House of Baylandi Opens in Dubai

Versatile luxury scarves that are face coverings, fashion accessories & more

At last, The House of BAYLANDI is delighted to open its newest “maison” in Dubai, indulging the gulf region with its exquisite and timeless collections. Nestled in the iconic Habtoor Palace, this temple of Parisian chic and functional fashion is now yours to discover.

Conceptualized with maximum versatility in mind, each BAYLANDI is an accessory that can be used in any way you see fit: a safe face covering, a neck scarf, a headband, a tie, a pocket square, a bandana, purse charm or even a belt. The only limit is your imagination.

The House of BAYLANDI accessories are designed with function in mind, featuring countless different possible uses. When used as a face mask, these iconic pieces offer a tailored-like fit to any man or woman, complimenting any facial structure. In the purest tradition of French couture, each BAYLANDI piece is handmade with the savoir-faire of its small team of highly skilled seamstresses. Every pattern, every cut, every stitch is revisited with a perfectionist approach that can only be found in the top-tier “Maisons de couture”.

It takes no less than fifteen separate steps and a clock-like, precisely coordinated atelier to develop these show-stopping collections. Passionately produced in Paris in their bespoke ateliers, all BAYLANDI pieces are made from sustainably sourced and recyclable luxurious silks and fabrics.

In the midst of this global pandemic, it is in Paris that Caroline Bayle, the founder, was inspired to create colorful collections that would light up the current mood. Driven by a passion for functional fashion, she came up with groundbreaking creativity. Her obsession for Parisian chic and timeless designs from around the world gave birth to accessories that combine purpose and couture. She was made famous by her audacious take on distinguished face masks before putting her inspiration to good use on a prolific collection of accessories.

BAYLANDI’s environmentally conscious collections are always multi-purpose and free the imagination of the men and women wearing them. These iconic pieces are liberating everyone’s inspiration when it comes to complimenting their outfits with BAYLANDI. Caroline Bayle’s eye for exceptional and uncompromised couture might be inherited from her mother, an accomplished French seamstress. It is together that they crafted their first BAYLANDI prototypes, the House of BAYLANDI was born.

The House of Baylandi Dubai is located within the legendary Habtoor Palace, in Al Habtoor City on Sheikh Zayed Road, as well as the Four Seasons Hotels across Dubai.

Zero-days in Microsoft Windows and Chrome used in a series of highly targeted attacks

In April, Kaspersky experts discovered a number of highly targeted attacks against multiple companies utilizing a previously undiscovered chain of Google Chrome and Microsoft Windows zero-day exploits. One of the exploits was used for remote code execution in the Chrome web-browser, while the other was an elevation of privilege exploit fine-tuned to target the latest and most prominent builds of Windows 10. The latter exploits two vulnerabilities in the Microsoft Windows OS kernel: Information Disclosure vulnerability CVE-2021-31955 and Elevation of Privilege vulnerability CVE-2021-31956. Microsoft has patched both yesterday as part of Patch Tuesday.

Recent months have seen a wave of advanced threat activity exploiting zero-days in the wild. In mid-April, Kaspersky experts discovered yet a new wave of highly targeted exploit attacks against multiple companies that allowed the attackers to stealthily compromise the targeted networks.

Kaspersky has yet to find any connection between these attacks and any known threat actors. Therefore, they have dubbed this actor PuzzleMaker.

All of the attacks were conducted through Chrome and utilized an exploit that allowed for remote code execution. While Kaspersky researchers were unable to retrieve the code for the remote execution exploit, the timeline and availability suggests the attackers were using the now-patched CVE-2021-21224 vulnerability. This vulnerability was related to a Type Mismatch bug in the V8 – a JavaScript engine used by Chrome and Chromium web-browsers. It allows the attackers to exploit the Chrome renderer process (the processes that are responsible for what happens inside users’ tab).

Kaspersky experts were, however, able to find and analyze the second exploit: an elevation of privilege exploit that exploits two distinct vulnerabilities in the Microsoft Windows OS kernel. The first is an Information Disclosure vulnerability (a vulnerability that leaks sensitive kernel information), assigned CVE-2021-31955. Specifically, the vulnerability is affiliated with SuperFetch—a feature first introduced in Windows Vista that aims to reduce software loading times by pre-loading commonly used applications into memory.

The second vulnerability—an Elevation of Privilege vulnerability (a vulnerability that allows attackers to exploit the kernel and gain elevated access to the computer)—is assigned the name CVE-2021-31956 and is a heap-based buffer overflow. Attackers used the CVE-2021-31956 vulnerability alongside Windows Notification Facility (WNF) to create arbitrary memory read/write primitives and execute malware modules with system privileges.

Once the attackers have used both the Chrome and Windows exploits to gain a foothold in the targeted system, the stager module downloads and executes a more complex malware dropper from a remote server. This dropper then installs two executables, which pretend to be legitimate files belonging to Microsoft Windows OS. The second of these two executables is a remote shell module, which is able to download and upload files, create processes, sleep for certain amounts of time, and delete itself from the infected system.

Microsoft released a patch for both Windows vulnerabilities yesterday as part of Patch Tuesday.

“While these attacks were highly targeted, we have yet to link them to any known threat actor. That’s why we’ve dubbed the actor behind them “PuzzleMaker” and will be closely monitoring the security landscape for future activity or new insights about this group. Overall, of late, we’ve been seeing several waves of high-profile threat activity being driven by zero-day exploits. It’s a reminder that zero days continue to be the most effective method for infecting targets. Now that these vulnerabilities have been made publicly known, it’s possible that we’ll see an increase of their usage in attacks by this and other threat actors. That means it’s very important for users to download the latest patch from Microsoft as soon as possible,” comments Boris Larin, Senior Security Researcher with the Global Research and Analysis Team (GReAT).

Kaspersky products detect and protect against the exploit for the above vulnerabilities and associated malware modules.

Learn more about these new zero-days on Securelist.

To protect your organization from attacks exploiting the aforementioned vulnerabilities, Kaspersky experts recommend:

Update your Chrome browser and Microsoft Windows as soon as possible and do so regularly

Use a reliable endpoint security solution such as Kaspersky Endpoint Security for Business that is powered by exploit prevention, behavior detection and a remediation engine that is able to roll back malicious actions.

Install anti-APT and EDR solutions, enabling capabilities for threat discovery and detection, investigation and timely remediation of incidents. Provide your SOC team with access to the latest threat intelligence and regularly upskill them with professional training. All of the above is available within Kaspersky Expert Security framework.

Along with proper endpoint protection, dedicated services can help against high-profile attacks. The Kaspersky Managed Detection and Response service can help identify and stop attacks in their early stages, before the attackers achieve their goals.