Entering a Higher State of Vigilance

The following article was originally sent to us, we are continuing the chain and sharing this vital information that can potentially save you lots of money in equipment damages and time lost in reset and restore.

Seeking information on systems that are robust and secure? Contact us today.

This piece is original posted by Wordfence.

It appears that Russia has just commenced the invasion of Ukraine. Check your preferred international news outlet, but according to the Ukrainian foreign minister “Putin has just launched a full-scale invasion of Ukraine.”

Ukrainian airspace is closed with flights diverting.

The Twitter Safety account just started tweeting in Ukrainian, giving users instructions on how to: 1) delete or deactivate accounts, 2) disable location services, 3) set up two-factor authentication

I’m seeing reports of massive explosions on the Ukraine Russian border.

The US appears to be distributing high-level officials around the country.

I’m seeing reports of cruise missiles over Ukraine.

Wordfence is a cybersecurity organization staffed by some of the world’s leading cybersecurity professionals. Over 4 million websites are under our protection. I’m sending out this email for two reasons. Firstly, I’d like you to know that our team is entering a higher state of alert as this situation unfolds and will be closely examining the telemetry we receive from the sites under our protection. We will react quickly to emerging threats. Secondly, I’m including recommendations for you and your team, if you run a business.

Specifically, we are on the lookout for:

WordPress site compromises with no known vulnerability present, that may be exploiting a zero-day vulnerability. It is not uncommon to see an APT (Advanced Persistent Threat – Usually a nation-state) exploit zero-days during a large-scale or strategically important operation.

A sudden increase in reports of compromised WordPress websites.

An increase in attacks being launched from compromised WordPress sites.

Unusual activity reports from our user community or from our attack telemetry.

As we identify new threats, we will, as always, release protection and detection capability to our customers in real-time.

We are also taking a range of internal steps to secure our company, our team, and our infrastructure. If you run a business, I’d like to advise you to enter a higher state of vigilance. I recommend the following steps:

Educate your team about the risks of social engineering attacks and of being phished or spear phished.

Ensure you have two-factor authentication enabled on every important user account that you and your team operate.

If you develop a WordPress plugin or other software that is distributed to customers, be aware that you are a target for a supply chain attack. So make sure that your code repositories and deployment systems are secure. An attacker may want to use you to distribute backdoors or other malicious code to your clients.
Keep a close eye on your logs – security logs in particular – of all the systems under your team’s control.

Use configuration management to manage what files should and should not be on your critical infrastructure. If you see new files appearing that you didn’t create, that’s a red flag.

Be aware of financial activity in your organization, and be on the lookout for financial fraud attempts.

Make sure that your HR systems and other systems that contain sensitive PII (personally identifiable information) are locked down.

Ask your team to be on the lookout for anything that “seems weird”. Adopt an approach of “If you see something, say something” and at the very least you’ll have an interesting discussion – and at worst, it’s an attack underway.

If you have any questions, you’re welcome to post them here and I’ll answer them as best I can. Let’s hope this situation does not further escalate, and that it resolves quickly. Our thoughts are with all the affected families and communities.


Mark Maunder – Wordfence Founder & CEO.

UAE Corporate Tax Overview

This article was originally posted by Kaveri Agarwal on Astrolab’s blog. We are re-posting it here for the benefits of our subscribers. All links are as is.

The UAE is set to introduce a new corporate tax starting from June 2023. Individuals and foreign entities that conduct trade or businesses regularly in the UAE will be subject to the new corporate tax. This article will discuss the below elements of the new corporate law:
    1. Structure
    2. Objectives
    3. Exemptions 

The corporate tax will apply equally to all categories of profits and other net income reported, which should be reported in financial statements prepared in accordance with internationally acceptable accounting standards. The tax will be applied on the business’ adjusted accounting net profit. 
The corporate tax will be 0% for businesses with a taxable income of up to AED 375,000. This is to continue the UAE’s support of small businesses and startups. A 9% tax rate will be levied on businesses incurring more than AED 375,000 in taxable income.

There are three primary objectives for the introduction of the new tax scheme, one of which is to cement the UAE’s position as the world’s leading hub for business and investment. This tax scheme will also accelerate UAE’s development and will help achieve its strategic objectives. And according to our very own Business Setup Lead Zille Rehman, the corporate tax will align the UAE with international businesses and to meet international standards for tax transparency.  

All companies operating in the UAE are eligible if they are operating in the Mainland. Companies which operate in the Free Zones and do not do business in the mainland are exempted, along with businesses involved in extraction of natural resources which will remain subject to the Emirate level of corporate tax. “Free Zone businesses such as those set up with the DMCC that do not do business with mainland UAE will continue to benefit from the exemption from the Corporate Tax incentives” comments Zille. Save up to AED 30,000 on Licensing and Registration fees and get a DMCC Free Zone license in only a few weeks with AstroLabs.
Individuals will not be subjected to the corporate tax from real estate, employment or investment in shares. Other personal income which is not related to a UAE trade or business and foreign investors who do not carry on business in the UAE will also not pay corporate tax. 

Corporate tax will also not apply on intragroup transactions and restructuring that qualify certain rules. Additionally, withholding tax will not apply on dividends and capital gains received by a UAE business from its qualifying shareholdings. Additionally, foreign tax will be allowed to be credited against UAE corporate tax payable and loss transfer utilization rules will be available to businesses. 

The Federal Tax Authority has announced that further announcements regarding the new Corporate Tax are expected.

With experience in setting up over 170 tech and tech-enabled companies in Dubai, AstroLabs is the leading growth partner into the MENA region. Fast track your setup process and benefit from our high growth collaborative community and mentorship program!

When ever you start a business in the UAE, you'll need a software to manage your business and stay compliant with local laws. We will help you asses the best fit for your needs. If you want to know more, contact us @ hello@evomatiq.com