File names, Military and Security - Information Management Today

File names

Military

Security

Russia-linked APT28 used post-compromise tool GooseEgg to exploit CVE-2022-38028 Windows flaw

Security Affairs

APRIL 22, 2024

National Security Agency and Microsoft addressed it with the release of Microsoft October 2022 Patch Tuesday security updates. GooseEgg is usually deployed with a batch script, commonly named execute.bat or doit.bat. This script creates a file named servtask.bat, which includes commands for saving or compressing registry hives.

Military

Military File names Education Phishing

Russia-linked APT Gamaredon update TTPs in recent attacks against Ukraine

Security Affairs

JUNE 15, 2023

The Gamaredon APT group (aka Shuckworm, Actinium, Armageddon, Primitive Bear, UAC-0010, and Trident Ursa) continues to carry out attacks against entities in Ukraine, including security services, military, and government organizations. A novelty observed in the recent attacks is the use of a USB propagation malware.

Military

Military File names Archiving Phishing

Join 55,000+

Insiders

This site is protected by reCAPTCHA and the Google Privacy Policy and Terms of Service apply.

Webinars

Peak Performance: Continuous Testing & Evaluation of LLM-Based Applications

MORE WEBINARS

Trending Sources

Russia-linked Armageddon APT targets Ukrainian state organizations, CERT-UA warns

Security Affairs

APRIL 5, 2022

Ukraine CERT-UA published a security advisory to warn of spear-phishing attacks conducted by Russia-linked Armageddon APT (aka Gamaredon , Primitive Bear, Armageddon, Winterflounder, or Iron Tilden) targeting local state organizations. The group targeted government and military organizations in Ukraine. Pierluigi Paganini.

Military

Military Phishing File names Archiving

Webinars

Peak Performance: Continuous Testing & Evaluation of LLM-Based Applications

MORE WEBINARS

Google TAG: Russia, Belarus-linked APTs targeted Ukraine

Security Affairs

MARCH 8, 2022

Google TAG observed Russian, Belarusian, and Chinese threat actors targeting Ukraine and European government and military orgs. Google TAG observed Russian, Belarusian, and Chinese threat actors targeting Ukrainian and European government and military organizations, as well as individuals. Pierluigi Paganini.

Military

Military Phishing File names Government

GhostWriter APT targets state entities of Ukraine with Cobalt Strike Beacon

Security Affairs

MARCH 28, 2022

The phishing messages use a RAR-archive named “Saboteurs.rar”, which contains RAR-archive “Saboteurs 21.03.rar.” ” This second archive contains SFX-archive “Saboteurs filercs.rar,” experts reported that the file name contains the right-to-left override (RTLO) character to mask the real extension.

Archiving

Archiving CMS File names Phishing

Russia-linked Cyclops Blink botnet targeting ASUS routers

Security Affairs

MARCH 18, 2022

In February, US and UK cybersecurity and law enforcement agencies published a joint security advisory about the Cyclops Blink bot that has been linked to the Russian-backed Sandworm APT group. Experts pointed out that these victims do not appear to be evidently valuable targets for either economic, military, or political espionage.

IoT

IoT Military File names Communications

New Gallmaker APT group eschews malware in cyber espionage campaigns

Security Affairs

OCTOBER 10, 2018

A previously unknown cyber espionage group, tracked as Gallmaker, has been targeting entities in the government, military and defense sectors since at least 2017. Gallmaker is a politically motivated APT group that focused its surgical operations on the government, military or defense sectors. ” continues Symantec.

Military

Military File names Libraries Government

SWEED targets precision engineering companies in Italy

Security Affairs

OCTOBER 28, 2019

Security expert Marco Ramilli published a quick analysis of an interesting attack carried out by SWEED threat actor targeting precision engineering firms in Italy. According to VT history detection the same hash has been seen with at least three different names: educrety.exe , prestezza.exe and cardsharper.exe. Introduction.

Passwords

Passwords Encryption File names Military

A month later Gamaredon is still active in Eastern Europe

Security Affairs

JUNE 4, 2019

During recent times, Gamaredon is targeting the Ukrainian military and law enforcement sectors too, as officially stated by the CERT-UA. The response body will contain a new executable file, named “jasfix.exe”, representing the new stage. However, the file named “ win32.sys class ” files. . Exploring the “.

Archiving

Archiving Passwords File names Military

WinRAR CVE-2018-20250 flaw exploited in multiple campaigns

Security Affairs

MARCH 28, 2019

Later, security experts from McAfee reported that attackers are continuing in exploiting the WinRAR flaw, they identified more than “100 unique exploits and counting” in the first week since the vulnerability was publicly disclosed. The post WinRAR CVE-2018-20250 flaw exploited in multiple campaigns appeared first on Security Affairs.

Archiving

Archiving File names Education Libraries

Russia-linked APT28 used post-compromise tool GooseEgg to exploit CVE-2022-38028 Windows flaw

Russia-linked APT Gamaredon update TTPs in recent attacks against Ukraine

Webinars

Trending Sources

Russia-linked Armageddon APT targets Ukrainian state organizations, CERT-UA warns

Webinars

Google TAG: Russia, Belarus-linked APTs targeted Ukraine

GhostWriter APT targets state entities of Ukraine with Cobalt Strike Beacon

Russia-linked Cyclops Blink botnet targeting ASUS routers

New Gallmaker APT group eschews malware in cyber espionage campaigns

SWEED targets precision engineering companies in Italy

A month later Gamaredon is still active in Eastern Europe

WinRAR CVE-2018-20250 flaw exploited in multiple campaigns

Stay Connected