Security Affairs

JULY 20, 2023

government. The experts noticed the use of an IP address that was part of the hacking infrastructure used by APT41 between May 2014 and August 2020. These commands include instructing the malware to upload log files, photos stored on the device, and acquire device location using the Baidu Location library.”

File names 92

File names Libraries Cybersecurity IT 92

Security Affairs

APRIL 14, 2020

PaloAlto Networks experts warn of malicious Coronavirus themed phishing campaigns targeting government and medical organizations. Recently organizations in healthcare, research, and government facilities have been hit by Coronavirus-themed attacks that deployed multiple malware families, including ransomware and information stealers (i.e.

Ransomware 124

Ransomware Phishing File names Encryption 124

Security Affairs

OCTOBER 31, 2020

The Emotet banking trojan has been active at least since 2014, the botnet is operated by a threat actor tracked as TA542. Emotet is a modular malware, its operators could develop new Dynamic Link Libraries to update its capabilities. Copyright (C) 2014-2015 Media.net Advertising FZ-LLC All Rights Reserved -->. since August.

File names 107

File names Libraries Ransomware Security 107

Security Affairs

OCTOBER 10, 2018

A previously unknown cyber espionage group, tracked as Gallmaker, has been targeting entities in the government, military and defense sectors since at least 2017. Gallmaker is a politically motivated APT group that focused its surgical operations on the government, military or defense sectors. ” continues Symantec.

Military 86

Military File names Libraries Government 86

Security Affairs

SEPTEMBER 5, 2018

In 2014, experts noticed an intensification in the activity of the group that appeared interested in the dispute over the South China Sea. GOBLIN PANDA was focused on Vietnam, most of the targets were in the defense, energy, and government sectors. Copyright (C) 2014-2015 Media.net Advertising FZ-LLC All Rights Reserved -->.

Metadata 49

Metadata File names Libraries Government 49

Security Affairs

DECEMBER 29, 2019

New trojan called ‘Lampion’ has spread using template emails from the Portuguese Government Finance & Tax during the last days of 2019. Last days of 2019 were the perfect time to spread phishing campaigns using email templates based on the Portuguese Government Finance & Tax. At the moment, the file 0.zip amazonaws[.]com/0.zip

Passwords 98

Passwords e-Discovery IT Cleanup 98

Security Affairs

JULY 7, 2020

Lampion was first documented in December 2019 , and it was distributed in Portugal via phishing emails using templates based on the Portuguese Government Finance & Tax. Here, it was distributed using fake webpages, where the victim downloaded an MSI file, which then held the remaining Lampion infection chain. Pierluigi Paganini.

Communications 105

Communications Cloud Phishing Encryption 105