#FactCheck - Bangladeshi Migrant’s Arrest Misrepresented as Indian in Viral Video!

Executive Summary:

A new threat being uncovered in today’s threat landscape is that while threat actors took an average of one hour and seven minutes to leverage Proof-of-Concept(PoC) exploits after they went public, now the time is at a record low of 22 minutes. This incredibly fast exploitation means that there is very limited time for organizations’ IT departments to address these issues and close the leaks before they are exploited. Cloudflare released the Application Security report which shows that the attack percentage is more often higher than the rate at which individuals invent and develop security countermeasures like the WAF rules and software patches. In one case, Cloudflare noted an attacker using a PoC-based attack within a mere 22 minutes from the moment it was released, leaving almost no time for a remediation window. 

Despite the constant growth of vulnerabilities in various applications and systems, the share of exploited vulnerabilities, which are accompanied by some level of public exploit or PoC code, has remained relatively stable over the past several years and fluctuates around 50%. These vulnerabilities with publicly known exploit code, 41% was initially attacked in the zero-day mode while of those with no known code, 84% was first attacked in the same mode. 

Modus Operandi:

The modus operandi of the attack involving the rapid weaponization of proof-of-concept (PoC) exploits is characterized by the following steps:

• Vulnerability Identification: Threat actors bring together the exploitation of a system vulnerability that may be in the software or hardware of the system; this may be a code error, design failure, or a configuration error. This is normally achieved using vulnerability scanners and test procedures that have to be performed manually. 

• Vulnerability Analysis: After the vulnerability is identified, the attackers study how it operates to determine when and how it can be triggered and what consequences that action will have. This means that one needs to analyze the details of the PoC code or system to find out the connection sequence that leads to vulnerability exploitation. 

• Exploit Code Development: Being aware of the weakness, the attackers develop a small program or script denoted as the PoC that addresses exclusively the identified vulnerability and manipulates it in a moderated manner. This particular code is meant to be utilized in showing a particular penalty, which could be unauthorized access or alteration of data. 

• Public Disclosure and Weaponization: The PoC exploit is released which is frequently done shortly after the vulnerability has been announced to the public. This makes it easier for the attackers to exploit it while waiting for the software developer to release the patch. To illustrate, Cloudflare has spotted an attacker using the PoC-based exploit 22 minutes after the publication only. 

• Attack Execution: The attackers then use the weaponized PoC exploit to attack systems which are known to be vulnerable to it. Some of the actions that are tried in this context are attempts at running remote code, unauthorized access and so on. The pace at which it happens is often much faster than the pace at which humans put in place proper security defense mechanisms, such as the WAF rules or software application fixes. 

• Targeted Operations: Sometimes, they act as if it’s a planned operation, where the attackers are selective in the system or organization to attack. For example, exploitation of CVE-2022-47966 in ManageEngine software was used during the espionage subprocess, where to perform such activity, the attackers used the mentioned vulnerability to install tools and malware connected with espionage. 

Precautions: Mitigation

Following are the mitigating measures against the PoC Exploits: 

1. Fast Patching and New Vulnerability Handling 

• Introduce proper patching procedures to address quickly the security released updates and disclosed vulnerabilities. 

• Focus should be made on the patching of those vulnerabilities that are observed to be having available PoC exploits, which often risks being exploited almost immediately.

• It is necessary to frequently check for the new vulnerability disclosures and PoC releases and have a prepared incident response plan for this purpose. 

2. Leverage AI-Powered Security Tools 

•  Employ intelligent security applications which can easily generate desirable protection rules and signatures as attackers ramp up the weaponization of PoC exploits. 

• Step up use of artificial intelligence (AI) - fueled endpoint detection and response (EDR) applications to quickly detect and mitigate the attempts. 

• Integrate Artificial Intelligence based SIEM tools to Detect & analyze Indicators of compromise to form faster reaction. 

 3. Network Segmentation and Hardening 

• Use strong networking segregation to prevent the attacker’s movement across the network and also restrict the effects of successful attacks. 

• Secure any that are accessible from the internet, and service or protocols such as RDP, CIFS, or Active directory. 

• Limit the usage of native scripting applications as much as possible because cyber attackers may exploit them. 

4. Vulnerability Disclosure and PoC Management 

• Inform the vendors of the bugs and PoC exploits and make sure there is a common understanding of when they are reported, to ensure fast response and mitigation. 

• It is suggested to incorporate mechanisms like digital signing and encryption for managing and distributing PoC exploits to prevent them from being accessed by unauthorized persons. 

• Exploits used in PoC should be simple and independent with clear and meaningful variable and function names that help reduce time spent on triage and remediation. 

5. Risk Assessment and Response to Incidents 

• Maintain constant supervision of the environment with an intention of identifying signs of a compromise, as well as, attempts of exploitation. 

• Support a frequent detection, analysis and fighting of threats, which use PoC exploits into the system and its components. 

• Regularly communicate with security researchers and vendors to understand the existing threats and how to prevent them.

Conclusion:

The rapid process of monetization of Proof of Concept (POC) exploits is one of the most innovative and constantly expanding global threats to cybersecurity at the present moment. Cyber security experts must react quickly while applying a patch, incorporate AI to their security tools, efficiently subdivide their networks and always heed their vulnerability announcements. Stronger incident response plan would aid in handling these kinds of menaces. Hence, applying measures mentioned above, the organizations will be able to prevent the acceleration of turning PoC exploits into weapons and the probability of neutral affecting cyber attacks. 

Reference:

https://www.mayrhofer.eu.org/post/vulnerability-disclosure-is-positive/

https://www.uptycs.com/blog/new-poc-exploit-backdoor-malware

https://www.balbix.com/insights/attack-vectors-and-breach-methods/

https://blog.cloudflare.com/application-security-report-2024-update

‍

Executive Summary:

A video that circulated on social media to show Iranian President Ebrahim Raisi inside a helicopter moments before the tragic crash on May 20, 2024, has equally been proven to be fake. The validation of information leaves no doubt, that the video was shot in January 2024, which showed Raisi’s visiting Nemroud Reservoir Dam project. As a means of verifying the origin of the video, the CyberPeace Research Team conducted reverse image search and analyzed the information obtained from the Islamic Republic News Agency, Mehran News, and the Iranian Students’ News Agency. Further, the associated press pointed out inconsistencies between the part in the video that went viral and the segment that was shown by Iranian state television. The original video is old and it is not related to the tragic crash as there is incongruence between the snowy background and the green landscape with a river presented in the clip.

Claims:

A video circulating on social media claims to show Iranian President Ebrahim Raisi inside a helicopter an hour before his fatal crash.

Fact Check:

Upon receiving the posts, in some of the social media posts we found some similar watermarks of the IRNA News agency and Nouk-e-Qalam News. 

‍

Taking a cue from this, we performed a keyword search to find any credible source of the shared video, but we found no such video uploaded by the IRNA News agency on their website. Recently, they haven’t uploaded any video regarding the viral news. 

We closely analyzed the video, it can be seen that President Ebrahim Raisi was watching outside the snow-covered mountain, but in the internet-available footage regarding the accident, there were no such snow-covered mountains that could be seen but green forest.

We then checked for any social media posts uploaded by IRNA News Agency and found that they had uploaded the same video on X on January 18, 2024. The post clearly indicates the President’s aerial visit to Nemroud Dam.  

‍

The viral video is old and does not contain scenes that appear before the tragic chopper crash involving President Raisi. 

Conclusion:

The viral clip is not related to the fatal crash of Iranian President Ebrahim Raisi's helicopter and is actually from a January 2024 visit to the Nemroud Reservoir Dam project. The claim that the video shows visuals before the crash is false and misleading.

• Claim:  Viral Video of Iranian President Raisi was shot before fatal chopper crash.
• Claimed on: X (Formerly known as Twitter), YouTube, Instagram
• Fact Check: Fake & Misleading

Cyber, is the new weapon today! Cyber Violence is violence in cyber-space that has led to violation of cyber rights of individuals, especially those of children and women. Online violence and harassment have been overlooked laying more emphasis on offline or physical violence.

New Delhi [India], November 12 (ANI/NewsVoir): Cyber, is the new weapon today! Cyber Violence is violence in cyber-space that has led to violation of cyber rights of individuals, especially those of children and women. Online violence and harassment have been overlooked laying more emphasis on offline or physical violence. Cyber violence very often permanently, psychologically impacts the victims and their families. Various forms of threats ranging from morphing, stalking, solicitation of children for sexual purposes, online grooming, have grave consequences on the victims disturbing their mental well-being. Maintaining mental well-being in cyber space is a challenge we wish to promote and advocate for, in order to build responsible netizens.

Together, we stand against violation of cyber rights and strongly believe; it is critical to allow everyone to feel safe online. Netizen’s safety rights must be protected from all kinds of abuse and violence. Setting a mission of ‘Making India Cyber Safe for Children and Women’, Responsible Netism a social purpose organization in association with CyberPeace Foundation, an award-winning Cyber Security think tank working towards bringing CyberPeace in CyberSpace for more than two decades, host its 6th Annual National Conference on Cyber Psychology themed “India Fights Cyber Violence”, scheduled for Saturday, January 22, 2022. Ta advocate on the theme, the campaign #IndiaFightsCyberViolence was launched on November 11, 2021 by Vinay Sahasrabuddhe – President ICCR, Member of Parliament, Priyank Kanoongo – Chairperson, NCPCR and Rekha Sharma, Chairperson NCW at the ICCR Auditorium Delhi. The session was also attended by the CyberPeace Foundation team members.

Vinay Sahasrabuddhe has been a strong advocate of online safety of children, he shared his visionary words and focused on 3 R’s, Research, Reform and Reshape. He recommended extensive research was necessary to strongly voice concerns and remedies based on evidence-based research which would help us reform intervention strategies and the reshape the existing framework to best suit the needs to protect women and children in cyber space. The NCW Chairperson Rekha Sharma shared how critical it is to create awareness about online safety rights of women and reiterated the need for spreading awareness about online safety to reach the last mile in order to build collective action and bring change. She also mentioned the need to conducting nationwide trainings for the police personal to handle and report online distress.

Priyank Kanoongo, the Chairperson of NCPCR has been very proactively advocating for the cause of child online protection and has been instrumental in voicing critical in fiercely voicing his thoughts on protecting online safety rights of children across India. He shared the following thoughts at the launch. He said there is dire need to educate parents about online safety in order to let the information trickle down to their children. He said NCPCR does not hold any inhibitions in naming and shaming violators of child rights be it offline or online and will always raise a strong voice against platform ‘s inability to protect children in cyber space.

Vineet Kumar, Founder and Global President, CyberPeace Foundation, the partnering organization shared that this nationwide movement will build great momentum on the cause of online protection of children and women cross the country and urged organizations across India to pledge their support to the cause. The more people joining this movement would build collective pressure to formulate guidelines and policies the make cyber space safe for children and women. Sonali Patankar – Founder Responsible Netism shared the objective of the campaign was to let online safety reach the last mile and build on aggressive reporting of online content. The movement was an effort to make the campaign India Fights Cyber Violence to make India cyber safe for children.

She shared that the campaign launch would be followed by a nationwide research conducted to understand parents perspectives on cyber violence which would be handy in representing recommendations on women and child safety protocols through commoners. There would be a round table for organizations working with children chaired by Priyank Kanoongo on November 22 followed by a round table held for organizations working with Women chaired by Rekha Sharma Madam on December 22, 2021. The campaign would culminate in the Responsible Netism 6th National Cyber Psychology Conference scheduled for January 22, 2022 that would witness a compilation of the research and the work done throughout the campaign.

The launch was attended by Sujay Patki – Social Activist and Advisor Responsible Netism and Shilpa Chandolikar trustee Responsible Netism, Adv Khushbu Jain Advocate Supreme Court of India followed by the vote of thanks by Unmesh Joshi – Co-founder Responsible Netism. With the success of the launch and the support of NCPCR and NCW, we are sure to make this a nation-wide movement to protect cyber safety rights of netizens and strongly believe in collective action to make India Cyber Safe for Women and Children.

This story is provided by NewsVoir. ANI will not be responsible in any way for the content of this article. (ANI/NewsVoir)(This story has not been edited by Devdiscourse staff and is auto-generated from a syndicated feed.)

Source: https://www.devdiscourse.com/article/business/1804283-cyberpeace-foundation-and-responsible-netism-launches-campaign-india-fights-cyber-violence-against-women-and-children