Indian Hack-for-Hire Group Targeted U.S., China, and More for Over 10 Years

An Indian hack-for-hire group targeted the U.S., China, Myanmar, Pakistan, Kuwait, and other countries as part of a wide-ranging espionage, surveillance, and disruptive operation for over a decade. Indian security firm under scrutiny, according to an in-depth analysis from SentinelOne, began as a...

kuwait.mytutorsource.com Cross Site Scripting vulnerability OBB-3764652

Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently hidde...

pm.gov.kw Cross Site Scripting vulnerability OBB-3322728

Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently hidde...

kuwait-fao.net Cross Site Scripting vulnerability OBB-3304077

Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently hidde...

kuwaitjobstoday.com Cross Site Scripting vulnerability OBB-3279050

Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently hidde...

Ransomware and wiper signed with stolen certificates

Introduction On July 17, 2022, Albanian news outlets reported a massive cyberattack that affected Albanian government e-services. A few weeks later, it was revealed that the cyberattacks were part of a coordinated effort likely intended to cripple the countrys computer systems. On September 10,...

Iranian Hackers Utilize ScreenConnect to Spy On UAE, Kuwait Government Agencies

UAE and Kuwait government agencies are targets of a new cyberespionage campaign potentially carried out by Iranian threat actors, according to new research. Attributing the operation to be the work of Static Kitten aka MERCURY or MuddyWater, Anomali said the "objective of this activity is to...

Iranian Hackers Utilize ScreenConnect to Spy On UAE, Kuwait Government Agencies

UAE and Kuwait government agencies are targets of a new cyberespionage campaign potentially carried out by Iranian threat actors, according to new research. Attributing the operation to be the work of Static Kitten aka MERCURY or MuddyWater, Anomali said the "objective of this activity is to...

Microsoft Exchange Attack Exposes New xHunt Backdoors

Two never-before-seen Powershell backdoors have been uncovered, after researchers recently discovered an attack on Microsoft Exchange servers at an organization in Kuwait . The activity is tied back to the known xHunt threat group, which was first discovered in 2018 and has previously launched an...

kuw.or.kr Cross Site Scripting vulnerability OBB-1383083

Following coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: &nbsp&nbsp&nbsp&nbsp&nbsp&nbspa. verified the vulnerability and confirmed its existence; &nbsp&nbsp&nbsp&nbsp&nbsp&nbspb. notified the website operator about its existence...

U.S. Treasury Sanctions Hacking Group Backed by Iranian Intelligence

The U.S. government on Thursday imposed sweeping sanctions against an Iranian threat actor backed by the country's Ministry of Intelligence and Security MOIS for carrying out malware campaigns targeting Iranian dissidents, journalists, and international companies in the telecom and travel sectors...

hertz.com.kw Cross Site Scripting vulnerability OBB-1210590

Following coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: &nbsp&nbsp&nbsp&nbsp&nbsp&nbspa. verified the vulnerability and confirmed its existence; &nbsp&nbsp&nbsp&nbsp&nbsp&nbspb. notified the website operator about its existence...

Chafer APT Hits Middle East Govs With Latest Cyber-Espionage Attacks

Researchers have uncovered new cybercrime campaigns from the known Chafer advanced persistent threat APT group. The attacks have hit several air transportation and government victims in hopes of data exfiltration. The Chafer APT has been active since 2014 and has previously launched cyber espiona...

Iranian APT Group Targets Governments in Kuwait and Saudi Arabia

Today, cybersecurity researchers shed light on an Iranian cyber espionage campaign directed against critical infrastructures in Kuwait and Saudi Arabia. Bitdefender said the intelligence-gathering operations were conducted by Chafer APT also known as APT39 or Remix Kitten, a threat actor known fo...

Iranian APT Group Targets Governments in Kuwait and Saudi Arabia

Today, cybersecurity researchers shed light on an Iranian cyber espionage campaign directed against critical infrastructures in Kuwait and Saudi Arabia. Bitdefender said the intelligence-gathering operations were conducted by Chafer APT also known as APT39 or Remix Kitten, a threat actor known fo...

Exclusive: German Police Raid OmniRAT Developer and Seize Digital Assets

The German police yesterday raided the house of the developer of OmniRAT and seized his laptop, computer and mobile phones probably as part of an investigation into a recent cyber attack, a source told The Hacker News. OmniRAT made headlines in November 2015 when its developer launched it as a...

Exclusive: German Police Raid OmniRAT Developer and Seize Digital Assets

The German police yesterday raided the house of the developer of OmniRAT and seized his laptop, computer and mobile phones probably as part of an investigation into a recent cyber attack, a source told The Hacker News. OmniRAT made headlines in November 2015 when its developer launched it as a...

kuwait.exportersindia.com XSS vulnerability

Open Bug Bounty ID: OBB-639189 Description| Value ---|--- Affected Website:| kuwait.exportersindia.com Open Bug Bounty Program:| Create your bounty program now. It's open and free. Vulnerable Application:| Custom Code Vulnerability Type:| XSS Cross Site Scripting / CWE-79 CVSSv3 Score:| 6.1...

First-Ever Ransomware Found Using 'Process Doppelgänging' Attack to Evade Detection

Security researchers have spotted the first-ever ransomware exploiting Process Doppelgänging , a new fileless code injection technique that could help malware evade detection. The Process Doppelgänging attack takes advantage of a built-in Windows function, i.e., NTFS Transactions, and an outdated...

kuwait-fao.net XSS vulnerability

Open Bug Bounty ID: OBB-612392 Description| Value ---|--- Affected Website:| kuwait-fao.net Open Bug Bounty Program:| Create your bounty program now. It's open and free. Vulnerable Application:| Custom Code Vulnerability Type:| XSS Cross Site Scripting / CWE-79 CVSSv3 Score:| 6.1...