Security Affairs

FEBRUARY 3, 2023

The government experts pointed out that the threat actor continues to evolve its TTPs to avoid detection. The attack chain starts with spear-phishing messages with a.RAR attachment named “12-1-125_09.01.2023.” The.RAR archive contains the.LNK file named “Запит Служба безпеки України 12-1-125 від 09.01.2023.lnk”

File names 94

File names Archiving Phishing Government 94

Security Affairs

MAY 26, 2023

Researchers from the Fortinet FortiGuard Labs observed an attack targeting a government entity in the United Arab Emirates with a new PowerShell-based backdoor dubbed PowerExchange. The infection chain commenced with spear phishing messages using a zip file named Brochure.zip in attachment. with the new PowerExchange backdoor.

Communications 93

Communications File names Archiving Phishing 93

Security Affairs

MARCH 26, 2021

The researchers shared a detailed analysis on Security Affairs , they explained that once the malware has infected a Windows machine, it overwrites the existing Master Boot Record, with a custom MBR and encrypts the hard drive using the DiskCryptor tool. ” reads the alert published by the FBI. hard drive, storage device, the cloud).

Ransomware 145

Ransomware Encryption File names Passwords 145

Security Affairs

JUNE 15, 2023

The Gamaredon APT group (aka Shuckworm, Actinium, Armageddon, Primitive Bear, UAC-0010, and Trident Ursa) continues to carry out attacks against entities in Ukraine, including security services, military, and government organizations. The attack chain commences with spear-phishing emails with malicious attachments (.docx,rar,sfx

Military 88

Military File names Archiving Phishing 88

Security Affairs

MAY 23, 2023

A previously undocumented APT group tracked as GoldenJackal has been targeting government and diplomatic entities in the Middle East and South Asia since 2019. The group focuses on government and diplomatic entities in the Middle East and South Asia. “The fake Skype installer was a.NET executable file named skype32.exe

File names 87

File names Government Communications IT 87

Security Affairs

JUNE 3, 2023

According to government experts, the Royal ransomware attacks targeted numerous critical infrastructure sectors including, manufacturing, communications, healthcare and public healthcare (HPH), and education. ReadMe file name: README.BlackSuit.txt. similarities in jumps based on BinDiff, a comparison tool for binary files.”

Ransomware 97

Ransomware Encryption File names Cybersecurity 97

Security Affairs

OCTOBER 21, 2021

The Macaw Locker ransomware encrypts victims’ files and append the .macaw macaw extension to the file name of the encrypted files. The US Government announced sanctions for ransomware negotiation firms that will support victims of the Evil Corp group in the ransom payments. In 2019, the U.S.

Ransomware 122

Ransomware File names Encryption Government 122

Security Affairs

MAY 10, 2023

A new sophisticated malware strain, dubbed DownEx, was involved in attacks aimed at Government organizations in Central Asia. In late 2022, Bitdefender Labs researchers first observed a highly targeted cyberattack targeting foreign government institutions in Kazakhstan that involved a new sophisticated strain of malware dubbed DownEx.

File names 93

File names Archiving Phishing Government 93

Security Affairs

MARCH 28, 2022

The phishing messages use a RAR-archive named “Saboteurs.rar”, which contains RAR-archive “Saboteurs 21.03.rar.” ” This second archive contains SFX-archive “Saboteurs filercs.rar,” experts reported that the file name contains the right-to-left override (RTLO) character to mask the real extension.

Archiving 96

Archiving CMS File names Phishing 96

National Archives Records Express

JUNE 12, 2023

General Requirements The regulation specifies which metadata elements must be captured in a recordkeeping system, embedded in each file, or both. Access restrictions include national security considerations, donor restrictions, court orders, and other statutory or regulatory provisions.

Metadata 109

Metadata Digital transformation File names Archiving 109

Security Affairs

OCTOBER 18, 2022

Symantec pointed out that the attacks against government organizations in Hong Kong remained undetected for a year in some cases. To prevent analysis, the malware also cleans up created artifacts, overwriting the content of the dropped wlbsctrl.dll file before deleting it. ” reads the analysis published by Symantec.

File names 114

File names Encryption Manufacturing Libraries 114

AIIM

APRIL 8, 2021

It serves in many ways to apply a formal governance framework to the document creation and collaborative editing processes. Security and access controls. As the name suggests, version control is used to manage or control different versions of a document as it goes through the authoring and approval process. Version control.

ECM 232

ECM Cloud Access File names 232

Security Affairs

MARCH 8, 2022

Google TAG observed Russian, Belarusian, and Chinese threat actors targeting Ukraine and European government and military orgs. Google TAG observed Russian, Belarusian, and Chinese threat actors targeting Ukrainian and European government and military organizations, as well as individuals. ” concludes the report.

Military 98

Military Phishing File names Government 98

Security Affairs

OCTOBER 13, 2022

The Budworm cyber espionage group (aka APT27 , Bronze Union , Emissary Panda , Lucky Mouse , TG-3390 , and Red Phoenix) is behind a series attacks conducted over the past six months against a number of high-profile targets, including the government of a Middle Eastern country, a multinational electronics manufacturer, and a U.S.

File names 134

File names Financial Services Manufacturing Libraries 134

Security Affairs

FEBRUARY 8, 2023

The Graphiron malware allows operators to harvest a wide range of information from the infected systems, including system info, credentials, screenshots, and files. It creates temporary files with the “ lock” and “ trash” extensions. “Graphiron uses AES encryption with hardcoded keys.

File names 86

File names Passwords Phishing Encryption 86

Security Affairs

JULY 20, 2023

government. These commands include instructing the malware to upload log files, photos stored on the device, and acquire device location using the Baidu Location library.” DragonEgg is able to collect Device contacts, SMS messages, External device storage files, device location, Audio recording, and Camera photos. .

File names 88

File names Libraries Cybersecurity IT 88

Security Affairs

JULY 14, 2021

LuminousMoth: Kaspersky uncovered an ongoing and large-scale APT campaign that targeted government entities in Southeast Asia, including Myanmar and the Philippines. We found multiple archives like this with file names of government entities in Myanmar, for example “COVID-19 Case 12-11-2020(MOTC).rar” Pierluigi Paganini.

Archiving 98

Archiving File names Government Libraries 98

eSecurity Planet

JULY 19, 2022

According to Cyble, “The ransomware searches for files to encrypt on the local system by enumerating the file directories […] It ignores the file extensions such as EXE, DLL, and SYS and excludes a list of directory and file names from the encryption process.”. How to Protect Against Lilith Ransomware.

Ransomware 119

Ransomware Encryption File names Government 119

Security Affairs

MAY 26, 2019

Last week, a hacker that goes online with the moniker ‘Boris Bullet-Dodger’ reported the hack to The Register and showing it a list of files as proof of the attack. The hacker stole hundreds of gigabytes of files along with Microsoft Exchange and Access databases, ERP databases, HR records, and Microsoft SQL Server data stores.

File names 73

File names Data breaches Manufacturing Cybersecurity 73

IT Governance

AUGUST 10, 2021

Security researchers at Microsoft are again warning users about phishing scams imitating SharePoint. The messages appear to come from Microsoft SharePoint and contain a “file share” request to access “Staff Reports”, “Bonuses”, “Pricebooks” and other content that’s purportedly hosted in an Excel spreadsheet. Get started.

Phishing 111

Phishing File names Security Risk 111

Security Affairs

JANUARY 24, 2023

Crimew discovered a file named NoFly.csv which is a legitimate U.S. records (first names, last names, and dates of birth) belonging to people with suspected or known ties to terrorist groups. “three csv files, employee_information.csv, NOFLY.CSV and SELECTEE.CSV. no fly list from 2019 containing over 1.56

Archiving 94

Archiving File names Access Authentication 94

Security Affairs

APRIL 14, 2020

PaloAlto Networks experts warn of malicious Coronavirus themed phishing campaigns targeting government and medical organizations. Recently organizations in healthcare, research, and government facilities have been hit by Coronavirus-themed attacks that deployed multiple malware families, including ransomware and information stealers (i.e.

Ransomware 120

Ransomware Phishing File names Encryption 120

Security Affairs

MAY 16, 2020

The phishing messages use Trojan sample associated with a file named “Company PLP_Tax relief due to Covid-19 outbreak CI+PL.jar,” experts from MalwareHunterTeam noticed that the malicious code was only detected by ESET AV. "Company malware file (either “qnodejs-win32-ia32.js” ” .

Phishing 110

Phishing File names Access Government 110

Security Affairs

MARCH 30, 2020

Experts from IBM X-Force uncovered a hacking campaign employing the Zeus Sphinx malware, as known as Zloader or Terdot , that focus on government relief payments. . Spam messages sent to the victims claim to provide information related to the Coronavirus outbreak and government relief payments. ” continues the post.”Next,

File names 105

File names Passwords Sales Authentication 105

Security Affairs

MAY 19, 2021

“The National Cyber Security Centre (NCSC) became aware on Thursday of an attempted cyber attack on the Department of Health. . “The National Cyber Security Centre (NCSC) became aware on Thursday of an attempted cyber attack on the Department of Health.

Ransomware 88

Ransomware Encryption File names IoT 88

Security Affairs

OCTOBER 31, 2020

Recently, the Cybersecurity and Infrastructure Security Agency (CISA) issued an alert to warn of a surge of Emotet attacks that have targeted multiple state and local governments in the U.S. Researchers from Microsoft Security Intelligence are also warning of the ongoing Halloween-themed Emotet campaign. since August.

File names 106

File names Libraries Ransomware Security 106

AIIM

AUGUST 26, 2021

Storing important information in a secure and compliant way. Often, you can make some good initial decisions right away by examining things like file name, path name, and file extensions before you attempt to migrate, read, or index the content itself. Using that information in ways that matter.

Digital transformation 200

Digital transformation Search queries Artificial Intelligence Healthcare 200

Security Affairs

OCTOBER 10, 2018

A previously unknown cyber espionage group, tracked as Gallmaker, has been targeting entities in the government, military and defense sectors since at least 2017. Gallmaker is a politically motivated APT group that focused its surgical operations on the government, military or defense sectors. ” continues Symantec.

Military 84

Military File names Libraries Government 84

Security Affairs

JANUARY 21, 2019

A rogue MySQL server could be used to steal files from clients due to a design flaw in the popular an open source relational database management system (RDBMS). A client receives file-transfer requests from the MySQL server based on the information it provides in the LOAD DATA statement. ” reads the official documentation.

Passwords 101

Passwords File names Access Sales 101

eSecurity Planet

AUGUST 10, 2023

Here are our picks for the top threat intelligence feeds that security teams should consider adding to their defensive arsenal: AlienVault Open Threat Exchange: Best for community-driven threat feeds FBI InfraGard: Best for critical infrastructure security abuse.ch

Cybersecurity 83

Cybersecurity Access Metadata Energy and Utilities 83

Security Affairs

NOVEMBER 16, 2018

Marco Ramilli, founder and CEO at cyber security firm Yoroi has explained how to use Microsoft Powerpoint as Malware Dropper. The downloaded file (wraeop.sct) represents a Javascript code reporting the Stage 2 of the infection process. Nowadays Microsoft office documents are often used to propagate Malware acting like dynamic droppers.

Computer and Electronics 104

Computer and Electronics File names Security IT 104

AIIM

OCTOBER 30, 2017

Obviously digital document accuracy is particularly important for government and regulated industries. Consistent document capture and file naming. Another area that lends itself to mixed results is in file naming structure. A client number or name can be taken from the barcode and appended to the filename.

e-Delivery 89

e-Delivery File names Compliance ECM 89

Security Affairs

NOVEMBER 20, 2018

The Russia-linked APT group delivers Cannon in a spear-phishing attack that targets government organizations in North America, Europe and in a former USSR state. Hackers used weaponized files named ‘crash list (Lion Air Boeing 737).docx’ Security Affairs – Sofacy APT, Cannot tool). Pierluigi Paganini.

File names 80

File names Phishing Communications Government 80

eSecurity Planet

AUGUST 30, 2023

After all, accounts payable clerks will open virus-laden PDF files named “overdue invoice” or “past-due statement” even if they don’t recognize the sender. SPF can also fail for legitimate emails if the SPF file is not maintained. The only change will occur when angry customers start to share the pain.

Authentication 83

Authentication Phishing Encryption Sales 83

Security Affairs

SEPTEMBER 5, 2018

Researchers from security firm CrowdStrike have observed a new campaign associated with the GOBLIN PANDA APT group. Experts from security firm CrowdStrike have uncovered a new campaign associated with the GOBLIN PANDA APT group. ” reads the analysis published by CrowdStrike. ” concludes the report. Pierluigi Paganini.

Metadata 47

Metadata File names Libraries Government 47

OneHub

JULY 5, 2021

For instance, if an architect developed blueprints based on an older version of a file with inaccurate measurements, it could cost the company millions and even endanger lives. Employees should be able to immediately identify the most up-to-date version of a file so they can complete their work with total confidence. Document access.

File names 52

File names Access Government Risk 52

Troy Hunt

APRIL 19, 2018

Let's start with this video as it pretty succinctly explains the issue in consumer-friendly terms: VIDEO: Nova Scotia's government is accusing a 19-year-old of breaching their government website's security ~ Privacy experts disagree. link] — Troy Hunt (@troyhunt) April 18, 2018.

Access 69

Access File names Government IT 69