File names and Military - Information Management Today

File names

Military

Russia-linked Armageddon APT targets Ukrainian state organizations, CERT-UA warns

Security Affairs

APRIL 5, 2022

The group targeted government and military organizations in Ukraine. In December 2019, the APT group targeted several Ukrainian diplomats, government and military officials, and law enforcement. The messages use the HTML-file “War criminals of the Russian Federation.htm” as attachment.

Military

Military Phishing Archiving File names

Russia-linked APT28 used post-compromise tool GooseEgg to exploit CVE-2022-38028 Windows flaw

Security Affairs

APRIL 22, 2024

GooseEgg is usually deployed with a batch script, commonly named execute.bat or doit.bat. This script creates a file named servtask.bat, which includes commands for saving or compressing registry hives. APT28 deployed GooseEgg to gain elevated access to target systems and steal credentials and sensitive information.

Military

Military File names Education Phishing

Join 55,000+

Insiders

This site is protected by reCAPTCHA and the Google Privacy Policy and Terms of Service apply.

Webinars

How to Achieve High-Accuracy Results When Using LLMs

MORE WEBINARS

Trending Sources

New Gallmaker APT group eschews malware in cyber espionage campaigns

Security Affairs

OCTOBER 10, 2018

A previously unknown cyber espionage group, tracked as Gallmaker, has been targeting entities in the government, military and defense sectors since at least 2017. Gallmaker is a politically motivated APT group that focused its surgical operations on the government, military or defense sectors. ” continues Symantec.

Military

Military File names Government Libraries

Webinars

How to Achieve High-Accuracy Results When Using LLMs

MORE WEBINARS

Google TAG: Russia, Belarus-linked APTs targeted Ukraine

Security Affairs

MARCH 8, 2022

Google TAG observed Russian, Belarusian, and Chinese threat actors targeting Ukraine and European government and military orgs. Google TAG observed Russian, Belarusian, and Chinese threat actors targeting Ukrainian and European government and military organizations, as well as individuals.

Military

Military Phishing File names Government

Russia-linked APT Gamaredon update TTPs in recent attacks against Ukraine

Security Affairs

JUNE 15, 2023

The Gamaredon APT group (aka Shuckworm, Actinium, Armageddon, Primitive Bear, UAC-0010, and Trident Ursa) continues to carry out attacks against entities in Ukraine, including security services, military, and government organizations. A novelty observed in the recent attacks is the use of a USB propagation malware.

Military

Military File names Archiving Government

GhostWriter APT targets state entities of Ukraine with Cobalt Strike Beacon

Security Affairs

MARCH 28, 2022

The phishing messages use a RAR-archive named “Saboteurs.rar”, which contains RAR-archive “Saboteurs 21.03.rar.” ” This second archive contains SFX-archive “Saboteurs filercs.rar,” experts reported that the file name contains the right-to-left override (RTLO) character to mask the real extension.

Archiving

Archiving CMS File names Phishing

Russia-linked Cyclops Blink botnet targeting ASUS routers

Security Affairs

MARCH 18, 2022

. “Our data also shows that although Cyclops Blink is a state-sponsored botnet, its C&C servers and bots affect WatchGuard Firebox and Asus devices that do not belong to critical organizations, or those that have an evident value on economic, political, or military espionage.” India, Italy, Canada, and Russia.

IoT

IoT Military File names Communications

WinRAR CVE-2018-20250 flaw exploited in multiple campaigns

Security Affairs

MARCH 28, 2019

” Another campaign monitored by FireEye was aimed at the Israeli military, in this case, threat actors used emails with an ACE archive containing documentation for SysAid, a helpdesk service based in Israel. The decoded data starts with the instruction code from the C2 server, followed with additional parameters.”

Archiving

Archiving File names Education Libraries

A month later Gamaredon is still active in Eastern Europe

Security Affairs

JUNE 4, 2019

During recent times, Gamaredon is targeting the Ukrainian military and law enforcement sectors too, as officially stated by the CERT-UA. The response body will contain a new executable file, named “jasfix.exe”, representing the new stage. However, the file named “ win32.sys class ” files. Exploring the “.

Archiving

Archiving Passwords File names Military

SWEED targets precision engineering companies in Italy

Security Affairs

OCTOBER 28, 2019

Precision engineering is a very important business market in Europe, it includes developing mechanical equipment for: automotive, railways, heavy industries and military grade technology. According to VT history detection the same hash has been seen with at least three different names: educrety.exe , prestezza.exe and cardsharper.exe.

Passwords

Passwords Encryption File names Access

SideWinder APT targets maritime and nuclear sectors with enhanced toolset

Security Affairs

MARCH 11, 2025

SideWinder (also known as Razor Tiger, Rattlesnake, and T-APT-04) has been active since at least 2012, the group mainly targeted Police, Military, Maritime, and the Naval forces of Central Asian countries. The group was spotted changing file names to maintain persistence and evade defense.

Military

Military File names Government Phishing

Russia-linked Armageddon APT targets Ukrainian state organizations, CERT-UA warns

Russia-linked APT28 used post-compromise tool GooseEgg to exploit CVE-2022-38028 Windows flaw

Webinars

Trending Sources

New Gallmaker APT group eschews malware in cyber espionage campaigns

Webinars

Google TAG: Russia, Belarus-linked APTs targeted Ukraine

Russia-linked APT Gamaredon update TTPs in recent attacks against Ukraine

GhostWriter APT targets state entities of Ukraine with Cobalt Strike Beacon

Russia-linked Cyclops Blink botnet targeting ASUS routers

WinRAR CVE-2018-20250 flaw exploited in multiple campaigns

A month later Gamaredon is still active in Eastern Europe

SWEED targets precision engineering companies in Italy

SideWinder APT targets maritime and nuclear sectors with enhanced toolset

Stay Connected