Mideast, Turkey Cyber Threats Spike, Prompting Defense Changes

October 8, 2024 at 02:02AM The Middle East and Turkey face increasing cyberattacks, with over 10 incidents per year on average. Cloudflare’s survey reveals that less than half of organizations feel adequately prepared for future attacks, driving efforts to modernize cyber defenses. Despite investments, concerns remain about the security of applications, data, and supply chains. … Read more

Iranian APT UNC1860 Linked to MOIS Facilitates Cyber Intrusions in Middle East

September 20, 2024 at 06:45AM Mandiant is tracking Iranian APT threat actor UNC1860, linked to MOIS, which facilitates remote network access. UNC1860, known for sophisticated tools and prior destructive attacks, is associated with APT34 and implicated in cyber operations targeting U.S. elections. Iran’s increasing cyber activities coincide with heightened regional involvement. CISA warned of Iranian … Read more

As Geopolitical Tensions Mount, Iran’s Cyber Operations Grow

September 18, 2024 at 02:25AM Iran continues to escalate cyber operations by utilizing APT34, also known as Hazel Sandstorm, to target government ministries in Iraq and neighboring nations. The cyberespionage group aims to gather intelligence through email tunneling and malware programs. Analysts believe the primary objective is espionage, reflecting the evolving geopolitical landscape in the … Read more

New Malware Masquerades as Palo Alto VPN Targeting Middle East Users

August 30, 2024 at 06:48AM Cybersecurity researchers have uncovered a new malware campaign targeting users in the Middle East by posing as Palo Alto Networks GlobalProtect VPN tool. The malware can execute remote PowerShell commands, exfiltrate files, and bypass sandbox solutions, representing a significant threat. It employs evasion techniques and sets up connections to a … Read more

Fake Palo Alto GlobalProtect used as lure to backdoor enterprises

August 29, 2024 at 02:30PM Middle Eastern organizations are being targeted by threat actors using malware disguised as the legitimate Palo Alto GlobalProtect Tool. This malware can steal data and execute remote PowerShell commands to infiltrate internal networks. Based on the meeting notes, the main takeaway is that threat actors are targeting Middle Eastern organizations … Read more

Threat Actors Target the Middle East Using Fake Palo Alto GlobalProtect Tool

August 29, 2024 at 05:07AM Summary: Threat actors are targeting users in the Middle East with sophisticated malware, posing as the Palo Alto GlobalProtect Tool. The malware utilizes a two-stage infection process and advanced evasion techniques, including masquerading as a legitimate VPN portal. Its capabilities include remote PowerShell commands, file exfiltration, and sandbox evasion. Recommendations … Read more

White House urged to double check Microsoft isn’t funneling AI to China via G42 deal

July 12, 2024 at 04:24PM House committee chairs are urging the White House to investigate the deal between G42 and Microsoft, expressing concerns about the risk of advanced AI technology reaching China. They highlight potential national security implications and call for safeguards to protect US-origin goods and technology. Both Microsoft and G42 have defended their … Read more

Microsoft’s Partnership With Middle East AI Firm Under Scrutiny

July 11, 2024 at 02:03AM The much-touted Microsoft-Group 42 deal in the Middle East/Africa faces uncertainty due to geopolitical concerns and US apprehensions about Group 42’s ties with China. Group 42 asserts it has severed military/intelligence links with China. The US challenges China/Russia’s influence in the region, but navigating security concerns complicates expansion for tech … Read more

Houthi-Aligned APT Targets Mideast Militaries With ‘GuardZoo’ Spyware

July 10, 2024 at 01:16AM A threat actor linked to Houthi rebels in Yemen has been using a custom Android surveillanceware called “GuardZoo” to spy on military targets in the Middle East for five years. The malware is distributed through fake apps on WhatsApp and WhatsApp Business and has targeted military-related organizations. The majority of … Read more

Inside Operation Diplomatic Specter: Chinese APT Group’s Stealthy Tactics Exposed

May 23, 2024 at 07:36AM Chinese APT group targets governmental entities in the Middle East, Africa, and Asia in cyber espionage campaign dubbed Operation Diplomatic Specter since late 2022. Palo Alto Networks researchers found long-term espionage operations and rare email exfiltration techniques. The attacks include diplomatic and economic missions, embassies, military operations, political meetings, and … Read more