File names, Groups and Military - Information Management Today

File names

Groups

Military

Russia-linked APT28 used post-compromise tool GooseEgg to exploit CVE-2022-38028 Windows flaw

Security Affairs

APRIL 22, 2024

Russia-linked APT28 group used a previously unknown tool, dubbed GooseEgg, to exploit Windows Print Spooler service flaw. Microsoft reported that the Russia-linked APT28 group (aka “ Forest Blizzard ”, “ Fancybear ” or “ Strontium ” used a previously unknown tool, dubbed GooseEgg, to exploit the Windows Print Spooler flaw CVE-2022-38028.

Military

Military File names Education Phishing

Russia-linked APT Gamaredon update TTPs in recent attacks against Ukraine

Security Affairs

JUNE 15, 2023

Russia-linked APT group Gamaredon is using a new toolset in attacks aimed at critical organizations in Ukraine. Symantec researchers reported that in some cases, the cyberespionage group remained undetected in the target networks for three months. The attack chain commences with spear-phishing emails with malicious attachments (.docx,rar,sfx

Military

Military File names Archiving Phishing

Join 55,000+

Insiders

This site is protected by reCAPTCHA and the Google Privacy Policy and Terms of Service apply.

Webinars

Peak Performance: Continuous Testing & Evaluation of LLM-Based Applications

MORE WEBINARS

Trending Sources

Russia-linked Armageddon APT targets Ukrainian state organizations, CERT-UA warns

Security Affairs

APRIL 5, 2022

The Gamaredon group was first discovered by Symantec and TrendMicro in 2015, but evidence of its activities has been dated back to 2013. The group targeted government and military organizations in Ukraine. The messages use the HTML-file “War criminals of the Russian Federation.htm” as attachment.

Military

Military Phishing File names Archiving

Webinars

Peak Performance: Continuous Testing & Evaluation of LLM-Based Applications

MORE WEBINARS

New Gallmaker APT group eschews malware in cyber espionage campaigns

Security Affairs

OCTOBER 10, 2018

A previously unknown cyber espionage group, tracked as Gallmaker, has been targeting entities in the government, military and defense sectors since at least 2017. A new cyber espionage group tracked as Gallmaker appeared in the threat landscape. ” continues Symantec. Pierluigi Paganini.

Military

Military File names Libraries Government

Google TAG: Russia, Belarus-linked APTs targeted Ukraine

Security Affairs

MARCH 8, 2022

Google TAG observed Russian, Belarusian, and Chinese threat actors targeting Ukraine and European government and military orgs. The attacks have been attributed to the Russia-linked FancyBear group (aka APT28) and the Belarus-linked Ghostwriter (aka UNC1151) APT group. ” wrote Shane Huntley, Google’s TAG lead.

Military

Military Phishing File names Government

GhostWriter APT targets state entities of Ukraine with Cobalt Strike Beacon

Security Affairs

MARCH 28, 2022

Ukraine CERT-UA warns that the Belarus-linked GhostWriter APT group is targeting state entities of Ukraine with Cobalt Strike Beacon. Ukraine CERT-UA uncovered a spear-phishing campaign conducted by Belarus-linked GhostWriter APT group targeting Ukrainian state entities with Cobalt Strike Beacon. Pierluigi Paganini.

Archiving

Archiving CMS File names Phishing

Russia-linked Cyclops Blink botnet targeting ASUS routers

Security Affairs

MARCH 18, 2022

In February, US and UK cybersecurity and law enforcement agencies published a joint security advisory about the Cyclops Blink bot that has been linked to the Russian-backed Sandworm APT group. The group is also the author of the NotPetya ransomware that hit hundreds of companies worldwide in June 2017, causing billions worth of damage. .

IoT

IoT Military File names Communications

A month later Gamaredon is still active in Eastern Europe

Security Affairs

JUNE 4, 2019

Gamaredon continues to target Ukraine, Yoroi-Cybaze ZLab spotted a new suspicious activity potentially linked to the popular APT group. After a month since our last report we spotted a new suspicious email potentially linked to the Gamaredon group. However, the file named “ win32.sys class ” files. Introduction.

Archiving

Archiving Passwords File names Military

WinRAR CVE-2018-20250 flaw exploited in multiple campaigns

Security Affairs

MARCH 28, 2019

According to Symantec, the vulnerability was also exploited by the Iran-linked cyberespionage group tracked as Elfin and APT33 to target organizations in Saudi Arabia and the United States, Researchers at FireEye observed four hacking campaigns , including ones that delivered new pieces of malware. ” continues the analysis.

Archiving

Archiving File names Education Libraries

Russia-linked APT28 used post-compromise tool GooseEgg to exploit CVE-2022-38028 Windows flaw

Russia-linked APT Gamaredon update TTPs in recent attacks against Ukraine

Webinars

Trending Sources

Russia-linked Armageddon APT targets Ukrainian state organizations, CERT-UA warns

Webinars

New Gallmaker APT group eschews malware in cyber espionage campaigns

Google TAG: Russia, Belarus-linked APTs targeted Ukraine

GhostWriter APT targets state entities of Ukraine with Cobalt Strike Beacon

Russia-linked Cyclops Blink botnet targeting ASUS routers

A month later Gamaredon is still active in Eastern Europe

WinRAR CVE-2018-20250 flaw exploited in multiple campaigns

Stay Connected