Trump to visit Saudi Arabia in mid-May: Report    Worshippers in Makkah and Madinah perform Eid Al-Fitr prayer    Saudi authorities shut down food factories and branches over suspected poisoning cases    Saudi Arabia welcomes formation of new Syrian government, expresses hope for stronger ties    Saudi Transport Authority says passengers can ride for free if taxi meters are off    Ministry of Education forms 425 community partnerships with SR653 million impact    Defense, interior, and national guard ministers extend Eid greetings, praise efforts of military and security personnel    Syria forms new government with 22 ministers including one woman President Sharaa vows reform and transparency    Israeli army fires warning shots at UN peacekeepers in southern Lebanon    Denmark rebukes US Vice President Vance over Greenland remarks    Mexico bans junk food in schools to fight childhood obesity epidemic    Makkah and Madinah mobile data usage exceeds global average during Ramadan: CST    Elon Musk's xAI acquires X in all-stock deal    Sweet sales surge ahead of Eid as Saudi chocolate imports top 123 million kg in 2024    Saudi creatives shine at Jeddah's Fawanees Nights with art, fashion, and storytelling    100 Thieves claim Marvel Rivals Invitational NA crown as 2025 scene heats up    T1 CEO confirms Gumayusi's return for LCK Spring after lineup shakeup    Bollywood actress vindicated over boyfriend's death after media hounding    Saudi Arabia hold Japan to goalless draw in Saitama to stay in World Cup hunt    NewJeans announces hiatus after setback in court battle    George Foreman, heavyweight champion and cultural icon, dies at 76    Grand Mufti rules against posting prayers and preaching in mosques on social media    King Salman prays for peace and stability for Palestinians in Ramadan message King reaffirms Saudi Arabia's commitment to serving the Two Holy Mosques and pilgrims    Bollywood star Saif Ali Khan 'out of danger' after attack at home in Mumbai    Exotic Taif Roses Simulation Performed at Taif Rose Festival    Asian shares mixed Tuesday    Weather Forecast for Tuesday    Saudi Tourism Authority Participates in Arabian Travel Market Exhibition in Dubai    Minister of Industry Announces 50 Investment Opportunities Worth over SAR 96 Billion in Machinery, Equipment Sector    HRH Crown Prince Offers Condolences to Crown Prince of Kuwait on Death of Sheikh Fawaz Salman Abdullah Al-Ali Al-Malek Al-Sabah    HRH Crown Prince Congratulates Santiago Peña on Winning Presidential Election in Paraguay    SDAIA Launches 1st Phase of 'Elevate Program' to Train 1,000 Women on Data, AI    41 Saudi Citizens and 171 Others from Brotherly and Friendly Countries Arrive in Saudi Arabia from Sudan    Saudi Arabia Hosts 1st Meeting of Arab Authorities Controlling Medicines    General Directorate of Narcotics Control Foils Attempt to Smuggle over 5 Million Amphetamine Pills    NAVI Javelins Crowned as Champions of Women's Counter-Strike: Global Offensive (CS:GO) Competitions    Saudi Karate Team Wins Four Medals in World Youth League Championship    Third Edition of FIFA Forward Program Kicks off in Riyadh    Evacuated from Sudan, 187 Nationals from Several Countries Arrive in Jeddah    SPA Documents Thajjud Prayer at Prophet's Mosque in Madinah    SFDA Recommends to Test Blood Sugar at Home Two or Three Hours after Meals    SFDA Offers Various Recommendations for Safe Food Frying    SFDA Provides Five Tips for Using Home Blood Pressure Monitor    SFDA: Instant Soup Contains Large Amounts of Salt    Mawani: New shipping service to connect Jubail Commercial Port to 11 global ports    Custodian of the Two Holy Mosques Delivers Speech to Pilgrims, Citizens, Residents and Muslims around the World    Sheikh Al-Issa in Arafah's Sermon: Allaah Blessed You by Making It Easy for You to Carry out This Obligation. Thus, Ensure Following the Guidance of Your Prophet    Custodian of the Two Holy Mosques addresses citizens and all Muslims on the occasion of the Holy month of Ramadan    







Thank you for reporting!
This image will be automatically disabled when it gets reported by several people.



Credential theft, malware threats on services increase in Mideast
Published in The Saudi Gazette on 28 - 04 - 2020

Middle East users were warned about credential theft and malware threats on services such as WebEx and Zoom amid an increase in video conferencing company-themed attacks seeking to steal credentials and distribute malware.
Proofpoint researchers found that these are noticeable during the COVID-19 pandemic as the global workforce shifts to remote work resulting to increased demand for video conferencing services.
To note, these attacks do not leverage or attack video conferencing software directly. Threat actors are using the names and brands of these video conferencing companies as themes in their social engineering lures, which lead to the theft of various account credentials, malware distribution, or credential harvesting for these spoofed video conferencing accounts.
"Video conferencing has become very popular very quickly, in the Middle East, as well as globally. Attackers have noticed and moved to capitalize on that popularity and brand strength. Not only are attackers using video conferencing brands as a lure for malware, but they're using it for credential phishing, in particular to steal Zoom and WebEx credentials. This points to the increasing value of compromised video conferencing accounts. Stolen account credentials could be used to login to corporate video conferencing accounts and violate confidentiality. They also could likely be sold on the black market or used to gain further information about potential targets for launching additional attacks, " said Emile Abou Saleh, Regional Director, Middle East & Africa at Proofpoint.
The emails you need to look out for:
`* Credential Phish: Zoom Account
This medium-sized campaign has targeted energy, manufacturing, and business services in the US and is designed to steal user credentials. The message body includes a lure that claims to welcome users to their new Zoom account.
Emails in this campaign arrived with a subject line of "Zoom Account" and purport to be from an admin account.
The message body includes a lure that welcomes users to their new Zoom account and contains a link, which the recipient is urged to click in order to activate their Zoom account. When clicked, users are taken to a generic webmail landing page and asked to enter their credentials.
* Credential Phish: Missed Zoom Meeting
This small campaign targets transportation, manufacturing, technology, business services, and aerospace companies in the US and seeks to steal user credentials using a lure around a missed meeting. The emails arrive claiming that the recipient missed a Zoom meeting and includes a link the recipient can use to "Check your missed conference".
If the recipient clicks on the link, they are taken to a spoofed Zoom page and asked for their Zoom credentials.
* Credential Phish: Cisco WebEx "Alert!" "Your account access will be limited!"
This small campaign attempted to harvest WebEx users' credentials with emails claiming that recipients need to take immediate action to address a WebEx security vulnerability. Industries targeted include technology, accounting, aerospace, energy, healthcare, telecommunications, transportation, government, and manufacturing companies.
* Lure with Spoofed Cisco WebEx branding claiming critical vulnerability
This campaign claims to come from addresses such as "cisco@webex(.)com" or "meetings@webex(.)com" and uses subject lines such as: "Critical Update!" , "Alert!", "Critical Update!", "Your account access will be limited!" or "Your account access will be limited in 24h."
The emails claim that the recipient needs to update their WebEx client to "fix" a security vulnerability in the Docker Engine Configuration in Cisco CloudCenter Orchestrator. The messages very prominently abuse the Cisco WebEx logo and spoof the format of Cisco's security advisories. They also appear to draw text and images from a legitimate Cisco advisory.
"If the recipient clicks on the link, they are taken to the page which asks for the user's WebEx credentials.s video teleconferencing has become more important than ever to the global workforce, it's not surprising that attackers are moving to adapt their themes and lures to include prominent video conferencing providers like WebEx and Zoom. With more to remote and more organizations shifting work, we can expect these video teleconferencing brands to continue to be used as themes in social engineering lures for the foreseeable future, "Proofpoint said. — SG


Clic here to read the story from its source.