Trump threatens 50% tariffs on Brazil if it doesn't stop the Bolsonaro 'witch hunt' trial    Trump praises 'good English' of Liberian president, prompting criticism across Africa    Saudi, Hungarian defense ministers discuss military ties    Al-Rajhi: Cabinet's decision is supportive to most vulnerable groups    King Salman appoints Dr. Majid Al-Fayyad as Royal Court advisor    Alkhorayef emphasizes Saudi Arabia's growing role as global industrial investment hub    Saudi Arabia adopts World Drowning Prevention Day as national health priority    GACA imposes SR2.8 million in fines for 87 civil aviation violations in Q2 2025    Desperate Gaza doctors cram several babies into one incubator as fuel crisis reaches critical point    Total e-messages sent to parties in lawsuits reach over 11.8 million during first half of 2025    3 arrested in assault case in Riyadh    New Property Ownership Law will take into effect in January 2026 Al-Hogail thanks King and Crown Prince for the updated law    HONOR returns to Esports World Cup as Official Smartphone Partner for 2025 The renewed commitment will see HONOR elevate mobile esports competition with cutting-edge AI technologies and industry-leading hardware    Riot Games responds to match-fixing allegations in VALORANT    BLAST responds to BESTIA Visa controversy ahead of CS2 Austin major    Christophe Galtier named NEOM SC head coach ahead of historic Saudi Pro League debut    Michael Madsen, actor of 'Kill Bill' and 'Reservoir Dogs' fame, dead at 67    BTS are back: K-pop band confirm new album and tour    Michelin Guide launches in Saudi Arabia with phased rollout in 2025    'How fragile we are': Roskilde Festival tragedy remembered 25 years on    Sholay: Bollywood epic roars back to big screen after 50 years with new ending    Ministry launches online booking for slaughterhouses on eve of Eid Al-Adha    Shah Rukh Khan makes Met Gala debut in Sabyasachi    Pakistani star's Bollywood return excites fans and riles far right    Exotic Taif Roses Simulation Performed at Taif Rose Festival    Asian shares mixed Tuesday    Weather Forecast for Tuesday    Saudi Tourism Authority Participates in Arabian Travel Market Exhibition in Dubai    Minister of Industry Announces 50 Investment Opportunities Worth over SAR 96 Billion in Machinery, Equipment Sector    HRH Crown Prince Offers Condolences to Crown Prince of Kuwait on Death of Sheikh Fawaz Salman Abdullah Al-Ali Al-Malek Al-Sabah    HRH Crown Prince Congratulates Santiago Peña on Winning Presidential Election in Paraguay    SDAIA Launches 1st Phase of 'Elevate Program' to Train 1,000 Women on Data, AI    41 Saudi Citizens and 171 Others from Brotherly and Friendly Countries Arrive in Saudi Arabia from Sudan    Saudi Arabia Hosts 1st Meeting of Arab Authorities Controlling Medicines    General Directorate of Narcotics Control Foils Attempt to Smuggle over 5 Million Amphetamine Pills    NAVI Javelins Crowned as Champions of Women's Counter-Strike: Global Offensive (CS:GO) Competitions    Saudi Karate Team Wins Four Medals in World Youth League Championship    Third Edition of FIFA Forward Program Kicks off in Riyadh    Evacuated from Sudan, 187 Nationals from Several Countries Arrive in Jeddah    SPA Documents Thajjud Prayer at Prophet's Mosque in Madinah    SFDA Recommends to Test Blood Sugar at Home Two or Three Hours after Meals    SFDA Offers Various Recommendations for Safe Food Frying    SFDA Provides Five Tips for Using Home Blood Pressure Monitor    SFDA: Instant Soup Contains Large Amounts of Salt    Mawani: New shipping service to connect Jubail Commercial Port to 11 global ports    Custodian of the Two Holy Mosques Delivers Speech to Pilgrims, Citizens, Residents and Muslims around the World    Sheikh Al-Issa in Arafah's Sermon: Allaah Blessed You by Making It Easy for You to Carry out This Obligation. Thus, Ensure Following the Guidance of Your Prophet    Custodian of the Two Holy Mosques addresses citizens and all Muslims on the occasion of the Holy month of Ramadan    







Thank you for reporting!
This image will be automatically disabled when it gets reported by several people.



Credential theft, malware threats on services increase in Mideast
Published in The Saudi Gazette on 28 - 04 - 2020

Middle East users were warned about credential theft and malware threats on services such as WebEx and Zoom amid an increase in video conferencing company-themed attacks seeking to steal credentials and distribute malware.
Proofpoint researchers found that these are noticeable during the COVID-19 pandemic as the global workforce shifts to remote work resulting to increased demand for video conferencing services.
To note, these attacks do not leverage or attack video conferencing software directly. Threat actors are using the names and brands of these video conferencing companies as themes in their social engineering lures, which lead to the theft of various account credentials, malware distribution, or credential harvesting for these spoofed video conferencing accounts.
"Video conferencing has become very popular very quickly, in the Middle East, as well as globally. Attackers have noticed and moved to capitalize on that popularity and brand strength. Not only are attackers using video conferencing brands as a lure for malware, but they're using it for credential phishing, in particular to steal Zoom and WebEx credentials. This points to the increasing value of compromised video conferencing accounts. Stolen account credentials could be used to login to corporate video conferencing accounts and violate confidentiality. They also could likely be sold on the black market or used to gain further information about potential targets for launching additional attacks, " said Emile Abou Saleh, Regional Director, Middle East & Africa at Proofpoint.
The emails you need to look out for:
`* Credential Phish: Zoom Account
This medium-sized campaign has targeted energy, manufacturing, and business services in the US and is designed to steal user credentials. The message body includes a lure that claims to welcome users to their new Zoom account.
Emails in this campaign arrived with a subject line of "Zoom Account" and purport to be from an admin account.
The message body includes a lure that welcomes users to their new Zoom account and contains a link, which the recipient is urged to click in order to activate their Zoom account. When clicked, users are taken to a generic webmail landing page and asked to enter their credentials.
* Credential Phish: Missed Zoom Meeting
This small campaign targets transportation, manufacturing, technology, business services, and aerospace companies in the US and seeks to steal user credentials using a lure around a missed meeting. The emails arrive claiming that the recipient missed a Zoom meeting and includes a link the recipient can use to "Check your missed conference".
If the recipient clicks on the link, they are taken to a spoofed Zoom page and asked for their Zoom credentials.
* Credential Phish: Cisco WebEx "Alert!" "Your account access will be limited!"
This small campaign attempted to harvest WebEx users' credentials with emails claiming that recipients need to take immediate action to address a WebEx security vulnerability. Industries targeted include technology, accounting, aerospace, energy, healthcare, telecommunications, transportation, government, and manufacturing companies.
* Lure with Spoofed Cisco WebEx branding claiming critical vulnerability
This campaign claims to come from addresses such as "cisco@webex(.)com" or "meetings@webex(.)com" and uses subject lines such as: "Critical Update!" , "Alert!", "Critical Update!", "Your account access will be limited!" or "Your account access will be limited in 24h."
The emails claim that the recipient needs to update their WebEx client to "fix" a security vulnerability in the Docker Engine Configuration in Cisco CloudCenter Orchestrator. The messages very prominently abuse the Cisco WebEx logo and spoof the format of Cisco's security advisories. They also appear to draw text and images from a legitimate Cisco advisory.
"If the recipient clicks on the link, they are taken to the page which asks for the user's WebEx credentials.s video teleconferencing has become more important than ever to the global workforce, it's not surprising that attackers are moving to adapt their themes and lures to include prominent video conferencing providers like WebEx and Zoom. With more to remote and more organizations shifting work, we can expect these video teleconferencing brands to continue to be used as themes in social engineering lures for the foreseeable future, "Proofpoint said. — SG


Clic here to read the story from its source.