Cyjax analysts have analysed a long-running AgentTesla infostealer campaign targeting Dubai and the United Arab Emirates (UAE). The campaign began in at least January 2021 and the samples we gathered continued, almost daily, until May 2021. We have also seen new samples compiled in October 2021. Unlike most AgentTesla campaigns, the targeting focused heavily on …
Persistent AgentTesla campaign targeting the UAE Read More »
Introduction It is imperative to understand the threats and vulnerabilities facing one’s organisation to mitigate the associated risk of a cyberattack. We are regularly asked to define the biggest cybersecurity challenges. Inevitably, they are the same: vulnerability management to reduce the attack surface; phishing attacks (which still account for over 90% of initial compromise and …
Attacks and cybersecurity news A new vulnerability, dubbed BootHole, has recently been discovered in the GRUB2 bootloader. It impacts most Linux systems worldwide. Successful exploitation can lead to arbitrary code execution during the boot process, even when Secure Boot is enabled. This issue impacts every system using Secure Boot because almost all signed versions of …
Geopolitical and Cybersecurity Weekly – 3 August 2020 Read More »
Until recently, the Gulf Cooperation Council (GCC) remained a strong bloc of the six Gulf nations of Bahrain, Kuwait, Oman, Qatar, Saudi Arabia, and the United Arab Emirates (UAE). Since its inception in 1981, it has been regarded as the only effective political and economic alliance in the Arab world. However, on 5 June 2017, …
COVID-19 Cybersecurity Update Citizens Advice in the UK has warned users not to fall for a new scam campaign that is sending fake messages purportedly from the UK government. The messages can come in the form of calls, text messages, or emails in relation to the new NHS test and trace service. Citizens Advice has …
Geopolitical and Cybersecurity Weekly – 22 June 2020 Read More »
COVID-19 Cybersecurity Update The FBI has reported on the most common types of fraud during the pandemic. The Internet Crime Complaint Center (IC3) received nearly as many complaints in the first half of 2020 (about 320,000) as in the entirety of 2019 (about 400,000). Criminals continue to peddle counterfeit personal protective equipment (PPE) and fraudulent …
Geopolitical and Cybersecurity Weekly – 15 June 2020 Read More »
COVID-19 Cybersecurity Update COVID-19 continues to dominate the cybersecurity landscape with several national security bodies releasing warnings about scams and malicious operations using the pandemic as a lure. US-CERT, CISA, and the UK NCSC issued a joint security advisory outlining an increase in COVID-19-related themes in SMiShing, phishing for credential theft, and malware delivery. The …
