File names, IT and Manufacturing - Information Management Today

New RedLine malware version distributed as fake Omicron stat counter

Security Affairs

JANUARY 12, 2022

The new variant discovered by Fortinet has the file name “Omicron Stats.exe,” threat actors are attempting to exploit the enormous interest on a global scale on the COVID-19 Omicron variant. The malicious code can also act as a first-stage malware. This variant uses 207[.]32.217.89 as its C2 server through port 14588. 154.167.91

Manufacturing

Manufacturing File names Archiving Encryption

FBI published a flash alert on Mamba Ransomware attacks

Security Affairs

MARCH 26, 2021

According to the flash alert published by the FBI, the Mamba ransomware was employed in attacks against local governments, public transportation agencies, legal services, technology services, industrial, commercial, manufacturing, and construction businesses. ” reads the alert published by the FBI.

Ransomware

Ransomware Encryption File names Passwords

New Linux Ransomware BlackSuit is similar to Royal ransomware

Security Affairs

JUNE 3, 2023

According to government experts, the Royal ransomware attacks targeted numerous critical infrastructure sectors including, manufacturing, communications, healthcare and public healthcare (HPH), and education. ReadMe file name: README.BlackSuit.txt. similarities in jumps based on BinDiff, a comparison tool for binary files.”

Ransomware

Ransomware Encryption File names Cybersecurity

Webinars

Peak Performance: Continuous Testing & Evaluation of LLM-Based Applications

MORE WEBINARS

3CX voice and video conferencing software victim of a supply chain attack

Security Affairs

MARCH 30, 2023

The company started distributing digitally signed Trojanized installers to its customers “The trojanized 3CXDesktopApp is the first stage in a multi-stage attack chain that pulls ICO files appended with base64 data from Github and ultimately leads to a 3rd stage infostealer DLL still being analyzed as of the time of writing.”

File names

File names Manufacturing Libraries Cybersecurity

China-linked APT41 group targets Hong Kong with Spyder Loader

Security Affairs

OCTOBER 18, 2022

The attacks detailed by Cybereason targeted technology and manufacturing companies primarily located in East Asia, Western Europe, and North America. To prevent analysis, the malware also cleans up created artifacts, overwriting the content of the dropped wlbsctrl.dll file before deleting it. ” continues the report. .

File names

File names Encryption Manufacturing Libraries

China-linked Budworm APT returns to target a US entity

Security Affairs

OCTOBER 13, 2022

The Budworm cyber espionage group (aka APT27 , Bronze Union , Emissary Panda , Lucky Mouse , TG-3390 , and Red Phoenix) is behind a series attacks conducted over the past six months against a number of high-profile targets, including the government of a Middle Eastern country, a multinational electronics manufacturer, and a U.S.

File names

File names Financial Services Manufacturing Libraries

Xenomorph malware is back after months of hiatus and expands the list of targets

Security Affairs

SEPTEMBER 26, 2023

“ While investigating the campaign the researchers noticed that threat actors made an important mistake exposing without restrictions the server folder containing the files necessary to distribute the malware. This allowed the researchers to monitor the server, identifying multiple interesting files. ” concludes the report.

Phishing

Phishing File names Manufacturing IT

France: the CNIL has released its annual dawn raid Program for 2023: four national priorities and one priority coming from the EDPB!

DLA Piper Privacy Matters

MARCH 20, 2023

The banks are required to consult this file before granting a loan. Given the sensitiveness of such file, the related processing activities represent a high risk for data subjects. This document provides guidance on the conditions applicable to the use of this technology which presents high risks to the data subjects’ right to privacy.

Computer and Electronics

Computer and Electronics IT File names Access

Hacker breached Perceptics, a US maker of license plate readers

Security Affairs

MAY 26, 2019

LPRs manufactured by Perceptics are installed at all land border crossing lanes for privately owned vehicle traffic (POV) in the United States, Canada, and for the most critical lanes in Mexico. “The file names and accompanying directories – numbering almost 65,000 – fit with the focus of the surveillance technology biz.”

File names

File names Data breaches Manufacturing Cybersecurity

Hades ransomware gang targets big organizations in the US

Security Affairs

MARCH 26, 2021

Experts discovered that threat actors targeted a large US transportation & logistics organization, a large US consumer products organization, and a global manufacturing organization. At the time of this writing, it is unclear if the Hades gang operates a ransom-as-a-service model.

Ransomware

Ransomware Encryption File names Manufacturing

A new piece of Snake Ransomware targets ICS processes

Security Affairs

JANUARY 28, 2020

Then the malware encrypts the files on the system, skipping Windows system files and folders. Then the malware encrypts the files on the system, skipping Windows system files and folders. The SNAKE ransomware appends a ransom 5 character string to the files extension (i.e. One such example would be Project Root.

Ransomware

Ransomware Energy and Utilities Manufacturing Encryption

New Cyber Operation Targets Italy: Digging Into the Netwire Attack Chain

Security Affairs

JUNE 5, 2020

The particular chain of attack we discovered showed interesting technical patterns resembling other previous activities targeting the Italian manufacturing landscape, for this reason, we decided to dig deeper. jpg” file from the same domain of the previous stages. Technical Analysis. Figure 3: Extracted Macro.

Manufacturing

Manufacturing File names IT Libraries

Outlaw is Back, a New Crypto-Botnet Targets European Organizations

Security Affairs

APRIL 28, 2020

The parent folder is an hidden directory named “. rsync ”, it includes three files and three sub-directories. The initial files are “ init ”, “ init2 ” and “ initall ”. The first component that is executed is “ initall ”, its body is the following: Figure 3: Content of the initall” file. Sample information.

Mining

Mining File names Honeypots IT

CISA warns of critical flaws in Prima FlexAir access control system

Security Affairs

JULY 31, 2019

Cybersecurity and Infrastructure Security Agency (CISA) published an advisory to warn of critical flaws affecting access control systems manufactured by Prima Systems. This issue, tracked as CVE-2019-7667 could be exploited by an attacker to carry out brute-force attacks to identify the database backup file name.

Access

Access Authentication File names Manufacturing

Spotting RATs: Delphi wrapper makes the analysis harder

Security Affairs

JULY 8, 2019

The spread of threats exploiting ISO image to hide themselves is helped by the Windows functionality, introduced since Windows 8, which allows the user to easily mount this file type through a double-click on it. Extracting the content of the ISO image, we encounter an EXE file named “po-ima0948436.exe”. Technical Analysis.

File names

File names Encryption Archiving Phishing

6 Best Threat Intelligence Feeds to Use in 2023

eSecurity Planet

AUGUST 10, 2023

OTX prides itself on being a completely open community for threat intelligence, extending access to threat research and shared expertise from security professionals to any and all users. Dashboards clearly state the quantity and types of indicators of compromise (IoCs) and also provide Pulses to quickly summarize threats and their impact.

Cybersecurity

Cybersecurity Access Metadata Energy and Utilities

What is Ransomware? Everything You Should Know

eSecurity Planet

APRIL 6, 2023

Ransomware is a type of malicious program, or malware, that encrypts files, documents and images on a computer or server so that users cannot access the data. The malware establishes itself on the endpoint and implements an infected binary on the system, encrypting everything from valuable database files to images and office documents.

Ransomware

Ransomware Encryption Cybersecurity Risk

Hacking The Hacker. Stopping a big botnet targeting USA, Canada and Italy

Security Affairs

AUGUST 31, 2018

My entire “Cyber adventure” began with a simple email within a.ZIP file named “Nuovo Documento1.zip” Stage1 was dropping and executing a brand new PE file named: rEOuvWkRP.exe (sha256: 92f59c431fbf79bf23cff65d0c4787d0b9e223493edc51a4bbd3c88a5b30b05c) using the bitsadmin.exe native Microsoft program.

Computer and Electronics

Computer and Electronics File names Security Access

Information Management Today

New RedLine malware version distributed as fake Omicron stat counter

FBI published a flash alert on Mamba Ransomware attacks

Webinars

Trending Sources

New Linux Ransomware BlackSuit is similar to Royal ransomware

Webinars

3CX voice and video conferencing software victim of a supply chain attack

China-linked APT41 group targets Hong Kong with Spyder Loader

China-linked Budworm APT returns to target a US entity

Xenomorph malware is back after months of hiatus and expands the list of targets

France: the CNIL has released its annual dawn raid Program for 2023: four national priorities and one priority coming from the EDPB!

Hacker breached Perceptics, a US maker of license plate readers

Hades ransomware gang targets big organizations in the US

A new piece of Snake Ransomware targets ICS processes

New Cyber Operation Targets Italy: Digging Into the Netwire Attack Chain

Outlaw is Back, a New Crypto-Botnet Targets European Organizations

CISA warns of critical flaws in Prima FlexAir access control system

Spotting RATs: Delphi wrapper makes the analysis harder

6 Best Threat Intelligence Feeds to Use in 2023

What is Ransomware? Everything You Should Know

Hacking The Hacker. Stopping a big botnet targeting USA, Canada and Italy

Stay Connected