Security Affairs

JUNE 15, 2023

The Gamaredon APT group (aka Shuckworm, Actinium, Armageddon, Primitive Bear, UAC-0010, and Trident Ursa) continues to carry out attacks against entities in Ukraine, including security services, military, and government organizations. ” reads the report published by Symantec.

Military 90

Military File names Archiving Phishing 90

Security Affairs

MAY 23, 2023

A previously undocumented APT group tracked as GoldenJackal has been targeting government and diplomatic entities in the Middle East and South Asia since 2019. The group focuses on government and diplomatic entities in the Middle East and South Asia. “The fake Skype installer was a.NET executable file named skype32.exe

File names 89

File names Government Communications IT 89

Security Affairs

JULY 14, 2021

LuminousMoth: Kaspersky uncovered an ongoing and large-scale APT campaign that targeted government entities in Southeast Asia, including Myanmar and the Philippines. The Dropbox link leads to a RAR archive that masquerades as a Word document by setting the “file_subpath” parameter to point to a filename with a.DOCX extension.

Archiving 98

Archiving File names Government Libraries 98

Security Affairs

MAY 26, 2019

The company was hacked and attackers stole data and offered business plans, financial documents, and personal information for free on the dark web. The name ‘Boris’ is not new for the cyber security industry, it is the name of the hacker who breached the IT provider CityComp at the end of April.

File names 74

File names Data breaches Manufacturing Cybersecurity 74

Security Affairs

MARCH 30, 2020

Experts from IBM X-Force uncovered a hacking campaign employing the Zeus Sphinx malware, as known as Zloader or Terdot , that focus on government relief payments. . Spam messages sent to the victims claim to provide information related to the Coronavirus outbreak and government relief payments. ” continues the post.”Next,

File names 105

File names Passwords Sales Authentication 105

eSecurity Planet

JULY 19, 2022

According to Cyble, “The ransomware searches for files to encrypt on the local system by enumerating the file directories […] It ignores the file extensions such as EXE, DLL, and SYS and excludes a list of directory and file names from the encryption process.”.

Ransomware 120

Ransomware Encryption File names Government 120

Security Affairs

OCTOBER 31, 2020

Recent spam campaigns used messages with malicious Word documents, or links to them, pretending to be an invoice, shipping information, COVID-19 information , resumes, financial documents, or scanned documents. doc) attachments or include links to download the bait document. since August.

File names 106

File names Libraries Ransomware Security 106

Security Affairs

OCTOBER 10, 2018

A previously unknown cyber espionage group, tracked as Gallmaker, has been targeting entities in the government, military and defense sectors since at least 2017. Gallmaker is a politically motivated APT group that focused its surgical operations on the government, military or defense sectors. ” continues Symantec.

Military 85

Military File names Libraries Government 85

Security Affairs

NOVEMBER 20, 2018

The Russia-linked APT group delivers Cannon in a spear-phishing attack that targets government organizations in North America, Europe and in a former USSR state. The macros used for these delivery documents use a less common method of using the AutoClose function. ” reads the analysis published by Palo Alto Networks.

File names 80

File names Phishing Communications Government 80

IT Governance

AUGUST 10, 2021

A few months ago, we reported on a phishing scam that purportedly asked recipients to provide a signature on a SharePoint document. The scam campaign can be identified by its repeated reference to email “referrals” and the fact that they appear to contain a document that has been shared by a colleague. Get started.

Phishing 111

Phishing File names Security Risk 111

Security Affairs

MAY 16, 2020

The phishing messages use Trojan sample associated with a file named “Company PLP_Tax relief due to Covid-19 outbreak CI+PL.jar,” experts from MalwareHunterTeam noticed that the malicious code was only detected by ESET AV. "Company malware file (either “qnodejs-win32-ia32.js” ” .

Phishing 112

Phishing File names Access Government 112

Security Affairs

SEPTEMBER 5, 2018

GOBLIN PANDA was focused on Vietnam, most of the targets were in the defense, energy, and government sectors. The group is back and is targeting once again Vietnam running a spear phishing campaign that uses weaponized documents featuring Vietnamese-language lures and themes. ” reads the analysis published by CrowdStrike.

Metadata 48

Metadata File names Libraries Government 48

Security Affairs

NOVEMBER 16, 2018

Nowadays Microsoft office documents are often used to propagate Malware acting like dynamic droppers. The “attack-path” is very close to what it’s observable on modern threats since years: eMail campaign with an attached document and actionable text on it. var run = new ActiveXObject(‘WSCRIPT.Shell’).Run(powershell

Computer and Electronics 105

Computer and Electronics File names Security IT 105

Security Affairs

JANUARY 21, 2019

. “In theory, a patched server could be built that would tell the client program to transfer a file of the server’s choosing rather than the file named by the client in the LOAD DATA statement.” ” reads the official documentation. “I have tested Adminer versions 4.3.1

Passwords 103

Passwords File names Access Sales 103

eSecurity Planet

AUGUST 10, 2023

FBI InfraGard Best for critical infrastructure security InfraGard is a threat intelligence feed and network partnership between the FBI and other government agencies and interested private sector parties. For an additional fee, users can access the extensive documentation that comes with the ET Pro Ruleset. critical infrastructure.

Cybersecurity 95

Cybersecurity Access Metadata Energy and Utilities 95

Info Source

JUNE 24, 2019

Mekel Technology scanners are utilized in service bureaus, libraries with large public and private collections, archives, utilities, financial institutions, engineering firms, government offices, courts and many other record-keeping organizations.

Archiving 40

Archiving File names Marketing Manufacturing 40

Troy Hunt

APRIL 19, 2018

It all had to do with a 19-year-old bloke in Canada downloading some publicly accessible documents which, as it later turned out, shouldn't have been publicly accessible. Oh, and here's how the teen did it: pic.twitter.com/FQ2qXJoP89 — Brett Ruskin (@Brett_CBC) April 13, 2018.

Access 69

Access File names Government IT 69

The Texas Record

MAY 18, 2023

How do you document the SWOT analysis’ findings? Liaison A has reported a 62% rate of proper file names. No management buy-in may be an internal flaw (weakness) for some programs because they are unable to influence management’s mindset by showing value in their program.

Records Management 40

Records Management Risk Access File names 40

eSecurity Planet

FEBRUARY 3, 2021

A March 2020 software update of the SolarWinds Orion management platform gave malicious actors unhindered access to key government and enterprise networks. Presenting itself as a JPG file named “gracious_truth.jpg,” Teardrop is a memory-only dropper built to enter a network seamlessly and replace the embedded payload.

Cybersecurity 62

Cybersecurity Access Authentication Cloud 62

Security Affairs

MAY 3, 2020

In other words, it could be nice to see what are the patterns used by malware in both: domain names, file names and process names. TOP domains, TOP processes and TOP File Names. It looks like to be the most active observed period for this well documented family during the 2020.

Computer and Electronics 97

Computer and Electronics File names Cybersecurity IT 97

Security Affairs

DECEMBER 29, 2019

New trojan called ‘Lampion’ has spread using template emails from the Portuguese Government Finance & Tax during the last days of 2019. Last days of 2019 were the perfect time to spread phishing campaigns using email templates based on the Portuguese Government Finance & Tax. amazonaws[.]com/0.zip amazonaws[.]com/P-19-2.dll.

Passwords 98

Passwords e-Discovery IT Cleanup 98

Security Affairs

SEPTEMBER 13, 2023

UK, Australian, Canadian, and New Zealand governments issued a joint alert about China-linked threat actors targeting CNI organizations and using living off the land to evade detection. “On May 29, the attackers returned and used a renamed version of ProcDump (file name: alg.exe) to dump credentials from LSASS.”

File names 118

File names Access Encryption Communications 118

Security Affairs

JULY 22, 2019

APT34 is an Iran-linked APT group that has been around since at least 2014, it targeted mainly organizations in the financial, government, energy, telecoms and chemical sectors in the United States and Middle Eastern countries. The fake profiles asked the victims to open the weaponized excel file named ERFT-Details.

File names 93

File names Phishing Passwords Government 93

The Texas Record

JUNE 1, 2021

Records created and stored outside the business network are in contravention of the government records accessibility requirement —this negatively affects that government’s ability to perform regular business operations efficiently. This file name helps identify the file’s shared drive location once the file is transferred.

Records Management 71

Records Management File names Risk Government 71

Security Affairs

JULY 7, 2020

Lampion was first documented in December 2019 , and it was distributed in Portugal via phishing emails using templates based on the Portuguese Government Finance & Tax. Here, it was distributed using fake webpages, where the victim downloaded an MSI file, which then held the remaining Lampion infection chain.

Communications 102

Communications Cloud Phishing Encryption 102

Security Affairs

NOVEMBER 30, 2018

The attackers used decoy documents that would drop a new PowerShell backdoor that is similar to MuddyWater’s POWERSTATS malware. “These documents are named Raport.doc or Gizli Raport.doc (titles mean “Report” or “Secret Report” in Turkish) and maliyeraporti (Gizli Bilgisi).doc ” states Trend Micro.

Communications 89

Communications File names Cloud Government 89

eSecurity Planet

APRIL 6, 2023

Ransomware is a type of malicious program, or malware, that encrypts files, documents and images on a computer or server so that users cannot access the data. The victim is sent an email with an attachment, and once they click on the link, the malware file downloads. Education, government, energy and manufacturing are others.

Ransomware 98

Ransomware Encryption Cybersecurity Risk 98

Unwritten Record

OCTOBER 5, 2021

The Still Picture Branch at the National Archives and Records Administration (NARA) accessions new photographic records from various Government agencies every year. Accessing File Metadata on a PC. Select the file you would like to review in “File Explorer.”. Right click the file name and select “Properties.”.

Metadata 51

Metadata Archiving Access File names 51

Troy Hunt

JANUARY 16, 2019

This provided a means of implementing guidance from government and industry bodies alike , but it also provided individuals with a repository they could check their own passwords against. It'll require some coding, but's its straightforward and fully documented. Is there a list of which sites are included in this breach?

Data breaches 112

Data breaches Passwords Risk Personal data 112