Category

Middle East

Middle East Page 2

Threat Actors UTF-8 Phishing Campaigns Middle East Cybersecurity Threat Advisory

Threat actors manipulate UTF-8 for phishing campaigns

Our researchers in iZOOlogic have recently spotted a new phishing campaign operated by threat actors that exploit the variable-width encoding UTF-8 to bypass email filters and push malicious payloads to their targeted victims’ email inboxes. Based on our analysis of this phishing scheme, we have traced its tracks easily through raw email headers that indicate...
Continue Reading
4TB Compromised Data Cyberattack Israel Cellebrite Digital Intelligence Cracking Cyber Hacking

4TB data compromised after cyberattack hits Israel’s Cellebrite

The propriety data of an Israeli digital intelligence firm, Cellebrite, had been allegedly leaked recently, with the firm’s flagship product Cellebrite Mobilogy and the Cellebrite Team Foundation Server impacted. Reports say that the source of the leaked data has yet to be identified. Moreover, only security researchers and analysts could get ahold of the leaked...
Continue Reading
Hackers Vulnerability Exploit Application Flaw Chrome DevilsTongue Spyware Malware

Hackers exploited a flaw in Chrome to deploy DevilsTongue spyware

An Israeli spyware vendor was discovered exploiting a zero-day flaw in Google Chrome to spy on numerous journalists from the Middles East, using DevilsTongue. The vulnerability was quickly reported to Google after its discovery, revealing their initial analysis after studying the spyware on one of their clients. The spyware was said to be abusing the...
Continue Reading
Session Manager Backdoor Malware Hacker Microsoft Exchange Server IIS Web Server

New SessionManager backdoor used by hackers to target MS Exchange

Malicious threat actors are utilising a newly uncovered malware called SessionManager, which can backdoor the servers of Microsoft Exchange. The targeted servers belonged to military and government companies based in the Middle East, Asia, Africa, and Europe. According to the researchers, the SessionManager was first spotted by them in a recent campaign this year. The...
Continue Reading
Travel Booking Website Seizure Israel Data Breach Cyberattack Incident Gol Tours Cybersecurity

Travel booking sites seized in Israel after a data breach incident

Israel’s Privacy Protection Authority recently seized the web servers of travel booking sites in the country after the agency confirmed that the operators of these sites had not addressed some cybersecurity issues that affected hundreds of thousands of their clients. As per recent reports, about ten websites hosted by an Israel-based booking firm Gol Tours...
Continue Reading
Lyceum APT DNS Backdoor Telecom Energy Sectors Middle East Hijacking

Lyceum APT uses a DNS backdoor to hit the telecom and energy sectors

A state-backed APT group from Iran, Lyceum, has been utilising [.]NET-based DNS backdoor in targeting firms from the telecom and energy industries. Also known by their other names, Hexane and Spilrin, the Lyceum APT group had a history of attacking communication service companies from the Middle East through DNS-tunneling backdoors. From an analyst’s recent study...
Continue Reading
MyEasyDocs Exposed Data India Israel Students Microsoft Azure Misconfiguration

MyEasyDocs accidentally exposed data of Indian and Israeli students

An Indian-based online documents verification platform called MyEasyDocs has exposed the data of more than 57,000 students on a Microsoft Azure server. Based on a report, a cybersecurity researcher spotted a misconfigured Microsoft Azure server that exposed the educational and personal records of hundreds and thousands of students from Israel and India. MyEasyDocs own the...
Continue Reading
6 TB Data Breach Turkey Pegasus Airlines Exposed Data AWS S3 Bucket PegasusEFB

6.5TB data of Turkey-based Pegasus Airlines got exposed online

Cybersecurity researchers have found a data leak incident concerning a Turkey-based firm Pegasus Airlines, which exposed their AWS S3 bucket that contained EFB or Electronic Flight Bag data on the web. The researchers explained that the exposed data was left without password protection, thus resulting in the leak. The Turkish airline company has partnered with...
Continue Reading
Cobalt Mirage Threat Gang US Ransomware Attacks Malware Bitlocker Vulnerability Exploit

Cobalt Mirage gang found striking the US with ransomware attacks

The Iran-based Cobalt Mirage threat group investigation uncovered several critical details about their infrastructure, including being attributed to some known groups in the cybercrime landscape, such as the APT35. First surfacing in June 2020, Cobalt Mirage primarily conducts its attacks via phishing campaigns to access victims’ networks. Researchers linked the group to APT35 since they...
Continue Reading
CISA Critical Vulnerabilities Update Fix Oracle Linux Adobe Mozilla Treck Microsoft

CISA revealed 95 new critical vulnerabilities that firms must fix

The Certified Information Systems Auditor (CISA) has included 95 new critical flaws in the actively exploited security vulnerabilities. Based on reports, this update is one of the most significant clusters of CVEs added to CISA’s catalogue since the issue of the binding operational directive in late November 2021. CISA provided firms about a month to...
Continue Reading
1 2 3 4 20