File names and Video - Information Management Today

3CX voice and video conferencing software victim of a supply chain attack

Security Affairs

MARCH 30, 2023

Popular voice and video conferencing software 3CX was the victim of a supply chain attack, SentinelOne researchers reported. As of Mar 22, 2023, SentinelOne observed a spike in behavioral detections of the 3CXDesktopApp, which is a popular voice and video conferencing software product.

File names

File names Manufacturing Libraries Cybersecurity

Experts demonstrate a post-exploitation tampering technique to display Fake Lockdown mode

Security Affairs

DECEMBER 6, 2023

The researchers’ approach is simple, when the user activates Lockdown Mode, a file named /fakelockdownmode_on is generated as an indicator, triggering a userspace reboot. The researchers also intercepted other functions, including -[PUILockdownModeController lockdownModeEnabled()], to simulate the presence of this file.

File names

File names IT Security Access

Japanese computers hit by a wiper malware ahead of 2021 Tokyo Olympics

Security Affairs

JULY 24, 2021

The wiper uses the cURL app to access content on the XVideos adult video portal while deleting files on the infected systems. ” “The file looks like a PDF as far as the icon is seen, but it is disguised as an icon, and when you look at the detailed display of the folder, you can see that the extension is EXE as shown below.”

File names

File names Access Security IT

Webinars

Peak Performance: Continuous Testing & Evaluation of LLM-Based Applications

MORE WEBINARS

Borat RAT, a new RAT that performs ransomware and DDoS attacks

Security Affairs

APRIL 3, 2022

If it can find a connected microphone, the RAT records all audio and saves it in a file named micaudio.wav. Initially, it checks if a microphone is present in the victim’s machine.

Ransomware

Ransomware File names Archiving Encryption

Experts attribute WyrmSpy and DragonEgg spyware to the Chinese APT41 group

Security Affairs

JULY 20, 2023

Later variants masquerade as adult video content, “Baidu Waimai” food delivery platform, and Adobe Flash. “It then receives a response containing a file name which the malware uses to download additional rooting binaries from C2 infrastructure if one exists for the specified device.” ” continues the report.

File names

File names Libraries Cybersecurity IT

A 15-Year-Old Unpatched Python bug potentially impacts over 350,000 projects

Security Affairs

SEPTEMBER 22, 2022

however, in most cases an attacker exploit this issue to gain code execution from the file write. with the separator for the operating system (“/” or “”) into the file name to escape the directory the file is supposed to be extracted to. “For an attacker to take advantage of this vulnerability they need to add “.”

Archiving

Archiving File names Metadata Security

ToxicEye RAT exploits Telegram communications to steal data from victims

Security Affairs

APRIL 24, 2021

Upon opening the attachment, ToxicEye installs itself on the victim’s device and performs some operations in background such as: stealing data deleting or transferring files killing processes on the PC hijacking the PC’s microphone and camera to record audio and video encrypting files for ransom purposes.

Communications

Communications File names Encryption Education

Victims of Planetary Ransomware can decrypt their files for free

Security Affairs

APRIL 8, 2019

The name Planetary ransomware comes from the use of the names of planets for the extensions the malicious code adds to the file names of encrypted files (i.e.mira,yum , Pluto, or. The latest variant of the Planetary malware appends the.mira extension to the names of the encrypted files.

Ransomware

Ransomware Encryption File names Security

A flaw in the Packagist PHP repository could have allowed supply chain attacks

Security Affairs

OCTOBER 4, 2022

Below is the step-by-step procedure that could have allowed attackers to exploit the vulnerability against Packagist: Create a project in a remote Mercurial repository; Put the manifest in composer.json and add a malicious readme entry; When using a payload like the one depicted above, create a file named payload.sh

File names

File names Metadata IT Security

Thousands of applications affected by a zero-day issue in jQuery File Upload plugin

Security Affairs

OCTOBER 20, 2018

The jQuery File Upload is a jQuery widget “with multiple file selection, drag&drop support, progress bars, validation and preview images, audio and video.”. The plugin is widely adopted by numerous server-side platforms that support standard HTML form file uploads: PHP, Python, Ruby on Rails, Java, Node.js, Go, and others.

File names

File names Libraries Security Access

Discovery of Simps Botnet Leads To Ties to Keksec Group

Security Affairs

MAY 18, 2021

Searching for these common entries led us to a YouTube video titled “Simps Botnet , Slamming!!!”, created by a user named “itz UR0A” created on 24 April 2021. Figure 7: Youtube video demo of Simps Botnet. Figure 10: keksec.infected.you.log file. Another commonality was the Simps Botnet infection log message.

IoT

IoT File names Communications Security

Researcher disclosed a Windows zero-day for the third time in a few months

Security Affairs

DECEMBER 20, 2018

. “Even without an enumeration vector, this is still bad news, because a lot of document software, like office, will actually keep files in static locations that contain the full path and file names of recently opened documents.,” ” explained the expert.

File names

File names Security IT

BlackSquid malware uses multiple exploits to drop cryptocurrency miners

Security Affairs

JUNE 5, 2019

“This malware, which we named BlackSquid after the registries created and main component file names, is particularly dangerous for several reasons.” “The miner in resource is the primary miner used, but it also determines if the targeted system has a video card. ” states Trend Micro.

Mining

Mining File names Libraries IT

Severe bug in LibreOffice and OpenOffice suites allows remote code execution

Security Affairs

FEBRUARY 5, 2019

Inführ used a specially ODT file containing a white-colored hyperlink (he has used the white color to make it invisible in the document) that has an “ onmouseover ” event to execute a local python file. ” wrote the expert. The expert also published the PoC exploit code for the flaw that works on Windows OS.

File names

File names Libraries Security IT

Recently fixed WinRAR bug actively exploited in the wild

Security Affairs

MARCH 15, 2019

The following video PoC shows how to gain full control over a targeted system by tricking the victims into opening maliciously crafted compressed archive file using WinRAR. The file associated with the fake Ariana Grande’s hit album is currently detected by a limited number of antivirus solutions.

Archiving

Archiving Libraries File names Security

France: the CNIL has released its annual dawn raid Program for 2023: four national priorities and one priority coming from the EDPB!

DLA Piper Privacy Matters

MARCH 20, 2023

Last December, the CNIL already issued a fine for an amount of €3 million against a company publishing video games for smartphone and which used Apple’s IDFV identifier for advertising purpose without the users’ valid consent ( see , in French only). The CNIL will continue its investigations in 2023.

Computer and Electronics

Computer and Electronics IT File names Access

OSX/Linker, a new piece of Mac malware that exploits Gatekeeper bypass

Security Affairs

JUNE 25, 2019

Below a video PoC of the attack: The Gatekeeper bypass flaw affects all macOS versions, including the latest one (ver. The disk image files were either an ISO 9660 image with a.dmg file name, or an actual Apple Disk Image format.dmg file. 10.14.5), and Apple has yet to release an update to address the issue.

Archiving

Archiving File names Access Security

Tik Tok, Tick Tock…Boom.

John Battelle's Searchblog

OCTOBER 14, 2019

But those videos, they sure are cute, no? So, I just thought I’d point that out.

Artificial Intelligence

Artificial Intelligence Privacy File names Government

Mekel 2.0 Adds Features for Maximum Production Efficiencies

Info Source

JUNE 24, 2019

. · OCR title naming (all models) : The optical character recognition (OCR) function recognizes title bar (microfiche) or title image (microfilm) text. View the Mekel Technology microfilm video or the microfiche video to see Mekel 2.0 in operation. Brochure: MACH 5, 10, 12 microfilm scanners.

Archiving

Archiving File names Marketing Manufacturing

How to deliver malware using weaponized Microsoft Office docs embedding YouTube video

Security Affairs

OCTOBER 28, 2018

Researchers at Cymulate security firm devised a new stealthy technique to deliver malware leveraging videos embedded into weaponized Microsoft Office Documents. The technique could be used to execute JavaScript code when a user clicks on a weaponized YouTube video thumbnail embedded in a Weaponized Office document.

File names

File names Phishing Security IT

Is Enumerating Resources on a Website "Hacking"?

Troy Hunt

APRIL 19, 2018

Let's start with this video as it pretty succinctly explains the issue in consumer-friendly terms: VIDEO: Nova Scotia's government is accusing a 19-year-old of breaching their government website's security ~ Privacy experts disagree. That's something I vehemently disagree with.

Access

Access File names Government IT

Apple removed the popular app Adware Doctor because steals user browsing history

Security Affairs

SEPTEMBER 8, 2018

The expert discovered also that the gathered info was first stored in a password protected zip file named “history.zip”, then it would be uploaded to a remote server. Below a video created by Privacy_1st to show his findings.

Privacy

Privacy File names GDPR Personal data

A new sophisticated version of the AZORult Spyware appeared in the wild

Security Affairs

JULY 30, 2018

The messages used employment-related subjects such as “About a role” and “Job Application,” while the malicious attached documents used file names in the format of “firstname.surname_resume.doc”. The stolen information is organized into sections: info : basic computer information such as Windows version and computer name.

Passwords

Passwords File names Ransomware IT

Creating Records At Home, Part III: Various Devices

The Texas Record

JUNE 1, 2021

These folders will be easy to start with, because they will most likely contain records that are easy to distinguish from convenience copies: Downloads, My Pictures, My Videos, and My Received Files. Organizing and Naming. Instead of “Notes,” label the file “Conference X Notes – 2021-01-01”).

Records Management

Records Management File names Risk Government

The 773 Million Record "Collection #1" Data Breach

Troy Hunt

JANUARY 16, 2019

In that post, I embedded a short video that shows how easily these attacks are automated and I want to include it again here: Within the first 20 seconds, the author of the video has chosen a combo list just like the one three quarters of a billion people are in via this Combination #1 breach.

Data breaches

Data breaches Passwords Risk Personal data

CyberheistNews Vol 13 #22 [Eye on Fraud] A Closer Look at the Massive 72% Spike in Financial Phishing Attacks

KnowBe4

MAY 31, 2023

It also includes a summary of indicators of compromise (IOCs), such as unique command-line strings, hashes, file paths, exploitation of certain vulnerabilities, and file names commonly used by this actor. The two stand out because they are also common file extension names.

Phishing

Phishing File names Security awareness Risk

Fake Trump sex video used to spread QNode RAT

Security Affairs

JANUARY 6, 2021

Researchers uncovered a malspam campaign that spreads the QNode remote access Trojan (RAT) using fake Trump’s sex scandal video as bait. Security experts from Trustwave uncovered a malspam campaign that is delivering the QNode remote access Trojan (RAT) using fake Trump’s sex scandal video as bait. Pierluigi Paganini.

Archiving

Archiving File names Communications Access

Questions about the Massive South African "Master Deeds" Data Breach Answered

Troy Hunt

OCTOBER 19, 2017

On March 14 this year, someone sent me a 27GB file called "masterdeeds.sql" which was a MySQL database backup file. There was nothing immediately remarkable about it; there was no clear indication of a source (many similar examples include the source website in the file name) and there were "only" 2.2

Data breaches

Data breaches Personal data Government IT

Making Light of the "Dark Web" (and Debunking the FUD)

Troy Hunt

FEBRUARY 14, 2018

It's not just the media using scary imagery either, check out the first 20 seconds of this video promoting a home security product: Holy s**t! I don't know precisely what the guy at the start of that video is doing, but there's a lot of green screens and we all know that means there's some serious hacking going on. That's one bad dude!

Data breaches

Data breaches Passwords Marketing Access

Information Management Today

3CX voice and video conferencing software victim of a supply chain attack

Experts demonstrate a post-exploitation tampering technique to display Fake Lockdown mode

Webinars

Trending Sources

Japanese computers hit by a wiper malware ahead of 2021 Tokyo Olympics

Webinars

Borat RAT, a new RAT that performs ransomware and DDoS attacks

Experts attribute WyrmSpy and DragonEgg spyware to the Chinese APT41 group

A 15-Year-Old Unpatched Python bug potentially impacts over 350,000 projects

ToxicEye RAT exploits Telegram communications to steal data from victims

Victims of Planetary Ransomware can decrypt their files for free

A flaw in the Packagist PHP repository could have allowed supply chain attacks

Thousands of applications affected by a zero-day issue in jQuery File Upload plugin

Discovery of Simps Botnet Leads To Ties to Keksec Group

Researcher disclosed a Windows zero-day for the third time in a few months

BlackSquid malware uses multiple exploits to drop cryptocurrency miners

Severe bug in LibreOffice and OpenOffice suites allows remote code execution

Recently fixed WinRAR bug actively exploited in the wild

France: the CNIL has released its annual dawn raid Program for 2023: four national priorities and one priority coming from the EDPB!

OSX/Linker, a new piece of Mac malware that exploits Gatekeeper bypass

Tik Tok, Tick Tock…Boom.

Mekel 2.0 Adds Features for Maximum Production Efficiencies

How to deliver malware using weaponized Microsoft Office docs embedding YouTube video

Is Enumerating Resources on a Website "Hacking"?

Apple removed the popular app Adware Doctor because steals user browsing history

A new sophisticated version of the AZORult Spyware appeared in the wild

Creating Records At Home, Part III: Various Devices

The 773 Million Record "Collection #1" Data Breach

CyberheistNews Vol 13 #22 [Eye on Fraud] A Closer Look at the Massive 72% Spike in Financial Phishing Attacks

Fake Trump sex video used to spread QNode RAT

Questions about the Massive South African "Master Deeds" Data Breach Answered

Making Light of the "Dark Web" (and Debunking the FUD)

Stay Connected