Tag Archive for: israeli

Israeli Cybersecurity Firm Pentera Launches Cyber Research Arm

/in


Automated security validation firm Pentera, announced last week the launch of its new research arm Pentera Labs to actively monitor threat intelligence feeds, pinpoint new critical vulnerabilities, and the latest adversarial attack strategies. 

Pentera Labs serves as the research powerhouse behind Pentera’s automated security validation platform.

The company has also made its recent publications regarding newest cyber attack tactics available to any cybersecurity firm looking to improve their identification and analysis capabilities. Pentera’s findings are made accessible via its security platform to which subscribers can learn from and update their cyber security protocols accordingly.   

Pentera Labs went on to submit new attack techniques to the MITRE ATT&CK framework, and subsequently became an official contributor to the globally-accessible knowledge base of adversary tactics and techniques.

Founded in 2015, Pentera runs a network penetration testing platform engineered to analyze and reduce cybersecurity risk to corporate enterprises around the world in multiple geographic markets. The automated platform is operated remotely in both the cloud and on company premises to detect, assess, and apply remediation efforts on breachable vulnerabilities. In fact, Pentera Labs recently identified and publicly disclosed two zero-day vulnerabilities in VMWare vCenter, quite possibly exposing more than 500,000 organizations worldwide. 

“Every day, Pentera Labs’ research team steps into an adversary’s mindset to safely probe the security controls protecting top enterprises,” said Alex Spivakovsky, VP of Research at Pentera Labs. “Pentera Labs’ findings are fueling the engine that powers the Pentera platform with research-based threat intelligence, providing our customers with the latest information on real-world vulnerabilities and attack techniques. By sharing Pentera Labs’ research with the greater security community, we are proud to be helping security practitioners all around the globe efficiently detect and remediate threats and security gaps before they are exploited.”

Source…

Hamas Hackers Posing as Women to Con Snr Israeli Officials into Installing Malware

/in


A Middle Eastern hacking group supposedly connected to Hamas uses malware to steal sensitive data from Windows and Android devices of high-ranking Israeli officials.

Sophisticated Catfish Campaign Targeting Israeli Officials

Cybereason’s Nocturnus researcher team has reported a new malware campaign where Israeli government officials are targeted with catfishing lures. Apparently, the Hamas-linked Advanced Persistent Threat group/APT-C-23 is engaged in a sophisticated catfishing campaign specifically targeting high-ranking Israeli officials. The group is also known as Arid Viper, Desert Falcon, and FrozenCell.

Hamas Hackers Posing as Women to Con Snr Israeli Officials into Installing Malware
One of the fake Facebook profiles used by hackers to trick Israeli government officials (Image credit: Cybereason)

Israeli Officials Keep Getting Catfished

It is worth noting that APT-C-23 has a history of successfully catfishing Israeli military and government officials. The group’s campaign goes all the way back to 2015 when Trend Micro revealed that “Arid Viper” successfully targeted Israeli officials with ‘Porn Star Video’ malware.

In 2015 again, an independent security research firm, Blue Coat Systems Inc. (Blue Coat), confirmed that “Desert Falcons” successfully carried out a four-month spying campaign after breaching Israeli military servers. In their campaign, the group also used sensual photos of IDF’s women division to lure officials.

In 2017, Israeli authorities acknowledged that Hamas hacked dozens of IDF soldiers’ phones using seductive female images. In their campaign, hackers posted seductive pictures of young Israeli women on social media to attract IDF soldiers and successfully obtained classified information in return.

In 2018, the Times of Israel reported that the smartphones of hundreds of IDF soldiers were compromised by Hamas. According to the newspaper, IDF blamed Palestinian hackers for spying on its soldiers with spyware-infected World Cup and dating apps and using photos of attractive women.

In January 2020, Hamas hackers managed to lure more Israeli soldiers into falling prey to their Honey Trap operation in which several hundred Israeli soldiers got their smartphones infected with malware….

Source…

Google buys Israeli security startup Siemplify for US$500 million: Report

/in


Alphabet-owned Google said on Tuesday its cloud division had acquired Israeli cybersecurity startup Siemplify, as the US tech giant expands its security offerings amid rising cyber attacks.

Financial details of the deal were not disclosed by the companies, but a source familiar with the matter said Google paid about US$500 million in cash for Siemplify.

The deal came after Google made a pledge to US President Joe Biden last August to invest US$10 billion in cybersecurity over the next five years, amid a significant rise in cyber attacks and data breaches.

Siemplify, led by co-founder and chief executive Amos Stern, provides security orchestration, automation and response solutions. It has raised US$58 million from investors including G20 Ventures and 83North.

With a partnership with Google Cloud, Siemplify attracted the buyer’s interest as it was in the process of raising a new round of private capital, the source added.

Since the pandemic started in 2020, Google’s revenue from the cloud business has nearly doubled to around US$5 billion as companies shifted to working from home. The need to protect and hedge against security threats has shot up in tandem, with big corporates also beefing up on cybersecurity products.

Google said Siemplify’s platform would be integrated into its cloud and serve as the foundation for the capabilities it will invest in.

The buyout, Google’s first Israeli cybersecurity firm deal, will help the tech giant take advantage of the Middle Eastern nation’s deep pool of cybersecurity talent.

Guggenheim Securities advised Siemplify on the transaction.

Source…

Apple Sues Israeli Spyware Maker NSO Group

/in


An opening for Apple’s lawsuit emerged in March, after NSO’s Pegasus spyware was discovered on the iPhone of a Saudi activist. Citizen Lab discovered that NSO’s Pegasus spyware had infected the iPhone without so much as a click. The spyware could invisibly infect iPhones, Mac computers and Apple Watches, then siphon their data back to government servers, without the target knowing about it.

Citizen Lab called the zero-click infection scheme “Forced Entry” and passed a sample of it to Apple in September. The discovery compelled Apple to issue emergency software updates for its iPhones, iPads, Apple Watches and Mac computers.

The sample of Pegasus gave Apple a forensic understanding of how Pegasus worked. The company found that NSO’s engineers had created more than 100 fake Apple IDs to carry out their attacks. In the process of creating those accounts, NSO’s engineers would have had to agree to Apple’s iCloud Terms and Conditions, which expressly require that iCloud users’ engagement with Apple “be governed by the laws of the state of California.”

The clause helped Apple bring its lawsuit against NSO in the Northern District of California.

“This was in flagrant violation of our terms of service and our customers’ privacy,” said Heather Grenier, Apple’s senior director of commercial litigation. “This is our stake in the ground, to send a clear signal that we are not going to allow this type of abuse of our users.”

After filing its lawsuit Tuesday, Apple said it would offer free technical, threat intelligence and engineering assistance to Citizen Lab and other organizations engaged in rooting out digital surveillance. Apple also said it would donate $10 million, and any damages, to those organizations.

Digital rights experts said Apple’s suit threatened NSO’s survival. “NSO is now poison,” said Ron Deibert, director of Citizen Lab. “No one in their right mind will want to touch that company. But it’s not just one company, this is an industrywide problem.”

He added that the suit could be a step toward more oversight of the unregulated spyware industry.

“Steps like this are useful, but incomplete,” Mr. Deibert said. “We need more action by…

Source…