Iran Reportedly Grapples With Major Cyberattack on Banking Systems
The last known cyberattack waged against Iranian infrastructure took place last December with blame placed on Israel and the US.
Disrupting a covert Iranian influence operation
We banned accounts linked to an Iranian influence operation using ChatGPT to generate content focused on multiple topics, including the U.S. presidential campaign. We have seen no indication that this content reached a meaningful audience.
A Single Iranian Hacker Group Targeted Both Presidential Campaigns
APT42, which is believed to work for Iran’s Revolutionary Guard Corps, targeted about a dozen people associated with both Trump’s and Biden’s campaigns this spring, according to Google’s Threat Analysis Group.
Iran Targeting 2024 US Election
Discover how Iran is allegedly targeting the 2024 US election, the potential impacts, and the measures being taken to safeguard the democratic process.
Turkey blocks access to Instagram – POLITICO
A senior official previously condemned the platform for ‘censoring’ Hamas-related content.
Predatory Sparrow: Who are the hackers who say they started a fire in Iran?
Experts are asking who is behind Predatory Sparrow, the group which says it started a fire in an Iranian factory.
Hacktivists claiming attack on Iranian steel facilities dump tranche of 'top secret documents
Incident just the latest iteration of the back and forth between Israeli and Iranianian-aligned hackers.
Predatory Sparrow: Who are the hackers who say they started a fire in Iran?
Experts are asking who is behind Predatory Sparrow, the group which says it started a fire in an Iranian factory.
Hacktivists claiming attack on Iranian steel facilities dump tranche of 'top secret documents
Incident just the latest iteration of the back and forth between Israeli and Iranianian-aligned hackers.
Predatory Sparrow: Who are the hackers who say they started a fire in Iran?
Experts are asking who is behind Predatory Sparrow, the group which says it started a fire in an Iranian factory.
Hacktivists claiming attack on Iranian steel facilities dump tranche of 'top secret documents
Incident just the latest iteration of the back and forth between Israeli and Iranianian-aligned hackers.
Predatory Sparrow: Who are the hackers who say they started a fire in Iran?
Experts are asking who is behind Predatory Sparrow, the group which says it started a fire in an Iranian factory.
Hacktivists claiming attack on Iranian steel facilities dump tranche of 'top secret documents
Incident just the latest iteration of the back and forth between Israeli and Iranianian-aligned hackers.
Revealed: How a secret Dutch mole aided the U.S.-Israeli Stuxnet cyberattack on Iran
For years, an enduring mystery has surrounded the Stuxnet virus attack that targeted Iran’s nuclear program: How did the U.S. and Israel get their malware onto computer systems at the highly secured uranium-enrichment plant?
Iranian Hackers Claim They Disrupted Albanian Institutions
Albania's Parliament and a telecommunications service provider faced online attacks on Christmas day, according to the Albanian National Authority for Electronic #AKCESK #Albania #Authority #Certification #Cyber #Cyberwarfare #Electronic #Hacking #Homeland #Iran #Justice #MEK #National #Security #Warfare #and #for
Cyberattaque contre l’Iran : qui sont ces mystérieux hackers qui perturbent le pays ?
Une cyberattaque d’ampleur a paralysé des dizaines de milliers de stations services en Iran. Derrière l’attaque, de nombreuses hypothèses circulent sur l’origine de ces pirates.
Predatory Sparrow: Who are the hackers who say they started a fire in Iran?
Experts are asking who is behind Predatory Sparrow, the group which says it started a fire in an Iranian factory.
Hacktivists claiming attack on Iranian steel facilities dump tranche of 'top secret documents
Incident just the latest iteration of the back and forth between Israeli and Iranianian-aligned hackers.
The Curious Case of Predatory Sparrow
Reconstructing the Attack from a 4th party collector’s point of view Hamid Kashfi 18th December, Predator Sparrows launched a second attack against the fuel distribution system in Iran, similar to their previous operation in 2021. Since 2021, Iranian officials or third-party security vendors have not published any analysis or technical details about the original attack, which is not unusual. Their screenshots from the latest attacks provide some clues that only confirm our previous work, indicating connections to the “Yaas Arghavani” company, a VSAT and POS service provider for the fuel distribution system. The following is an old draft from December 2021, which I wrote for peer eyes rather than public view. The original draft focused on the first attack against the fuel distribution system. Still, some remarks remain valid and relevant to the recent attack on 18 Dec 2023, as little has changed regarding how the system works. The same infrastructure, same suppliers, and same 3rd party vendors, so we are likely just talking about a different attack vector and entry point from the previous case. I will probably draft a new note about the recent attack from scratch soon and when more details are gathered rather than updating the old speculative work.
IRGC-Affiliated Cyber Actors Exploit PLCs in Multiple Sectors, Including U.S. Water and Wastewater Systems Facilities
The Federal Bureau of Investigation (FBI), Cybersecurity and Infrastructure Security Agency (CISA), National Security Agency (NSA), Environmental Protection Agency (EPA), and the Israel National Cyber Directorate (INCD)—hereafter referred to as "the authoring agencies"—are disseminating this joint Cybersecurity Advisory (CSA) to highlight continued malicious cyber activity against operational technology devices by Iranian Government Islamic Revolutionary Guard Corps (IRGC)-affiliated Advanced Persistent Threat (APT) cyber actors.
Predatory Sparrow: Who are the hackers who say they started a fire in Iran?
Experts are asking who is behind Predatory Sparrow, the group which says it started a fire in an Iranian factory.
Hacktivists claiming attack on Iranian steel facilities dump tranche of 'top secret documents
Incident just the latest iteration of the back and forth between Israeli and Iranianian-aligned hackers.
Predatory Sparrow: Who are the hackers who say they started a fire in Iran?
Experts are asking who is behind Predatory Sparrow, the group which says it started a fire in an Iranian factory.
Hacktivists claiming attack on Iranian steel facilities dump tranche of 'top secret documents
Incident just the latest iteration of the back and forth between Israeli and Iranianian-aligned hackers.
BouldSpy: Android Spyware Tied to Iranian Police Targets Minorities
Researchers at the Lookout Threat Lab have discovered a new Android surveillance tied to the Law Enforcement Command of the Islamic Republic of Iran (FARAJA).
MERCURY and DEV-1084: Destructive attack on hybrid environment - Microsoft Security Blog
Microsoft detected a unique operation where threat actors carried out destructive actions in both on-premises and cloud environments.
%2Fcloudfront-us-east-2.images.arcpublishing.com%2Freuters%2FHPRM7HSERJMGFG6XGG4D4J3HIM.jpg?width=92&height=&ar=&mode=&format=avif&dpr=2)
Iran marks revolution anniversary, hackers interrupt state TV coverage
Hackers dropped their logo into the online broadcast and a voice shouted, “Death to the Islamic Republic.”
Iran responsible for Charlie Hebdo attacks
Today, Microsoft’s Digital Threat Analysis Center (DTAC) is attributing a recent influence operation targeting the satirical French magazine Charlie Hebdo
Iranian Government-Sponsored APT Actors Compromise Federal Network, Deploy Crypto Miner, Credential Harvester
From mid-June through mid-July 2022, CISA conducted an incident response engagement at a Federal Civilian Executive Branch (FCEB) organization where CISA observed suspected advanced persistent threat (APT) activity. In the course of incident response activities, CISA determined that cyber threat actors exploited the Log4Shell vulnerability in an unpatched VMware Horizon server, installed XMRig crypto mining software, moved laterally to the domain controller (DC), compromised credentials, and then implanted Ngrok reverse proxies on several hosts to maintain persistence.
Domestic Kitten campaign spying on Iranian citizens with new FurBall malware
ESET researchers recently identified a new version of the Android malware FurBall being used in a Domestic Kitten campaign conducted by the APT-C-50 group. The Domestic Kitten campaign is known to conduct mobile surveillance operations against Iranian citizens and this new FurBall version is no different in its targeting. Since June 2021, it has been distributed as a translation app via a copycat of an Iranian website that provides translated articles, journals, and books. The malicious app was uploaded to VirusTotal where it triggered one of our YARA rules (used to classify and identify malware samples), which gave us the opportunity to analyze it.