Middle East

Middle East Page 1

Iranian Hackers Phishing Technique Social Engineering Multi Persona Impersonations Social Proofing Online Fraud

Iranian hackers deploy a new phishing technique to trick targets

TA453, an Iranian-based threat group, is spotted using a new and elaborate phishing technique dubbed ‘multi-persona impersonation’ (MPI). In this technique, the hackers use different personas and email accounts that seem to communicate realistically on email to trick victims into believing their legitimacy. The TA453 gang is reportedly working for the IRGC (Islamic Revolutionary Guard...
Continue Reading
Iranian Hackers UNC3890 Threat Group Israel Cybercrime Social Engineering Watering Holes Credential Harvesting

Iranian-sponsored UNC3890 group attacks Israeli entities

Researchers have actively monitored the Iranian threat group UNC3890 after deploying several cybercriminal activities against Israel’s critical organisations. These threat actors from Iran have targeted Israel’s healthcare, shipping, and energy sector. According to researchers, these Iranian-backed malicious threat actors were first seen a couple of years ago and continue to this day. The group’s illegal...
Continue Reading
Threat Actors UTF-8 Phishing Campaigns Middle East Cybersecurity Threat Advisory

Threat actors manipulate UTF-8 for phishing campaigns

Our researchers in iZOOlogic have recently spotted a new phishing campaign operated by threat actors that exploit the variable-width encoding UTF-8 to bypass email filters and push malicious payloads to their targeted victims’ email inboxes. Based on our analysis of this phishing scheme, we have traced its tracks easily through raw email headers that indicate...
Continue Reading
4TB Compromised Data Cyberattack Israel Cellebrite Digital Intelligence Cracking Cyber Hacking

4TB data compromised after cyberattack hits Israel’s Cellebrite

The propriety data of an Israeli digital intelligence firm, Cellebrite, had been allegedly leaked recently, with the firm’s flagship product Cellebrite Mobilogy and the Cellebrite Team Foundation Server impacted. Reports say that the source of the leaked data has yet to be identified. Moreover, only security researchers and analysts could get ahold of the leaked...
Continue Reading
Hackers Vulnerability Exploit Application Flaw Chrome DevilsTongue Spyware Malware

Hackers exploited a flaw in Chrome to deploy DevilsTongue spyware

An Israeli spyware vendor was discovered exploiting a zero-day flaw in Google Chrome to spy on numerous journalists from the Middles East, using DevilsTongue. The vulnerability was quickly reported to Google after its discovery, revealing their initial analysis after studying the spyware on one of their clients. The spyware was said to be abusing the...
Continue Reading
Session Manager Backdoor Malware Hacker Microsoft Exchange Server IIS Web Server

New SessionManager backdoor used by hackers to target MS Exchange

Malicious threat actors are utilising a newly uncovered malware called SessionManager, which can backdoor the servers of Microsoft Exchange. The targeted servers belonged to military and government companies based in the Middle East, Asia, Africa, and Europe. According to the researchers, the SessionManager was first spotted by them in a recent campaign this year. The...
Continue Reading
Travel Booking Website Seizure Israel Data Breach Cyberattack Incident Gol Tours Cybersecurity

Travel booking sites seized in Israel after a data breach incident

Israel’s Privacy Protection Authority recently seized the web servers of travel booking sites in the country after the agency confirmed that the operators of these sites had not addressed some cybersecurity issues that affected hundreds of thousands of their clients. As per recent reports, about ten websites hosted by an Israel-based booking firm Gol Tours...
Continue Reading
Lyceum APT DNS Backdoor Telecom Energy Sectors Middle East Hijacking

Lyceum APT uses a DNS backdoor to hit the telecom and energy sectors

A state-backed APT group from Iran, Lyceum, has been utilising [.]NET-based DNS backdoor in targeting firms from the telecom and energy industries. Also known by their other names, Hexane and Spilrin, the Lyceum APT group had a history of attacking communication service companies from the Middle East through DNS-tunneling backdoors. From an analyst’s recent study...
Continue Reading
MyEasyDocs Exposed Data India Israel Students Microsoft Azure Misconfiguration

MyEasyDocs accidentally exposed data of Indian and Israeli students

An Indian-based online documents verification platform called MyEasyDocs has exposed the data of more than 57,000 students on a Microsoft Azure server. Based on a report, a cybersecurity researcher spotted a misconfigured Microsoft Azure server that exposed the educational and personal records of hundreds and thousands of students from Israel and India. MyEasyDocs own the...
Continue Reading
6 TB Data Breach Turkey Pegasus Airlines Exposed Data AWS S3 Bucket PegasusEFB

6.5TB data of Turkey-based Pegasus Airlines got exposed online

Cybersecurity researchers have found a data leak incident concerning a Turkey-based firm Pegasus Airlines, which exposed their AWS S3 bucket that contained EFB or Electronic Flight Bag data on the web. The researchers explained that the exposed data was left without password protection, thus resulting in the leak. The Turkish airline company has partnered with...
Continue Reading
1 2 3 20