This site uses cookies to improve your experience. By viewing our content, you are accepting the use of cookies. To help us insure we adhere to various privacy regulations, please select your country/region of residence. If you do not select a country we will assume you are from the United States. View our privacy policy and terms of use.

Remove 2012 Remove Encryption Remove File names Related Topics
Libraries Mining Security Manufacturing Education Government Data structuring Honeypots Communications Phishing More Related Topics >
article thumbnail

Chinese cyberspies used a new PlugX variant, dubbed THOR, in attacks against MS Exchange Servers

Security Affairs

JULY 28, 2021

In the attacks investigated by Palo Alto Networks, the APT group leveraged legitimate executables such as BITSAdmin to download an innocuous file named Aro.dat from a GitHub repository under the control of the threat actors. The analysis of the file revealed that it includes the encrypted and compressed PlugX payload.

Encryption 109
Encryption File names Communications IT 109
article thumbnail

Crooks target Healthcare facilities involved in Coronavirus containment with Ransomware

Security Affairs

APRIL 14, 2020

. “The emails all contained a malicious Rich Text Format (RTF) phishing lure with the file name 20200323- sitrep -63- covid -19. doc, which, when opened with a vulnerable application, attempted to deliver a ransomware payload using a known shared Microsoft component vulnerability, CVE-2012-0158.”

Ransomware 113
Ransomware Phishing File names Encryption 113
Insiders

Sign Up for our Newsletter

This site is protected by reCAPTCHA and the Google Privacy Policy and Terms of Service apply.

Trending Sources

article thumbnail

New Cyber Attack Campaign Leverages the COVID-19 Infodemic

Security Affairs

FEBRUARY 26, 2020

The file downloaded from this censorship free file hosting is actually a chunk of 125KB random looking bytes, suggesting it would likely be some binary payload protected with strong encryption. Figure 4: Piece of the encrypted file downloaded from “share.]dmca.]gripe”. Inside it, two files named “filename1.vbs”

File names 111
File names Communications Encryption IT 111
article thumbnail

A new variant of Asruex Trojan exploits very old Office, Adobe flaws

Security Affairs

AUGUST 23, 2019

. “However, when we encountered Asruex in a PDF file, we found that a variant of the malware can also act as an infector particularly through the use of old vulnerabilities CVE-2012-0158 and CVE-2010-2883 , which inject code in Word and PDF files respectively.” ” reads the report published by Trend Micro.

File names 82
File names Phishing Encryption Security 82
article thumbnail

Outlaw is Back, a New Crypto-Botnet Targets European Organizations

Security Affairs

APRIL 28, 2020

Based on our findings, there are some similarities in both techniques and architectures with another cybercrime group, which appeared in the wild around 2012, most probably Romanian. The executed crypto miner is the file named “” kswapd0 ” based on the famous XMRIG monero crypto miner. The initial script is the file named “ a ”.

Mining 99
Mining File names Honeypots IT 99
article thumbnail

[SI-LAB] FlawedAmmyy Leveraging Undetected XLM Macros as an Infection Vehicle

Security Affairs

MARCH 2, 2019

File name: patent-2019-02-20T093A283A05-1.xls However, as already mentioned at the beginning of the technical analysis, SI-LAB team obtained two types of files, namely xls and doc archives. File name : 68131_46_20190219.doc Analyzing the MSI file – The installer/dropper of infamous FlawedAmmyy.

File names 84
File names Phishing Libraries IT 84
This site is protected by reCAPTCHA and the Google Privacy Policy and Terms of Service apply.

 

Stay Connected

Join 55,000+ Insiders by signing up for our newsletter

About
Webinars
Awards
About
Editions
Webinars
Awards
Editions
Topics
Twitter
Powered by Aggregage | Terms and Conditions | Your California Rights and Privacy Policy
© Aggregage 2024