Security Affairs

SEPTEMBER 12, 2022

The attacker conducted a series of sophisticated voice phishing attacks under the guise of various trusted organizations attempting to convince the victim to accept multi-factor authentication (MFA) push notifications initiated by the attacker.

Ransomware 94

Ransomware IT Authentication File names 94

Security Affairs

APRIL 15, 2024

The first Python payload creates and executes another Python script (“system.pth”), which then decrypts and launches the embedded backdoor component, that executes the attackers’s command in a file named “sslvpn_ngx_error.log.”

File names 112

File names Access Authentication IT 112

Security Affairs

AUGUST 28, 2023

watchTowr Labs security researchers exploited a pre-authentication upload vulnerability (CVE-2023-36846) to upload an arbitrary PHP file to a restricted directory with a randomised file name. Then they exploited the same vulnerable function to upload a PHP configuration file (.ini)

File names 83

File names Authentication Security Access 83

Security Affairs

MARCH 26, 2021

“Once encrypted, the system displays a ransom note including the actor’s email address, ransomware file name, the host system name, and a place to enter the decryption key.” Use multifactor authentication where possible. DiskCryptor is not inherently malicious but has been weaponized.”

Ransomware 143

Ransomware Encryption File names Passwords 143

Security Affairs

MAY 7, 2021

While performing the search, we made sure that the open databases we found required no authentication whatsoever and were open for anyone to access, as opposed to those that had default credentials enabled. We excluded the latter because it would require us to log in to those databases without authorization, which would be unethical.

Passwords 123

Passwords Authentication Access File names 123

IT Governance

NOVEMBER 17, 2022

Things got worse for Medibank after a second database was leaked , containing a file named “abortions”. A fourth file was then leaked, labelled “psychos”, which contained hundreds of claims from policyholders who have undergone mental health treatment. First, it employed multi-factor authentication to protect employee accounts.

IT 107

IT Ransomware Security Data breaches 107

Security Affairs

OCTOBER 5, 2021

The ransomware operators then executed a tiny Python script (6kb) to encrypt all virtual disks and VM settings files of the virtual machines hosted on the server. Wherever possible, enable the use of multi-factor authentication and enforce the use of MFA for accounts with high permissions, such as domain administrators.

Encryption 131

Encryption Ransomware File names Passwords 131

Security Affairs

JANUARY 24, 2023

Crimew discovered a file named NoFly.csv which is a legitimate U.S. records (first names, last names, and dates of birth) belonging to people with suspected or known ties to terrorist groups. “three csv files, employee_information.csv, NOFLY.CSV and SELECTEE.CSV. no fly list from 2019 containing over 1.56

Archiving 85

Archiving File names Access Authentication 85

Security Affairs

JULY 31, 2019

The list of flaws includes OS Command Injection, Unrestricted Upload of File with Dangerous Type, Cross-site Request Forgery, Small Space of Random Values, Cross-site Scripting, Exposure of Backup file to Unauthorized Control Sphere, Improper Authentication, and Use of Hard-coded Credentials.

Access 55

Access Authentication File names Manufacturing 55

Security Affairs

JULY 19, 2018

Thousands of account credentials associated with the popular file storage service Mega have been published online, The former NSA hacker Patrick Wardle, co-founder at Digita Security , discovered in June a text file containing over 15,500 usernames, passwords, and files names.

IT 46

IT Data breaches File names Passwords 46

Security Affairs

MARCH 30, 2020

“Current malspam campaigns feature booby-trapped document files named “COVID 19 relief” and subject lines relying on the same theme. Sphinx’s targets have not changed from its past configuration files as it continues to focus on banks in the US, Canada, and Australia.”

File names 97

File names Passwords Sales Authentication 97

eSecurity Planet

JUNE 1, 2023

At a high level, implementation of the Domain-based Message Authentication, Reporting and Conformance (DMARC) standard can be done simply and easily for outgoing mail by adding a text file to an organization’s DNS record. If not, the record will need to be manually named: Syntax: _dmarc.<domain

Authentication 98

Authentication Marketing File names IT 98

Security Affairs

APRIL 19, 2022

200 it will consider the authentication to be successful and will attempt the exploitation of the Network Time Protocol (NTP) configuration vulnerability.” The modified configuration contains a command that attempts to download a file named wget.sh When the server response contains the string HTTP/1.1 200 or HTTP/1.0

Security 84

Security IoT File names Authentication 84

Security Affairs

APRIL 30, 2020

The threat actors leverage perfectly orchestrated social engineering technique by “persuading” people holding significant corporate positions to open a non-malicious PDF email attachment coming from an authentic address in their contacts. The page resembles an authentic Microsoft Office 365 file sharing page.

Phishing 90

Phishing Financial Services Cloud Authentication 90

Security Affairs

APRIL 28, 2020

The executed crypto miner is the file named “” kswapd0 ” based on the famous XMRIG monero crypto miner. It is composed only by three files: “ a”, “run”, “stop ”. They are three bash scripts, which we start to analyze: Figure 10: Content of the “a” script file. The initial script is the file named “ a ”.

Mining 99

Mining File names Honeypots IT 99

Security Affairs

JANUARY 9, 2020

One victim was compromised by Windows AppleJeus malware in March 2019, experts determined that the infection started from a malicious file named WFCUpdater.exe. The actor altered their macOS and Windows malware considerably, adding an authentication mechanism in the macOS downloader and changing the macOS development framework.

File names 58

File names Encryption Authentication Communications 58

Security Affairs

MAY 16, 2019

In the attacks observed by the researhcers , the Plead backdoor was created and executed by a legitimate process named AsusWSPanel.exe that is associated with the Windows client for a cloud storage service called ASUS WebStorage. The executable file used in the attack is digitally signed by ASUS Cloud Corporation.

File names 70

File names Cloud Authentication Security 70

Security Affairs

JULY 6, 2020

The second database that may be from Shanghai Yanhua Smartech has even more sensitive data, such as easily-decoded audio files, names, employee ID numbers, heart rates, oxygen levels, GPS locations and more. Both databases are now closed. What was in the database? Each database contains particularly sensitive information.

Passwords 73

Passwords File names Access Phishing 73

eSecurity Planet

MARCH 9, 2023

Dynamic and automatable DAST, IAST, and SCA scanning Out-of-band testing and asynchronous vulnerability testing IAST sensors can often provide file name and programming line number for vulnerabilities Crawls pages authenticated by form submission, OAuth2, NTLM/Kerberos and more Scans complex paths and multi-level forms, password-protected areas, script-heavy (..)

Compliance 98

Compliance Cloud Security Authentication 98

Info Source

JUNE 25, 2018

Additional security is delivered via fully-encrypted information transmission between any Ricoh cloud server or external cloud service, as well as required user authentication to multifunction printers (MFPs) and cloud-based services. The RICOH Smart Integration Workflows are configurable workflows that can be built in minutes.

Cloud 40

Cloud File names Analytics Encryption 40

eSecurity Planet

APRIL 6, 2023

Multifactor authentication (MFA) can protect critical applications and devices, as can zero trust security principles. Train employees on.exe and other malicious file types that should never be downloaded. Tools like network access control (NAC) can also keep insecure devices from connecting to your network. Box in Panama.

Ransomware 98

Ransomware Encryption Cybersecurity Risk 98

eSecurity Planet

FEBRUARY 3, 2021

Presenting itself as a JPG file named “gracious_truth.jpg,” Teardrop is a memory-only dropper built to enter a network seamlessly and replace the embedded payload. With admin-level access, the malicious actor can modify authentication data stored. The Serv-U FTP program logs this automatically. The SAML 2.0

Cybersecurity 60

Cybersecurity Access Authentication Cloud 60

Enterprise Software Blog

APRIL 13, 2023

This function will call the login service to authenticate the user by sending their email and password. If the authentication is successful, it will store the jwt token in the localStorage and navigate to the home page. To do so, we will create a new file named auth.service.ts , which we should import into the app.module.ts.

Passwords 52

Passwords Authentication Access File names 52

Security Affairs

FEBRUARY 16, 2021

On the other hand, many antivirus and Endpoint Detection & Response systems can be avoided using this vulnerability, as the injector is legitimate, code-signed, authentic, and comes from a well-known security firm – Avira. Avira injector – Digging into the details .

Libraries 113

Libraries Communications Phishing Encryption 113

Troy Hunt

FEBRUARY 11, 2019

I have no idea how many of these are actual addresses nor which breaches they originated from if they're indeed genuine, obviously there's nothing given away by the file name.

Passwords 83

Passwords Data breaches Communications IT 83

Troy Hunt

JANUARY 16, 2019

Also turn on 2-factor authentication wherever it's available. I've reproduced a list that was published to the hacking forum I mentioned and that contains 2,890 file names. What can you do if you were in the data? I'm responsible for managing a website, how do I defend against credential stuffing attacks?

Data breaches 112

Data breaches Passwords Risk Personal data 112