Security Affairs

FEBRUARY 3, 2023

The government experts pointed out that the threat actor continues to evolve its TTPs to avoid detection. The attack chain starts with spear-phishing messages with a.RAR attachment named “12-1-125_09.01.2023.” The.RAR archive contains the.LNK file named “Запит Служба безпеки України 12-1-125 від 09.01.2023.lnk”

File names 95

File names Archiving Phishing Government 95

Security Affairs

MAY 26, 2023

Researchers from the Fortinet FortiGuard Labs observed an attack targeting a government entity in the United Arab Emirates with a new PowerShell-based backdoor dubbed PowerExchange. The infection chain commenced with spear phishing messages using a zip file named Brochure.zip in attachment. with the new PowerExchange backdoor.

Communications 95

Communications File names Archiving Phishing 95

Security Affairs

MARCH 26, 2021

According to the flash alert published by the FBI, the Mamba ransomware was employed in attacks against local governments, public transportation agencies, legal services, technology services, industrial, commercial, manufacturing, and construction businesses. ” reads the alert published by the FBI.

Ransomware 144

Ransomware Encryption File names Passwords 144

National Archives Records Express

JUNE 12, 2023

General Requirements The regulation specifies which metadata elements must be captured in a recordkeeping system, embedded in each file, or both. If individual components of a record lack unique descriptions, the series or file unit-level descriptions should be applied to all image files within that grouping.

Metadata 109

Metadata Digital transformation File names Archiving 109

Security Affairs

JUNE 15, 2023

The Gamaredon APT group (aka Shuckworm, Actinium, Armageddon, Primitive Bear, UAC-0010, and Trident Ursa) continues to carry out attacks against entities in Ukraine, including security services, military, and government organizations. ” reads the report published by Symantec.

Military 91

Military File names Archiving Phishing 91

Security Affairs

OCTOBER 21, 2021

The Macaw Locker ransomware encrypts victims’ files and append the .macaw macaw extension to the file name of the encrypted files. The US Government announced sanctions for ransomware negotiation firms that will support victims of the Evil Corp group in the ransom payments. In 2019, the U.S.

Ransomware 123

Ransomware File names Encryption Government 123

Security Affairs

JUNE 3, 2023

According to government experts, the Royal ransomware attacks targeted numerous critical infrastructure sectors including, manufacturing, communications, healthcare and public healthcare (HPH), and education. ReadMe file name: README.BlackSuit.txt. similarities in jumps based on BinDiff, a comparison tool for binary files.”

Ransomware 98

Ransomware Encryption File names Cybersecurity 98

Security Affairs

MAY 23, 2023

A previously undocumented APT group tracked as GoldenJackal has been targeting government and diplomatic entities in the Middle East and South Asia since 2019. The group focuses on government and diplomatic entities in the Middle East and South Asia. “The fake Skype installer was a.NET executable file named skype32.exe

File names 90

File names Government Communications IT 90

The Texas Record

JUNE 1, 2021

Records created and stored outside the business network are in contravention of the government records accessibility requirement —this negatively affects that government’s ability to perform regular business operations efficiently. What is the risk? Plan the work and work the plan.

Records Management 71

Records Management File names Risk Government 71

Security Affairs

MARCH 8, 2022

Google TAG observed Russian, Belarusian, and Chinese threat actors targeting Ukraine and European government and military orgs. Google TAG observed Russian, Belarusian, and Chinese threat actors targeting Ukrainian and European government and military organizations, as well as individuals. ” concludes the report.

Military 100

Military Phishing File names Government 100

Security Affairs

OCTOBER 18, 2022

Symantec pointed out that the attacks against government organizations in Hong Kong remained undetected for a year in some cases. To prevent analysis, the malware also cleans up created artifacts, overwriting the content of the dropped wlbsctrl.dll file before deleting it. ” reads the analysis published by Symantec.

File names 114

File names Encryption Manufacturing Libraries 114

Security Affairs

OCTOBER 13, 2022

The Budworm cyber espionage group (aka APT27 , Bronze Union , Emissary Panda , Lucky Mouse , TG-3390 , and Red Phoenix) is behind a series attacks conducted over the past six months against a number of high-profile targets, including the government of a Middle Eastern country, a multinational electronics manufacturer, and a U.S.

File names 135

File names Financial Services Manufacturing Libraries 135

Security Affairs

FEBRUARY 8, 2023

The Graphiron malware allows operators to harvest a wide range of information from the infected systems, including system info, credentials, screenshots, and files. It creates temporary files with the “ lock” and “ trash” extensions. “Graphiron uses AES encryption with hardcoded keys.

File names 89

File names Passwords Phishing Encryption 89

Security Affairs

JULY 20, 2023

government. These commands include instructing the malware to upload log files, photos stored on the device, and acquire device location using the Baidu Location library.” DragonEgg is able to collect Device contacts, SMS messages, External device storage files, device location, Audio recording, and Camera photos. .

File names 91

File names Libraries Cybersecurity IT 91

Security Affairs

JULY 14, 2021

LuminousMoth: Kaspersky uncovered an ongoing and large-scale APT campaign that targeted government entities in Southeast Asia, including Myanmar and the Philippines. We found multiple archives like this with file names of government entities in Myanmar, for example “COVID-19 Case 12-11-2020(MOTC).rar”

Archiving 98

Archiving File names Government Libraries 98

Security Affairs

MARCH 28, 2022

The phishing messages use a RAR-archive named “Saboteurs.rar”, which contains RAR-archive “Saboteurs 21.03.rar.” ” This second archive contains SFX-archive “Saboteurs filercs.rar,” experts reported that the file name contains the right-to-left override (RTLO) character to mask the real extension.

Archiving 97

Archiving CMS File names Phishing 97

Security Affairs

MAY 10, 2023

A new sophisticated malware strain, dubbed DownEx, was involved in attacks aimed at Government organizations in Central Asia. In late 2022, Bitdefender Labs researchers first observed a highly targeted cyberattack targeting foreign government institutions in Kazakhstan that involved a new sophisticated strain of malware dubbed DownEx.

File names 95

File names Archiving Phishing Government 95

AIIM

APRIL 8, 2021

It serves in many ways to apply a formal governance framework to the document creation and collaborative editing processes. As the name suggests, version control is used to manage or control different versions of a document as it goes through the authoring and approval process. Version Control. Security and Access Controls.

ECM 232

ECM Cloud Access File names 232

The Texas Record

JUNE 26, 2023

Consistency Choose file naming conventions and stick with them. For example, unless an abbreviation is known and widely used, avoid using it in folder or file names. A consistent approach with folder structure and file naming means there is less need for individual interpretation. —and Be consistent.

Cleanup 40

Cleanup File names ROT Access 40

Security Affairs

APRIL 14, 2020

PaloAlto Networks experts warn of malicious Coronavirus themed phishing campaigns targeting government and medical organizations. Recently organizations in healthcare, research, and government facilities have been hit by Coronavirus-themed attacks that deployed multiple malware families, including ransomware and information stealers (i.e.

Ransomware 122

Ransomware Phishing File names Encryption 122

Security Affairs

MAY 26, 2019

Last week, a hacker that goes online with the moniker ‘Boris Bullet-Dodger’ reported the hack to The Register and showing it a list of files as proof of the attack. The hacker stole hundreds of gigabytes of files along with Microsoft Exchange and Access databases, ERP databases, HR records, and Microsoft SQL Server data stores.

File names 74

File names Data breaches Manufacturing Cybersecurity 74

eSecurity Planet

JULY 19, 2022

According to Cyble, “The ransomware searches for files to encrypt on the local system by enumerating the file directories […] It ignores the file extensions such as EXE, DLL, and SYS and excludes a list of directory and file names from the encryption process.”.

Ransomware 109

Ransomware Encryption File names Government 109

Security Affairs

MARCH 30, 2020

Experts from IBM X-Force uncovered a hacking campaign employing the Zeus Sphinx malware, as known as Zloader or Terdot , that focus on government relief payments. . Spam messages sent to the victims claim to provide information related to the Coronavirus outbreak and government relief payments. ” continues the post.”Next,

File names 105

File names Passwords Sales Authentication 105

Security Affairs

MAY 16, 2020

The phishing messages use Trojan sample associated with a file named “Company PLP_Tax relief due to Covid-19 outbreak CI+PL.jar,” experts from MalwareHunterTeam noticed that the malicious code was only detected by ESET AV. "Company malware file (either “qnodejs-win32-ia32.js” ” .

Phishing 112

Phishing File names Access Government 112

KnowBe4

MAY 31, 2023

Mr. Hall encourages more consultation between the government and the small business community. According to the report, the financial services industry as a target has increased by 72% over 2022 and was the single largest target of financial fraud attacks, representing 49% of all such attacks.

Phishing 74

Phishing File names Security awareness Risk 74

IT Governance

AUGUST 10, 2021

The messages appear to come from Microsoft SharePoint and contain a “file share” request to access “Staff Reports”, “Bonuses”, “Pricebooks” and other content that’s purportedly hosted in an Excel spreadsheet. Users may have a hard time spotting the scam, though, because SharePoint does send legitimate emails like this. Get started.

Phishing 111

Phishing File names Security Risk 111

AIIM

AUGUST 26, 2021

Often, you can make some good initial decisions right away by examining things like file name, path name, and file extensions before you attempt to migrate, read, or index the content itself. It all boils down to: Finding the right information when you need it. Storing important information in a secure and compliant way.

Digital transformation 199

Digital transformation Search queries Artificial Intelligence Healthcare 199

John Battelle's Searchblog

OCTOBER 14, 2019

There’s nothing in Tik Tok’s TOS or Privacy Policy that stops it from sending all the information it collects to the Chinese government. Something’s been bugging me about Tik Tok. I’ve almost downloaded it about a dozen times over the past few months. But I always stop short. Or…maybe not. Read it if you must.

Artificial Intelligence 105

Artificial Intelligence Privacy File names Government 105

Security Affairs

JANUARY 24, 2023

Crimew discovered a file named NoFly.csv which is a legitimate U.S. records (first names, last names, and dates of birth) belonging to people with suspected or known ties to terrorist groups. “three csv files, employee_information.csv, NOFLY.CSV and SELECTEE.CSV. no fly list from 2019 containing over 1.56

Archiving 96

Archiving File names Access Authentication 96

Security Affairs

MAY 19, 2021

Government experts speculate the two attacks are part of the same campaign targeting the Irish health sector. Last week, Conti ransomware gang targeted the Ireland’s Health Service Executive that was forced to shut down its IT systems on Friday after being targeted with a significant ransomware attack.

Ransomware 88

Ransomware Encryption File names IoT 88

AIIM

OCTOBER 30, 2017

Obviously digital document accuracy is particularly important for government and regulated industries. Consistent document capture and file naming. Another area that lends itself to mixed results is in file naming structure. A client number or name can be taken from the barcode and appended to the filename.

e-Delivery 88

e-Delivery File names Compliance ECM 88

Security Affairs

OCTOBER 10, 2018

A previously unknown cyber espionage group, tracked as Gallmaker, has been targeting entities in the government, military and defense sectors since at least 2017. Gallmaker is a politically motivated APT group that focused its surgical operations on the government, military or defense sectors. ” continues Symantec.

Military 85

Military File names Libraries Government 85

Security Affairs

OCTOBER 31, 2020

Recently, the Cybersecurity and Infrastructure Security Agency (CISA) issued an alert to warn of a surge of Emotet attacks that have targeted multiple state and local governments in the U.S. The malicious files used in this campaign have different names, such as Inviting friends to your Halloween Extravaganza.doc, Halloween Pot Luck 10.31.doc,

File names 106

File names Libraries Ransomware Security 106

Security Affairs

JANUARY 21, 2019

A rogue MySQL server could be used to steal files from clients due to a design flaw in the popular an open source relational database management system (RDBMS). A client receives file-transfer requests from the MySQL server based on the information it provides in the LOAD DATA statement. ” reads the official documentation.

Passwords 104

Passwords File names Access Sales 104

Security Affairs

NOVEMBER 20, 2018

The Russia-linked APT group delivers Cannon in a spear-phishing attack that targets government organizations in North America, Europe and in a former USSR state. Hackers used weaponized files named ‘crash list (Lion Air Boeing 737).docx’ ” reads the analysis published by Palo Alto Networks.

File names 81

File names Phishing Communications Government 81

The Schedule

MARCH 3, 2021

A case study in creating a Getty retention compliant electronic file naming system for Procurement. Buyers could then easily name their files according to department naming conventions, and apply retention without having to take any action beyond filling out the checklist. Hillary Gatlin, Duke University.

Records Management 40

Records Management Archiving File names Government 40

OneHub

JULY 5, 2021

For instance, if an architect developed blueprints based on an older version of a file with inaccurate measurements, it could cost the company millions and even endanger lives. Employees should be able to immediately identify the most up-to-date version of a file so they can complete their work with total confidence.

File names 52

File names Access Government Risk 52