FortiRecon
FortiRecon is a digital risk protection (DRP) service that allows customers to gain visibility of their digital attack surface, receive targeted threat intelligence, and reduce organisational risk.
mkoser
Staff
Staff
Article Id 249072

FortiRecon provides outside-in coverage for risks towards customers. 

 

Adversary Centric Intelligence (ACI): leverages FortiGuard Threat Analysis to provide comprehensive coverage of dark web, open-source, and technical threat intelligence, including threat actor insights to enable organizations to respond proactively assess risks, respond faster to incidents, better understand their attackers, and guard assets. 

 

Ransomware Intelligence Module under Adversary Centric Intelligence (ACI) provides insights on Ransomware Groups and its victims, which enables organizations to monitor supply chain risk and better understand ransomware landscape. 

Adversary 

Hive Ransomware 

Description 

The Hive ransomware gang has been active since mid-2021. The gang and its affiliates started targeting organizations that experienced high downtime costs, such as Manufacturing, Healthcare providers, Energy providers and Retailers. The group is known for its aggressive tactics and has been observed using methods such as “triple extortion,” whereby the attackers seek money not only from the organization that was first targeted but also from anyone who might be impacted by the disclosure of that organization’s data. 

Exploited Vulnerabilities  

CVE-2021-34473: Microsoft Exchange Server code execution 

CVE-2021-34523: Microsoft Exchange Server privilege escalation 

CVE-2021-31207: Microsoft Exchange Server security bypass 

CVE-2020-12812: Fortinet FortiOS security bypass 

CVE-2021-42321: Microsoft Exchange Server code execution 

CVE-2021-31297: Microsoft Exchange Server code execution 

ACI Reporting Coverage 

24 Reports (TECHINT, Media, OSINT, Darknet) 

Additional Information 

  • Total 208 victims till date. 
  • Top country victims from United States. 
  • Top victims sector fall within Manufacturing.