Security

US announces it seized Hive ransomware gang’s leak sites and decryption keys
Events, Risk, Security

US announces it seized Hive ransomware gang’s leak sites and decryption keys

Law enforcement organizations in the US and Europe have taken control of Hive's infrastructure, one of the most successful ransomware operations. Just months after the federal government's cybersecurity unit CISA raised the alarm about Hive's ongoing extortion efforts, the U.S. Department of Justice, the FBI, Secret Service, and several European government agencies joined forces to conduct a coordinated law enforcement action that resulted in the seizure of Hive's dark web portal. This secret location has been taken. As part of a concerted law enforcement effort against Hive Ransomware, the Federal Bureau of Investigation confiscated this site, according to a seizure notice posted on Hive's dark web leak site read the complete article US announces it seized Hive ransomware gangs lea...
Microsoft Urges Customers to Secure On Premises Exchange Servers
Risk, Security

Microsoft Urges Customers to Secure On Premises Exchange Servers

Microsoft advises users to maintain their Exchange servers up to date as well as take precautions such as turning on Windows Extended Protection and setting up the certificate-based signing of PowerShell serialization payloads. The software giant's Exchange Team stated in a post that attackers attempting to target unpatched Exchange servers would not stop. The value of unpatched on-premises Exchange infrastructure to hostile actors attempting to steal data or carry out other wrongdoing is too great. Microsoft also noted that the mitigations it has released are only a temporary fix and may "become insufficient to guard against all permutations of an attack," requiring users to apply the required security updates in order to secure the servers read the complete article Microsoft Urges...
Microsoft to Block Excel XLL Add-Ins to Stop Malware Delivery
Resources, Risk, Security

Microsoft to Block Excel XLL Add-Ins to Stop Malware Delivery

To stop phishing attacks that use these kinds of lures, Microsoft has announced plans to automatically block all XLL add-in files downloaded from the internet for its Office 365 clients. The software juggernaut has acknowledged it aims to carry out these strategies by March 2023 in a post on its Microsoft 365 roadmap page. "We are putting in place safeguards that will block XLL add-ins coming from the internet in order to counteract the rising number of malware attacks in recent months," the statement reads. According to Dave Storie, an engineer at Lares Consulting who specializes in adversarial collaboration, threat actors have long leveraged Microsoft add-in abuse as a means of executing malicious code read the complete article Microsoft to Block Excel XLL Add Ins to Stop Malwa...
Record-Breaking Year for DDoS Attacks Targeting Russia
Risk, Security

Record-Breaking Year for DDoS Attacks Targeting Russia

According to the largest internet service provider in the nation, web and DDoS attacks were relentless against Russian enterprises last year in an effort to interfere with operations, sabotage websites, and "sow panic" (ISP). In a recent study, Rostelecom claimed to have observed "a record-breaking DDoS attack in terms of power and duration" in 2022. It stated that the strongest attack was 760Gb/s, roughly twice as powerful as the strongest attack in 2021. The research stated that the longest DDoS lasted 2000 hours or around three months. The ISP claimed to have examined data on around 600 businesses in a range of sectors read the complete article Record Breaking Year for DDoS Attacks Targeting Russia. Reconbee.com can help you learn about the most recent security services and p...
Chinese Hackers Utilize Golang Malware in DragonSpark Attacks to Evade Detection
Risk, Security

Chinese Hackers Utilize Golang Malware in DragonSpark Attacks to Evade Detection

A possible Chinese-speaking actor using under the name DragonSpark is targeting businesses in East Asia while using unusual methods to get past security measures. According to SentinelOne's investigation, which was released today, "the attacks are characterized by the usage of the little-known open-source SparkRAT and malware that tries to elude detection through Golang source code interpretation." The persistent usage of SparkRAT in the incursions to carry out various tasks, such as information theft, taking over an infected host, or executing further PowerShell commands, is a startling feature. Although the threat actor's ultimate objectives are still unknown, espionage or cybercrime read the complete article Chinese Hackers Utilize Golang Malware in DragonSpark Attacks to Evad...
FBI Says North Korean Hackers Behind $100 Million Horizon Bridge Crypto Theft
Risk, Security

FBI Says North Korean Hackers Behind $100 Million Horizon Bridge Crypto Theft

The loss of $100 million in cryptocurrency assets from Harmony Horizon Bridge in June 2022 was confirmed by the American Federal Bureau of Investigation (FBI) on Monday. The Lazarus Group and APT38 (also known as BlueNoroff, Copernicium, and Stardust Chollima), a state-sponsored threat group from North Korea that specializes in financial cyber operations, were both blamed by the law enforcement agency for the hack. The FBI added that the TraderTraitor attack campaign, which was made public by the U.S. Cybersecurity and Infrastructure Security Agency (CISA) in April 2022, was used by the Harmony infiltration. The strategy involved using social engineeri...
Open Source Tools for Risk Management
Risk, Security

Open Source Tools for Risk Management

Risk management is an important part of any business. It helps organizations identify potential risks and take steps to mitigate them. To ensure that they are always prepared, companies need to have access to the best open source tools for risk management. These tools can help companies identify potential risks, assess their impact, and develop strategies to manage them. They can also be used to monitor existing risks and track the progress of risk mitigation plans. With these open source tools for risk management, businesses can stay ahead of the curve and make sure that they are well-prepared for any eventuality. Why Using Risk Management tools is beneficial for an organization? Risk management tool helps organizations to identify and manage potential risks, allowing them to m...
ChatGPT popularity raises cybersecurity concerns
Availability, Resources, Risk, Security

ChatGPT popularity raises cybersecurity concerns

As ChatGPT becomes popular, it also brings up important cybersecurity issues, such as hackers utilizing the chatbot to create phishing emails and codes. Regarding the possible threats related to ChatGPT, security professionals have expressed both concern and hope in equal measure. In November 2022, OpenAI released ChatGPT (Generative Pre-Trained Transformer), an AI-driven chatbot that can understand and produce human-written text or natural language. It is a technology that learns how to produce text that is reminiscent of human conversation by being educated on massive volumes of text data using the Transformer algorithm. ChatGPT, dubbed the "smartest chatbot ever developed," can produce text responses that resemble those of real people in response to commands read the complete art...
Canada cybersecurity chief warns about data-harvesting apps as concerns grow over TikTok
Risk, Security

Canada cybersecurity chief warns about data-harvesting apps as concerns grow over TikTok

The top cybersecurity official in Canada has urged Canadians to use applications with caution because they may put their data in the "wrong hands." The warning comes as TikTok, a social networking app controlled by China, is being accused of collecting user data. The Canadian electronic surveillance agency is on the lookout for security risks from Tik Tok, according to Prime Minister Justin Trudeau's statement from last month. Republican senators in the neighbouring US tried to outlaw TikTok earlier this month. Tik To is hugely popular in both the US and Canada and has supposedly over a billion members globally. Do they require access to that information, is the question you must ask yourself read the complete article Canada cybersecurity chief warns about data harvesting apps as co...
Riot Games Halts Work After Cyber Attack
Risk, Security

Riot Games Halts Work After Cyber Attack

A well-known gaming company in California has acknowledged that a significant cyber-attack on its servers has stopped all upgrades. Riot Games, which is owned by Tencent and creates well-known games like League of Legends and Valorant, provided a concise explanation of what transpired on Friday in a series of tweets. Earlier this week, a social engineering attack led to the vulnerability of systems in our development environment. The statement read, "At this time, we don't have all the answers, but we wanted to reach out to you early to let you know that there is no evidence that player data or personal information was obtained. We regret that this has temporarily hampered our capacity to publish content. While our staff is putting great effort towards a fix read the complete art...