News
Google Chrome Exploit Results In Attack On Lebanese Journalists
According to antivirus company Avast, there is evidence that an Israeli spyware firm called Candiru used a vulnerability in Google Chrome to spy on journalists in Lebanon.
In early July 2022, Google patched a previously unknown vulnerability in its Chrome browser, known as CVE-2022-2294. The zero-day Chrome exploit only came to light after it was apparently used to spy on journalists in Lebanon.
Antivirus company, Avast, collated a report, which it delivered to Google detailing the zero-day exploit. In this report, Avast claims that Israeli spyware firm, Candiru, used the exploit to install spyware on the journalist’s computers.
It equally believes that the firm has used similar exploits to target Avast users in Turkey, Lebanon, Palestine and Yemen beginning in March of this year.
A zero-day exploit is, in short, a vulnerability in a piece of software that is unknown to the developers. They are typically discovered in the wild for this reason, and are known as zero-day because the developers have zero days in which to address the issue. This is because the vulnerability has the potential to cause damage from the moment it is discovered.
Avast alleges that Candiru used the above-mentioned exploit to gain access to user’s computers. It is believed to have compromised a website, which it used to redirect users to a server that could collect their data. If the data – collected on 50 data points such as location, language, time zone, etc. – met their requirements, the server would establish an encrypted channel.
Despite not claiming responsibility, Candiru is the prime suspect in the attack because the CVE-2022-2294 exploit was used to install the DevilsTongue spyware. This is a piece of malware previously linked to the group by Microsoft in a separate string of attacks.
In its report, Avast claims that the zero-day exploit was used alongside another vulnerability capable of bypassing the sandbox security function in Chromium. However, Avast has (as yet) been unable to determine the second exploit used by the alleged attackers.
Also Read: DDoS Attacks Are A Growing Threat In Gaming
Luckily, Google released a patch for the exploit on July 4. As such, there is no need for Chrome users to be concerned, providing browsers are kept up to date. Microsoft and Apple have released patches for their Edge and Safari browsers, too, as they also use WebRTC.
Candiru has not yet been officially connected to the incident, so its involvement is currently (albeit well-informed) speculation. However, the tools used and computers targeted matches its previous spyware attempts dating from 2021 and early 2022. As the company has no public online presence, this fact is unlikely to change anytime soon.
News
“AI Seal” Certification Now Required For Dubai Gov Partnerships
The new mandatory certification is designed to build trust in AI companies and create a reliable network of providers for government and public collaboration.
Dubai has introduced the Dubai AI Seal, a certification designed to establish trust in artificial intelligence (AI) companies and solutions. This initiative, directed by Sheikh Hamdan bin Mohammed bin Rashid Al Maktoum, Crown Prince of Dubai and Deputy Prime Minister, aims to create a reliable network of AI providers which government entities and businesses can collaborate confidently.
Companies must now obtain the AI Seal to qualify for UAE or Dubai government contracts. The Dubai Centre for Artificial Intelligence (DCAI), which developed the certification, sees it as a competitive edge for companies looking to participate in key national projects. Once certified, businesses will be permitted to showcase the seal across their websites and marketing materials, signaling their credibility and dependability.
The evaluation process will consider six main criteria: the company’s services and operations, the number of employees specializing in AI, ongoing and future projects, as well as existing partnerships with public and private sector entities.
Khalfan Belhoul, CEO of the Dubai Future Foundation, which oversees the DCAI, commented on the initiative’s potential: “This initiative will help create powerful partnerships between the public and private sectors, locally, regionally, and globally. It will help drive new economic opportunities by leveraging AI to serve better the economy, society, and the future we aspire to”.
Also Read: Top Free AI Chatbots Available In The Middle East
The Dubai AI Seal’s goals include providing a clear framework for verifying AI providers, fostering business opportunities for AI companies, and acknowledging the industry’s strategic importance to Dubai’s economy. The initiative emphasizes AI’s role in driving economic growth, creating jobs, and strengthening collaboration between government bodies and technology firms.
All technology companies operating in Dubai and offering AI-related services or products are eligible to apply for the certification at no cost through the official website.
“AI Seal” Certification Now Required For Dubai Gov Partnerships
MENA eSIM Use Soared 20% In 2024, Boosted By Tourism Sector
Daleel Expands To UAE, Tapping Into $44B Finance Market
Google Pay To Arrive In Saudi Arabia In 2025
COVVI Unveils Cutting-Edge Robotic Hand Technology
Samsung Galaxy S25 Release Date Confirmed For January 2025
The Quantum Visionary: Malak Trabelsi Loeb On Leadership And QIS 2025
LinkedIn Is Trying To Help You Apply For Fewer Jobs
NVIDIA’s RTX 50-Series Laptop GPUs Bring Blackwell To Mobile
Cemplicity Is Bringing Real-Time Patient Insights To The UAE
-
News1 month agoSWITCH Mobility To Trial New E-Buses In UAE & Saudi Arabia In 2025
-
News1 month agoIBM Opens New Doha Office To Support Qatar’s Digital Growth
-
News1 month agoFoundster Is Dubai’s New AI-Driven Company Setup Service
-
News1 month agoAE Coin Launch Imminent After Gaining CBUAE Approval