LogRhythm | Exabeam expands presence in KSA
Group-IB uncovers GoldFactory phishing campaign
CISO news
LogRhythm | Exabeam expands presence in KSA
ogRhythm | Exabeam, a global leader in intelligence and automation that powers security operations, has
L expanded its presence in Saudi Arabia by partnering with Al Moammar Information Systems Co.( MIS), one of the Kingdom’ s leading IT solution providers and launching its Customer Innovation Center in Riyadh.
These commitments reinforce the Kingdom’ s cybersecurity foundation and advance the strategic objectives of Saudi Vision 2030.
Under the expanded agreement, MIS and LogRhythm | Exabeam will jointly offer LogRhythm SIEM and the Exabeam New-Scale Security Operations Platform to Saudi-based organisations.
The partnership will harden local defences against digital risk through AI-driven threat detection, improved incident response automation and proactive threat mitigation. This comes as LogRhythm | Exabeam witnesses strong business growth in the Kingdom, achieving 21 % revenue growth from 2024 to 2025 with the goal to maintain high double-digit growth in 2026.
“ Our strategic alliance marks a critical milestone in our mission to elevate the KSA’ s cyber-resilience and align with the goals of Saudi Vision 2030. Through our collaboration with MIS, we are hardening the Kingdom against ever-evolving threats,” said Mazen Adnan Dohaji, VP & GM, IMETA at LogRhythm | Exabeam.
“ We believe that true innovation comes from collaboration. Working with MIS enables us to proactively drive local security support and empower organisations to defend their digital ecosystems with AI intelligence.”
Group-IB uncovers GoldFactory phishing campaign
social engineering and real-time streaming to hijack devices and steal from users across Southeast Asia with implications for other regions globally.
By injecting malicious code into real apps, the group creates fully‘ Trojanised’ versions that look and behave normally while secretly stealing credentials, monitoring activity and enabling fraud.
GoldFactory uses a suite of advanced hooking malware families – including SkyHook, FriHook, PineHook and Gigabud variants – to bypass app-integrity checks, hide malicious activity and take full control of infected devices. These tools allow attackers to capture sensitive data, automate on-screen actions and even remotely view and operate the victim’ s phone.
G roup-IB has uncovered a mobile-app phishing campaign in the Asia-Pacific region, tracked back to GoldFactory.
This is the group notorious for its ability to steal facial recognition data to access sensitive information.
GoldFactory are injecting legitimate banking apps with malicious code, combining hooking frameworks, remote-access trojans,
The operation relies on targeted social-engineering campaigns that impersonate local government and service providers, pushing victims to sideload malicious apps from fake websites. This approach enables rapid deployment across countries, exposing tens of thousands of users and dozens of financial institutions to high impact banking fraud.
“ Their modus operandi is sophisticated banking fraud,” said Craig Jones, former Cybercrime Director at Interpol, speaking on the GoldFactory episode of Masked Actors.
WWW. INTELLIGENTCISO. COM 11