Threat advisories

Top Middle East Cyber Threats – 24 January 2023

2 min to read
Top Middle East Cyber Threats – 24 January 2023

At Help AG, our Managed Security Services (MSS) team offers 24x7x365 monitoring of complex IT security infrastructures to some of the largest enterprises in the region. As a result, we have our eyes keenly fixed on the cybersecurity threat landscape and are among the first in the region to learn and act upon new threats.  

In this blog, we share the top cybersecurity threats our MSS team has recently come across. So, read on to learn about what you need to look out for in the weeks ahead:  

Microsoft Releases Patches for 98 Vulnerabilities 

Microsoft has fixed 98 vulnerabilities in the January 2023 update addressing CVEs in Microsoft Windows and Windows Components; Office and Office Components; .NET Core and Visual Studio Code, 3D Builder, Azure Service Fabric Container, Windows BitLocker, Windows Defender, Windows Print Spooler Components, and Microsoft Exchange Server. 

Of the 98 new patches released, 11 are rated ‘Critical’ and 87 are rated ‘Important’ in severity. 

One of the new CVEs released in January is listed as publicly known (CVE-2023-21549) and one is listed as being exploited in the wild (CVE-2023-21674). 


  • Ensure all systems are patched and updated. 

Google Publishes Security Update to Address Multiple Vulnerabilities  

Google has published a security update to address multiple vulnerabilities in Chrome browser that are fixed in Chrome’s latest version 109.0.5414.74 (Linux),109.0.5414.74/.75 (Windows) and 109.0.5414.87 (Mac). 

Out of the 14 vulnerabilities fixed, 2 are classified as ‘High’, 8 as ‘Medium’ and 4 as ‘Low’ in severity. 


  • Ensure all systems are patched and updated. 

Hackers Actively Exploit Critical Control Web Panel RCE Vulnerability 

Malicious actors are actively attempting to exploit a recently patched critical vulnerability in Control Web Panel (CWP) that enables elevated privileges and unauthenticated remote code execution (RCE) on susceptible servers. 

Tracked as CVE-2022-44877 (CVSS score: 9.8), the bug impacts all versions of the software before and was patched on October 25, 2022. 

Control Web Panel, formerly known as CentOS Web Panel, is a popular server administration tool for enterprise-based Linux systems. login/index.php in CWP 7 (Control Web Panel or CentOS Web Panel) before allows remote attackers to execute arbitrary OS commands via shell metacharacters in the login parameter. 


  • Ensure all systems are patched and updated. 

Earth Bogle Campaign Targets the Middle East with Geopolitical Lures 

A campaign targeting potential victims in the Middle East including the United Arab Emirates is active and is using geopolitical themes as a lure. The threat actor uses public cloud storage services such as and to host malware, while compromised web servers distribute NjRAT. 

NjRAT is a remote access trojan (RAT) malware first discovered in 2013, primarily used to gain unauthorized access and control over infected computers and employed in various cyberattacks to target individuals and organizations in the Middle East. 


  • Ensure all systems are patched and updated. 
  • Avoid clicking or opening untrusted or unknown links, files, or attachments. 
  • Don’t allow Macros for unknown MSOffice files. 
  • Enable software restriction policies and application whitelisting. 
  • Ensure that email server is configured to block any suspicious attached files. 
  • Enforce the Restricted PowerShell script execution policy for end users. 
  • Monitor your network for abnormal behaviour and shared IoCs. 
  • Ensure frequent backups are in place. 
  • Educate employees about detecting and reporting phishing / suspicious emails. 



Share this article

Upcoming event

Black Hat MEA 2024

  • KSA
  • Riyadh