Security Affairs

JULY 14, 2021

LuminousMoth: Kaspersky uncovered an ongoing and large-scale APT campaign that targeted government entities in Southeast Asia, including Myanmar and the Philippines. “The archive contains two malicious DLL libraries as well as two legitimate executables that sideload the DLL files.

Archiving 98

Archiving File names Government Libraries 98

Security Affairs

OCTOBER 13, 2022

The Budworm cyber espionage group (aka APT27 , Bronze Union , Emissary Panda , Lucky Mouse , TG-3390 , and Red Phoenix) is behind a series attacks conducted over the past six months against a number of high-profile targets, including the government of a Middle Eastern country, a multinational electronics manufacturer, and a U.S.

File names 128

File names Financial Services Manufacturing Libraries 128

Security Affairs

OCTOBER 18, 2022

The Operation CuckooBees had been operating under the radar since at least 2019, threat actors conducted multiple attacks to steal intellectual property and other sensitive data from victims. Symantec pointed out that the attacks against government organizations in Hong Kong remained undetected for a year in some cases.

File names 108

File names Encryption Manufacturing Libraries 108

Security Affairs

JULY 20, 2023

government. Both malware relies on modules that are downloaded after the apps are installed to exfiltrate data from the infected devices. WyrmSpy is able to collect Log files, Photos, Device location, SMS messages (read and write), and Audio recording. Upon installing the two spyware, they request extensive device permissions.

File names 82

File names Libraries Cybersecurity IT 82

eSecurity Planet

FEBRUARY 3, 2021

A March 2020 software update of the SolarWinds Orion management platform gave malicious actors unhindered access to key government and enterprise networks. Presenting itself as a JPG file named “gracious_truth.jpg,” Teardrop is a memory-only dropper built to enter a network seamlessly and replace the embedded payload.

Cybersecurity 62

Cybersecurity Access Authentication Cloud 62

Security Affairs

DECEMBER 29, 2019

New trojan called ‘Lampion’ has spread using template emails from the Portuguese Government Finance & Tax during the last days of 2019. Last days of 2019 were the perfect time to spread phishing campaigns using email templates based on the Portuguese Government Finance & Tax. At the moment, the file 0.zip amazonaws[.]com/0.zip

Passwords 95

Passwords e-Discovery IT Cleanup 95

Security Affairs

MAY 2, 2019

The group conducts operations primarily in the Middle East, targeting financial, government, energy, chemical, telecommunications and other industries. Repeated targeting of Middle Eastern financial, energy and government organisations leads FireEye to assess that those sectors are a primary concern of APT34. Source: MISP Project ).

Computer and Electronics 86

Computer and Electronics Communications Government File names 86