Security Affairs

SEPTEMBER 26, 2023

. “ While investigating the campaign the researchers noticed that threat actors made an important mistake exposing without restrictions the server folder containing the files necessary to distribute the malware. This allowed the researchers to monitor the server, identifying multiple interesting files.

Phishing 110

Phishing File names Manufacturing IT 110

Security Affairs

MARCH 26, 2021

Experts discovered that threat actors targeted a large US transportation & logistics organization, a large US consumer products organization, and a global manufacturing organization. At the time of this writing, it is unclear if the Hades gang operates a ransom-as-a-service model.

Ransomware 140

Ransomware Encryption File names Manufacturing 140

Security Affairs

JANUARY 28, 2020

Then the malware encrypts the files on the system, skipping Windows system files and folders. The SNAKE ransomware appends a ransom 5 character string to the files extension (i.e. a file named invoice.doc is encrypted and renamed like invoice.docIksrt.

Ransomware 86

Ransomware Energy and Utilities Manufacturing Encryption 86

Security Affairs

JUNE 5, 2020

The particular chain of attack we discovered showed interesting technical patterns resembling other previous activities targeting the Italian manufacturing landscape, for this reason, we decided to dig deeper. The decoding function of the payloads is the same, despite the variable names. Technical Analysis. Figure 3: Extracted Macro.

Manufacturing 96

Manufacturing File names IT Libraries 96

DLA Piper Privacy Matters

MARCH 20, 2023

This decision comes from several claims filed with CNIL for unauthorized access by third parties to patient records held by health care institutions. Tracking of users by mobile applications Phone manufacturers enable applications publishers to track users for advertising, statistical or technical purposes (e.g.,

Computer and Electronics 52

Computer and Electronics IT File names Access 52

Security Affairs

JULY 31, 2019

Cybersecurity and Infrastructure Security Agency (CISA) published an advisory to warn of critical flaws affecting access control systems manufactured by Prima Systems. The expert also discovered that the application generates database backup files with a predictable name.

Access 57

Access Authentication File names Manufacturing 57

Security Affairs

APRIL 28, 2020

The script looks like the following: Figure 5: Content of the “a” file. The executed crypto miner is the file named “” kswapd0 ” based on the famous XMRIG monero crypto miner. It is composed only by three files: “ a”, “run”, “stop ”. The initial script is the file named “ a ”. This is the “ Stage 1 ”.

Mining 100

Mining File names Honeypots IT 100

Info Source

JUNE 24, 2019

. · OCR title naming (all models) : The optical character recognition (OCR) function recognizes title bar (microfiche) or title image (microfilm) text. In 1987, Mekel Technology was the first company in the world to design, manufacture and market a production-level microfilm scanner. MEKEL TECHNOLOGY FIRST ON MARKET.

Archiving 40

Archiving File names Marketing Manufacturing 40

Security Affairs

JULY 8, 2019

Recently, our monitoring operations discovered an interesting attack wave leveraging this technique, especially due to the particular impersonification the attacker was trying: he/they was mimicking an important Italian Manufacturing company. Extracting the content of the ISO image, we encounter an EXE file named “po-ima0948436.exe”.

File names 68

File names Encryption Archiving Phishing 68

eSecurity Planet

AUGUST 10, 2023

Examples of IoCs include malicious IP and email addresses, suspicious domain names and URLs, unusual file paths or file names, unexpected network traffic patterns, and behavioral oddities like frequent unauthorized access attempts. Although it is free to join, membership is required to access InfraGard resources.

Cybersecurity 69

Cybersecurity Access Metadata Energy and Utilities 69

eSecurity Planet

APRIL 6, 2023

Education, government, energy and manufacturing are others. The ransomware assessed the times the PC was booted, and when it hit 90, it encrypted the device and its files, demanding the user to renew their license with PC Cyborg Corporation by sending a sum of $189 or $378 to a P.O. Box in Panama.

Ransomware 89

Ransomware Encryption Cybersecurity Risk 89

Security Affairs

AUGUST 31, 2018

My entire “Cyber adventure” began with a simple email within a.ZIP file named “Nuovo Documento1.zip” Stage1 was dropping and executing a brand new PE file named: rEOuvWkRP.exe (sha256: 92f59c431fbf79bf23cff65d0c4787d0b9e223493edc51a4bbd3c88a5b30b05c) using the bitsadmin.exe native Microsoft program.

Computer and Electronics 57

Computer and Electronics File names Security Access 57