Tag: reconbeeblog

New Chinese Malware Spotted Exploiting Recent Fortinet Firewall Vulnerability
Risk, Security

New Chinese Malware Spotted Exploiting Recent Fortinet Firewall Vulnerability

In assaults against a European government organization and an African managed service provider (MSP), a suspected China-nexus threat actor used a recently fixed Fortinet FortiOS SSL-VPN vulnerability as a zero-day. The exploitation took place as early as October 2022, at least over two months before updates were made, according to telemetry data acquired by Google-owned Mandiant. Researchers from Mandiant claimed in a technical analysis that the event "continues China's trend of targeting internet-facing devices, notably those used for managed security purposes (e.g., firewalls, IPSIDS appliances, etc.)." In order to carry out the attacks, a sophisticated backdoor known as BOLD MOVE was used. This backdoor is a Linux variant that has been optimized to run on Fortinet's FortiGate ...
FinServ Firms See 81% Surge in Attacks Since Russia-Ukraine War
Resources, Risk, Security

FinServ Firms See 81% Surge in Attacks Since Russia-Ukraine War

Since Russia's invasion of Ukraine, the UK's financial services sector has experienced a wave of cyberattacks, but firms are generally confident in their abilities to reduce these risks, finds a new Bridewell study. For its most recent research, Cyber Security in Critical National Infrastructure Organizations: Financial Services, the cybersecurity services provider surveyed more than 100 IT decision-makers from UK financial services companies. It was discovered that since the invasion of Ukraine, attacks on the sector have increased by 81%, the second-highest growth of any critical infrastructure (CNI) sector and evidence of the growing cyber danger brought on by geopolitics read the complete article FinServ Firms See 81% Surge in Attacks Since Russia-Ukraine War. If you love to ...
Vice Society Claims Ransomware Attack Against University of Duisburg-Essen
Risk, Security

Vice Society Claims Ransomware Attack Against University of Duisburg-Essen

The University of Duisburg-Essen (UDE) was the target of a ransomware attack in November 2022. The threat actor Vice Society has admitted involvement and is said to have posted some stolen information on the dark web. The data disclosure, according to UDE's declaration over the weekend, was caused by the institution refusing to pay the attackers' demanded ransom. At the same time, the institution made it clear that all of its security precautions were based on the guidelines set forth by the Federal Office for Information Security (BSI) and the methodology for BSI IT baseline protection read the complete article Vice Society Claims Ransomware Attack Against University of Duisburg. For these types of trending and recent cybersecurity news follow ReconBee.com and keep yourself upda...
Iranian Government Entities Under Attack by New Wave of BackdoorDiplomacy Attacks
Risk, Security

Iranian Government Entities Under Attack by New Wave of BackdoorDiplomacy Attacks

The threat actor known as BackdoorDiplomacy has been linked to a new wave of attacks targeting Iranian government entities between July and late December 2022. Palo Alto Networks Unit 42, which is tracking the activity under its constellation-themed moniker Playful Taurus, said it observed the government domains attempting to connect to malware infrastructure previously identified as associated with the adversary. Also known by the names APT15, KeChang, NICKEL, and Vixen Panda, the Chinese APT group has a history of cyber espionage campaigns aimed at government and diplomatic entities across North America, South America, Africa, and the Middle East at least since 2010 read the complete article Iranian Government Entities Under Attack by New Wave.
Critical Security Vulnerabilities Discovered in Netcomm and TP-Link Routers
Risk, Security

Critical Security Vulnerabilities Discovered in Netcomm and TP-Link Routers

Netcomm and TP-Link routers have been found to have security flaws, some of which might be exploited to execute code remotely. The vulnerabilities, identified as CVE-2022-4873 and CVE-2022-4874, affect Netcomm router models NF20MESH, NF20, and NL1902 running software versions earlier than R6B035. They involve an instance of stack-based buffer overflow and authentication bypass. The CERT Coordination Center (CERT/CC) stated in an advisory released on Tuesday that "the two vulnerabilities, when chained together, allows a remote, unauthenticated attacker to execute arbitrary code read the complete article Critical Security Vulnerabilities Discovered in Netcomm. For trending cybersecurity news follow, ReconBee.com and get updates regularly.
Russias Ukraine War Drives 62% Slump in Stolen Cards
Risk, Security

Russias Ukraine War Drives 62% Slump in Stolen Cards

According to Recorded Future, there has been a noticeable decline in the number of stolen payment card records that have been posted to the dark web since the Russian invasion of Ukraine in early 2022. The company's Insikt Group division compiled its Annual Payment Fraud Report: 2022 by carefully examining threat intelligence obtained from the dark web. According to the report, the number of card-not-present records on the dark web carding businesses fell by 24% annually in 2022, to 45.6 million, and fell by 62%, to 13.8 million. This huge reduction was linked by Recorded Future to two important occurrences at the beginning of the year. The first was a sudden crackdown on cybercrime organizations by the Russian government, which included the arrest of alleged members of the Revil...
Zoho ManageEngine PoC Exploit to be Released Soon – Patch Before It’s Too Late!
Risk, Security

Zoho ManageEngine PoC Exploit to be Released Soon – Patch Before It’s Too Late!

Before a proof-of-concept (PoC) exploit code is released, Zoho ManageEngine users are recommended to patch their instances against a critical security vulnerability. The problem is CVE-2022-47966, a remote code execution vulnerability that affects a number of products because it is caused by the use of an obsolete third-party dependency called Apache Santuario. In a late-year alert, Zoho stated that the vulnerability "allows an unauthenticated adversary to execute arbitrary code," noting that it impacts all ManageEngine configurations that have the SAML single sign-on (SSO) capability enabled or have previously had it enabled read the complete article Zoho ManageEngine PoC Exploit to be Released Soon. For recent and trending cybersecurity news follow ReconBee.com.
Google is piloting its own soundbox in India for merchants to get audio-based payment alerts
Risk, Security

Google is piloting its own soundbox in India for merchants to get audio-based payment alerts

In India, where point-of-sale activity may become busy, soundboxes, the hardware used by merchants that generates sounds each time a mobile payment is completed, have gained popularity. The vocal notifications from the soundbox help alert multitasking shopkeepers and assistants to a transaction going through. Google is now joining in to continue pushing forward with the development of its own payments company in the second-largest internet market in the world. The internet giant is testing its own soundbox in India to notify sellers of confirmations for UPI payments, a mobile payment standard developed and now widely used in India for instant payments and transfers between banks, two mobile users, or a customer and a merchant. The internet giant is currently one of the leaders in m...
ODIN Intelligence website is defaced as hackers claim breach
Risk, Security

ODIN Intelligence website is defaced as hackers claim breach

On Sunday, someone vandalized the website for ODIN Intelligence, a business that offers technology and solutions to law enforcement and police departments. The alleged hack occurred just days after Wired revealed that an app created by the company, SweepWizard, which helps police manage and coordinate multi-agency raids, had a serious security flaw that exposed sensitive information about upcoming police operations as well as the personal information of police suspects to the public internet. Law enforcement agencies can get tools like SweepWizard and other technologies from ODIN. It also offers SONAR, or the Sex Offender Notification and Registration system, a program utilized by local and state law enforcement to remotely oversee sex offenders who have been registered read the com...
Common Risk Management Methodologies
Risk, Security

Common Risk Management Methodologies

Risk management is an important part of any business, and there are various methodologies that can be used to ensure that risks are managed effectively. By understanding the different risk management methodologies, organizations can better identify, analyze, and respond to potential risks. Each methodology has its own set of advantages and disadvantages depending on the type of risk being managed. By understanding these methodologies, organizations can make better decisions when it comes to managing their risks read the complete article to know about Common Risk Management Methodologies For Organizations. Common Risk Management Methodologies For Organizations 1. ISO 31000 An international standard for risk management called ISO 31000 offers organizations direction and tools t...