Tag: Risk Management

Social Engineering Risks Found in Microsoft Teams
News

Social Engineering Risks Found in Microsoft Teams

Security researchers at Proofpoint have identified a number of fresh ways to exploit Microsoft Teams through social engineering. According to a report released by the business earlier today, "[We] recently analyzed over 450 million malicious sessions, detected throughout the second half of 2022 and targeting Microsoft 365 cloud tenants." Our research shows that Microsoft Teams is among the 10 most frequently used sign-in services, with at least one unauthorized login attempt made in approximately 40% of targeted organizations read more about Social Engineering Risks Found in Microsoft Teams. With ReconBee.com Stay ahead of the latest threats with in-depth coverage of cyber attacks and cybersecurity trends, and the latest cybersecurity news.
Google Gets Court Order to Take Down CryptBot That Infected Over 670,000 Computers
News

Google Gets Court Order to Take Down CryptBot That Infected Over 670,000 Computers

Google announced on Wednesday that it had received a temporary court order in the United States to stop the propagation of the Windows-based malware CryptBot and "decelerate" its expansion. Mike Trinh and Pierre-Marc Bureau of the internet giant said the initiatives are a part of actions it takes to "hold criminal malware operators accountable, as well as those who profit from its distribution." According to estimates, CryptBot will have infected over 670,000 machines by the year 2022 with the intention of collecting private information from Google Chrome users, including login information for social media accounts, authentication credentials, and cryptocurrency wallets. The collected data is subsequently stolen and sold to threat actors, who utilize it in data breach campaigns a...
FBI Warns of Crypto Stealing Play to Earn Games
Availability, Resources, Risk, Security

FBI Warns of Crypto Stealing Play to Earn Games

Customers have been cautioned not to fall for a brand-new class of fraudulent gaming applications that have already defrauded users out of millions of dollars worth of cryptocurrencies. According to a recent PSA from the FBI's Internet Crime Complaint Center, scammers generally contact victims online before introducing them to the online or mobile game in time (IC3). The game claims to give users bitcoin just for playing. The FBI chose the example of a player raising virtual crops on an animated farm, despite the fact that there are numerous variations of this scam read more FBI Warns of Crypto Stealing Play to Earn Games. Stay informed with the best cybersecurity news and raise your cybersecurity awareness with our comprehensive coverage of the latest threats, breaches, and solu...
Android voice chat app leaked private user conversations
Resources, Risk, Security

Android voice chat app leaked private user conversations

OyeTalk, a well-known audio chat program, kept user chats in an unencrypted database that was not password-protected. In recent years, the use of audio chats has expanded along with the demand for online communication. Voice chatting has developed into a crucial tool for encouraging digital communication for academic, social, gaming, and professional purposes. Several apps on the market, including well-known ones like Discord, Zoom, Skype, Google Meet, Microsoft Teams, and WhatsApp, provide voice-chat features read more Android voice chat app leaked private user conversations. With ReconBee.com Stay ahead of the latest threats with in-depth coverage of cyber attacks and cybersecurity trends, and the latest cybersecurity news.
Open Source Tools for Risk Management
Risk, Security

Open Source Tools for Risk Management

Risk management is an important part of any business. It helps organizations identify potential risks and take steps to mitigate them. To ensure that they are always prepared, companies need to have access to the best open source tools for risk management. These tools can help companies identify potential risks, assess their impact, and develop strategies to manage them. They can also be used to monitor existing risks and track the progress of risk mitigation plans. With these open source tools for risk management, businesses can stay ahead of the curve and make sure that they are well-prepared for any eventuality. Why Using Risk Management tools is beneficial for an organization? Risk management tool helps organizations to identify and manage potential risks, allowing them ...
New Chinese Malware Spotted Exploiting Recent Fortinet Firewall Vulnerability
Risk, Security

New Chinese Malware Spotted Exploiting Recent Fortinet Firewall Vulnerability

In assaults against a European government organization and an African managed service provider (MSP), a suspected China-nexus threat actor used a recently fixed Fortinet FortiOS SSL-VPN vulnerability as a zero-day. The exploitation took place as early as October 2022, at least over two months before updates were made, according to telemetry data acquired by Google-owned Mandiant. Researchers from Mandiant claimed in a technical analysis that the event "continues China's trend of targeting internet-facing devices, notably those used for managed security purposes (e.g., firewalls, IPSIDS appliances, etc.)." In order to carry out the attacks, a sophisticated backdoor known as BOLD MOVE was used. This backdoor is a Linux variant that has been optimized to run on Fortinet's FortiGate ...
FinServ Firms See 81% Surge in Attacks Since Russia-Ukraine War
Resources, Risk, Security

FinServ Firms See 81% Surge in Attacks Since Russia-Ukraine War

Since Russia's invasion of Ukraine, the UK's financial services sector has experienced a wave of cyberattacks, but firms are generally confident in their abilities to reduce these risks, finds a new Bridewell study. For its most recent research, Cyber Security in Critical National Infrastructure Organizations: Financial Services, the cybersecurity services provider surveyed more than 100 IT decision-makers from UK financial services companies. It was discovered that since the invasion of Ukraine, attacks on the sector have increased by 81%, the second-highest growth of any critical infrastructure (CNI) sector and evidence of the growing cyber danger brought on by geopolitics read the complete article FinServ Firms See 81% Surge in Attacks Since Russia-Ukraine War. If you love to ...
Vice Society Claims Ransomware Attack Against University of Duisburg-Essen
Risk, Security

Vice Society Claims Ransomware Attack Against University of Duisburg-Essen

The University of Duisburg-Essen (UDE) was the target of a ransomware attack in November 2022. The threat actor Vice Society has admitted involvement and is said to have posted some stolen information on the dark web. The data disclosure, according to UDE's declaration over the weekend, was caused by the institution refusing to pay the attackers' demanded ransom. At the same time, the institution made it clear that all of its security precautions were based on the guidelines set forth by the Federal Office for Information Security (BSI) and the methodology for BSI IT baseline protection read the complete article Vice Society Claims Ransomware Attack Against University of Duisburg. For these types of trending and recent cybersecurity news follow ReconBee.com and keep yourself upda...
Iranian Government Entities Under Attack by New Wave of BackdoorDiplomacy Attacks
Risk, Security

Iranian Government Entities Under Attack by New Wave of BackdoorDiplomacy Attacks

The threat actor known as BackdoorDiplomacy has been linked to a new wave of attacks targeting Iranian government entities between July and late December 2022. Palo Alto Networks Unit 42, which is tracking the activity under its constellation-themed moniker Playful Taurus, said it observed the government domains attempting to connect to malware infrastructure previously identified as associated with the adversary. Also known by the names APT15, KeChang, NICKEL, and Vixen Panda, the Chinese APT group has a history of cyber espionage campaigns aimed at government and diplomatic entities across North America, South America, Africa, and the Middle East at least since 2010 read the complete article Iranian Government Entities Under Attack by New Wave.
Critical Security Vulnerabilities Discovered in Netcomm and TP-Link Routers
Risk, Security

Critical Security Vulnerabilities Discovered in Netcomm and TP-Link Routers

Netcomm and TP-Link routers have been found to have security flaws, some of which might be exploited to execute code remotely. The vulnerabilities, identified as CVE-2022-4873 and CVE-2022-4874, affect Netcomm router models NF20MESH, NF20, and NL1902 running software versions earlier than R6B035. They involve an instance of stack-based buffer overflow and authentication bypass. The CERT Coordination Center (CERT/CC) stated in an advisory released on Tuesday that "the two vulnerabilities, when chained together, allows a remote, unauthenticated attacker to execute arbitrary code read the complete article Critical Security Vulnerabilities Discovered in Netcomm. For trending cybersecurity news follow, ReconBee.com and get updates regularly.