Security

Microsoft to Block Excel XLL Add-Ins to Stop Malware Delivery
Resources, Risk, Security

Microsoft to Block Excel XLL Add-Ins to Stop Malware Delivery

To stop phishing attacks that use these kinds of lures, Microsoft has announced plans to automatically block all XLL add-in files downloaded from the internet for its Office 365 clients. The software juggernaut has acknowledged it aims to carry out these strategies by March 2023 in a post on its Microsoft 365 roadmap page. "We are putting in place safeguards that will block XLL add-ins coming from the internet in order to counteract the rising number of malware attacks in recent months," the statement reads. According to Dave Storie, an engineer at Lares Consulting who specializes in adversarial collaboration, threat actors have long leveraged Microsoft add-in abuse as a means of executing malicious code read the complete article Microsoft to Block Excel XLL Add Ins to Stop Malwa...
Record-Breaking Year for DDoS Attacks Targeting Russia
Risk, Security

Record-Breaking Year for DDoS Attacks Targeting Russia

According to the largest internet service provider in the nation, web and DDoS attacks were relentless against Russian enterprises last year in an effort to interfere with operations, sabotage websites, and "sow panic" (ISP). In a recent study, Rostelecom claimed to have observed "a record-breaking DDoS attack in terms of power and duration" in 2022. It stated that the strongest attack was 760Gb/s, roughly twice as powerful as the strongest attack in 2021. The research stated that the longest DDoS lasted 2000 hours or around three months. The ISP claimed to have examined data on around 600 businesses in a range of sectors read the complete article Record Breaking Year for DDoS Attacks Targeting Russia. Reconbee.com can help you learn about the most recent security services and p...
Chinese Hackers Utilize Golang Malware in DragonSpark Attacks to Evade Detection
Risk, Security

Chinese Hackers Utilize Golang Malware in DragonSpark Attacks to Evade Detection

A possible Chinese-speaking actor using under the name DragonSpark is targeting businesses in East Asia while using unusual methods to get past security measures. According to SentinelOne's investigation, which was released today, "the attacks are characterized by the usage of the little-known open-source SparkRAT and malware that tries to elude detection through Golang source code interpretation." The persistent usage of SparkRAT in the incursions to carry out various tasks, such as information theft, taking over an infected host, or executing further PowerShell commands, is a startling feature. Although the threat actor's ultimate objectives are still unknown, espionage or cybercrime read the complete article Chinese Hackers Utilize Golang Malware in DragonSpark Attacks to Evad...
FBI Says North Korean Hackers Behind $100 Million Horizon Bridge Crypto Theft
Risk, Security

FBI Says North Korean Hackers Behind $100 Million Horizon Bridge Crypto Theft

The loss of $100 million in cryptocurrency assets from Harmony Horizon Bridge in June 2022 was confirmed by the American Federal Bureau of Investigation (FBI) on Monday. The Lazarus Group and APT38 (also known as BlueNoroff, Copernicium, and Stardust Chollima), a state-sponsored threat group from North Korea that specializes in financial cyber operations, were both blamed by the law enforcement agency for the hack. The FBI added that the TraderTraitor attack campaign, which was made public by the U.S. Cybersecurity and Infrastructure Security Agency (CISA) in April 2022, was used by the Harmony infiltration. The strategy involved using social engineeri...
Open Source Tools for Risk Management
Risk, Security

Open Source Tools for Risk Management

Risk management is an important part of any business. It helps organizations identify potential risks and take steps to mitigate them. To ensure that they are always prepared, companies need to have access to the best open source tools for risk management. These tools can help companies identify potential risks, assess their impact, and develop strategies to manage them. They can also be used to monitor existing risks and track the progress of risk mitigation plans. With these open source tools for risk management, businesses can stay ahead of the curve and make sure that they are well-prepared for any eventuality. Why Using Risk Management tools is beneficial for an organization? Risk management tool helps organizations to identify and manage potential risks, allowing them to m...
ChatGPT popularity raises cybersecurity concerns
Availability, Resources, Risk, Security

ChatGPT popularity raises cybersecurity concerns

As ChatGPT becomes popular, it also brings up important cybersecurity issues, such as hackers utilizing the chatbot to create phishing emails and codes. Regarding the possible threats related to ChatGPT, security professionals have expressed both concern and hope in equal measure. In November 2022, OpenAI released ChatGPT (Generative Pre-Trained Transformer), an AI-driven chatbot that can understand and produce human-written text or natural language. It is a technology that learns how to produce text that is reminiscent of human conversation by being educated on massive volumes of text data using the Transformer algorithm. ChatGPT, dubbed the "smartest chatbot ever developed," can produce text responses that resemble those of real people in response to commands read the complete art...
Canada cybersecurity chief warns about data-harvesting apps as concerns grow over TikTok
Risk, Security

Canada cybersecurity chief warns about data-harvesting apps as concerns grow over TikTok

The top cybersecurity official in Canada has urged Canadians to use applications with caution because they may put their data in the "wrong hands." The warning comes as TikTok, a social networking app controlled by China, is being accused of collecting user data. The Canadian electronic surveillance agency is on the lookout for security risks from Tik Tok, according to Prime Minister Justin Trudeau's statement from last month. Republican senators in the neighbouring US tried to outlaw TikTok earlier this month. Tik To is hugely popular in both the US and Canada and has supposedly over a billion members globally. Do they require access to that information, is the question you must ask yourself read the complete article Canada cybersecurity chief warns about data harvesting apps as co...
Riot Games Halts Work After Cyber Attack
Risk, Security

Riot Games Halts Work After Cyber Attack

A well-known gaming company in California has acknowledged that a significant cyber-attack on its servers has stopped all upgrades. Riot Games, which is owned by Tencent and creates well-known games like League of Legends and Valorant, provided a concise explanation of what transpired on Friday in a series of tweets. Earlier this week, a social engineering attack led to the vulnerability of systems in our development environment. The statement read, "At this time, we don't have all the answers, but we wanted to reach out to you early to let you know that there is no evidence that player data or personal information was obtained. We regret that this has temporarily hampered our capacity to publish content. While our staff is putting great effort towards a fix read the complete art...
Facebook Introduces New Features for End-to-End Encrypted Messenger App
Availability, Events, Security

Facebook Introduces New Features for End-to-End Encrypted Messenger App

Default end-to-end encryption (E2EE) for Messenger chats has begun to expand globally, according to a Monday announcement from Meta Platforms. More users will notice that parts of their chats are progressively being upgraded with an additional layer of security provided by end-to-end encryption over the next months, according to Melissa Miranda of Meta. The social media giant stressed that the process of picking and updating the chats to support E2EE is random but stated that it wants to alert users in a few specific chat threads as the security feature is enabled. Miranda continued, "It's supposed to be random so there isn't a detrimental impact on our infrastructure and people's chat experience read the complete article Facebook Introduces New Features for End-to-End Encrypted ...
Threat Actors Turn to Sliver as Open Source Alternative to Popular C2 Frameworks
Risk, Security

Threat Actors Turn to Sliver as Open Source Alternative to Popular C2 Frameworks

Threat actors are becoming more interested in Sliver, a legal command-and-control (C2) framework that has emerged as an open-source substitute for Cobalt Strike and Metasploit. The research was conducted by Cybereason, which last week released a thorough investigation of its internal operations. Sliver is a cross-platform post-exploitation framework built on Golang and created by cybersecurity startup BishopFox for use by security experts in red team operations read the complete article Threat Actors Turn to Sliver as Open Source Alternative to Popular C2 Frameworks.