Yemen

Winsage
June 10, 2025
Microsoft addressed 66 vulnerabilities in a recent Patch Tuesday update, including a critical zero-day exploit, CVE-2025-33053, which has been exploited by the espionage group Stealth Falcon against a defense contractor in Turkey. Stealth Falcon has targeted high-profile government and defense entities in the Middle East and Africa since 2012. CISA has added CVE-2025-33053 to its catalog of known exploited vulnerabilities. The group employs innovative infection methods, including WebDAV and multi-stage loaders. Many organizations may be at risk due to inadequate security measures for WebDAV, with estimates suggesting up to 80% of organizations could be vulnerable. The update also includes another critical vulnerability, CVE-2025-47966, allowing unauthorized access to sensitive information in Power Automate, as well as 17 vulnerabilities affecting Microsoft Office products, with three likely to be exploited.
Winsage
June 10, 2025
A cyberattack campaign by the advanced persistent threat group Stealth Falcon targeted a prominent Turkish defense company using a zero-day vulnerability identified as CVE-2025-33053. This vulnerability allowed attackers to manipulate the working directory of legitimate Windows tools to execute malware from their WebDAV servers. The attack was initiated through a spear-phishing email containing a malicious .url file that directed the system to a legitimate Internet Explorer utility, which was then exploited to execute malicious files. The attackers employed process hollowing to bypass traditional defenses. Stealth Falcon, also known as FruityArmor, has been conducting cyber espionage since at least 2012, targeting government and defense sectors in Turkey, Qatar, Egypt, and Yemen. The attack involved a multi-stage infection chain leading to the deployment of "Horus Agent," a custom implant designed for advanced reconnaissance and equipped with anti-analysis techniques. Researchers identified additional custom tools used by Stealth Falcon, including a DC Credential Dumper and a custom keylogger. The group utilizes repurposed legitimate domains to blend their infrastructure with legitimate traffic, complicating detection efforts.
AppWizard
May 8, 2025
A cybersecurity breach involving TeleMessage, an Israeli messaging application company, has raised concerns about customer data safety. The breach allowed unauthorized access to direct messages and personal information on the platform, which lacks full end-to-end encryption like Signal. The hacker reported that accessing the data took only 15-20 minutes and exposed names, phone numbers, and email addresses of Customs and Border Protection officials, along with information from various financial institutions. TeleMessage is used by government agencies, including the State Department and the Centers for Disease Control and Prevention, making the breach more significant. While the hacker did not access all content, they indicated potential for further breaches, and journalists have verified some of the compromised material. TeleMessage's claim of maintaining Signal's security standards is questioned, as archiving messages introduces privacy risks. A spokesperson for Signal warned against using unofficial versions of their app, highlighting security vulnerabilities.
AppWizard
May 8, 2025
U.S. National Security Advisor Mike Waltz was seen using a modified version of the messaging app Signal during a Cabinet meeting, despite President Donald Trump's prior discouragement of its use after the "Signalgate" controversy. A photograph showed Waltz with the app active and conversations involving at least six officials, including Vice President JD Vance and Secretary of State Marco Rubio, indicating ongoing discussions. White House spokeswoman Anna Kelly confirmed that Signal is an approved application for government use, and the modified version appeared to be associated with TeleMessage, a company that provides archiving services for messaging applications. This adaptation raises concerns about the integrity of Signal's end-to-end encryption due to potential external storage of messages, which could compromise privacy. TeleMessage has ties to military intelligence and was recently acquired by Smarsh. The use of Signal by Trump administration officials has been controversial in the past, particularly regarding military discussions that inadvertently involved a journalist.
AppWizard
May 6, 2025
TeleMessage, an encrypted messaging application, has temporarily suspended its services following a security breach. The platform was used by dismissed national security adviser Mike Waltz during a Cabinet meeting, and a leaked image of his inbox showed conversations with notable figures such as Vice President JD Vance and Secretary of State Marco Rubio. The breach, reported by 404 Media, did not access messages among Cabinet members but compromised data from Customs and Border Protection, cryptocurrency firm Coinbase, and various financial institutions. The hacker claimed the breach was easy, completing it within 15-20 minutes. Signal, the platform from which TeleMessage archives messages, stated it cannot guarantee the security of unofficial versions. TeleMessage was acquired by U.S. company Smarsh last year for archiving communications. Following controversies, including Waltz's accidental inclusion in a group chat discussing a military operation, he was removed from his position, and President Trump expressed skepticism about using Signal for government communications.
AppWizard
April 12, 2025
Mike Waltz, national security adviser under President Trump, accidentally included Jeffrey Goldberg, editor-in-chief of The Atlantic, in a confidential military chat on Signal that involved senior officials discussing imminent U.S. military strikes on Yemen. This incident raised concerns about the administration's secure communication practices, particularly as it involved sensitive military strategies. Despite Signal's encryption, critics argue that public group chats should not be used for classified discussions, highlighting vulnerabilities in communication protocols. Secure rooms are designed for classified discussions with strict protocols, which were not followed in this case.
AppWizard
April 6, 2025
DoD's acting Inspector General, Steven Stebbins, is reviewing Defense Secretary Pete Hegseth's use of the Signal app for operational airstrike discussions in Yemen to evaluate compliance with policies on commercial messaging for official communications and classification mandates. Concurrently, House Oversight Committee Democrats are investigating the Department of Government Efficiency's data usage, while OPM is directing agencies to revise performance review processes to prioritize adherence to presidential policies. The Defense Department has mandated public reporting of canceled contracts linked to Trump's efficiency initiatives. The SSA is tightening identity-proofing requirements for benefit applications, discontinuing phone verification options. During a nomination hearing, Trump’s nominees for OPM and OMB faced questions regarding federal workforce reductions. The Army has abandoned plans for a billion-dollar software development contract after feedback on draft RFPs. Employees at the IMLS have been placed on administrative leave amid concerns over the agency's future and grant disbursement obligations following Trump's executive order aimed at eliminating smaller entities.
AppWizard
April 6, 2025
Maher became the non-executive chair at Web Summit after leaving her CEO position last year to lead NPR. She also chairs the Signal Foundation, known for its encrypted messaging service, which was used by Trump administration members during military planning in Yemen, leading to criticism from Trump supporters due to her previous comments about Trump and her advocacy for restricting free speech. Meanwhile, Gordon Hardie, CEO of O-I Glass, received a total compensation package of €1.46 million last year, which included a base salary of €682,322, stock awards, and additional benefits. The University of Limerick recently ceased posting on X due to declining engagement and concerns over content, though it remains open to reconsidering its stance. Peter Vandermeersch, CEO of Mediahuis Ireland, is writing a book titled “Ierland. Guinness, God en Google,” which will explore various aspects of Irish life and culture.
AppWizard
March 28, 2025
Some Democrats are claiming that the unintentional inclusion of a journalist in a Trump administration group chat about a military operation in Yemen may be criminal, with legal experts suggesting it could breach the Espionage Act. The chat took place on Signal and involved high-ranking national security officials, including Defense Secretary Pete Hegseth, who reportedly shared details about imminent military strikes. The Department of Defense prohibits sharing non-public information through messaging apps, and the Pentagon later warned of vulnerabilities in Signal that could be exploited by Russian hackers. House Speaker Mike Johnson called the use of Signal a "mistake," while several Democrats, including Sen. Elizabeth Warren and Rep. Jim Himes, expressed outrage and called for accountability. Legal experts stated that the chat likely violated the Espionage Act due to potential gross negligence in handling sensitive information. Despite the serious implications, there is skepticism about any prosecution occurring against those involved. The use of Signal raises concerns regarding compliance with federal open-records laws, as messages can be automatically deleted.
AppWizard
March 27, 2025
Pentagon officials issued a warning about the Signal messaging application after The Atlantic Editor-in-Chief Jeffrey Goldberg was inadvertently included in a group chat with high-ranking Trump administration officials discussing sensitive military strategies, including potential airstrikes in Yemen. An email disclosed a "vulnerability" in Signal, stating that the app is a target for Russian hacking groups that exploit its "linked devices" feature to monitor conversations. The email advised against using Signal for storing nonpublic unclassified information, although it can be used for "unclassified accountability/recall exercises." President Trump and Senators Mark Warner and Angus King commented on the situation, with concerns raised about the potential risks to national security. The administration is reviewing the incident, but no officials have indicated plans to resign.
Search