News
Google Chrome Exploit Results In Attack On Lebanese Journalists
According to antivirus company Avast, there is evidence that an Israeli spyware firm called Candiru used a vulnerability in Google Chrome to spy on journalists in Lebanon.
In early July 2022, Google patched a previously unknown vulnerability in its Chrome browser, known as CVE-2022-2294. The zero-day Chrome exploit only came to light after it was apparently used to spy on journalists in Lebanon.
Antivirus company, Avast, collated a report, which it delivered to Google detailing the zero-day exploit. In this report, Avast claims that Israeli spyware firm, Candiru, used the exploit to install spyware on the journalist’s computers.
It equally believes that the firm has used similar exploits to target Avast users in Turkey, Lebanon, Palestine and Yemen beginning in March of this year.
A zero-day exploit is, in short, a vulnerability in a piece of software that is unknown to the developers. They are typically discovered in the wild for this reason, and are known as zero-day because the developers have zero days in which to address the issue. This is because the vulnerability has the potential to cause damage from the moment it is discovered.
Avast alleges that Candiru used the above-mentioned exploit to gain access to user’s computers. It is believed to have compromised a website, which it used to redirect users to a server that could collect their data. If the data – collected on 50 data points such as location, language, time zone, etc. – met their requirements, the server would establish an encrypted channel.
Despite not claiming responsibility, Candiru is the prime suspect in the attack because the CVE-2022-2294 exploit was used to install the DevilsTongue spyware. This is a piece of malware previously linked to the group by Microsoft in a separate string of attacks.
In its report, Avast claims that the zero-day exploit was used alongside another vulnerability capable of bypassing the sandbox security function in Chromium. However, Avast has (as yet) been unable to determine the second exploit used by the alleged attackers.
Also Read: DDoS Attacks Are A Growing Threat In Gaming
Luckily, Google released a patch for the exploit on July 4. As such, there is no need for Chrome users to be concerned, providing browsers are kept up to date. Microsoft and Apple have released patches for their Edge and Safari browsers, too, as they also use WebRTC.
Candiru has not yet been officially connected to the incident, so its involvement is currently (albeit well-informed) speculation. However, the tools used and computers targeted matches its previous spyware attempts dating from 2021 and early 2022. As the company has no public online presence, this fact is unlikely to change anytime soon.
News
HiFuture Wraps Up Successful GITEX GLOBAL 2024 Appearance
The electronics company wowed audiences at the world’s largest tech event with a range of wearable and smart audio devices.
This year’s GITEX GLOBAL 2024 in Dubai saw a huge number of startups, electronics firms, and innovators from around the globe gather for the tech sector’s largest event of its kind. One company making waves at this year’s expo was Chinese tech group HiFuture, which showcased a range of products with a focus on wearable technology and smart audio.
At the HiFuture booth, the company captivated attendees with cutting-edge smartwatches like the ACTIVE and AURORA, along with a range of powerful wireless speakers, earbuds, and even smart rings. Visitors were eager to check out the sleek new designs on offer and even had the chance to test out some of the products themselves.
Among the highlights were smartwatches combining dual-core processors with customizable options. The devices blended style and technology, offering health monitoring capabilities, personalized watch faces, and advanced AI-driven functionalities, giving attendees a taste of the future of wearable technology.
On the audio front, HiFuture’s wireless speakers left a lasting impression, offering rich, immersive sound in compact, portable designs. These speakers cater to both intimate gatherings and larger celebrations, offering versatility for users. Meanwhile, the company also showed off its Syntra AI technology, which it claims “revolutionizes health and fitness tracking by combining advanced optical sensors with intelligent algorithms for precise, real-time insights”.
Also Read: How (And Why) To Start A Tech Business In Dubai
The presence of HiFuture’s leadership team at GITEX 2024 underscored the importance of this event for the company, with CEO Levin Liu leading a team of executives, all keen to engage with attendees and offer insights into HiFuture’s vision, product development process, and future direction.
Overall, it seems that GITEX GLOBAL 2024 has been a rewarding experience for HiFuture. The enthusiasm and curiosity of attendees shown to the company’s diverse range of products was obvious, with the HiFuture team leaving on a high note and clearly excited and motivated by the event.
HiFuture Wraps Up Successful GITEX GLOBAL 2024 Appearance
GITEX Showcases 5G And AI As Pillars Of Future Connectivity
GITEX GLOBAL 2024 Hosts MENA’s Largest Data Center Forum
Flowwow Reveals AI-Powered Rebrand, Blending Tech With Emotion
Dubai Police Launch New Smart Home Security System
Meta Reveals Orion AR Glasses, Offering A Glimpse Into The Future
WeRide & Uber Join Forces To Launch Autonomous Rides In UAE
Bybit Launches Islamic Account, Enabling Shariah-Compliant Trading
YouTube Premium Is Getting A Price Hike Around The Globe
