News Archives - Page 3 of 12 - Arab Security Consultants

U.S. Court Orders NSO Group to Hand Over Pegasus Spyware Code to WhatsApp

Monday, 04 March 2024 by Ayman Hamam

A U.S. judge has ordered NSO Group to hand over its source code for Pegasus and other products to Meta as part of the social media giant’s ongoing litigation against the Israeli spyware vendor. The decision marks a major legal victory for Meta, which filed the lawsuit in October 2019 for using its infrastructure to distribute the spyware to approximately 1,400 mobile

Published in News

Tagged under: ArabSecurityConsultants, ASC, consumer rights., cyberSecurity, CyberSecuritynews, digital rights, GDPR, infrastructure, litigation, Meta, NSO Group, Pegasus, Predator, privacy, privacy fee, spyware, subscription model, surveillance

Microsoft Expands Free Logging Capabilities for all U.S. Federal Agencies

Sunday, 25 February 2024 by Ayman Hamam

Microsoft has expanded free logging capabilities to all U.S. federal agencies using Microsoft Purview Audit irrespective of the license tier, more than six months after a China-linked cyber espionage campaign targeting two dozen organizations came to light. “Microsoft will automatically enable the logs in customer accounts and increase the default log retention period from 90

Published in News

Tagged under: Arab Security Consultants, ASC, Azure Active Directory, China-linked, Cyber espionage, Cyber Security, cyberSecurity, Data breach, logging capabilities, Microsoft 365, Microsoft Purview Audit, state-sponsored actors., Storm-0558, U.S. federal agencies

FBI’s Most-Wanted Zeus and IcedID Malware Mastermind Pleads Guilty

Monday, 19 February 2024 by Ayman Hamam

A Ukrainian national has pleaded guilty in the U.S. to his role in two different malware schemes, Zeus and IcedID, between May 2009 and February 2021. Vyacheslav Igorevich Penchukov (aka Vyacheslav Igoravich Andreev, father, and tank), 37, was arrested by Swiss authorities in October 2022 and extradited to the U.S. last year. He was added to the

Published in News

Tagged under: Cybercrime, cyberSecurity, FBI, fraud., IcedID, Malware, money laundering, Raccoon, Ukrainian national, Zeus

Raspberry Robin Malware Upgrades with Discord Spread and New Exploits

Sunday, 11 February 2024 by Ayman Hamam

The operators of Raspberry Robin are now using two new one-day exploits to achieve local privilege escalation, even as the malware continues to be refined and improved to make it stealthier than before. This means that “Raspberry Robin has access to an exploit seller or its authors develop the exploits themselves in a short period,” Check Point

Published in News

Tagged under: Cyber Threats, cyberSecurity, cybersecurity trends., exploit propagation, malware evolution, Malware Tactics, Ransomware, Raspberry Robin, threat actors, vulnerability exploitation

U.S. Sanctions 6 Iranian Officials for Critical Infrastructure Cyber Attacks

Sunday, 04 February 2024 by Ayman Hamam

The U.S. Treasury Department’s Office of Foreign Assets Control (OFAC) announced sanctions against six officials associated with the Iranian intelligence agency for attacking critical infrastructure entities in the U.S. and other countries. The officials include Hamid Reza Lashgarian, Mahdi Lashgarian, Hamid Homayunfal, Milad Mansuri, Mohammad Bagher Shirinkar, and Reza Mohammad Amin Saberian, who are part

Published in News

AllaKore RAT Malware Targeting Mexican Firms with Financial Fraud Tricks

Monday, 29 January 2024 by Ayman Hamam

Mexican financial institutions are under the radar of a new spear-phishing campaign that delivers a modified version of an open-source remote access trojan called AllaKore RAT. The BlackBerry Research and Intelligence Team attributed the activity to an unknown Latin American-based financially motivated threat actor. The campaign has been active since at least 2021. “Lures use Mexican

Published in News

Chinese Hackers Silently Weaponized VMware Zero-Day Flaw for 2 Years

Monday, 22 January 2024 by Ayman Hamam

An advanced China-nexus cyber espionage group previously linked to the exploitation of security flaws in VMware and Fortinet appliances has been linked to the abuse of a critical vulnerability in VMware vCenter Server as a zero-day since late 2021. “UNC3886 has a track record of utilizing zero-day vulnerabilities to complete their mission without being detected,

Published in News

Tagged under: Chinese hackers, Cyber espionage, Cyber threat intelligence, Cybersecurity Risks, Data breach, Endpoint detection and response, Malware, Nation-state actors, Network security, Security flaws, Software updates, UNC3886, Virtualization services, VMware vCenter Server, Zero-Day Vulnerability

29-Year-Old Ukrainian Cryptojacking Kingpin Arrested for Exploiting Cloud Services

Sunday, 14 January 2024 by Ayman Hamam

Introduction A 29-year-old Ukrainian national has been apprehended in Mykolaiv, Ukraine, in connection with a highly sophisticated cryptojacking operation. The suspect allegedly earned over $2 million (€1.8 million) in illicit profits through unauthorized use of computing resources for cryptocurrency mining. The arrest was made possible through a collaborative effort between the National Police of Ukraine,

Published in News

Tagged under: Arrest, Cloud Service Provider, Computing Resources, Cryptocurrency Mining, Cryptojacking, Cybercrime, Cybersecurity Measures, Europol, Illicit Profits, Ukraine

Three Ways To Supercharge Your Software Supply Chain Security

Sunday, 07 January 2024 by Ayman Hamam

Section four of the “Executive Order on Improving the Nation’s Cybersecurity” introduced a lot of people in tech to the concept of a “Software Supply Chain” and securing it. If you make software and ever hope to sell it to one or more federal agencies, you have to pay attention to this. Even if you never plan

Published in News

Tagged under: cyberSecurity, ethical hacking, secrets management, secure coding, software composition analysis, software development, software supply chain security, supply chain resilience., vulnerability management

Double-Extortion Play Ransomware Strikes 300 Organizations Worldwide

Wednesday, 27 December 2023 by Ayman Hamam

According to a new joint cybersecurity advisory from Australia and the U.S., the threat actors behind the Play ransomware are estimated to have impacted approximately 300 entities as of October 2023. “Play ransomware actors employ a double-extortion model, encrypting systems after exfiltrating data and have impacted a wide range of businesses and critical infrastructure organizations

Published in News

Tagged under: cybersecurity advisory, double-extortion model, Fortinet appliances, Microsoft Exchange, phishing, Play ransomware, ransomware landscape, vulnerability exploitation

Category: News