October 13, 2024 at 11:39AM Iranian hacking group APT34, also known as OilRig, has intensified attacks on UAE government and critical infrastructure, utilizing a new backdoor to exploit Microsoft Exchange servers and a Windows vulnerability (CVE-2024-30088). Trend Micro indicates links to another Iran-based group, FOX Kitten, raising concerns over potential ransomware threats. **Meeting Takeaways: APT34 … Read more
October 13, 2024 at 06:54AM OilRig, an Iranian cyber threat actor, has exploited a patched Windows Kernel vulnerability (CVE-2024-30088) in a cyber espionage campaign targeting the U.A.E. and Gulf region. Using sophisticated tactics, including a backdoor named STEALHOOK, they siphon credentials via Microsoft Exchange servers, aiming to maintain persistent access to compromised networks. ### Meeting … Read more
October 11, 2024 at 02:07PM Trend Micro has been tracking Earth Simnavaz (APT34/OilRig), a cyber espionage group targeting UAE government entities. Their sophisticated methods include utilizing backdoors, exploiting vulnerabilities, and employing RMM tools like ngrok for data exfiltration. Recent activities indicate a focus on critical infrastructure vulnerabilities to advance espionage goals in the region. ### … Read more
October 11, 2024 at 03:51AM Trend Micro reports on Earth Simnavaz (APT34), a cyber espionage group targeting UAE government entities, using sophisticated tactics like backdoor malware exploiting CVE-2024-30088. The group steals credentials via Microsoft Exchange servers, employing tools to evade detection. Their activities emphasize threats to critical infrastructure amidst geopolitical tensions in the Gulf region. … Read more