Security Affairs

APRIL 22, 2024

National Security Agency and Microsoft addressed it with the release of Microsoft October 2022 Patch Tuesday security updates. APT28 deployed GooseEgg to gain elevated access to target systems and steal credentials and sensitive information. The vulnerability CVE-2022-38028 was reported by the U.S.

Military 113

Military File names Education Phishing 113

Security Affairs

JUNE 15, 2023

The Gamaredon APT group (aka Shuckworm, Actinium, Armageddon, Primitive Bear, UAC-0010, and Trident Ursa) continues to carry out attacks against entities in Ukraine, including security services, military, and government organizations. A novelty observed in the recent attacks is the use of a USB propagation malware.

Military 80

Military File names Archiving Phishing 80

Security Affairs

APRIL 5, 2022

Ukraine CERT-UA published a security advisory to warn of spear-phishing attacks conducted by Russia-linked Armageddon APT (aka Gamaredon , Primitive Bear, Armageddon, Winterflounder, or Iron Tilden) targeting local state organizations. The group targeted government and military organizations in Ukraine. Pierluigi Paganini.

Military 114

Military Phishing File names Archiving 114

Security Affairs

MARCH 8, 2022

Google TAG observed Russian, Belarusian, and Chinese threat actors targeting Ukraine and European government and military orgs. Google TAG observed Russian, Belarusian, and Chinese threat actors targeting Ukrainian and European government and military organizations, as well as individuals. Pierluigi Paganini.

Military 92

Military Phishing File names Government 92

Security Affairs

MARCH 28, 2022

The phishing messages use a RAR-archive named “Saboteurs.rar”, which contains RAR-archive “Saboteurs 21.03.rar.” ” This second archive contains SFX-archive “Saboteurs filercs.rar,” experts reported that the file name contains the right-to-left override (RTLO) character to mask the real extension.

Archiving 91

Archiving CMS File names Phishing 91

Security Affairs

MARCH 18, 2022

In February, US and UK cybersecurity and law enforcement agencies published a joint security advisory about the Cyclops Blink bot that has been linked to the Russian-backed Sandworm APT group. Experts pointed out that these victims do not appear to be evidently valuable targets for either economic, military, or political espionage.

IoT 94

IoT Military File names Communications 94

Security Affairs

OCTOBER 28, 2019

Security expert Marco Ramilli published a quick analysis of an interesting attack carried out by SWEED threat actor targeting precision engineering firms in Italy. According to VT history detection the same hash has been seen with at least three different names: educrety.exe , prestezza.exe and cardsharper.exe. Introduction.

Passwords 44

Passwords Encryption File names Military 44