News
Google Chrome Exploit Results In Attack On Lebanese Journalists
According to antivirus company Avast, there is evidence that an Israeli spyware firm called Candiru used a vulnerability in Google Chrome to spy on journalists in Lebanon.
In early July 2022, Google patched a previously unknown vulnerability in its Chrome browser, known as CVE-2022-2294. The zero-day Chrome exploit only came to light after it was apparently used to spy on journalists in Lebanon.
Antivirus company, Avast, collated a report, which it delivered to Google detailing the zero-day exploit. In this report, Avast claims that Israeli spyware firm, Candiru, used the exploit to install spyware on the journalist’s computers.
It equally believes that the firm has used similar exploits to target Avast users in Turkey, Lebanon, Palestine and Yemen beginning in March of this year.
A zero-day exploit is, in short, a vulnerability in a piece of software that is unknown to the developers. They are typically discovered in the wild for this reason, and are known as zero-day because the developers have zero days in which to address the issue. This is because the vulnerability has the potential to cause damage from the moment it is discovered.
Avast alleges that Candiru used the above-mentioned exploit to gain access to user’s computers. It is believed to have compromised a website, which it used to redirect users to a server that could collect their data. If the data – collected on 50 data points such as location, language, time zone, etc. – met their requirements, the server would establish an encrypted channel.
Despite not claiming responsibility, Candiru is the prime suspect in the attack because the CVE-2022-2294 exploit was used to install the DevilsTongue spyware. This is a piece of malware previously linked to the group by Microsoft in a separate string of attacks.
In its report, Avast claims that the zero-day exploit was used alongside another vulnerability capable of bypassing the sandbox security function in Chromium. However, Avast has (as yet) been unable to determine the second exploit used by the alleged attackers.
Also Read: DDoS Attacks Are A Growing Threat In Gaming
Luckily, Google released a patch for the exploit on July 4. As such, there is no need for Chrome users to be concerned, providing browsers are kept up to date. Microsoft and Apple have released patches for their Edge and Safari browsers, too, as they also use WebRTC.
Candiru has not yet been officially connected to the incident, so its involvement is currently (albeit well-informed) speculation. However, the tools used and computers targeted matches its previous spyware attempts dating from 2021 and early 2022. As the company has no public online presence, this fact is unlikely to change anytime soon.
News
Yabi Introduces AI Financial Coach For Smarter Money Moves
The app provides real-time, personalized financial guidance, helping UAE residents manage money smarter, reduce debt, and build wealth effortlessly.
Imagine having 24/7 access to an expert financial advisor — someone who understands your spending habits, helps you save more effectively, and offers guidance for every financial decision. That’s the vision behind Yabi’s revamped platform, an AI-driven finance app designed to transform personal finance management in the UAE.
Unlike traditional budgeting tools, Yabi acts as an always-available AI advisor, analyzing your unique spending patterns and offering real-time, tailored financial advice. Whether you’re making everyday purchases, planning a big trip, or saving for a major milestone, Yabi keeps you on track and helps you make informed financial choices.
Rakhil Fernando, CEO of Yabi, explains the mission behind the platform: “Financial literacy is not optional — it’s essential. But most financial tools today feel outdated and overly complex. Yabi is here to change that by offering AI-powered financial coaching that’s smart, simple, and accessible to everyone in the UAE”.
Here are some of the updated app’s new features:
- AI-Powered Financial Coach: A 24/7 digital advisor providing real-time financial guidance based on your spending habits and available in multiple languages.
- Live Insights: Connect your bank accounts for a detailed breakdown of your expenses.
- Tailored Budgeting: Yabi creates a budget that fits with your actual spending habits rather than generic financial advice.
- Interactive Financial Education: Learn the essentials of saving, investing, and credit management through engaging content integrated into the AI experience.
- Automated Expense Tracking: Receive instant alerts on overspending, identify hidden charges, and cut unnecessary subscriptions with ease.
- Credit Score & Financial Health Monitoring: Get free credit score checks and AI-driven recommendations to enhance your financial standing.
Also Read: A Guide To Digital Payment Methods In The Middle East
Finally, Yabi is also gearing up to introduce its own debit card and a suite of financial products, making it easier to save, spend, and invest within a single platform.
Want to try Yabi for yourself? You can download the app on the Apple App Store and Google Play Store.
Yabi Introduces AI Financial Coach For Smarter Money Moves
Google Expands Gemini For Workspace To Arabic Users
Foodics Acquires Online-Ordering Specialist & Invests In 3 Startups
Yango Ride Expands Corporate Transport Service In Abu Dhabi
Checkout.com Brings Visa Direct Push-To-Card To The UAE
Etihad Rail Plans 30 Minute Dubai To Abu Dhabi Train Link
Password & Crypto-Stealing Trojan Targets UAE Users Via App Stores
What Is DeepSeek & Why Is It Shaking Up The AI World?
Fintech Galaxy Gains Approval To Pilot Open Banking In Jordan
HP Invests In Saudi Tech, AI, And Education To Boost Regional Growth
-
News2 weeks agoPassword & Crypto-Stealing Trojan Targets UAE Users Via App Stores
-
News2 weeks agoVISARUN.AI Raises $700K To Streamline MENA Visa Processing
-
News1 week agoHP Invests In Saudi Tech, AI, And Education To Boost Regional Growth
-
News2 weeks agoDubai’s RTA Unveils Solar-Powered “RailBus” Transit System