cyberSecurity Archives - Arab Security Consultants

FIN7, FIN8, and Others Use Ragnar Loader for Persistent Access and Ransomware Operations

Tuesday, 11 March 2025 by Ayman Hamam

Threat hunters have shed light on a “sophisticated and evolving malware toolkit” called Ragnar Loader that’s used by various cybercrime and ransomware groups like Ragnar Locker (aka Monstrous Mantis), FIN7, FIN8, and Ruthless Mantis (ex-REvil). “Ragnar Loader plays a key role in keeping access to compromised systems, helping attackers stay in networks for long-term operations,” Swiss cybersecurity company PRODAFT

Published in News

Tagged under: ASC, Cyber Threats, cyberSecurity, ethical hacking, FIN7, FIN8, InfoSec, Malware, Ragnar Loader, Ragnar Locker, Ransomware, Threat Hunting, Threat Intelligence

Android’s New Feature Blocks Fraudsters from Sideloading Apps During Calls

Monday, 17 February 2025 by Ayman Hamam

Google is working on a new security feature for Android that blocks device owners from changing sensitive settings when a phone call is in progress. Specifically, the in-call anti-scammer protections include preventing users from turning on settings to install apps from unknown sources and granting accessibility access. The development was first reported by Android Authority. Users who

Published in News

Tagged under: accessibility restrictions, Android 16, Android security, anti-scam feature, ASC, cyberSecurity, fraud prevention, Google security update, malware prevention, sideloading protection, TOAD attack

Researchers Uncover OS Downgrade Vulnerability Targeting Microsoft Windows Kernel

Monday, 28 October 2024 by Ayman Hamam

A new attack technique could be used to bypass Microsoft’s Driver Signature Enforcement (DSE) on fully patched Windows systems, leading to operating system (OS) downgrade attacks. “This bypass allows loading unsigned kernel drivers, enabling attackers to deploy custom rootkits that can neutralize security controls, hide processes and network activity, maintain stealth, and much more,” SafeBreach

Published in News

Tagged under: ASC, Code Integrity, CVE-2024-21302, CVE-2024-38202, cyberSecurity, CYbersecurityCOnsultant, Driver Signature Enforcement, DSE Bypass, Kernel-Level Attack, Microsoft, OS Downgrade, Patch Tuesday, privilege escalation, Rootkit, UEFI Lock, VBS, Windows Security, Windows Update

Cybercriminals Exploit CrowdStrike Update Mishap to Distribute Remcos RAT Malware

Sunday, 21 July 2024 by Ayman Hamam

Cybersecurity firm CrowdStrike, which is facing the heat for causing worldwide IT disruptions by pushing out a flawed update to Windows devices, is now warning that threat actors are exploiting the situation to distribute Remcos RAT to its customers in Latin America under the guise of a providing a hotfix. The attack chains involve distributing a ZIP

Published in News

Tagged under: CrowdStrike, cyberSecurity, IT disruption, Latin America, Malware, mitigation, official support, Remcos RAT, threat actors, Windows devices.

Singapore Banks to Phase Out OTPs for Online Logins Within 3 Months

Wednesday, 17 July 2024 by Ayman Hamam

Retail banking institutions in Singapore have three months to phase out the use of one-time passwords (OTPs) for authentication purposes when signing into online accounts to mitigate the risk of phishing attacks. The decision was announced by the Monetary Authority of Singapore (MAS) and The Association of Banks in Singapore (ABS) on July 9, 2024.

Published in Uncategorized

Tagged under: Arab Security Consultants, ASC, Authentication, cyberSecurity, DigitalTokens, FinancialFraudPrevention, OnlineBankingSecurity, PhishingPrevention, SingaporeBanking

AI Company Hugging Face Detects Unauthorized Access to Its Spaces Platform

Monday, 03 June 2024 by Ayman Hamam

Artificial Intelligence (AI) company Hugging Face on Friday disclosed that it detected unauthorized access to its Spaces platform earlier this week. “We have suspicions that a subset of Spaces’ secrets could have been accessed without authorization,” it said in an advisory. Spaces offers a way for users to create, host, and share AI and machine learning (ML) applications. It also

Published in News

Tagged under: AI app secrets, AI security breach, AIaaS providers, Arab Security Consultants, ASC, cyberSecurity, data protection, Hugging Face, security advisory, Spaces platform, token refresh, unauthorized access.

Experts Find Flaw in Replicate AI Service Exposing Customers’ Models and Data

Wednesday, 29 May 2024 by Ayman Hamam

Cybersecurity researchers have discovered a critical security flaw in artificial intelligence (AI)-)-as-a-service provider Replicate that could have allowed threat actors to gain access to proprietary AI models and sensitive information. “Exploitation of this vulnerability would have allowed unauthorized access to the AI prompts and results of all Replicate’s platform customers,” cloud security firm Wiz said in a report

Published in News

Tagged under: AI security, AI-as-a-service, Arab Security Consultants, ASC, cross-tenant attacks, Cyber Security News, cyberSecurity, Hacker News, proprietary AI models, remote code execution, Replicate vulnerability, sensitive information

Hackers Using Cracked Software on GitHub to Spread RisePro Info Stealer

Monday, 18 March 2024 by Ayman Hamam

Cybersecurity researchers have found several GitHub repositories offering cracked software that is used to deliver an information stealer called RisePro. The campaign, codenamed gitgub, includes 17 repositories associated with 11 different accounts, according to G DATA. The repositories in question have since been taken down by the Microsoft-owned subsidiary. “The repositories look similar, featuring a README.md

Published in News

Microsoft Confirms Russian Hackers Stole Source Code, Some Customer Secrets

Monday, 11 March 2024 by Ayman Hamam

Microsoft on Friday revealed that the Kremlin-backed threat actor known as Midnight Blizzard (aka APT29 or Cozy Bear) managed to gain access to some of its source code repositories and internal systems following a hack that came to light in January 2024. “In recent weeks, we have seen evidence that Midnight Blizzard is using information initially exfiltrated from our

Published in News

Tagged under: APT29, breach, Cozy Bear, cyberattack, cyberSecurity, Microsoft, Midnight Blizzard, nation-state threat, Russia, source code

U.S. Court Orders NSO Group to Hand Over Pegasus Spyware Code to WhatsApp

Monday, 04 March 2024 by Ayman Hamam

A U.S. judge has ordered NSO Group to hand over its source code for Pegasus and other products to Meta as part of the social media giant’s ongoing litigation against the Israeli spyware vendor. The decision marks a major legal victory for Meta, which filed the lawsuit in October 2019 for using its infrastructure to distribute the spyware to approximately 1,400 mobile

Published in News

Tagged under: ArabSecurityConsultants, ASC, consumer rights., cyberSecurity, CyberSecuritynews, digital rights, GDPR, infrastructure, litigation, Meta, NSO Group, Pegasus, Predator, privacy, privacy fee, spyware, subscription model, surveillance

Tag: cyberSecurity