cyberSecurity Archives - Arab Security Consultants

Researchers Uncover OS Downgrade Vulnerability Targeting Microsoft Windows Kernel

Monday, 28 October 2024 by Ayman Hamam

A new attack technique could be used to bypass Microsoft’s Driver Signature Enforcement (DSE) on fully patched Windows systems, leading to operating system (OS) downgrade attacks. “This bypass allows loading unsigned kernel drivers, enabling attackers to deploy custom rootkits that can neutralize security controls, hide processes and network activity, maintain stealth, and much more,” SafeBreach

Published in News

Tagged under: ASC, Code Integrity, CVE-2024-21302, CVE-2024-38202, cyberSecurity, CYbersecurityCOnsultant, Driver Signature Enforcement, DSE Bypass, Kernel-Level Attack, Microsoft, OS Downgrade, Patch Tuesday, privilege escalation, Rootkit, UEFI Lock, VBS, Windows Security, Windows Update

Cybercriminals Exploit CrowdStrike Update Mishap to Distribute Remcos RAT Malware

Sunday, 21 July 2024 by Ayman Hamam

Cybersecurity firm CrowdStrike, which is facing the heat for causing worldwide IT disruptions by pushing out a flawed update to Windows devices, is now warning that threat actors are exploiting the situation to distribute Remcos RAT to its customers in Latin America under the guise of a providing a hotfix. The attack chains involve distributing a ZIP

Published in News

Tagged under: CrowdStrike, cyberSecurity, IT disruption, Latin America, Malware, mitigation, official support, Remcos RAT, threat actors, Windows devices.

Singapore Banks to Phase Out OTPs for Online Logins Within 3 Months

Wednesday, 17 July 2024 by Ayman Hamam

Retail banking institutions in Singapore have three months to phase out the use of one-time passwords (OTPs) for authentication purposes when signing into online accounts to mitigate the risk of phishing attacks. The decision was announced by the Monetary Authority of Singapore (MAS) and The Association of Banks in Singapore (ABS) on July 9, 2024.

Published in Uncategorized

Tagged under: Arab Security Consultants, ASC, Authentication, cyberSecurity, DigitalTokens, FinancialFraudPrevention, OnlineBankingSecurity, PhishingPrevention, SingaporeBanking

AI Company Hugging Face Detects Unauthorized Access to Its Spaces Platform

Monday, 03 June 2024 by Ayman Hamam

Artificial Intelligence (AI) company Hugging Face on Friday disclosed that it detected unauthorized access to its Spaces platform earlier this week. “We have suspicions that a subset of Spaces’ secrets could have been accessed without authorization,” it said in an advisory. Spaces offers a way for users to create, host, and share AI and machine learning (ML) applications. It also

Published in News

Tagged under: AI app secrets, AI security breach, AIaaS providers, Arab Security Consultants, ASC, cyberSecurity, data protection, Hugging Face, security advisory, Spaces platform, token refresh, unauthorized access.

Experts Find Flaw in Replicate AI Service Exposing Customers’ Models and Data

Wednesday, 29 May 2024 by Ayman Hamam

Cybersecurity researchers have discovered a critical security flaw in artificial intelligence (AI)-)-as-a-service provider Replicate that could have allowed threat actors to gain access to proprietary AI models and sensitive information. “Exploitation of this vulnerability would have allowed unauthorized access to the AI prompts and results of all Replicate’s platform customers,” cloud security firm Wiz said in a report

Published in News

Tagged under: AI security, AI-as-a-service, Arab Security Consultants, ASC, cross-tenant attacks, Cyber Security News, cyberSecurity, Hacker News, proprietary AI models, remote code execution, Replicate vulnerability, sensitive information

Hackers Using Cracked Software on GitHub to Spread RisePro Info Stealer

Monday, 18 March 2024 by Ayman Hamam

Cybersecurity researchers have found several GitHub repositories offering cracked software that is used to deliver an information stealer called RisePro. The campaign, codenamed gitgub, includes 17 repositories associated with 11 different accounts, according to G DATA. The repositories in question have since been taken down by the Microsoft-owned subsidiary. “The repositories look similar, featuring a README.md

Published in News

Microsoft Confirms Russian Hackers Stole Source Code, Some Customer Secrets

Monday, 11 March 2024 by Ayman Hamam

Microsoft on Friday revealed that the Kremlin-backed threat actor known as Midnight Blizzard (aka APT29 or Cozy Bear) managed to gain access to some of its source code repositories and internal systems following a hack that came to light in January 2024. “In recent weeks, we have seen evidence that Midnight Blizzard is using information initially exfiltrated from our

Published in News

Tagged under: APT29, breach, Cozy Bear, cyberattack, cyberSecurity, Microsoft, Midnight Blizzard, nation-state threat, Russia, source code

U.S. Court Orders NSO Group to Hand Over Pegasus Spyware Code to WhatsApp

Monday, 04 March 2024 by Ayman Hamam

A U.S. judge has ordered NSO Group to hand over its source code for Pegasus and other products to Meta as part of the social media giant’s ongoing litigation against the Israeli spyware vendor. The decision marks a major legal victory for Meta, which filed the lawsuit in October 2019 for using its infrastructure to distribute the spyware to approximately 1,400 mobile

Published in News

Tagged under: ArabSecurityConsultants, ASC, consumer rights., cyberSecurity, CyberSecuritynews, digital rights, GDPR, infrastructure, litigation, Meta, NSO Group, Pegasus, Predator, privacy, privacy fee, spyware, subscription model, surveillance

Microsoft Expands Free Logging Capabilities for all U.S. Federal Agencies

Sunday, 25 February 2024 by Ayman Hamam

Microsoft has expanded free logging capabilities to all U.S. federal agencies using Microsoft Purview Audit irrespective of the license tier, more than six months after a China-linked cyber espionage campaign targeting two dozen organizations came to light. “Microsoft will automatically enable the logs in customer accounts and increase the default log retention period from 90

Published in News

Tagged under: Arab Security Consultants, ASC, Azure Active Directory, China-linked, Cyber espionage, Cyber Security, cyberSecurity, Data breach, logging capabilities, Microsoft 365, Microsoft Purview Audit, state-sponsored actors., Storm-0558, U.S. federal agencies

FBI’s Most-Wanted Zeus and IcedID Malware Mastermind Pleads Guilty

Monday, 19 February 2024 by Ayman Hamam

A Ukrainian national has pleaded guilty in the U.S. to his role in two different malware schemes, Zeus and IcedID, between May 2009 and February 2021. Vyacheslav Igorevich Penchukov (aka Vyacheslav Igoravich Andreev, father, and tank), 37, was arrested by Swiss authorities in October 2022 and extradited to the U.S. last year. He was added to the

Published in News

Tagged under: Cybercrime, cyberSecurity, FBI, fraud., IcedID, Malware, money laundering, Raccoon, Ukrainian national, Zeus

Tag: cyberSecurity