital transformation Search queries Artificial Intelligence Healthcare 200

Security Affairs

SEPTEMBER 13, 2023

UK, Australian, Canadian, and New Zealand governments issued a joint alert about China-linked threat actors targeting CNI organizations and using living off the land to evade detection. “On May 29, the attackers returned and used a renamed version of ProcDump (file name: alg.exe) to dump credentials from LSASS.”

File names 140

File names Access Encryption Communications 140

Security Affairs

NOVEMBER 30, 2018

Security researchers at Trend Micro recently discovered PowerShell-based backdoor that resembles a malware used by MuddyWater threat actor. ” The new backdoor uses the API of a cloud file hosting provider to implement command and control (C&C) communication and data exfiltration. ” continues the experts.

Communications 109

Communications File names Cloud Government 109

Security Affairs

MAY 26, 2023

Researchers from the Fortinet FortiGuard Labs observed an attack targeting a government entity in the United Arab Emirates with a new PowerShell-based backdoor dubbed PowerExchange. The infection chain commenced with spear phishing messages using a zip file named Brochure.zip in attachment. with the new PowerExchange backdoor.

Communications 98

Communications File names Archiving Phishing 98

Security Affairs

NOVEMBER 20, 2018

The Russia-linked APT group delivers Cannon in a spear-phishing attack that targets government organizations in North America, Europe and in a former USSR state. Hackers used weaponized files named ‘crash list (Lion Air Boeing 737).docx’ Security Affairs – Sofacy APT, Cannot tool). Pierluigi Paganini.

File names 109

File names Phishing Communications Government 109

Security Affairs

OCTOBER 31, 2020

Recently, the Cybersecurity and Infrastructure Security Agency (CISA) issued an alert to warn of a surge of Emotet attacks that have targeted multiple state and local governments in the U.S. Researchers from Microsoft Security Intelligence are also warning of the ongoing Halloween-themed Emotet campaign. since August.

File names 121

File names Libraries Ransomware Security 121

Security Affairs

JUNE 15, 2023

The Gamaredon APT group (aka Shuckworm, Actinium, Armageddon, Primitive Bear, UAC-0010, and Trident Ursa) continues to carry out attacks against entities in Ukraine, including security services, military, and government organizations. A novelty observed in the recent attacks is the use of a USB propagation malware.

Military 98

Military File names Archiving Phishing 98

Security Affairs

MAY 23, 2023

A previously undocumented APT group tracked as GoldenJackal has been targeting government and diplomatic entities in the Middle East and South Asia since 2019. The group focuses on government and diplomatic entities in the Middle East and South Asia. “The fake Skype installer was a.NET executable file named skype32.exe

File names 98

File names Government Security IT 98

Security Affairs

JANUARY 21, 2019

A rogue server could send a LOAD DATA LOCAL statement to the client to get access to any file for which the client has read permission. “In theory, a patched server could be built that would tell the client program to transfer a file of the server’s choosing rather than the file named by the client in the LOAD DATA statement.”

Passwords 111

Passwords File names Access Sales 111

eSecurity Planet

JULY 19, 2022

According to Cyble, “The ransomware searches for files to encrypt on the local system by enumerating the file directories […] It ignores the file extensions such as EXE, DLL, and SYS and excludes a list of directory and file names from the encryption process.”. How to Protect Against Lilith Ransomware.

Ransomware 120

Ransomware Encryption File names Government 120

Security Affairs

NOVEMBER 16, 2018

Marco Ramilli, founder and CEO at cyber security firm Yoroi has explained how to use Microsoft Powerpoint as Malware Dropper. The script downloads a file named: AZZI.exe and saves it by a new name: VRE1wEh9j0mvUATIN3AqW1HSNnyir8id.exe on a System temporary directory for running it. Edited by Pierluigi Paganini.

Computer and Electronics 111

Computer and Electronics File names Security IT 111

Security Affairs

MAY 10, 2023

A new sophisticated malware strain, dubbed DownEx, was involved in attacks aimed at Government organizations in Central Asia. In late 2022, Bitdefender Labs researchers first observed a highly targeted cyberattack targeting foreign government institutions in Kazakhstan that involved a new sophisticated strain of malware dubbed DownEx.

File names 98

File names Archiving Government Phishing 98

National Archives Records Express

JUNE 12, 2023

Access restrictions include national security considerations, donor restrictions, court orders, and other statutory or regulatory provisions. Creating Unique File Names and Record IDs Unique file names and record IDs must be created for each image file.

Metadata 109

Metadata Digital transformation File names Archiving 109

IT Governance

AUGUST 10, 2021

Security researchers at Microsoft are again warning users about phishing scams imitating SharePoint. The messages appear to come from Microsoft SharePoint and contain a “file share” request to access “Staff Reports”, “Bonuses”, “Pricebooks” and other content that’s purportedly hosted in an Excel spreadsheet. Can you spot a scam?

Phishing 111

Phishing File names Security Risk 111

Security Affairs

JUNE 3, 2023

According to government experts, the Royal ransomware attacks targeted numerous critical infrastructure sectors including, manufacturing, communications, healthcare and public healthcare (HPH), and education. ReadMe file name: README.BlackSuit.txt. New #ransomware #BlackSuit targets Windows, #Linux. Extension: blacksuit.

Ransomware 98

Ransomware Encryption File names Cybersecurity 98

Security Affairs

FEBRUARY 8, 2023

It creates temporary files with the “ lock” and “ trash” extensions. It uses hardcoded file names designed to masquerade as Microsoft office executables: OfficeTemplate.exe and MicrosoftOfficeDashboard.exe” reads the analysis published by Symantec.

File names 98

File names Passwords Phishing Encryption 98

AIIM

OCTOBER 30, 2017

Obviously digital document accuracy is particularly important for government and regulated industries. Consistent document capture and file naming. Another area that lends itself to mixed results is in file naming structure. A client number or name can be taken from the barcode and appended to the filename.

e-Delivery 90

e-Delivery File names Compliance ECM 90

Schneier on Security

OCTOBER 14, 2024

It gets installed by exploiting more than 20,000 common misconfigurations, a capability that may make millions of machines connected to the Internet potential targets, researchers from Aqua Security said. The naming convention is one of the many ways the malware attempts to escape notice of infected users.

Mining 93

Mining File names Government Communications 93