Tag Archive for: east

Credence Security Signs Partnership Agreement with Infosec Ventures to Deliver Human-Centric Security Solutions to the Middle East

/in


Regional Value-added Distributor, Credence Security will drive the reach and engagement for Infosec Ventures’ HumanFireWall solutions and support the vendor’s regional growth

DUBAI, UAE, Aug. 24, 2021 /PRNewswire/ — Credence Security, a leading regional specialized value-added distributor for cybersecurity, forensics, governance, risk and compliance solutions, today announced that it has signed a partnership agreement with Infosec Ventures’ HumanFirewall, a leader in human cyber risk mitigation and management.

Photo Caption: (L) Garreth Scott, Managing Director, Credence Security and Ankush Johar, Director, Infosec Ventures and Marie Ah-Choon, Channel Executive, Credence Security and Moe Bux, Sales Director, Credence Security (R) (PRNewsfoto/Credence Security)

Photo Caption: (L) Garreth Scott, Managing Director, Credence Security and Ankush Johar, Director, Infosec Ventures and Marie Ah-Choon, Channel Executive, Credence Security and Moe Bux, Sales Director, Credence Security (R) (PRNewsfoto/Credence Security)

Under the agreement, Credence Security will be responsible for promoting and delivering Infosec Ventures’ HumanFirewall® platform across its robust channel network in the Middle East. Infosec Ventures’ offerings are available entirely on-premises or in a local cloud, in line with compliance and data sovereignty regulations, specifically for mission critical organizations in the government as well as large enterprises.

Hackers are increasingly preying on the human element of cybersecurity, as a primary attack vector. According to the Verizon 2021 Data Breach & Incident Report (DBIR), over 85% of data breaches involved human error. In the Middle East, a 2020 study by the Ponemon Institute and IBM Security, revealed that the average cost of a data breach per company in the region is $6.53 million, which is higher than the global average of $3.86 million per incident. The report also identified human error among the most common root causes of data breaches in the UAE and Saudi Arabia. Additionally, similar industry studies have indicated that more than 90% of successful cyber-attacks begin with an email. These figures highlight a significant need for solutions that will not only safeguard business-critical systems but will also transform employees into an organization’s best cybersecurity asset.

HumanFirewall® transforms employees from an organization’s weakest link into their strongest line of defence. It is a world-first…

Source…

From the Middle East to China, Pegasus spyware revelations show the spread of hacking as a service

/in



The line that separates cyber defence from cyber mercenaries is easily blurred, and China presents a challenge for regulating private espionage.

Source…

‘Cyberattack’ hits Iran transport ministry and railway – Middle East Monitor

/in


The website of Iran’s transport ministry was taken down on Saturday by what state television said was a “cyber disruption”, a day after an apparent cyberattack on the state railway company, reported Reuters.

Computer systems of the staff of the Ministry of Roads and Urban Development were the subject of the attack which resulted in the ministry’s portal and sub-portal sites becoming unavailable, the TV channel reported.

It didn’t give any indication of who it believed could have been behind the attack and did not say if any ransom demand had been made.

Train services had been disrupted on Friday, with hackers posting fake delay notices on station boards, state-affiliated news outlets reported. The government-run railway company said only the displays had been affected and that trains ran normally.

Opinion: Middle East nuclear proliferation may be on the way, but the immediate threat is cyberwarfare

Telecommunications Minister Mohammad Javad Azari-Jahromi warned on Saturday of possible ransomware attacks unless vulnerabilities in computer systems were dealt with, Iranian news outlets reported.

In late 2020, Iran said hackers launched large-scale attacks on two of its government institutions, without giving details on the targets or the suspected perpetrators.

Iran says it is on high alert for online assaults, which it has blamed in the past on the United States and Israel. The United States and other Western powers meanwhile have accused Iran of trying to disrupt and break into their networks.

Israel general: Destroying Iran nuclear program harder than destroying Iraq’s, Syria’s

Source…

This new hacking group has a nasty surprise for African, Middle East diplomats

/in


A recently-discovered advanced persistent threat (APT) group is targeting diplomats across Africa and the Middle East. 



map

© ZDNet


Revealed on Thursday by ESET researchers, the state-sponsored group, dubbed BackdoorDiplomacy, has been linked to successful attacks against Ministries of Foreign Affairs in numerous African countries, the Middle East, Europe, and Asia — alongside a smaller subset of telecommunications firms in Africa and at least one charity outfit in the Middle East.

Loading...

Load Error

BackdoorDiplomacy is thought to have been in operation since at least 2017. The cross-platform group targets both Linux and Windows systems and seems to prefer to exploit internet-facing, vulnerable devices as an initial attack vector. 

If web servers or network management interfaces are found which have weak points, such as software vulnerabilities or poor file-upload security, the APT will strike. In one case observed by ESET, an F5 bug — CVE-2020-5902 — was used to deploy a Linux backdoor, whereas, in another, BackdoorDiplomacy adopted Microsoft Exchange server bugs to deploy China Chopper, a webshell. 

Once they have obtained entry, the threat actors will scan the device for the purposes of lateral movement; install a custom backdoor, and deploy a range of tools to conduct surveillance and data theft. 

The backdoor, dubbed Turian, is thought to be based on the Quarian backdoor — malware linked to attacks used against diplomatic targets in Syria and the US back in 2013.

The main implant is capable of harvesting and exfiltrating system data, taking screenshots, and also overwriting, moving/deleting, or stealing files. 

Among the tools used is network tunnel software EarthWorm; Mimikatz, NetCat, and software developed by the US National Security Agency (NSA) and dumped by ShadowBrokers, such as EternalBlue, DoublePulsar, and EternalRocks. 

VMProtect was used in most cases to try and obfuscate the group’s activities. 

Diplomats may have to deal with sensitive information handed over through removable drives and storage. To widen the scope of its cyberespionage activities, BackdoorDiplomacy will scan for flash drives and will attempt to copy all files…

Source…