middle east – Page 5 – WindowsTechs.com

A persistent group of hackers has been hitting Saudi IT providers, Symantec says

Posted on September 18, 2019 by Sean Lyngaas

Over the last 14 months, a determined group of hackers has breached IT companies in Saudi Arabia in a likely attempt to gain access to their customers, security researchers said Wednesday. The group, dubbed Tortoiseshell, has struck at least 11 organizations, most of them in Saudi Arabia, since July 2018 and was active as recently as July 2019, according to cybersecurity company Symantec. Targeting Saudi IT providers and collecting data on their networks makes perfect sense for anyone looking for persistent access to those suppliers’ clients. Symantec did not speculate on which organizations the attackers have been targeting further upstream in the supply chain. Nor would the researchers describe the nature of the IT services the hacked organizations provide. Jon DiMaggio, senior threat intelligence analyst for Symantec Security Response, said the IT providers have a “large presence in Saudi Arabia” and have lots of customers. The IT providers “have that trust relationship with these customers,” DiMaggio told CyberScoop. […]

The post A persistent group of hackers has been hitting Saudi IT providers, Symantec says appeared first on CyberScoop.

Continue reading A persistent group of hackers has been hitting Saudi IT providers, Symantec says→

Latest Facebook shutdown involves hundreds of accounts misleading users in Ukraine, Iraq

Posted on September 17, 2019 by Jeff Stone

Facebook announced on Monday its taken hundreds of accounts, pages and groups offline upon determining they were engaged in separate information operations with roots in Iraq and Ukraine. The company caught 244 accounts, 269 pages, 80 groups and seven Instagram pages that were used to mislead legitimate Facebook users about their behavior, Nathaniel Gleicher, Facebook’s head of cybersecurity policy, said in a blog post. Facebook has for months publicized its account removals, in which the social media giant scrubs pages deemed to be violating Facebook policy, typically by lying about their true location or account owner. The company’s general term for the offenses is “coordinated inauthentic behavior.” Gleicher repeatedly has stressed that Facebook takes these actions based on apparent user behavior, not the content posted. In this case, Facebook removed 168 accounts, 149 pages and 79 groups for activity focused on Ukraine. People involved in this operation used fake identities […]

The post Latest Facebook shutdown involves hundreds of accounts misleading users in Ukraine, Iraq appeared first on CyberScoop.

Continue reading Latest Facebook shutdown involves hundreds of accounts misleading users in Ukraine, Iraq→

Stealth Falcon Targets Middle East with Windows BITS Feature

Posted on September 9, 2019 by Tom Spring

Cyberespionage attackers have ditched their PowerShell backdoor in favor of the Windows BITS ‘notification’ feature. Continue reading Stealth Falcon Targets Middle East with Windows BITS Feature→

New Malware Uses Windows BITS Service to Stealthy Exfiltrate Data

Posted on September 9, 2019 by Unknown

Cybersecurity researchers have discovered a new computer virus associated with the Stealth Falcon state-sponsored cyber espionage group that abuses a built-in component of the Microsoft Windows operating system to stealthily exfiltrate stolen data to a… Continue reading New Malware Uses Windows BITS Service to Stealthy Exfiltrate Data→

Oil and Gas Firms Targeted By New LYCEUM Threat Group

Posted on August 27, 2019 by Lindsey O'Donnell

A new threat group has been discovered targeting Middle Eastern critical infrastructure firms with spearphishing emails laced with malware. Continue reading Oil and Gas Firms Targeted By New LYCEUM Threat Group→

Extortion and alleged ISIS threats: A Saudi embassy learned the hard way about email security

Posted on August 8, 2019 by Shannon Vavra

When Saudi Arabia contacted security researcher Chris Kubecka to investigate an apparent intrusion into its Dutch embassy’s secured email accounts, she knew it was not going to be a simple case. Local laws in the Hague did not apply, since the embassy is considered Saudi soil. And it only got more complicated after Kubecka got to work: Once the email account was secured, the attacker — who claimed ISIS affiliation — left a trail suggesting an insider was responsible and then threatened to kill hundreds of innocent people if certain demands weren’t met. The escalations sent Kubecka, the Saudis, the Dutch and dozens of other diplomats scrambling on an international whodunnit — a hacking case that emphasized the high-stakes challenges and troublesome gray areas that come with securing diplomatic communications. The particular account that was compromised — the Saudi ambassador’s secretary’s email — was on its secure embassy system, according to Kubecka, whom the Saudi government brought in […]

The post Extortion and alleged ISIS threats: A Saudi embassy learned the hard way about email security appeared first on CyberScoop.

Continue reading Extortion and alleged ISIS threats: A Saudi embassy learned the hard way about email security→

Facebook shuts down ‘coordinated inauthentic behavior’ from Egypt, Saudi Arabia, UAE

Posted on August 1, 2019 by Sean Lyngaas

In the latest sign that fake accounts remain a popular tool for amplifying political messages on Facebook, the social media company says it has disrupted information campaigns emanating from Egypt, Saudi Arabia, and the United Arab Emirates. The hundreds of disabled accounts, groups and pages were involved in two unrelated operations, one originating in Egypt and the UAE, and the other in Saudi Arabia. The campaigns — which Facebook labeled as “coordinated inauthentic behavior” also included accounts on Instagram, which Facebook owns. Both campaigns used phony pages to post news in support of a political agenda, and both focused on countries in the Middle East and North Africa, Facebook said. The company linked the latter campaign, which supported Saudi Crown Prince Mohammad bin Salman, to the Saudi government. “We’re taking down these pages, groups and accounts based on their behavior, not the content they posted,” Nathaniel Gleicher, Facebook’s head of cybersecurity policy, wrote […]

The post Facebook shuts down ‘coordinated inauthentic behavior’ from Egypt, Saudi Arabia, UAE appeared first on CyberScoop.

Continue reading Facebook shuts down ‘coordinated inauthentic behavior’ from Egypt, Saudi Arabia, UAE→

Everything You Need to Know About Azure Infrastructure – June 2019

Posted on July 1, 2019 by Aidan Finn

Each month Microsoft adds new features and updates existing products for Azure, here’s the updates you need to know about for June.

The post Everything You Need to Know About Azure Infrastructure – June 2019 appeared first on Petri.

Continue reading Everything You Need to Know About Azure Infrastructure – June 2019→

ViceLeaker Android malware steals call recordings, photos, videos & texts

Posted on June 27, 2019 by Waqas

By Waqas
Israeli Citizens are the Primary Target of New Android Mobile Spying Campaign Using ViceLeaker Malware, says Kaspersky. Kaspersky Lab researchers discovered an Android malware campaign active since 2016 and still going strong. Dubbed ViceLeake… Continue reading ViceLeaker Android malware steals call recordings, photos, videos & texts→

Spies targeting Saudi Arabia switched tactics after Symantec exposed them, report says

Posted on June 26, 2019 by Jeff Stone

A cyber-espionage group widely believed to be carrying out attacks on behalf of the Iranian government resorted to new hacking tools after its malicious activity was unveiled earlier this year, according to research scheduled to be published Wednesday. The threat intelligence company Recorded Future determined the hacking group APT33 or “a closely aligned threat actor” has used more than 1,200 web domains to conduct cyberattacks since March 28. That’s the date researchers from Symantec released findings exposing an APT33 operation that targeted 50 organizations in Saudi Arabia and the United States. But Recorded Future also found that in the months since, APT33 apparently has resorted to new remote access trojans, which is yet another indication that suspected Iranian hackers are ramping up their activity amid ongoing international tension. “Our research found that APT33 or a closely aligned threat actor continues to conduct and prepare for widespread cyber-espionage activity … with a […]

The post Spies targeting Saudi Arabia switched tactics after Symantec exposed them, report says appeared first on CyberScoop.

Continue reading Spies targeting Saudi Arabia switched tactics after Symantec exposed them, report says→