Security Affairs

APRIL 22, 2024

National Security Agency and Microsoft addressed it with the release of Microsoft October 2022 Patch Tuesday security updates. GooseEgg is usually deployed with a batch script, commonly named execute.bat or doit.bat. This script creates a file named servtask.bat, which includes commands for saving or compressing registry hives.

Military 116

Military File names Education Phishing 116

Security Affairs

SEPTEMBER 22, 2022

More than 350,000 open source projects can be potentially affected by an unpatched Python vulnerability, tracked as CVE-2007-4559 (CVSS score: 6.8), that was discovered 15 years ago. As we dug into the issue, we realized this was in fact CVE-2007-4559.” ” reads the post published by security firm Trellix.”The

Archiving 97

Archiving File names Metadata Security 97

Security Affairs

OCTOBER 21, 2021

The Macaw Locker ransomware encrypts victims’ files and append the .macaw macaw extension to the file name of the encrypted files. The Evil Corp cybercrime group (aka the Dridex gang Indrik Spider , the Dridex gang, and TA505 ) has been active in cybercrime activities since 2007. Pierluigi Paganini.

Ransomware 119

Ransomware File names Encryption Government 119

Security Affairs

OCTOBER 18, 2022

Winnti (aka APT41 , Axiom, Barium , Blackfly) is a cyberespionage group that has been active since at least 2007. The post China-linked APT41 group targets Hong Kong with Spyder Loader appeared first on Security Affairs. ” continues the report. Follow me on Twitter: @securityaffairs and Facebook. Pierluigi Paganini.

File names 111

File names Encryption Manufacturing Libraries 111

Security Affairs

JULY 20, 2023

The APT41 group, aka Winnti , Axiom, Barium , Blackfly, HOODOO) is a China-linked cyberespionage group that has been active since at least 2007. “It then receives a response containing a file name which the malware uses to download additional rooting binaries from C2 infrastructure if one exists for the specified device.”

File names 87

File names Libraries Cybersecurity IT 87

Security Affairs

DECEMBER 17, 2019

This threat actor has been active since at least 2009, possibly as early as 2007, and it was involved in both cyber espionage campaigns and sabotage activities aimed to destroy data and disrupt systems. The post Dacls RAT, the first Lazarus malware that targets Linux devices appeared first on Security Affairs. Pierluigi Paganini.

CMS 77

CMS File names Encryption Access 77

Security Affairs

MARCH 1, 2019

In 2018, Emissary Panda was observed using an updated version of the ZxShell RAT first developed in 2006 and whom code was released in 2007. ” Experts described SysUpdate as a flexible malware that could expand its capabilities by loading new payload files. “This Gh0st RAT sample communicated with IP address 43 [. ]

IT 79

IT File names Financial Services Communications 79