News
Google Chrome Exploit Results In Attack On Lebanese Journalists
According to antivirus company Avast, there is evidence that an Israeli spyware firm called Candiru used a vulnerability in Google Chrome to spy on journalists in Lebanon.
In early July 2022, Google patched a previously unknown vulnerability in its Chrome browser, known as CVE-2022-2294. The zero-day Chrome exploit only came to light after it was apparently used to spy on journalists in Lebanon.
Antivirus company, Avast, collated a report, which it delivered to Google detailing the zero-day exploit. In this report, Avast claims that Israeli spyware firm, Candiru, used the exploit to install spyware on the journalist’s computers.
It equally believes that the firm has used similar exploits to target Avast users in Turkey, Lebanon, Palestine and Yemen beginning in March of this year.
A zero-day exploit is, in short, a vulnerability in a piece of software that is unknown to the developers. They are typically discovered in the wild for this reason, and are known as zero-day because the developers have zero days in which to address the issue. This is because the vulnerability has the potential to cause damage from the moment it is discovered.
Avast alleges that Candiru used the above-mentioned exploit to gain access to user’s computers. It is believed to have compromised a website, which it used to redirect users to a server that could collect their data. If the data – collected on 50 data points such as location, language, time zone, etc. – met their requirements, the server would establish an encrypted channel.
Despite not claiming responsibility, Candiru is the prime suspect in the attack because the CVE-2022-2294 exploit was used to install the DevilsTongue spyware. This is a piece of malware previously linked to the group by Microsoft in a separate string of attacks.
In its report, Avast claims that the zero-day exploit was used alongside another vulnerability capable of bypassing the sandbox security function in Chromium. However, Avast has (as yet) been unable to determine the second exploit used by the alleged attackers.
Also Read: DDoS Attacks Are A Growing Threat In Gaming
Luckily, Google released a patch for the exploit on July 4. As such, there is no need for Chrome users to be concerned, providing browsers are kept up to date. Microsoft and Apple have released patches for their Edge and Safari browsers, too, as they also use WebRTC.
Candiru has not yet been officially connected to the incident, so its involvement is currently (albeit well-informed) speculation. However, the tools used and computers targeted matches its previous spyware attempts dating from 2021 and early 2022. As the company has no public online presence, this fact is unlikely to change anytime soon.
News
Joby To Establish All-Electric Air Taxi Ecosystem Across The UAE
The comprehensive agreement with Abu Dhabi’s government includes a training program, infrastructure development, and a manufacturing presence.
All-electric aircraft company Joby Aviation has secured three separate agreements with departments of Abu Dhabi’s government that lay the groundwork to develop and scale air taxi services in the Emirate and beyond.
The deal was signed at the recent DRIFTx thought-leadership and exhibition platform and gave Joby exclusive rights to not only operate air taxi services in Dubai but also unlock inter-emirate services between Abu Dhabi.
Joe Ben Bevirt, founder and CEO of Joby Aviation, said: “Today’s agreement demonstrates the incredible momentum behind the adoption of clean flight across the UAE. We’re looking forward to delivering a fantastic experience for our future customers in Abu Dhabi and we’re excited to be unlocking the potential for zero-emissions flight between Abu Dhabi and Dubai. We’re grateful for the support and collaboration of our governmental partners and the entire ecosystem in Abu Dhabi and we remain deeply impressed by their commitment to building out a world-class aviation ecosystem in the Emirate”.
Joby’s all-electric aircraft went on display for the first time in Abu Dhabi’s Yas Marina at the DRIFTx event. The air taxi is designed to carry a pilot and four passengers and can reach speeds of 200 miles per hour (321 km/h). The zero-emission craft is said to have an extremely low acoustic footprint and can travel a maximum of 100 miles (161 km) on a single charge.
Also Read: Lebanese Newspaper Builds AI President To Beat Political Crisis
Once operational, Joby’s air taxi fleet would enable fast, clean travel across the UAE, with journeys between Abu Dhabi to Dubai taking just 30 minutes compared with two hours by car during peak times.
Joby continues to work closely with the UAE’s General Civil Aviation Authority (GCAA) to help the Emirates become a world leader in the introduction of air taxis. Additional testing and analysis will be required before inter-emirate travel becomes a reality, but the cutting-edge technology already appears to have great potential.
Joby To Establish All-Electric Air Taxi Ecosystem Across The UAE
Binance Founder Changpeng Zhao Gets 4 Months In Prison
Ring Upgrades Home Security With New Ring Protect Plus Features
Amazon.ae Debuts “It’s On Amazon Prime” Campaign Videos
Dubai Gives Go Ahead For $35 Billion Al Maktoum Airport Expansion
UGREEN Unveils Nexode RG 65W Charger For Middle East
Lebanese Newspaper Builds AI President To Beat Political Crisis
YallaHub Teams Up With Lapochka For Future UAE Expansion
OSN-Anghami Merger Creates New MENA Media Giant
