Iranian Infy APT Resurfaces with New Malware Activity After Years of Silence

Threat hunters have discerned new activity associated with an Iranian threat actor known as Infy aka Prince of Persia, nearly five years after the hacking group was observed targeting victims in Sweden, the Netherlands, and Turkey. "The scale of Prince of Persia's activity is more significant tha...

GoldenJackal: New Threat Group Targeting Middle Eastern and South Asian Governments

Government and diplomatic entities in the Middle East and South Asia are the target of a new advanced persistent threat actor named GoldenJackal. Russian cybersecurity firm Kaspersky, which has been keeping tabs on the group's activities since mid-2020, characterized the adversary as both capable...

Iranian Hackers Launch Sophisticated Attacks Targeting Israel with PowerLess Backdoor

An Iranian nation-state threat actor has been linked to a new wave of phishing attacks targeting Israel that's designed to deploy an updated version of a Windows backdoor called PowerLess. Cybersecurity firm Check Point is tracking the activity cluster under its mythical creature handle Educated...

Meta Takes Down Fake Facebook and Instagram Accounts Linked to Pro-U.S. Influence Operation

Meta Platforms on Tuesday said it took down a network of accounts and pages across Facebook and Instagram that were operated by people associated with the U.S. military to spread narratives that depicted the country in a favorable light in the Middle East and Central Asia. The network, which...

Experts Uncover Mobile Spyware Attacks Targeting Kurdish Ethnic Group

Cybersecurity researchers on Tuesday released new findings that reveal a year-long mobile espionage campaign against the Kurdish ethnic group to deploy two Android backdoors that masquerade as legitimate apps. Active since at least March 2020, the attacks leveraged as many as six dedicated Facebo...

British Court Rejects U.S. Request to Extradite WikiLeaks' Julian Assange

A British court has rejected the U.S. government's request to extradite Wikileaks founder Julian Assange to the country on charges pertaining to illegally obtaining and sharing classified material related to national security. In a hearing at Westminster Magistrates' Court today, Judge Vanessa...

iraqheritage.org Cross Site Scripting vulnerability

Open Bug Bounty ID: OBB-1164030 Following coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: &nbsp&nbsp&nbsp&nbsp&nbsp&nbspa. verified the vulnerability and confirmed its existence; &nbsp&nbsp&nbsp&nbsp&nbsp&nbspb. notified the website...

MuddyWater APT Hones an Arsenal of Custom Tools

An array of customized attack tools are helping the MuddyWater advanced persistent threat APT group to successfully exfiltrate data from its governmental and telco targets in the Middle East; an analysis of this toolset reveals a moderately sophisticated threat actor at work – with the potential ...

MuddyWater expands operations

Summary MuddyWater is a relatively new APT that surfaced in 2017. It has focused mainly on governmental targets in Iraq and Saudi Arabia, according to past telemetry. However, the group behind MuddyWater has been known to target other countries in the Middle East, Europe and the US. We recently...

landrover-iraq.com XSS vulnerability

Open Bug Bounty ID: OBB-444375 Description| Value ---|--- Affected Website:| landrover-iraq.com Vulnerable Application:| Custom Code Vulnerability Type:| XSS Cross Site Scripting / CWE-79 CVSSv3 Score:| 6.1 CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N Remediation Guide:| OWASP XSS Prevention Chea...

Threat Outbreak Alert RuleID30775: Email Messages Distributing Malicious Software on October 5, 2017

Medium Alert ID: 55519 First Published: 2017 October 5 14:39 GMT Version: 1 Summary Cisco Security has detected significant activity related to spam email messages distributing malicious software. Email messages that are related to this threat RuleID30775 may contain the following files: Name |...

WordPress Backup plugin Ready! Arbitrary File Download Vulnerability

Exploit for php platform in category web applications Exploit Title: WordPress Ready! Backup Arbitrary File Download Vulnerability . Google Dork: inurl:/wp-content/upready/ . Date: 10-09-2014 . Author: Pro Mast3r . Author E-mail : email protected Category: webapps platform: php Vendor:...

Flickr Cross-Site Request Forgery Vulnerability Patched

Yahoo-owned Flickr, one of the biggest online photo management and sharing website in the world was recently impacted by a web application vulnerability, which could allow an attacker to modify users’ profile image. Flickr is one of the most popular photo sharing website with more than 87 million...

Research Shows Increase in Internet Filtering and Usage of FireChat App in Iraq

Researchers at Citizen Lab have taken a close look at the extent of Internet filtering in Iraq, as well as the security of a popular offline chat app used there, and found an increase in the number of services blocked by the government and identified serious privacy and security problems with the...

AJ Auction 1.0 - (id) Remote SQL Injection Vulnerability

No description provided by source. AJ Auction OOPD V.1 SQL Injection Vulnerability ======================================================== Author: Hussin X = = Home : www.tryag.cc/cc = = email: darkangelg85atYahooDoTcom = hussin.xathotmailDoTcom = =...

Hackers and Anti-Government Protests rage across Iraq

Four Iraqi Government websites defaced today by hacker going by name "riSky". Defaced domains include Iraq National Investment Commission website also. Where, Tens of thousands of protesters rallied across Iraq on Friday, charging that Sunni Muslims had been disenfranchised under the Shiite-led...

Al-Qaida sites knocked offline before release of 'Salil al-Sawarim 3' movie

U.S. intelligence sources confirmed that, Official websites of Al-Qaida were knocked offline two weeks back and still down due to DDoS attack. According to source, "This is one of the longest disruptions the organization has experienced since it set up its online distribution system in 2006...

Al Jazeera News network website hacked by Pro-Assad hackers

The official website of one of the biggest Arabic-language news network "Al Jazeera" got hacked just now by Pro-Assad hackers called "Al-Rashedon". If your miss the deface page, please have a look to mirror of it Here. Deface page designed with Dark color as shown in image and have some message i...

Scientific Linux Security Update : tzdata on SL3.x, SL4.x, SL5.x i386/x86_64

The tzdata package contains data files with rules for various time zones around the world. This updated tzdata package addresses the following changes to Daylight Savings Time DST observations : - Cuba is starting DST on March 16 as of 2008 it started DST on March 8 in 2007. - Syria is starting D...

WikiLeaks suspect Bradley Manning nominated for Nobel Peace Prize 2012

WikiLeaks suspect Bradley Manning nominated for Nobel Peace Prize 2012 A spokesman for the Nobel Peace Prize jury says 231 nominations have been submitted for this year's award, with publicly disclosed candidates including WikiLeaks whistle-blower Bradley Manning may be among the hundreds of...