File names, Information Security and Military - Information Management Today

File names

Information Security

Military

Russia-linked Armageddon APT targets Ukrainian state organizations, CERT-UA warns

Security Affairs

APRIL 5, 2022

The group targeted government and military organizations in Ukraine. In December 2019, the APT group targeted several Ukrainian diplomats, government and military officials, and law enforcement. The messages use the HTML-file “War criminals of the Russian Federation.htm” as attachment.

Military

Military Phishing Archiving File names

Russia-linked APT28 used post-compromise tool GooseEgg to exploit CVE-2022-38028 Windows flaw

Security Affairs

APRIL 22, 2024

APT28 deployed GooseEgg to gain elevated access to target systems and steal credentials and sensitive information. GooseEgg is usually deployed with a batch script, commonly named execute.bat or doit.bat. This script creates a file named servtask.bat, which includes commands for saving or compressing registry hives.

Military

Military File names Education Phishing

Join 55,000+

Insiders

This site is protected by reCAPTCHA and the Google Privacy Policy and Terms of Service apply.

Webinars

Automation, Evolved: Your New Playbook For Smarter Knowledge Work

MORE WEBINARS

Trending Sources

Google TAG: Russia, Belarus-linked APTs targeted Ukraine

Security Affairs

MARCH 8, 2022

Google TAG observed Russian, Belarusian, and Chinese threat actors targeting Ukraine and European government and military orgs. Google TAG observed Russian, Belarusian, and Chinese threat actors targeting Ukrainian and European government and military organizations, as well as individuals.

Military

Military Phishing File names Government

Webinars

Automation, Evolved: Your New Playbook For Smarter Knowledge Work

MORE WEBINARS

GhostWriter APT targets state entities of Ukraine with Cobalt Strike Beacon

Security Affairs

MARCH 28, 2022

The phishing messages use a RAR-archive named “Saboteurs.rar”, which contains RAR-archive “Saboteurs 21.03.rar.” ” This second archive contains SFX-archive “Saboteurs filercs.rar,” experts reported that the file name contains the right-to-left override (RTLO) character to mask the real extension.

Archiving

Archiving CMS File names Phishing

Russia-linked Cyclops Blink botnet targeting ASUS routers

Security Affairs

MARCH 18, 2022

. “Our data also shows that although Cyclops Blink is a state-sponsored botnet, its C&C servers and bots affect WatchGuard Firebox and Asus devices that do not belong to critical organizations, or those that have an evident value on economic, political, or military espionage.” India, Italy, Canada, and Russia.

IoT

IoT Military File names Communications

A month later Gamaredon is still active in Eastern Europe

Security Affairs

JUNE 4, 2019

During recent times, Gamaredon is targeting the Ukrainian military and law enforcement sectors too, as officially stated by the CERT-UA. The response body will contain a new executable file, named “jasfix.exe”, representing the new stage. However, the file named “ win32.sys class ” files. Exploring the “.

Archiving

Archiving Passwords File names Military

SWEED targets precision engineering companies in Italy

Security Affairs

OCTOBER 28, 2019

Precision engineering is a very important business market in Europe, it includes developing mechanical equipment for: automotive, railways, heavy industries and military grade technology. According to VT history detection the same hash has been seen with at least three different names: educrety.exe , prestezza.exe and cardsharper.exe.

Passwords

Passwords Encryption File names Access

Russia-linked APT Gamaredon update TTPs in recent attacks against Ukraine

Security Affairs

JUNE 15, 2023

The Gamaredon APT group (aka Shuckworm, Actinium, Armageddon, Primitive Bear, UAC-0010, and Trident Ursa) continues to carry out attacks against entities in Ukraine, including security services, military, and government organizations. A novelty observed in the recent attacks is the use of a USB propagation malware.

Military

Military File names Archiving Phishing

SideWinder APT targets maritime and nuclear sectors with enhanced toolset

Security Affairs

MARCH 11, 2025

SideWinder (also known as Razor Tiger, Rattlesnake, and T-APT-04) has been active since at least 2012, the group mainly targeted Police, Military, Maritime, and the Naval forces of Central Asian countries. SideWinder rapidly adapts to security detections, modifying malware within hours, altering tactics, techniques, and procedures.

Military

Military File names Government Phishing

Russia-linked Armageddon APT targets Ukrainian state organizations, CERT-UA warns

Russia-linked APT28 used post-compromise tool GooseEgg to exploit CVE-2022-38028 Windows flaw

Webinars

Trending Sources

Google TAG: Russia, Belarus-linked APTs targeted Ukraine

Webinars

GhostWriter APT targets state entities of Ukraine with Cobalt Strike Beacon

Russia-linked Cyclops Blink botnet targeting ASUS routers

A month later Gamaredon is still active in Eastern Europe

SWEED targets precision engineering companies in Italy

Russia-linked APT Gamaredon update TTPs in recent attacks against Ukraine

SideWinder APT targets maritime and nuclear sectors with enhanced toolset

Stay Connected