Cybercrime activity soars in UAE

Dubai: Cybercrime activity in the UAE increased drastically last year due to the rise in email malware and phishing attacks.

According to Symantec’s annual internet Security Threat Report Volume 24, Iran is ranked the highest in terms of cybercrime activity in the Middle East in 2018, followed by Egypt, Saudi Arabia and Algeria.

The UAE was ranked eighth last year compared to ninth in 2017 and tenth in 2016. Higher the ranking means worse the situation in that country is.

Android Gets FIDO2 Certification—Now Supports Secure Passwordless Logins

Great news.

If you have already installed the latest update of Google Play Services released earlier today, and your Android device is running Android version 7.0 Nougat or above—Congratulations! Your device is now FIDO2 Certified.

Are you thinking… what the heck that actually means?

Huawei risk can be managed, say UK cyber-security chiefs

Any risk posed by involving the Chinese technology giant Huawei in UK telecoms projects can be managed, cyber-security chiefs have determined.

The UK's National Cyber Security Centre's decision undermines US efforts to persuade its allies to ban the firm from 5G communications networks.

The Chinese government is accused of using Huawei as a proxy so it can spy on rival nations.

But Huawei has said it gives nothing to Beijing, aside from taxes.

Why Huawei matters in five charts

• Timeline: What's going on with Huawei?
• Should we worry about Huawei?
• Huawei and 5G: Decision time

Hacker warns Eskom about malware that stole a user’s company credentials

A hacker from the MalwareMustDie security research work group reached out to Eskom on Twitter today to warn the utility that a user had installed malware on their machine.

According to the researchers, an Eskom employee with the username “mg@eskom.co.za” installed a trojan on their machine after downloading a fake Sims 4 installer.

All of the person’s credentials were stolen, including their company credentials, the hacker warned.

SS7 exploited to intercept 2FA bank confirmation codes to raid accounts

Cybercriminals are exploiting flaws in SS7, a protocol used by telecom companies to coordinate how they route texts and calls around the world, to empty bank accounts by intercepting messages sent for two-factor-authentication(2FA).

The exploit can allow threat actors to track phones across the planet and intercept text messages and phone calls without hacking the phone itself.

While known that intelligence agencies and surveillance contractors could carry out these kind of attacks, Motherboard reported confirmation of financially-motivated criminal organizations using the technique to empty accounts at the U.K.’s Metro Bank in a recent attack.