middle east – Page 7 – WindowsTechs.com

DarkHydrus Phishery tool spreading malware using Google Drive

Posted on January 22, 2019 by Waqas

By Waqas
DarkHydrus is back in action with a new variant of RogueRobin malware to target Middle Eastern Politicians by abusing Google Drive. The primary focus of cybercriminals nowadays is to use the infrastructure of genuine services in their attacks … Continue reading DarkHydrus Phishery tool spreading malware using Google Drive→

Middle East group goes on hacking spree against telecoms, embassies and more

Posted on December 10, 2018 by Sean Lyngaas

A group likely operating out of the Middle East has compromised 131 victims in 30 organizations since September, including telecommunications firms, a Russian oil and gas company and unidentified government embassies, new research shows. The hackers have hit organizations in Pakistan, Russia, Saudi Arabia, Turkey, and North America, among other places, in an espionage operation designed to acquire “actionable information” on targets, cybersecurity company Symantec said Monday. After breaching a system, the group runs a password-stealing program with the likely aim of accessing victims’ email and social media accounts, researchers found. The group, dubbed Seedworm by Symantec and MuddyWater by others, gained notoriety earlier this year for threatening to kill security researchers investigating it. That followed a spearphishing campaign from January to March against government and defense organizations in Central and Southwest Asia, which cybersecurity company FireEye documented. While there has been no definitive public attribution of MuddyWater, Ben Read, FireEye’s senior manager […]

The post Middle East group goes on hacking spree against telecoms, embassies and more appeared first on Cyberscoop.

Continue reading Middle East group goes on hacking spree against telecoms, embassies and more→

FruityArmor APT Exploits Yet Another Windows Graphics Kernel Flaw

Posted on October 10, 2018 by Tara Seals

This is the second local privilege-escalation zero-day this APT group has exploited. Continue reading FruityArmor APT Exploits Yet Another Windows Graphics Kernel Flaw→

Symantec reveals state-sponsored group that doesn’t care for malware

Posted on October 10, 2018 by Sean Lyngaas

A newly revealed hacking group has been going after diplomatic and military targets in a malware-less campaign that researchers say makes it difficult to detect. Over the last 10 months, the so-called Gallmaker group has conducted what appear to be cyber-espionage operations against several embassies belonging to an Eastern European country, according to research from cybersecurity company Symantec published Wednesday. The group, which researchers say is likely state-sponsored, has also targeted military and defense organizations in the Middle East. “The type of targets seen in the attacks really fit that of what an espionage group would be interested in,” Jon DiMaggio, senior threat intelligence analyst at Symantec, told CyberScoop. “If simply for financial gain, it would be odd to restrict targets to diplomatic, military and defense personnel.” Gallmaker’s end goal appears to collecting intelligence on its targets in the form of documents and communications, according to DiMaggio. Gallmaker’s hackers use […]

The post Symantec reveals state-sponsored group that doesn’t care for malware appeared first on Cyberscoop.

Continue reading Symantec reveals state-sponsored group that doesn’t care for malware→

OilRig APT Continues Its Ongoing Malware Evolution

Posted on September 13, 2018 by Tara Seals

The Iran-linked APT appears to be in a state of continuous tool development, analogous to the DevOps efforts seen in the legitimate software world. Continue reading OilRig APT Continues Its Ongoing Malware Evolution→

OilRig Sends an OopsIE to Mideast Government Targets

Posted on September 5, 2018 by Tara Seals

The Iran-linked group is using a variant of the data-exfiltration OopsIE trojan to attack a Mideast government entity. Continue reading OilRig Sends an OopsIE to Mideast Government Targets→

Newly uncovered ‘Leafminer’ hacking group hitting wide array of Middle Eastern targets

Posted on July 25, 2018 by Greg Otto

A newly uncovered hacking group has breached a number of critical infrastructure and government organizations in the Middle East with a mixture of publicly available and custom-built tools, according to new research from cybersecurity giant Symantec. Dubbed Leafminer by the company, the group has infiltrated a number of organizations in countries such as Azerbaijan, Israel, Lebanon and Saudi Arabia, with a variety of intrusion techniques. Researchers observed the group using watering hole websites, vulnerability scans and brute-force login attempts for the purposes of data theft. Symantec researchers categorized the group as “highly active,” conducting various operations since early 2017. The group targeted a wide range of sectors, including energy, government, finance and telecommunications. According to Vikram Thakur, Symantec’s technical director, the group was active up until publication of the company’s research. “Their servers are very much still up,” Thakur told CyberScoop. The group is particularly adept at honing its skills based […]

The post Newly uncovered ‘Leafminer’ hacking group hitting wide array of Middle Eastern targets appeared first on Cyberscoop.

Continue reading Newly uncovered ‘Leafminer’ hacking group hitting wide array of Middle Eastern targets→

Flash zero-day shows up in Qatar amid geopolitical struggles

Posted on June 7, 2018 by Chris Bing

A zero-day vulnerability in Adobe Flash was recently used to infect a likely diplomatic target in Qatar with malware, new research from Seattle-based cybersecurity company ICEBRG and Chinese tech firms Qihoo and Tencent shows. Adobe patched the vulnerability Thursday as part of a broader software update in a release that credited Seattle-based cybersecurity firm ICEBRG for alerting them to the flaw. The findings come as Qatar faces significant geopolitical struggles, including a trade blockade established by the United Arab Emirates (UAE), Saudi Arabia, Bahrain and Egypt. Over the last six months, politically-motivated Middle Eastern hacking has popped up numerous times. In late May, Qatar was outed as being connected to a hacking operation against top Republican donor Elliot Brody, an influential critic of the gulf state. Months earlier, Qater blamed UAE for hacking and editing content hosted by the Qatari News Agency (QNA), a government-backed news program. Subsequent reporting tied the QNA hack […]

The post Flash zero-day shows up in Qatar amid geopolitical struggles appeared first on Cyberscoop.

Continue reading Flash zero-day shows up in Qatar amid geopolitical struggles→

Word Attachment Delivers FormBook Malware, No Macros Required

Posted on April 9, 2018 by Tom Spring

A new wave of document attacks targeting inboxes do not require enabling macros in order for adversaries to trigger an infection chain that ultimately delivers FormBook malware. Continue reading Word Attachment Delivers FormBook Malware, No Macros Required→

Microsoft announces its first cloud regions in the Middle East

Posted on March 14, 2018 by Frederic Lardinois

Microsoft today announced its plans for a major expansion of the Microsoft Cloud with the launch of its first cloud regions in the Middle East. These new regions, which are scheduled to go online in 2019, will be located in Abu Dhabi and Dubai and will… Continue reading Microsoft announces its first cloud regions in the Middle East→